Privacy & Cookie Statement

Last Updated July 4th, 2018

Protection of personal privacy has always been a hallmark of Istituto Piepoli. Since its inception in 1965, Istituto Piepoli has maintained the confidentiality of each survey respondent unless an individual user consents to the release of the user’s Personal Information or individual results. In a similar manner, Istituto Piepoli protects the identity of individuals who access Istituto Piepoli Website.

This statement describes the types of information, including Personal Information, collected and processed through Istituto Piepoli website and through the services delivered via Istituto Piepoli website, and how Istituto Piepoli treats such information. For questions about this Privacy Statement or your Personal Information, please contact

Personal Information

By using the term “Personal Information” in our Privacy Statement, we refer to information that you individually provide to Istituto Piepoli either directly or indirectly that on its own or in combination with other information, can be used to identify you or make you identifiable. Personal Information includes for example your name, your mailing address, your telephone number, your e-mail-address or other information that identifies you or makes you identifiable.

Information that by itself cannot be used to identify you or make you identifiable does not qualify as Personal Information.


Istituto Piepoli website gather information in two ways: (1) indirectly (for example, through our site’s technology), and (2) directly (for example, when you, the site visitor, voluntarily provide information on various pages).

The information will be transferred to Istituto Piepoli Inc.’s servers located in Italy (“ITA”). Istituto Piepoli has certified to the Italy Department of Commerce that it adheres to the Italian. Privacy Shield Principles.

  1. Information Collected Indirectly

Istituto Piepoli indirectly collects a variety of information through your interaction with and use of Istituto Piepoli website. This information may include, but is not limited to, browser and device information, data collected through automated electronic interactions, application usage data, content information based on your individual interests, demographic information, geographic or geo-location information, statistical and aggregated information (“Other Information“).

Statistical or aggregated information does not directly identify a specific person, but it may be derived from Personal Information. For example, we may aggregate Personal Information to calculate the percentage of users in a particular zip code.

If we combine Other Information with Personal Information, we will treat the combined information as Personal Information.

1.1 Istituto Piepoli Cookies

Some types of indirectly collected information are stored in “cookies.” Cookies are small files of electronic information that a website can transfer to a visitor’s hard drive to help that visitor while on the site. There are different types of cookies:

  • Strictly necessary cookies are required for the operation of our website.
  • Functionality cookies are used to recognize you when you return to our website. These cookies simply store a user code so that the user does not have to re-enter their information when re-joining the site.
  • Targeting cookies record your visit on our platform and the pages you have visited. We will use this information to make our website more relevant to your interest.

The use of cookies is standard on the Internet. Although most Web browsers automatically accept cookies, the decision of whether to accept or not is yours. You have the choice to accept or decline cookies by way of consent. You may adjust your browser settings to prevent the reception of cookies, or to provide notification whenever a cookie is sent to you. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to access the full functionality of Istituto Piepoli Website. Cookies placed by Istituto Piepoli will expire when the user terminates the website session or after a reasonable period of inactivity.

1.1. a. Tracking Data and Third Party Analytics Providers

Website traffic volume and patterns, such as the number of visitors to a given website or page on a daily basis is typically referred to as Tracking Data. This type of indirectly collected information is gathered through various means, such as an IP address, which is a number that is automatically assigned to your computer whenever you are surfing the Web. Web servers, the computers that “serve up” Web pages, automatically identify your computer by its IP address. When you visit Istituto Piepoli Website, our servers log your computer’s IP address.

To obtain these Tracking Data, Istituto Piepoli uses third party analytics providers (“Third Party Analytics Providers“). The Third Party Analytics Providers use cookies to help us analyze how users use Istituto Piepoli website. The information generated by the cookie about your use of Istituto Piepoli website, including your IP address, will be transmitted to and stored by Third Party Analytics Providers’ servers. On behalf of Istituto Piepoli, the Third Party Analytics Providers will use this information for the purpose of evaluating your use of Istituto Piepoli website, compiling reports on website activity, and providing other services relating to website activity. The Third Party Analytics Providers will not associate your IP address with any other data held by them. This processing is necessary for the purpose of Istituto Piepoli’s legitimate interests in accordance with Art. 6 (1) 1 lit. f) GDPR, in particular, to ensure the proper functioning of our website.

For the abovementioned purpose Istituto Piepoli uses the following Third Party Analytics Providers: Google Analytics, Selligent, Oracle, Dynatrace and Zendesk. The list includes information about the use of each cookie, how to prevent the collection and use of information collected by the cookie.

One of our Third Party Analytic Providers is Google Analytics:

Google Analytics is a service from Google, Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; hereinafter “Google“) using cookies which are saved on your computer. The information generated by the cookie is transferred to and stored on a Google server (generally) located in the USA. Google uses this information on our behalf in order to analyze the use of our websites. The IP address transferred from your browser through Google Analytics is not merged with other data by Google for profiling purposes.

You can prevent Google Analytics’ collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available here. Istituto Piepoli uses IP anonymization, which truncates/anonymizes the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to and shortened by Google servers in the USA.

Further information can be found in the Google Analytics Terms of Service.

Only designated administrators of Istituto Piepoli can access the information gathered by Google Analytics, and the information is used only for administrative and planning purposes to meet the needs of our users, such as to improve the content of the site and to customize the content and/or layout of the site for individuals or groups of users.

  1. Cookies for advertising

We may use third-party advertising companies to serve ads on our behalf. These companies may use cookies and action tags to measure advertising effectiveness. You can still decide whether you want to accept these cookies by way of consent. You may adjust your browser settings to prevent the reception of third-party cookies, or to provide notification whenever such third-party cookies are sent to you. If you do not accept these cookies, we will not be able to show you personalized content and ads.

  1. Information Collected Directly

Istituto Piepoli also collects Personal Information and other information that users voluntarily provide. It is entirely your decision to provide the requested information.

Istituto Piepoli keeps all information directly collected confidential, and will only use the information for the particular purpose stated at the point of collection. Istituto Piepoli will seek your specific permission for any additional use. You may choose to have this information removed at any time. Istituto Piepoli will never barter, trade, or sell access to your information without your specific consent.

2.1. User Account Data

When setting up an account on one of the Istituto Piepoli Website (“User Account“), you may be asked to provide Personal Information including, but not limited to, your name, e-mail address, and your phone number. If you choose to purchase any products, services, access codes or other items for sale by Istituto Piepoli, you will be asked to provide payment details and your full address for billing purposes.

As a customer/user of Istituto Piepoli, we may obtain Personal Information about you when you register to use one of our websites or services/products or when you provide feedback about our products or services. The processing is necessary to perform the contract with you according to Article 6 (1) 1 lit. b) GDPR. As a customer/user, we will use your Personal Information, unless otherwise prohibited by law, for the following purposes:

  • To provide you with the products and services you request.
  • To communicate with you about your account or transactions with us and send you changes to our policies.
  • To provide support including, but not limited to, product updates, product patches and fixes and other similar communications.

Furthermore we will use your Personal Information for our legitimate interests according to Article 6 (1) 1 lit. f) GDPR to notify you about information about features on our site, new product releases and service developments and to advertise Istituto Piepoli’s products and services in accordance with this Privacy Statement.

Any User Account data will only be stored until you decide to terminate your User Account (see clause III.1. below). In case we are obliged to further store your Personal Information due to statutory retention requirements, your Personal Information will be barred for further use by Gallup and only be stored until such retention periods expire.

2.2. Other Personal Information Provided Directly

Personal Information provided by you on Istituto Piepoli Website, e.g. via contact forms, or via telephone will be stored in our service database and retained for the period necessary to fulfil our contractual obligations to you in accordance with Art. 6 (1) 1 lit. b) GDPR unless a longer retention period is required by law.


Many Istituto Piepoli website offer users the opportunity to participate in surveys or assessments via the internet. Istituto Piepoli will provide information about the purpose and process for each survey or assessment as part of the applicable survey or assessment.

  1. Access to your Survey or Assessment Results from Another User Account

Another online user may purchase an access code to a Istituto Piepoli survey or assessment for you. Please note that when participating in a survey or assessment, your results will also be accessible to the online user who purchased the Istituto Piepoli access code. The data accessible to that account holder may include your name and your results, but will not include your specific answers to individual questions within the survey or assessment. In addition, the account holder cannot modify, alter, or delete any of your results or User Account data.

After completion of the survey or assessment, you will at all times have the opportunity to change the settings for sharing your results with other account holders and opt-out from sharing your results.

  1. Sharing your Survey Results with other people

After completion of the survey or assessment, you may have the opportunity to share your survey or assessment results via e-mail, or social networks. Please note that only your name and results will be displayed. By sharing your information from your User Account with any social media service, you are authorizing us to share information we collect from and about you with the social media service provider, other users, and your network of contacts on the social media service, and you understand that the social media service’s use of the shared information will be governed by the social media service’s privacy policy. If you do not want your Personal Information shared in this way, please do not connect your Istituto Piepoli information to a social media service provider.


  1. Correcting and Changing User Information and Preferences; Deletion of User Accounts

If you have given your consent in accordance with Article 6 (1) 1 lit. a) GDPR to receiving e-mail communications from Istituto Piepoli but wish to withdraw your consent and discontinue this service, you may do so at any time by contacting us (see also below clause III.8. “Your rights”). In addition, as a registered user, you can change your settings within your User Account under “MY ACCOUNT” by updating your “Contact Me” settings.

You also have the option at all times to have your User Account deleted for Istituto Piepoli website or to request a revision of your user information at any time. To do so, please contact us.

  1. Information Security

Istituto Piepoli employees understand the need for user privacy, and we maintain reasonable and appropriate security procedures to protect your information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the Personal Information. Istituto Piepoli has appointed a Privacy Policy Administrator to monitor privacy practices. Access to user data is strictly limited to specific individuals who are trained to respect user privacy. The access given to these employees is restricted to their need for such information for business purposes. A log of those who accessed the data is maintained and monitored to prevent security breaches.

  1. Third-Party Information Storage

We provide Personal Information to our affiliates and other trusted businesses or persons to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures. For example, we use service providers such as Amazon cloud for data storage. Any vendor or agent that we retain are not allowed to use Personal Information they receive from us for any other purpose that to perform the contracted services we have contracted them to perform. Like Istituto Piepoli, they will never barter, trade, or sell access to your information. Istituto Piepoli remains responsible and liable under the Privacy Shield Principles if third-party agents that Istituto Piepoli engages to process the Personal Information on Istituto Piepoli’s behalf do so in a manner inconsistent with the Principles, unless Istituto Piepoli proves that Istituto Piepoli is not responsible for the event giving rise to the damage.

  1. Children and Privacy

Istituto Piepoli encourages parents and guardians to spend time with their children online and to be fully familiar with the sites visited by their children. Istituto Piepoli sites do not contain content that is generally considered unsuitable for children.

  1. Links to Other Sites

Istituto Piepoli websites may contain links to sites owned and/or operated by other organizations, and the privacy policies of those sites may differ from that of Istituto Piepoli. These sites may collect data and make use of it in ways that Istituto Piepoli does not. We encourage you to review the privacy policies posted on all third-party sites.

  1. Location of Data Collection and Processing and Storage

In personally accessing Istituto Piepoli websites, you may be submitting Personal Information and survey or assessment results that Istituto Piepoli will use for business purposes that are consistent with this Privacy Statement. As a worldwide organization, Istituto Piepoli collects information that may be processed internationally throughout Istituto Piepoli offices worldwide. Your information may be processed in the United States or any other country in which Istituto Piepoli maintains facilities including any Istituto Piepoli subsidiary.

Istituto Piepoli keeps Personal Information gathered and processed for the purposes described in this Privacy Statement for as long as there is a business purpose.

  1. Compliance and Cooperation with Regulatory Authorities

Istituto Piepoli complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personal Information transferred from the European Union and Switzerland to the United States respectively. Istituto Piepoli has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

  1. Your rights

You have the right to access the Personal Information that we hold about you and to correct, update, amend, suppress, delete or otherwise modify any Personal Information where it is inaccurate, or has been processed in violation of the EU-US Privacy Shield Principles. When updating your Personal Information, we may ask you to verify your identity before we can act upon your request.

You may also, if governed by the General Data Protection Regulations, object to the use or processing of your Personal Information or withdraw consent to use your Personal Information at any time.

Under the General Data Protection Regulations, regarding the processing of your Personal Information, you have the following rights:

  • the right to require free of charge (i) information whether your Personal Information is retained and (ii) access to and/or (iii) duplicates of the Personal Information retained. However, if the request affects the rights and freedoms of others or is manifestly unfounded or excessive, we reserve the right to charge a reasonable fee (taking into account the administrative costs of providing the information or communication or taking the action requested) or refuse to act on the request;
  • the right to request proper rectification, removal or restriction of your Personal Information;
  • where processing of your Personal Information is either based on your consent or necessary for the performance of a contract with you and processing is carried out by automated means, the right to receive the Personal Information concerning you in a structured, commonly used and machine-readable format or to have your Personal Information transmitted directly to another company, where technically feasible (data portability);
  • where the processing of your Personal Information is based on your consent, the right to withdraw your consent at any time without impact to data processing activities that have taken place before such withdrawal or to any other existing legal justification of the processing activity in question;the right not to be subject to any automatic individual decisions which produces legal effects on you or similarly significantly affects you and
  • the right to take legal actions in relation to any breach of your rights regarding the processing of the Personal Information, as well as to lodge complaints before the competent data protection regulators.

To exercise the rights referred to above, please contact us at

As far as we process your Personal Information on the basis of our legitimate interests pursuant to Art. 6 1) lit. f) GDPR, you may object to processing at any time. You may find the detailed description of our processing activities and the legal basis in the sections before. If you object we will no longer process your Personal Information unless there are compelling and prevailing legitimate grounds for the processing or the data is necessary for the establishment, exercise or defence of legal claims. If you object to such processing, we ask you to state the grounds of you objection in order for us to examine the processing of your Personal Information and decide whether to adjust the processing accordingly.

Please note that the processing of your Personal Information may involve advertising activities as described above. If you do not want that we process your Personal Information for direct marketing activities, you can object free of charge at any time via e-mail

Istituto Piepoli will obtain your consent before sharing your Personal Information with any third party that is not acting as an agent or vendor to perform tasks on our behalf or to use the information for a purpose materially different from the purpose for which it was initially collected or subsequently authorized by you. An exception to this will be (among others) where Istituto Piepoli’s processing of Personal Information is necessary for compliance with a legal obligation under the applicable law.

  1. Sensitive Information

For processing of your sensitive information (e.g. medical information, Personal Information revealing ethnic or racial origin, political opinions, religious or philosophical beliefs, trade union membership, the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or a natural’s person sex life or sexual orientation), we will obtain your explicit consent.

Istituto Piepoli is among others not required to obtain explicit consent with respect to sensitive information where the processing is (a) necessary to protect the vital interests of the data subject or another natural person where the data subject is physically or legally incapable of giving consent; (b) necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity; (c) necessary to carry out Gallup’s obligations in the field of employment law in so far as it is authorised by European Union or Member State Law or a collective agreement pursuant to Member State Law providing for appropriate safeguards for the fundamental rights and the interests of the data subject; or (e) related to information that is manifestly made public by the individual.

  1. Dispute Resolution

If you have any complaints regarding our compliance with this Policy or a Privacy Shield related or general privacy related complaint, you should first contact us. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with this Policy.

With respect to human resources data, Istituto Piepoli will cooperate and comply with the EU DPA’s and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with the advice given by such authorities with respect to human resources data transferred from the EU and Switzerland in the context of the employment relationship. If you do not receive timely acknowledgement of your complaint from Istituto Piepoli, or if we have not addressed your complaint to your satisfaction, you may contact the EU DPA’s for more information or to file a complaint. The services of the EU DPA’s are provided at no cost to you.

Under certain conditions, more fully described on the Privacy Shield website, you have the possibility to invoke binding arbitration when other dispute resolution procedures have been exhausted.

  1. Policy Updates

This Privacy Statement is Istituto Piepoli’s promise to its website users and Users with a registered User Account. Additional information that is particular to specific Istituto Piepoli site may exist, and updates to this policy may be posted. For these reasons, we suggest that users who may have specific concerns about the information being gathered and use of that information regularly view the Privacy Statement on each site. Istituto Piepoli reserves the right to change the policy on use of information collected at any time.

  1. Additional Questions or Comments

If you have any inquiries, complaints, access requests and any other questions arising under Privacy Shield or comments regarding Istituto Piepoli’s Privacy Policy, please contact us. Istituto Piepoli will respond to you within 30 days of receiving a complaint.