This section contains information relating to the management methods of Boxline UCL, with reference to the processing of user data of the website.

This information is also valid for the purposes of Article 13 of Legislative Decree no. 196/2003, Code regarding the protection of personal data, and for the purposes of Article 13 of EU Regulation no. 2016/679, concerning the protection of individuals with regard to the processing of personal data and the free circulation of such data, for those who interact with

The information refers exclusively to the website and not to other websites that may be consulted by the user through links contained therein.

The purpose of this document is to provide information on the methods, timing and nature of the information that the data controllers must provide to users when connecting to the web pages of Boxline UCL, regardless of the purposes of the connection itself, according to Italian and European legislation.

The statement may undergo changes due to the introduction of new rules in this regard, therefore the user is invited to periodically check this page.

If the user is under the age of sixteen, pursuant to Article 8, No 1 of EU regulation 2016/679, they must provide their consent via the authorisation of their parents or guardians.


Data Controller

The Data Controller is the natural or legal person, public authority, service or other body that, individually or together with others, determines the purposes and means of personal data processing. The data controller also deals with safety profiles.

With regard to this website, the data controller is Boxline UCL and for any clarification or exercise of the user's rights, he can contact you at the following email/pec address:

Data Processor

The Data Processor is a natural or legal person, public authority, service or other body which processes personal data on behalf of the Data Controller.

Pursuant to article 28 of EU Regulation no. 2016/679, upon appointment of the data owner, the data controller of the website is: Boxline UCL S.R.L. (PIVA 07660840153), in the person of its legal representative, Milani Carlo Piero Federico.

Data processing place

The processing of data generated by the use of takes place at the company headquarters located in Milano, via Degli Olivetani n. 10/12 CAP 20123- Italy.

In case of necessity, the data connected to the newsletter service can be processed by the person in charge of the treatment or subjects appointed by it for this purpose at the relevant office.


1. Data processing method and sources

As with all Websites, this Website also utilises log files in which information garnered from User visits is automatically collected and stored. The information collected could include the following:

Internet Protocol (IP) Address;

- Type of browser and device parameters used to connect to the Website;

- Name of the Internet Service Provider (ISP);

- Date and time of the visit;

- Web page that referred the visitor (referral) and exit;

- Number of clicks, where applicable.

The information listed here is processed automatically and collected in an exclusively aggregated form in order to verify the correct functioning of the website, and for security reasons. This information will be processed according to the legitimate interests of the Data Controller.

As a security measure (anti-spam filters, firewalls, and virus detection), the data automatically stored may also include personal data like IP addresses. This data may be used to block attempts to hack the site or other users, or any other harmful or illegal activity, and is handled according the laws governing data usage and storage. Such data is never used for user identification or profiling purposes, but merely for the protection of the website and its users, with such information being processed according to the legitimate interests of the Data Controller.

Inserting the data, the user expressly accepts this privacy statement and, in particular, agrees that the contents inserted are freely disseminated to third parties for the purposes indicated. The data received (personal data, CV data and personal contacts such as telephone number and email) will be used exclusively for the provision of the requested service and only for the time necessary.

The information that Users of the Website deem to make public through the services and tools rendered available to them, is provided by the User knowingly and voluntarily, exempting this Website from all liability regarding any violation of laws. It is up to the user to verify that they have permission to provide the personal data of third parties or content protected by national and international regulations.

2. Purpose of the Data Processing

The data collected by the site during its operation are used exclusively for the purposes indicated above, or in order to allow the user to contact Boxline UCL or to send the application and the CV to work with Boxline UCL and stored for the time strictly necessary to carry out the specified activities and, in any case, no more than 2 years.

If the user gives consent, they can be sent to the same newsletter or sms with communications on promotional initiatives.

The data used for security purposes (blocking attempts to damage the site) are kept for the time strictly necessary to achieve the previously indicated aim.

3 - Data provided by the user

All data provided by the user (personal data, CV data, personal contacts such as telephone number and email...) will be used in order to be contacted by Boxline. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender's address, which is necessary to reply to requests, as well as any other personal data included in the messages. Specific summary data will be progressively shown or displayed on the website pages dedicated to particular services requested.

4. Transfer of data abroad.

Personal data may be transferred to countries of the European Union and to third countries with respect to the European Union provided that this is necessary, in accordance with the provisions of European legislation on the transfer of personal data to third countries or to international organizations (Articles 44 - 47 and 49 GDPR).


Article 13 paragraph 2 of EU Regulation 2016/679 lists the user's rights. This site therefore intends to inform the user of the existence:

– of the right of the data subject to ask the Data Controller for access to personal data (Article 15 of the EU Regulation), the update (Article 7, paragraph 3, letter a of Legislative Decree 196/2003), correction (Article 16 EU Regulation), integration (article 7, paragraph 3 letter a 196/2003) or the limitation of the processing that concerns it (Article 18 EU Regulation) or to oppose, for legitimate reasons, to their treatment (Article 21 EU Regulation), in addition to the right to data portability (Article 20 Regulation EU);

- the right to request cancellation (article 17 EU Regulation), transformation into anonymous form or blocking of data processed in violation of the law, including data which need not be kept for the purposes for which the data are were collected or subsequently processed (article 7 paragraph 3, letter b Legislative Decree 196/2003);

- the right to obtain the attestation that the operations of updating, rectification, integration of data, cancellation, blocking of data, transformation have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which such fulfilment proves impossible or involves a use of means manifestly disproportionate to the protected right (Article 7, paragraph 3, letter c Legislative Decree 196/2003).

Requests can be sent to the data controller at his aforementioned email address (without formalities) or using the model provided by the Guarantor for the protection of personal data.

If the treatment is based on the art. 6, paragraph 1, letter a - express consent to use - or on article 9, paragraph 2 letter a - express consent to the use of genetic, biometric, health-related data revealing religious or philosophical beliefs or union membership, which reveal racial or ethnic origin, political opinions - the user has the right to revoke consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.

Likewise, in the event of violation of the law, the user has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, as the authority responsible for monitoring the processing in the Italian State.

For a more in-depth examination of similar rights, see Articles 15 et seq. of the 2016/679 EU Regulation and Article 7 of the Italian Legislative Decree no. 196/2003.


The owner must notify the Italian DPA which he intends to proceed, only if the treatment concerns:

- genetic, biometric data or data indicating the geographical position of people or objects through an electronic communication network;

- data suitable for revealing the state of health and sexual life, processed for the purpose of assisted procreation, provision of health services electronically relating to databases or the supply of goods, epidemiological investigations, detection of mental, infectious and diffusive diseases, seropositivity, organ and tissue transplantation and monitoring of health expenditure;

- data suitable for disclosing sexual life or the psychic sphere, processed by associations, bodies and non-profit organizations, even if not recognized, of a political, philosophical, religious or union nature;

- data processed with the aid of electronic tools aimed at defining the profile or personality of the interested party or analyzing consumption habits and choices or monitoring the use of electronic communication services with the exclusion of technically indispensable treatments to provide the services same to users;

- sensitive data recorded in databases for personnel selection purposes on behalf of third parties as well as sensitive data used for opinion polls, market research and other sample research;

- data recorded in special databases managed with electronic instruments and relating to the risk on economic solvency, the balance sheet, the correct fulfillment of obligations, illegal or fraudulent behavior.


This website is processing user data in a lawful and proper manner, adopting appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of the data. The processing is carried out using IT and/or electronic telecommunication tools, within organisational procedures and for reasons strictly related and limited to the stated purposes.

In addition to the Data Controller, in certain cases other parties involved in the operation of the Site may have access to stored personal data (administrative, sales, legal department, and system administrator personnel) or external individuals (such as third-party technical service providers, mail couriers, hosting providers, IT companies, and communication agencies).


This document, published on:, constitutes the privacy policy of this website.

It may be subject to changes or updates. In case of significant changes and updates, these will be notified to users with specific notifications.

However, previous versions of the document will be available on this page.

The document was updated on 12/06/2020 to comply with the relevant regulations, and in particular in compliance with EU Regulation 2016/679.