Personal data processing policy

Candy Hoover Group informs you that this site uses cookies to make browsing easier and that the personal data acquired through these tools will be processed in compliance with the personal data protection law. With reference to this type of personal data processing, pursuant to article 13 of EU Regulation No. 679/2016, the Controller provides the following information:

1. Types of data collected, purposes, legal basis of the processing and storage period of data

What are cookies?

Cookies are short strings of texts sites the user visits send to his/her terminal (usually to the browser), where they are saved to be sent back to the same sites the next time the user visits them.

Strictly necessary, functional, performance cookies and analytical cookies with limited identification potential.

Strictly necessary cookies are used for the sole purpose of transmission of communications over an electronic communications network, or as strictly necessary to the service provider of a company of the information explicitly requested by the subscriber or user to provide the service. On the other hand, analytical cookies are used to analyse and measure the use of the website by users. Analytical cookies are similar to strictly necessary cookies when used directly by the website manager to collect aggregate information on the number of users and how they visit the site. The legal basis that legitimises the processing of personal data for this purpose is to be found in the cases provided for in Article 6, paragraph 1, lett. b) of the EU Regulation No. 679/2016, or to allow the user to use the requested service.

First-party and third-party profiling cookies (for targeted advertising, social media, etc.).

Profiling cookies are designed to create user profiles and are used to send advertising messages that match the preferences shown by the user while browsing the Internet. This sort of processing will in no case result in discrimination or negative effects on the data subject. This process also enables the Controller to evaluate his services, and allows him to improve them by making them more efficient and usable by third parties. The legal basis that legitimises the processing of personal data for this purpose is to be found in the cases provided for in Article 6, paragraph 1, lett. a) of the EU Regulation No. 679/2016, or because the user has given his consent to the installation of profiling cookies.

The cookies used by this site are:

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Cookie Subgroup


Cookies used


GCLB, JSESSIONID, OptanonAlertBoxClosed, OptanonConsent

First Party

364 Days, Session, 364 Days, Session


Third Party

Session, Session

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Cookie Subgroup


Cookies used


_gid, _ga

First Party


Functional Cookies

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Cookie Subgroup


Cookies used



First Party

365 Days

_sn_n, SNS

Third Party

365 Days, Session

Disabling cookies.

All modern browsers allow users to decide whether to block the installation of cookies on their terminal and to delete any already installed. This also applies to cookies installed as a result of browsing this site. Blocking the installation of cookies, or deleting them could make browsing our site difficult or even impossible.

Below are links to instructions for disabling the installation of cookies in the most modern browsers:

In addition to the foregoing, the Controller informs the User that he can use Your Online Choices. Through this service it is possible to manage the tracking preferences of most advertising tools. The Controller, therefore, recommends using this resource in addition to the information provided in this document.

2. Storage period of data

The cookies installed through our site are temporary and are automatically deleted at the expiry date indicated in this personal data processing policy. The data collected will be stored in accordance with the provisions of this policy or, for third-party cookies, the respective privacy policies.

3. Processing methods

The personal data collected will be processed and stored with electronic tools both on computer and on hard copy, organised in a database, and on any other type of suitable media.

Specific security measures are taken to prevent the loss or unlawful or improper use of your data, as well as unauthorised access to them.

The processing of personal data carried out by the Data Controller does not involve automated decision-making processes.

4. Provision of personal data

The provision of browsing data is necessary for the supply of the requested service (browsing the site) and therefore required for this purpose: failure to communicate personal data by the data subject will make it impossible to allow browsing of this site. The provision of data for further purposes is optional: in such cases, failure to provide your data will have no consequences for the data subject. The installation of strictly necessary and analytical cookies is optional (it can be prevented through the browser settings), but could make the site or some of its services unusable.

5. Entities to whom personal data may be disclosed

The personal data collected will not be diffused and may be disclosed, not only to entities who have the right and interest to access your personal data by law or by secondary and / or community regulations, to internal staff of the Data Controller, but also to companies, associations or professional firms that provide services or perform tasks on behalf of the Data Controller as Data Processors for the fulfilment of legal obligations, as well as for any organizational and administrative purposes required for providing the requested services.

The names of the other entities who may become aware of your personal data as Processors are on an updated list obtainable from the Data Controller (to be requested at the addresses provided in point 9).

6. Transfer of data abroad or to international organizations

The personal data of data subjects collected through browsing or using the services on this site shall not be transferred abroad or to international organizations by the Controller.

7. Link to third-party sites or services

This notice is provided only for personal data processing carried out through this site or the tools provided by it, and not for other websites that may be visited by the user through a link, whose managers operate as independent data controllers. Before accessing third-party services, users are therefore invited to carefully read their privacy policies.

8. Rights of the data subject

In relation to the aforementioned personal data processing, the data subject has the right at any time to exercise the rights provided for by EU Regulation No. 679/2016, including, for example, to know:

- the source of the personal data;

- the purposes and methods of the processing;

- the logic applied in the event electronic instruments are utilised for processing;

- identifying details on the Controller, processors and the designated representative.

The data subject has the right to obtain:

- access, update, rectification or, when interested, completion of incomplete data;

- erasure, transformation into anonymous form or blocking of data processed against the law;

- restriction of processing of his or her personal data, i.e. to ask the Controller or processor to limit the purposes or the ways in which his or her data are processed.

The data subject may also request a copy of his or her data in standard format (the so-called right to data portability).

Finally, the data subject has the right to object at any time and at no cost, in whole or in part:

- for legitimate reasons, to the processing of his or her personal data, even if pertinent to the purpose of collection;

- to the processing of his or her personal data carried out pursuant to article 6, paragraph 1 of the GDPR, letters e. (“the processing is necessary for the performance of a task carried out in the public interest or connected to the exercise of public authority vested in the data controller”) or f. (“the processing is necessary for the pursuit of the legitimate interest of the data controller or third parties”) including profiling based on such provisions;

- to the processing of his or her personal data where it is carried out for the purpose of sending advertising or direct sales materials or for conducting market or commercial communication surveys (direct marketing), including profiling to the extent in which it is connected.

The data subject has the right to withdraw his consent to processing, when this is based on the case provided for by Art. 6, paragraph 1, letter a. (when “the data subject has given consent to the processing of his personal data for one or more specific purposes”), or by article 9, paragraph 2, letter a. (when “the data subject has given his explicit consent to the processing of such personal data for one or more specific purposes”) of EU Regulation 679/2016, at any time without prejudice to the lawfulness of the processing based on the consent given before withdrawal.

If the data subject believes that the processing of his or her personal data violates the legislation in force, he/she has the right to lodge a complaint with a supervisory authority, particularly in the Member State in which he/she habitually resides, works or in the place where the alleged violation took place. The Italian supervisory authority can be reached at the addresses shown on his website.

9. Data Controller and Data Protection Officer - Contact info

The data controller is Candy Hoover Group S.r.l., with registered office in Via Comolli, 16 - 20861 Brugherio (MB), Tax ID 04666310158, in the person of its legal representative in office. The Company can also be contacted at the email address and at the certified email address

To exercise the rights listed above, the data subject may send a request using the e-mail address or by contacting the Data Protection Officer at

10. Data Protection Officer

The Data Controller has appointed a Data Protection Officer who can be contacted in a secure and confidential manner, at any time, if you have general questions on the processing of your personal data, or for any matter relating to data protection. The email address of the Data Protection Officer is: