Privacy Policy

Information on the processing of personal data pursuant to EU Regulation 2016/679 and current Italian legislation.

This Privacy Policy is intended to describe how the Site (the "Site") is managed with reference to the processing of the personal data of Users who consult it.

Users are asked to read this Privacy Policy carefully before submitting any type of personal information and/or filling in any electronic form on the website itself.


1.   Ownership of the data collected

The Data Controller of the data collected on the Site for the purposes referred to in point 3 (a), pursuant to European Regulation 2016/679 on the protection of personal data (the "Regulation"), is the company STAR CAPITAL Società di gestione del risparmio SpA (“the company”), with registered and operational headquarters in Via P. Paleocapa, 6 – 20121 Milano, VAT. 10864570154, tel. 02.88585411, email address:


2.   Purpose and legal basis of the processing carried out on the Site

Personal data is collected and processed through the Site for the following purposes:

(a) Service requests: personal data provided voluntarily by the user by filling in the contact form or received through the "Contacts" section (name, surname, e-mail address, telephone number and the additional information indicated therein) are processed by the Company to meet the requests made.

(b) Browsing log Cookies and technical data: in addition to the data expressly provided, other data deriving from the User's browsing on the Site may be recorded: when the User accesses them, the Site can send them a "Cookie". The term "Cookie" means a small text file that the Site can independently send to the User's computer when they view our pages. The "Cookies" are used to make browsing more convenient, as well as to allow the operation of some services that require identification of the User's path through different pages of the Site. For any access, regardless of the presence of a "Cookie", the Site records the type of browser (i.e. Internet Explorer, Chrome, Firefox), the operating system (i.e. Windows, Macintosh) and the host and the URL of origin of the User-navigator, in addition to data on the requested page. This data can be used in an aggregated and anonymous form for statistical analyses on Site usage. At this point, we invite you to read the specific Cookie Policy

The personal data collected and processed by the Company are provided directly by the user, with the exception of the navigation data referred to in the "Cookies" section of point 3 (b) above regulated by the Cookie Policy.

The legal basis for the processing of the user's personal data lies:

(i) for the purposes referred to in point 3 (a) above, in the legitimate interest of the Company to respond to requests for services made by the user;

for the purposes referred to in point 3 (b), please refer to the appropriate Cookie Policy.


3.    Categories of recipients for personal data

The User's personal data may be processed or known by:

(i) employees of the Company, who operate as subjects authorised to process and in this sense instructed by the same.

(ii) companies that perform specific technical and organisational services connected to the Site for the Company, as Data Processors pursuant to Article 28 of the Regulation.

(iii) police forces or judicial authorities, in accordance with the law and upon formal request by the same, or in the event that there are justified reasons to believe that the communication of such data is reasonably necessary to: (a) investigate, prevent or take action related to suspected illegal activities or assist state supervisory and control authorities; (b) defend against any third party claim or accusation, or protect the security of its website and company; or (c) exercise or protect the rights, property or safety of the Company, its customers, its employees or any other person. Personal data will not be disclosed, in any case, any transfer of data abroad, even in non-EU countries, will only take place by guaranteeing adequate levels of protection and safeguarding according to the law, such as the Standard Contractual Clauses approved by the European Commission.


4.   Processing methods and retention period

The personal data collected through the Site is processed using mainly IT and web methods and tools, adopting security measures in order to minimise the risk of even accidental destruction or loss of the data, unauthorised access or processing that is not allowed or does not comply with the collection purposes indicated in this Privacy Policy.

The personal data provided by the User during browsing, and data related to it, will be kept for a period not exceeding 12 months. The personal data processed to render a service will be kept for the time strictly necessary to provide the requested service to the User.


5.   Compulsory or optional provision of data

Except for the browsing data regulated by the Cookie Policy, the provision of personal data collected through the Site is optional. Failure to provide it does not limit the use of the Site: however, it may make it impossible to meet the requests for services made.


6.   Rights recognised to the User

The User has the right to:

  • access personal data concerning them and obtain confirmation of the existence or otherwise of the same, their communication in intelligible form and their integration;
  • request the updating, rectification or, when so desired, the integration of personal data;
  • the limitation of the processing concerning them, the deletion, transformation into anonymous form or blocking of data which have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
  • oppose, in whole or in part, for legitimate reasons the processing of their personal data even if it is pertinent to the purpose of collection;
  • obtain the transmission of their data to another data controller (so-called right to data portability).

Furthermore, if the processing is based on consent, the User, pursuant to Article 7, paragraph 3 of the Regulation, can revoke the consent given at any time, without prejudice to the lawfulness of the processing carried out before the revocation.

The User can make any requests to exercise their rights in writing by sending the Model for the exercise of rights regarding the protection of personal data, available at duly completed, and accompanied by a copy of a valid identification document - to the Data Controller or, for it, to the Data Protection Officer, as identified above.


7.    Right to lodge a complaint

The User has the right, pursuant to Article 77 of the Regulation, to lodge a complaint with the National Supervisory Authority (for Italy, the Guarantor for the protection of personal data:


8.    Final clause

Given the current state of evolution of the legislation regarding the protection of personal data, we inform you that this Privacy Policy may be subject to updates.