Privacy Policy

Privacy Policy

The main elements of the Privacy Policy of this website are described below

Privacy Policy

Cassa depositi e prestiti S.p.A. (below, “CDP”) manages the data provided by the users while browsing in compliance with the prescriptions of the European Regulation 2016/679 (below GDPR).

The management procedures of the website (reference website for the remote communication techniques offered by CDP) in relation to the processing of website user personal data are described below. The Privacy Policy is relative only to this website and does not concern any other websites connected by links and visited by the user.

CDP informs the website user of the purposes of and procedures for processing of the personal data. If the user requests registration in reserved areas of this website, he/she will receive a further information notice in relation to processing of the data provided for said purpose.

Data Controller

The Data Controller of the personal data is Cassa depositi e prestiti S.p.A., with registered office in via Goito 4, 00185, Rome.

The Personal Data Protection Officer can be contacted by writing to the address mail

Types of data processed

Browsing data

The IT systems and software procedures responsible for the functioning of this website acquire some personal data during normal operation; the transmission of this data is implicit in the use of the Internet communication protocols.

This information is not collected to be associated with identified data subjects but could, due to its very nature, by processing and associations with data held by third parties, allow identification of the users.

This data category includes the IP addresses or the domain names of the computers used by the users who log on to the website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the dimension of the file obtained in response, the numeric code indicating the server response status (successful, error, etc.) and other parameters relative to the operating system and the user’s IT environment.


A cookie is a small text file placed by a website on the user’s computer or mobile device when he/she visits the site. Some operations cannot not be performed without using cookies, and in some cases they are therefore technically necessary.

CDP uses technical cookies to optimize the user browsing experience, in order to:

  • Identify the user’s device when he/she logs on to its websites. In this way it is possible to provide information on the products, allow the display of customized content and make other functions and services available.
  • Analyse browsing activity in order to constantly simplify access to the CDP services.
  • Carry out research and analyses to improve the content, products and services of CDP.
  • Improve security.

The provision of the Italian Data Protection Authority of 8th May 2014 (Identification of simplified procedures for the information notice and acquisition of consent to the use of cookies) establishes that “technical” cookies can also be used in the absence of consent.

These technologies do not allow saving of the data and credentials of the user or other information on the device, thus maintaining the website security level unchanged.

Each user, if he/she prefers, can set his/her browser so as to receive a warning of the presence of a cookie and decide whether to accept or decline it. It is also possible to automatically decline cookies by activating the appropriate browser option: however, non-acceptance of cookies may result in difficulties in use of the CDP website.

Nome del cookie Tipo Durata Maggiori informazioni Owner
JSESSIONID sessione sessione cookie di sessione di applicazioni J2EE CDP
cookiesDirective persistente 1 anno cookie settato in seguito all’accettazione della privacy CDP
CDP_ELPA persistente 2 ore cookie per autenticazione ELPA CDP
CDP_OBBLIGAZIONI sessione sessione cookie settato a seguito dell'accettazione delle condizioni di docuementazione d'offerta CDP


“Third party” profiling cookies

Profiling cookies can be used in order to understand the user’s browsing habits and preferences: some types of cookies, managed by third parties, also allow aggregated statistical information to be obtained relative to the visits received and browsing habits, in order to improve  the usability and performance of our websites.

As “third party” profiling cookies, CDP uses the Cookies of Google Analytics to analyse use of its website.  For further information on the individual analytical cookies, the Google privacy information notice can be consulted available at the website

In line with the provisions of the current law, in order to place third party profiling cookies, consent is requested from the users during their first visit to the CDP website; this consent can be expressed in the following ways:

  • by clicking on any link inside the page;
  • by continuing browsing of the website.

To prevent “third party” profiling cookies being placed, they must be de-activated by accessing the “Privacy Controls” section of the following link:

Nome Descrizione Dati Raccolti Luogo del trattamento e Policy Link
Google Analytics (Google Inc.) GA utilizza i dati per tracciare la navigazione degli utenti in forma anonima.   Privacy Policy
Opt out
Google Maps (Google Inc.)      


Purpose and legal basis of the processing

Apart from what is specified for the browsing data, the user is free to decide whether or not to provide the personal data in the request forms. However, if the user does not provide said data, it may be impossible to satisfy the request.

Processing method

The personal data are processed using automated instruments for the time strictly necessary to achieve the purposes for which they have been collected. Specific security measures are observed to prevent data loss, unlawful or incorrect use and unauthorized access.

Data recipients

The processing connected with the web services of this website is carried out by the processing service technical personnel. No data deriving from the web service are communicated or disclosed.

The personal data provided by the users who request information material are used for the sole purpose of carrying out the service requested and are communicated to third parties only if necessary for said purpose.

Rights of the Data Subjects

You are informed that art. 15-22 GDPR entitle the Data Subjects to exercise specific rights; the Data Subject can obtain from the Data Controller: access, rectification, erasure, restriction of processing, withdrawal of consent, and portability of the data concerning him/her.

The Data Subject also has the right to object to the processing. In the event of the right of objection being exercised, CDP reserves the possibility of not  following up the request, and therefore continuing the processing, if there are binding legal grounds for proceeding with the processing overriding the interests, rights and freedoms of the Data Subject.

The above rights can be exercised by informal request directly to the Personal Data Protection Officer, at the contacts provided in point 1.

The Data Subject also has the right to raise complaints with the Italian Data Protection Authority.