PRIVACY POLICY OF THE TOSETTO GROUP

in accordance with article 13 of Italian Legislative Decree No. 196 of 30 June 2003 "Personal Data Protection Code"

With this note Gruppo Tosetto Srl, Extend Srl Unipersonale, Teloni Tosetto Srl Unipersonale, Tosetto Consulting Srl Unipersonale and Pubblisystem Srl, companies of the Tosetto Group (hereinafter referred to jointly as the “Tosetto Group”) intend to inform users visiting the Web sites www.gruppotosetto.it, www.extend.it, www.telonitosetto.it, www.pubblisystem.it and www.tosettoconsulting.it (hereinafter referred to as the 'Web site') of the Policy adopted for the Protection of personal data, emphasising the commitment and attention to the protection of the privacy of the Web site visitors.

You do not need to register to access the Web Site, which is open to everyone. You may have to register for some specific services. When the user provides their personal data for further services (ex. requests for information, estimates, subscription to the newsletter, etc.), they will be specifically informed, in accordance with article 13 of Italian Legislative Decree n. 196-30/06/2003, (by way of example) of the purpose the data will be used for by the Tosetto Group, with the right to request the cancellation or revision of the data at any time.

PRIVACY STATEMENT

In accordance and by effect of Italian Legislative Decree n.196/2003 ("Personal Data Protection Act " – hereinafter "Privacy Code") the Tosetto Group provides the following information.

1. The Controller and Processor of the Processed Data

The companies of the Tosetto Group (in particular Gruppo Tosetto Srl, Extend Srl Unipersonale, Teloni Tosetto Srl Unipersonale, Tosetto Consulting Srl Unipersonale and Pubblisystem Srl) with registered office in Cittadella (PD) are the Controllers of the processed data, in accordance with article 28 of the Privacy Code. The company Tosetto Consulting Srl Unipersonale is the Processor of the data for this Web Site, in accordance with article 29 of the Privacy Code. You can request a complete list of the Data Processors by sending the request to the contact addresses in point 7.

2. Types of personal data processed

You will require a username and password, which will be provided by the Tosetto Group, to access the Reserved Area of the web site. After the Login procedure you will have access to all sections of the portal, and can download the material available. You do not need to register for access to the other areas of the Web Site. There are services on the Web Site you may have to provide your details for however: in particular, you may be asked to provide your data to subscribe to the Newsletter, etc.

If the Tosetto Group acquires personal data and information we will inform the users beforehand of the specific purposes for which said data will be used and the methods of processing the same, in accordance with article 13 of the Privacy Code. When necessary, the Tosetto Group will request the user's specific consent to use the data (to subscribe to the Newsletter for example). By way of example, personal data such as forename and surname, phone number, e-mail address and other information may be requested, which the user can accept to provide to use the services by filling in a specific registration form. The Tosetto Group will only use the personal data collected online for the purposes indicated during registration, which could be, by way of example, answer to your inquiries or send the Newsletter.

Data concerning connection and browsing the Web Site (such as the URI-Uniform Resource Identifier addresses of the required resources, the time of the request, the method used to send the request to the server, the dimension of the file sent in response, the numeric code indicating the state of the response from the server (connected, error, etc.) and other parameters on the user's operating system and computer environment) are collected and used in an anonymous form for the sole purpose of processing anonymous statistical information on the use of the Web Site and to check it is working properly. The data may be used for investigations into computer-related crime which may damage the web site. The data will be deleted after the services illustrated on the web site have been provided. With reference to the data on browsing the Web Site, see also point 5 below concerning the Profile instruments used on the Web Site.

3. Providing personal data is optional

With the exception of the data on browsing the Web Site (see points 2 and 5), filling in the form to provide your Personal data is optional. Not providing your personal data or failing to give your consent to process the same may however make it impossible to provide the specific services and satisfy your requirements.

4. Data processing method and scope of the communication

Unless there are indications to the contrary in the specific privacy statements of the Web Site, the personal data will be processed with computer instruments for the time strictly necessary to fulfil the purpose the data was collected for, after which the data will be deleted. The Tosetto Group guarantees the personal data entered on the Web Site will be processed in a legitimate and correct way in full respect of the laws in force, with registration data kept confidential. The data will not be made available to third parties except within the limits and under the conditions specifically indicated in the privacy statement presented to the user each time the need arises and subject to authorisation by the same. Specific security steps have been taken to prevent data loss, illicit or improper use, and unauthorised access. All the information collected is transmitted using protected connections to prevent access by third parties. Web site security is guaranteed and certified by Bizen Srl, a provider of Internet web site security services.

5. "Profiling" instruments

The Tosetto Group does not promote and/or advertise its services without the specific prior consent of the user. The Web Site uses “Cookies”: these are text files saved on the hard disk of the user’s PC when browsing the Web Site. The information in the cookie identifies the user’s PC for the Web Site every time the user connects to the Web Site using the same PC. The cookies do not collect information that can identify the user directly.

Cookies make the user’s Web Site browsing easier and faster, for example by saving the companies of the Group the user was interested in. The cookies used by the Web Site provide the following information:

1) The domain name from which the Web Site server sends the cookies, which is: www.sitovivo.com

2) Purpose of the data collection: the cookies are only used to make browsing the Web Site easier and faster and improve the contents.

3) Data collection: the following information is saved: the URI (Uniform Resource Identifier) addresses of the resources required, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the state of the data from the server (connected, error, etc.) and other parameters relevant to the operating system and the computer environment of the user.

4) Validity of the cookies: the Web Site uses permanent cookies (in other words cookies which are saved until they are deleted by the user) and the data collected is kept for the time required to provide the services illustrated on the web site, then the data is deleted. In any case, the cookies are saved for 6 months at the most.

5) Enabling cookies: if cookies are disabled you will still be able to browse the Web Site, but some of the content may not be available.

6) Disabling and deleting cookies: you can disable or delete cookies at any time. To do so refer to the User’s Manual of your browser (Help page). In particular, if you do not wish to receive cookies, you can set your browser so it generates a warning before accepting a cookie so you can decide whether to accept the cookie or not; you can also automatically refuse all cookies, using the relevant option in the browser.

7) Communicating data: the information collected in cookies is reserved and will not be communicated to third parties. The following information is saved in the cookies (generated by the domain sitovivo.com): a numeric ID which univocally identifies the Tosetto Group and a numeric ID which identifies the user (browsing the web site), both are saved in our database; a numeric ID which univocally identifies the user’s browsing (“record”) in our database; a pseudo-casual session alphanumeric ID automatically deleted by the browser when it closes (session cookie). No other user profiling instruments are used by this Web Site (for example spyware).

When the user subscribes to one of the services provided by the Web Site and gives their specific consent for their browsing to be monitored, the data on the browsing of the Web Site may be associated with their personal data and can be used, subject to specific consent from the user, to send specific commercial communications on the basis of the user’s interests.

6. Links to other web sites

This privacy statement only applies to the Web Sites www.gruppotosetto.it, www.telonitosetto.it, www.pubblisystem.it and www.tosettoconsulting.it and does not apply to any other web sites the user may open using links. The Tosetto Group cannot be held responsible for personal data provided by users to external subjects or any other web sites linked to or associated with this Web Site.

Gruppo Tosetto non può essere ritenuto responsabile dei dati personali forniti dagli utenti a soggetti esterni o a eventuali siti web collegati al presente Sito.

7. User's rights

'In accordance with article 7 of the Privacy Code you have the right to obtain information on the processing of ''your data from the Processor, including ''1) ''obtaining'', without delay, confirmation of the existence or non-existence of your personal data [...]; 2) ''obtaining'': a) information on the origin of the personal data, the purpose and methods used in processing, the logic of the processing with electronic instruments, the identity of the controller or person responsible, subjects or categories of subjects to whom the data may be communicated or who may come into contact with the data in their managerial or clerical position; the revision, correction or integration of the data when requested; b) the cancellation, the transformation in an anonymous form, or blocking the processing of data in violation of the law; 3) ''dispute'' the processing of your personal data, in whole or in part, envisaged for providing commercial information or sending promotional material or for direct sale, or for market research or commercial communications.'' '

'You can exercise your rights in accordance with article 7 of the Privacy Code at any time by ''writing to ''the e-mail address ''privacy@gruppotosetto.it'' or by sending a written request to Tosetto Consulting Srl Unipersonale, ''Processor pro-tempore Trattamento Dati'', via del Macello, 36, Cittadella (PD), sending a fax to +39 (0)499401238 or phoning +39 (0)499404426.'

'The full text of Italian Legislative Decree n. 196-30/06/2003 is available on the web site of the ''Italian data protection Commission''.'