Skip to main content


Why this notice

This page describes the methods and logics for managing the site with reference to the processing of the personal data of the users who consult it.
This is an information that is also provided pursuant to art. 13-14 of EU Reg. 679/16 and of the Italian legislation in force for the protection of personal data D.lg.s. 196/2003 and succ. modif. and additions, in particular those introduced by Legislative Decree n. 101/2018 to those who interact with the web services of the site accessible electronically from the address (hereinafter referred to as the site) and not for other sites external and possibly connected websites that can be consulted by the user through links on the site.

This document incorporates the contents of the Privacy Policy applied by the Authority for the protection of personal data with reference to the processing of personal data of users who connect to the official website
It is the intention of the Torrefazione Moka Sir's Spa company to conform its privacy protection policies to the provisions of EU Reg. 679/16 also with the precautions and procedures that the Guarantor has specified in the Privacy Policy document published on the official website of the 'Authority.

The processing of personal data means any operation or set of operations carried out with or without the aid of automated processes and applied to personal data or a set of personal data, even if not registered in a database, such as collection, registration, organization, structuring, storage, elaboration, selection, blocking, adaptation, or modification, extraction, consultation, use, communication by transmission, dissemination any other form put available, comparison or interconnection, limitation, cancellation or destruction.

1. Data Controller

The data controller is Torrefazione Moka Sir's S.p.a., in the person of its pro tempore legal representative with registered office in Via Privata Cesare Battisti, 2 - 20122 Milan (MI), C.F. and VAT number 00181250184 - R.E.A. MI n °. 1703616 R.E.A. PV no. 129448 - Share Capital Euro 1,820,000.00 Int. Vers. E-mail: - e-mail pec:

2. Types of data collecte Among the Personal Data collected by this Application, there are:

Data provided voluntarily

The optional, explicit and voluntary sending of e-mails to the addresses indicated on the Portal entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.

Sending data from the contact form or for participation in training courses is mandatory and necessary to respond to requests sent as well as to contact the sender again to obtain the information requested or to participate in courses. The privacy policy regarding the data provided in this way will be available in the appropriate sections of the site.

Navigation data

The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or computer domain names used by users who connect to the site, etc.

Any use of Cookies - or of other tracking tools - by this site or by the owners of third party services used by this site, unless otherwise specified, has the purpose of identifying the User and recording their preferences for purposes. strictly related to the provision of the service requested by the User.

The User assumes responsibility for the Personal Data of third parties published or shared through this site and guarantees to have the right to communicate or disseminate them, freeing the Owner from any liability to third parties

3. Method and place of processing of the collected data

Processing methods

The Owner processes the Personal Data of Users by adopting appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data, in order to meet the legal requirements and protect the rights of the interested parties
The data processing can be carried out both with the use of paper support and with the aid of electronic, IT and telematic tools, in a manner and with suitable tools to guarantee the security and confidentiality of the data and may consist that in their collection, registration, organization, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction, in accordance with the provisions of art. 4 n. 2) of the GDPR. In addition to the Data Controller, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as suppliers of third party technical services, postal couriers) may have access to the Data. hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.
The Data is processed at the Data Controller's operating offices and in any other places where the parties involved in the processing are located.
For further information, please contact the Data Controller.

4. Legal basis of the processing

The Owner processes Personal Data relating to the User in the event that one of the following conditions exists:

the User has given consent for one or more specific purposes; Note: in some jurisdictions the Data Controller may be authorized to process Personal Data without the User's consent or another of the legal bases specified below, as long as the User does not object ("opt-out") to such treatment. However, this is not applicable if the processing of Personal Data is governed by European legislation on the protection of Personal Data;
the processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures;
the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;

the processing is necessary for the performance of a task of public interest or for the exercise of public authority vested in the Data Controller;

the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.

However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

5. Retention period

The Data are processed and stored for the time required by the purposes for which they were collected and in any case in accordance with the law.
The User can obtain further information by contacting the Owner.
At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

6. Purpose of processing the collected data

The User Data is collected to allow the Owner to provide its Services, as well as for the following purposes: Statistics and Contacting the User.
To obtain further detailed information on the purposes of the processing and on the Personal Data concretely relevant for each purpose, the User can refer to the relevant dedicated sections on the site.

Mainly, Moka Sir's S.p.a. uses the data provided by the interested parties to:

a) for preliminary requirements to the stipulation of sales contracts, to execute them and to protect the credit positions deriving from them; for normal internal operational, management and accounting needs; to fulfill any type of obligation provided for by laws or regulations in force, in particular, in tax matters;

b) for commercial and marketing purposes;
c) for profiling purposes;
d) sending the periodic newsletter.
The granting of consent for the purposes referred to in point 6 lett. a) is mandatory and the related processing may be carried out without the consent of the interested party. Failure to provide the data will make it impossible for us to fulfill and respect the commitments undertaken and deriving from existing contractual and pre-contractual relationships.

The provision for the purposes referred to in point 6 lett. b), c) and d) is optional and must be provided in the manner set out in art. 7 of the GDPR. Communications relating to marketing activities may take place through the use of traditional methods (eg: paper mail, telephone calls) and telematic (eg: e-mail). If you are already our customer, we can send you commercial communications relating to services similar to those you are already using, unless you disagree.

Failure to consent for the purposes referred to in point 6 lett. b), c) and d) will result in the inability to be updated on commercial initiatives and / or promotional campaigns, to receive offers or other promotional material and / or to send the user personalized offers.
For all the purposes mentioned above, Moka Sir's S.p.a. may appoint external suppliers to whom only and exclusively the data strictly necessary for the performance of the assignment are transmitted.

If this consent has been given by selecting the "Subscribe to the Newsletter" box, Moka Sir's S.p.a. may send the user advertising or promotional messages, using all the contact details provided by him, within the limits of the provisions of the Code and without prejudice to the user's right to deny such use at any time.

7. Communication and dissemination of data

The data will not be disclosed and will be processed by the employees of the Company, who operate as persons authorized to process data according to the tasks performed and adequately trained. The data may be disclosed to external parties including the Managers appointed pursuant to art. 28 of the GDPR. In particular, the data may be disclosed to the following categories of subjects, listed below by way of non-exhaustive example: banking institutions and companies specialized in payment management and credit insurance, law and consulting firms, persons in charge of auditing of the company's financial statements, public authorities or administrations for legal obligations, Italian and foreign suppliers, financing and transport companies.

It should be noted that a detailed list of Data Processors is available at the Moka Sir's Spa headquarters.
For all the purposes indicated in this information, your data may also be communicated abroad, inside and outside the European Union, in compliance with the rights and guarantees provided for by current legislation, subject to verification that the country in question guarantees an adequate level of protection pursuant to the provisions of the GDPR.

8. User rights

In relation to the aforementioned data, all the rights referred to in Articles. 15, 16, 17, 18, 20 and 21 of the GDPR, and specifically:

a) the right to access personal data and to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the Data processed;
b) their correction in case of inaccuracy;
c) the cancellation of data;
d) the limitation to processing when certain conditions are met, in this case the Data Controller will not process the Data for any other purpose than their conservation;
e) opposition to processing, when it occurs on a legal basis other than consent;
f) the right to data portability, i.e. to receive the personal data provided in a structured format, commonly used and readable by an automatic device, and to have it transferred to another Data Controller without hindrance.
In case of violation of these provisions, the data subject has the right to lodge a complaint with the competent Personal Data Protection Supervisory Authority or take legal action.

9. Withdrawal of consent

The consent given may at any time be revoked, without this jeopardizing the lawfulness of the processing based on the consent given before the revocation and the further processing of the same data based on different legal bases than the consent itself, such as the fulfillment of contractual obligations. and the law.

10. How to exercise your rights

To exercise the rights of the User, Users can send a request to the Data Controller without formalities, by sending a communication to the company Torrefazione Moka Sir's S.p.a., to or to
Requests are filed free of charge and processed by the Data Controller in the shortest possible time.

11. Defense in court

The User's Personal Data may be used for defense by the Owner in court or in the stages leading to its eventual establishment, from abuses in the use of the same or related services by the User.
The User declares to be aware that the Data Controller may be required to disclose the Data at the request of the public authorities.

12. Specific information

At the request of the User, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific services, or the collection and processing of Personal Data.
This Application does not support "Do Not Track" requests.

To find out if any third-party services used support them, the User is invited to consult the respective privacy policies.

13. Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to Users on this page. Please therefore consult this page often, referring to the date of the last modification indicated at the bottom. In the event of non-acceptance of the changes made to this privacy policy, the User is required to cease using this Application and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to the Personal Data collected up to that time.

If the changes concern treatments whose legal basis is consent, the Data Controller will collect the User's consent again, if necessary.

14. Definitions and legal references

Personal Data (or Data)
Any information relating to a natural person, identified or identifiable, even indirectly, by reference to any other information, including a personal identification number, constitutes personal data.
Usage Data
This is the information collected automatically by this site (or by third-party applications that this site uses), including: the IP addresses or domain names of the computers used by the User who connects with this Application, the addresses in URI (Uniform Resource Identifier) ​​notation, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc. ) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, to the parameters relating to the operating system and the IT environment of the User.


The individual who uses this site, who must coincide with the interested party or be authorized by him and whose personal data are being processed.


The natural or legal person to whom the Personal Data refers.

Data Processor (or Manager)

The natural person, legal person, public administration and any other body, association or organization appointed by the Data Controller to process Personal Data, as established by this privacy policy.

Data Controller (or Owner)

The natural person, legal person, public administration and any other body, association or organization which is responsible, even jointly with another owner, for decisions regarding the purposes, methods of processing personal data and the tools used, including the profile of the security, in relation to the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.

This Application

The hardware or software tool through which the Personal Data of Users are collected.


The service provided by this application as defined in the relative terms (if available) on this site / application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document is intended to be extended to all current member states of the European Union and the European Economic Area.


Small piece of data stored in the User's device.

Legal references

Notice to European Users: this privacy statement has been drawn up on the basis of current legislation including articles. 13-14 of EU Reg. 679/2016.
Unless otherwise specified, this privacy statement only concerns this application / site.

04 MARCH 2020