Privacy Policy Persuant to article 13 of regulation (EU) 2016/679

1. Introduction

For Arena S.p.A. your privacy and the safety of your personal data are very important; for this reason, we collect and process them with the utmost care and attention, while adopting specific technical and structural measures to ensure the full safety of such processing.

Please note, therefore, that pursuant to Article 13 of European Regulation 2016/679 (the "Regulation") the processing of your personal data is carried out according to procedures aimed at ensuring safety and confidentiality, and it is performed by using paper, IT and/or telematic means, according to what is specified herein.

This privacy policy is also provided in accordance with Recommendation 2/2001 adopted by the European authorities for the protection of personal data, united in the Group established by Article 29 of Directive 95/46/EC on May 17th, 2001.

2. Definitions

Personal Data: means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is anyone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, data relating to location, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Special categories of personal data: any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data relating to a natural person’s sex life or sexual orientation.

Data Controller: means the natural or legal person, public authority, agency or other body that – either alone or jointly with others – determines the purposes and means of the processing of personal data.

Data Supervisor: means the natural or legal person, public authority, agency or other body that processes personal data on behalf of the data controller.

3. Data Controller

The processing of your personal data is carried out by Arena S.p.A. ("Arena"), with registered office in Tolentino (Macerata, Italy), C.da Cisterna 84/85, as Data Controller under and pursuant to the EU Regulation.
For any questions or requests about the processing of your personal data. you can contact Arena at any time by sending a request to the following contact addresses:

Data Controller
Company: Arena S.p.A.
Registered office address: Contrada Cisterna, 84/85, 62029, Tolentino (Macerata, Italy)
Telephone: +39 0733 956 200

4. Type of Data and Purposes of Processing

The personal data processed by Arena are the data you give us when you place a purchase order for goods or services, as well as the data we collect while you browse or use the online services supplied by Arena.

Arena can then collect information about you, including personal data such as full name, e-mail, mailing address and invoicing address, browsing data and your buying habits.

Your personal data, once collected, are used to:

Purposes Legal Basis
A Execute your purchase orders relating to one or more products available on the Site, hence perform, manage and/or fulfill the contractual obligations. The processing performed for these purposes is necessary for the fulfillment of contractual obligations and does not require any specific consent of the data subject.
B Perform statistical surveys, market research and promotional activities. The processing performed for these purposes is carried out with the specific consent of the user.
C Fulfill obligations under any applicable laws, rules, European regulations or provisions issued by a Supervisory Authority and by Monitoring and Control Bodies. The processing performed for these purposes is necessary for the fulfillment of law requirements and to make the services/goods available to you and does not require any specific consent of the data subject.
D Detect your use experience of our web services, of the products and services we offer, as well as ensure the proper functioning of the web pages and their contents. The processing performed for these purposes is based on a legitimate interest of the Data Controller, and does not require any specific consent of the data subject.
E Carry out direct promotional activities, through periodical newsletters and other promotional tools to the e-mail address that you have voluntarily provided to us when registering on the Site. The processing performed for these purposes is carried out with the specific consent of the user, except for commercial messages relating to products and/or services similar to those already purchased and/or subscribed to by the user for which the processing is based on a legitimate interest of the Data Controller.

Your personal data are processed by the duly authorized personnel of Arena pursuant to Article 4, paragraph 10 of the EU Regulation, processing data in full accordance with the instructions given by the Data Controller.

Also, your personal data will be disclosed to any third parties that we rely on to supply our services; these have been suitably selected by us and provide sufficient guarantees regarding compliance with the regulations on personal data processing. They have been appointed in accordance with Article 28 of the EU Regulation, and they are required to carry out their activities according to the specific instructions given by Arena and under its control.

These third parties may belong to the following categories: financial operators; Internet providers; companies specializing in IT services; couriers; companies that perform marketing activities; companies specializing in market research and data processing. A specific and updated list of these third parties is available at the registered office of the Data Controller, and can be consulted at the request of the data subject.

Data may be disclosed to third parties in case of mergers, takeovers, sale of businesses or business units and any other extraordinary transactions, as well as to any legitimate recipient of notifications provided for by any laws or regulations. To achieve the above processing purposes, your personal data may be disclosed to other companies of the Group which Arena belongs to; these companies will process the data according to the applicable privacy laws and are based within the European Union. It is understood that your personal data will not be disclosed to third parties so that they can use them for their own promotional purposes and will not be disseminated in any way.

Your data may also be forwarded to the police and to the judicial and administrative authorities, in compliance with the law, for the investigation and prosecution of criminal offences, the prevention of and protection against threats to public safety, as well as to allow Arena to exercise or protect its own rights or any third-party rights before the competent authorities, and for any other reasons related to the protection of the rights and freedoms of others.

5. Data transfers outside the EU

Some of the third parties referred to in paragraph 4 hereof may be based in countries outside the European Union, which do offer – however – an adequate level of data protection, as determined by specific decisions of the European Commission.

The transfer of your personal data to third parties domiciled or based in countries that do not belong to the European Union and which do not ensure an adequate level of protection will only be performed with your consent or on the basis of express agreements – entered into between Arena and such entities – containing safeguard clauses and appropriate guarantees for the protection of your personal data – that is, the so-called "standard terms", which are also approved by the European Commission, or if the transfer is necessary for the execution and performance of a contract between you and Arena or for the management of your requests.

6. Data Retention

Please note that your data will be retained for a limited period of time, which varies depending on the type of processing activities and the specific purposes of the processing, as is exemplified by the following:

  • data collected to enter into and perform any purchase agreements for goods or services: the data will be retained up to the fulfillment of the administrative-accounting requirements. Invoicing data shall be retained for ten years from the date of the invoice;
  • data about users registered on a portal / website: such data will be retained until you request the cancellation of your profile;
  • payment details: the data will be retained until receipt of the payment and the fulfillment of the administrative-accounting requirements;
  • data collected within the framework of the use of services provided by Arena: these data are retained until the termination of the service or the cancellation of the service subscription by the user;
  • data related to users' requests to the Customer Service of Arena: any data useful to assist you will be retained up to the fulfillment of your request;
  • CV: for six months from receipt;
  • data for commercial communications activities, opinion polls and market research: these data are retained up to the user’s request for interruption of the activity or otherwise will be deleted within two years of the last interaction of any kind between the data subject and Arena.

At the end of such periods, your data will be permanently deleted or irreversibly anonymised by Arena.

7. Your rights

Please note that you are entitled to exercise the following rights in relation to the personal data concerned with this privacy policy, as provided for and guaranteed by the Regulations:

  • Right of access and collection (Articles 15 and 16 of the Regulation): you have the right to access your personal data and to request that they be corrected, amended or supplemented. If you so desire, we will provide you with a copy of your data in our possession.
  • Right to data deletion (Article 17 of the Regulation): in the cases provided for by the law, you can request the deletion of your personal data. Upon receiving and examining your request, if it is found to be legitimate, we will no longer process your personal data, which will be deleted.
  • Right to the limitation of processing (Article 18 of the Regulation): you have the right to request the limitation of the processing of your personal data in the event of any unlawful processing or objection to the accuracy of the personal data by the data subject.
  • Right to data portability (Article 20 of the Regulation): you have the right to obtain from the Data Controller your personal data in order to send them to another controller, where applicable under said Article.
  • Right to object (Article 21 of the Regulation): You have the right to object at any time to the processing of your personal data carried out on the basis of our legitimate interests, by explaining to us the reasons for your request; prior to accepting it, Arena shall assess the reasons for your request.
  • Right to lodge a complaint (Article 77 of the Regulation): you have the right to lodge a complaint with the Personal Data Protection Competent Authorities if you deem that a violation of your rights concerning the processing of your personal data has occurred or is underway.

You can exercise your rights with regard to the specific treatment of your personal data by Arena at any time.

Further information about the rights of the data subject can be obtained by asking the Data Controller to provide an integral extract of the above-mentioned Articles.

8. Security measures

Arena adopts suitable preventive security measures to protect the confidentiality, integrity, completeness and availability of the personal data of the data subject. Technical, logistic and organizational solutions are developed which aim at the prevention of any damage, including accidental loss, alteration, misuse and unauthorized use of the data processed.

In particular, to protect the data subject's personal data, the Site uses a coding system that provides protection by encrypting the information both on the log-in page and in other sections where you can release, view or edit your personal data.

In addition, the Data Controllers shall not be held responsible for the false information sent directly by the user (e.g., the accuracy of e-mail addresses, credit card details or postal addresses), and for the information about the user provided by a third party, including fraudulently.

9. Changes to this Privacy Policy

The constant evolution of our services may result in changes to the characteristics of the personal data processing described herein. This privacy policy may be amended and supplemented over time, as may be necessary because of any new regulations concerning personal data protection or the evolution / modification of our services.

We invite you, therefore, to check the contents of our information regularly: whenever possible, we will inform you promptly about any changes and their consequences.

The updated version of the privacy policy information, in any case, will be posted on the page, indicating the date it was last updated.

10. Date of last update


Cookies information

Cookies are small text strings stored on your computer when you visit certain pages on the Internet.

Cookies are not harmful to your device.

In the cookies we generate we do not store personal identifying information such as details on credit cards, but we use encrypted information gathered from them to improve your experience of the site. For example, they are useful to identify and resolve errors, or to determine relevant related products to be shown to the visitor during navigation.

Cookies can perform various functions, such as allowing you to navigate between different pages efficiently, remembering preferences, and in general they can improve the user's experience.

Further information about cookies can be obtained on the websites: and

Therefore, Arena S.p.A. reserves the right to use cookies with your consent, if provided for by the law or the regulations, in order to help navigation on its websites and/or control and customize the information displayed. Arena S.p.A. also reserves the right to use similar systems to collect information about the users, such as the IP address, the type of Internet browser and the operating system used and/or the web pages visited by the user, for statistical or safety purposes. Arena S.p.A. may collect this information to track the use of the websites and improve certain features.

Please note that to be able to order products on the Arena Online Shop (, you must have cookies enabled. If you do not want to accept cookies, you can still browse the Site and use it for research purposes, but navigation could be affected if some features may be disabled. In most browsers with cookies enabled, you will find the information you need to change the setting of cookies.

Below is a brief illustration of how Arena S.p.A. uses cookies and similar tools.

Navigation Cookies

These cookies are essential to allow you to surf the Site and use its features, such as access to restricted areas of the website. Without these cookies, it is not possible to provide the services requested, such as the shopping cart or e-billing.

The strictly necessary cookies are used to store a unique identifier to manage and identify each user as unique in relation to any other users who may be visiting the Site at that same time. The purpose is to give the user a consistent and personalized service.

Some examples include:

  • The memory of previous actions (e.g., entered text) when navigating back to a page in the same session;
  • The management and passage of security tokens for different services within a website to identify the visitor's status (for example, registered or unregistered);
  • The maintenance of tokens to use restricted areas of the website;
  • The routing of customers towards specific versions / applications of a service, as may be necessary during a technical migration process.

Performance cookies

These cookies can be Arena S.p.A.’s or partner sites’ session or persistent cookies; their use is limited to the performance and improvement of the website features. These cookies collect information on how a visitor uses the Site, such as the pages visited. These cookies do not collect information that can identify the user. All information collected by these cookies is aggregated in an anonymous form and is only used to improve the functionality of the Site.

Some examples include:

  • Web Analytics, the collected data are solely limited to the use of the website by an operator, to manage the performance and structure of the Site. These cookies may be third-party cookies, but the information will be used solely by those assigned to publishing of the visited website;
  • Tracking affiliates by Arena Online Shop partners ( - cookies are introduced by partners and used by them exclusively to know if the user  coming from another site has performed the purchase of a product or service on Arena Online Shop (;
  • Error handling - measurement of errors that occur on the Site; this function will usually support the improvement of services or claim management and will generally be strictly linked to web analytics;
  • Testing of different website page structures - Tests on variations in the structure, generally using A/B or multivariate testing, to ensure that the Site maintains a consistent aspect for users during current and subsequent sessions.

Functional cookies

These cookies can be Arena S.p.A.’s or partner sites’ session or persistent cookies. These cookies are usually the result of a user action, but they can also be implemented when providing a service not specifically requested but simply offered to users. They can also be used to prevent a previously offered and rejected service from being proposed to the same user. Furthermore, these cookies allow the Site to remember user choices (such as user name, language, country of origin, etc.). All information gathered by these cookies is anonymous and cannot track user behaviour on other websites.

Some examples include:

  • remembering the settings that a user has applied to a website such as layout, font size, preferences, colours, etc.;
  • remembering a choice so that users are no longer requested to fill out a questionnaire;
  • detecting if a service has already been offered, such as offering a tutorial during subsequent visits to the website;
  • providing information to allow access to an optional service such as the offer of a live chat session;
  • fulfilling a user request such as submitting a comment.

Third-party cookies for marketing / re-targeting

These cookies are used by Arena S.p.A.’s partners, in order to display Arena S.p.A.’s promotional banners when you are visiting other sites, showing the latest products you have viewed on the sites of Arena S.p.A.. While browsing Arena S.p.A., these cookies are also used to show products you may be interested in or any products similar to those that you have viewed in the past, based on your browsing history.

The use of these cookies does not involve the processing of personal data, but it can allow access to your computer or other devices and track the data stored: these cookies connect to the browser installed on your computer or other devices used when surfing our Site.

Below is a list of third-party cookies for marketing / re-targeting purposes on our Site:

Service Purposes Information
Blueknow Marketing
Facebook Marketing / Re-targeting / ADV
Marketing / Re-targeting / ADV / Analytics
Bing Marketing / Re-targeting / ADV
Hotjar Marketing / Performance Monitoring
Yieldify Marketing

How can I disable cookies?

Most browsers accept cookies automatically, but you can also choose not to accept them. It is recommended not to disable this function, since this may prevent you from moving freely from page to page and enjoy all the features of the Site.

If you do not want your computer to receive and store cookies, you can modify the security settings of your browser (Internet Explorer, Google Chrome, Safari, etc.). In any case, please note that certain sections of our Site can only be used to their full capacity if your browser accepts cookies; otherwise you will not be able to add products to your cart and purchase them (for example). Accordingly, your decision to remove and not accept cookies may have a negative effect when browsing our Site.

If you wish to change your cookies settings, using the settings of the various browsers: here are some brief instructions on how to do this in the four most popular browsers:

Microsoft Internet Explorer

Click the 'Tools' icon in the upper right corner and select 'Internet Options'. In the pop-up window select 'Privacy'. Here you can adjust the settings of your cookies.

Google Chrome

Click the 'wrench' icon in the upper right corner and select 'Settings'. Then select "Under the hood" and change the settings in the 'Privacy' section.

Mozilla Firefox

From the pull-down menu in the upper left corner, select 'Options'. In the pop-up window select 'Privacy'. Here you can adjust the settings of your cookies.


From the pull-down menu in the upper right corner, select 'Preferences'. Select 'Security' and from here you can adjust the settings of your cookies.

For detailed information on the necessary steps you can refer to the help guide of the browser. For an overview of the most common browsers, visit or

To learn more about cookies and how to manage or disable any third-party or marketing / re-targeting cookies, please visit

To disable analytical cookies and prevent Google Analytics from collecting your navigation data, download the browser add-on to disable Google Analytics:

Accepting or refusing cookies

When continuing to browse the Site, by closing the info banner and clicking on any area of the page, or by sliding on the page to read further contents, you are accepting the cookie policy and agreeing to what is specified in this privacy policy. You will always be entitled to delete such cookies at any time through the methods explained in the above paragraph.

Data retention time

The cookies managed by Arena S.p.A. have a duration of 3 months. The cookies managed by third parties follow the retention times specified in the respective cookies information.

Any inquiry or exercise of rights should be directed to:

The Data Controller is Arena S.p.A., Contrada Cisterna, 84/85, 62029 Tolentino (Macerata, Italy) Telephone +39 0733 956 200, fax +39 0733 974 682, E-mail: