This is a data protection information for the use of the website (hereinafter referred to as the “Website”) in force from 2017 MILAN ILLUSTRATIONS AGENCY S.a.r.l., with registered office in Chemin des Esserts 59, CH-1936 Verbier (VS) – Switzerland, in its quality of  data controller (hereinafter referred to as “Data Controller”) informs users pursuant to the Federal Act on Data Protection of 19 June 1992 (‘DPA’) and its ordinances  and the EU Regulation no. 679/2016 (“GDPR”) that it processes personal data provided by users by using or registering to the Website, in particular:

  • identification personal data (e.g. e-mail address, first name, last name, title, address, telephone number – hereinafter referred to as “data” or “personal data”) provided by users in case of registration to the Website (e.g. for contact requests);
  • usage personal data transmitted by the users’ Internet browser every time the Website is accessed and it saves usage personal data in protocol files known as server log files. This data includes: IP address (Internet protocol address) of the accessing computer; name of the page accessed; date and time of access; referred URL, from which the user accesses the page; amount of transferred data; status message for successfully accesses; session ID number.

Purposes of the processing

The Data Controller processes users’ personal data without prior users’ consent pursuant to the DPA and the GDPR for the following purposes:

  • to fulfil users’ requests (e.g. management of requests of contact);
  • to allow users’ registration to the Website;
  • to allow illustrators’ registration and access to the reserved area of the Website;
  • to allow illustrators’ uploads of their images on the portfolio within the reserved area;
  • to allow new illustrators submit their applications for collaboration;
  • to provide the services available through the Website (e.g. management of the registration process and access to the account, etc.);
  • for the Website technical management and its operational functions (including logistics), including solving any technical problems, statistical analysis, tests and research;
  • to prevent or uncover fraudulent activities or misuses that is damaging to the Website;

Nature of providing personal information and the consequences of the refusal

Providing personal data is voluntary and optional.

Users’ may freely decide not to provide personal data, as well as they may subsequently revoke their consent to process personal data already provided: this may prevent users from the use of the Website and from the services of the Data Controller.

Processing modalities

The processing of users’ personal data is made only if necessary and is carried out electronically by means of operations indicated in the DPA and in the GDPR and namely: collection, registration, organization, storage, consulting, processing, modification, selection, extraction, comparison, use, interconnection, access and communication, blocking, erasure and destruction of the data. Said processing operations shall be carried out through electronic and not-electronic means.

Access to data

Personal data will be processed by the Data Controller’s staff deputed to the processing of personal data (including, but not limited to):

  • employees and consultants authorized to manage the Website and supply the related services (e.g. customer services, IT department, etc.) in their quality of persons in charge of the processing and/or internal data processors and/or system administrators;
  • employees and consultants in the legal, marketing, finance, administration, and accounting and other relevant department of the Data Controller, in their quality of persons in charge of the processing and/or internal data processors;
  • third party companies (e.g. IT services providers, hosting providers, etc. such as Blubit and Mr. Andrea Testa in relation to Adwords) to which the Data Controller outsources some services involving processing operations in their quality of external data processors.

Communication of data

The Data Controller may communicate personal data to third parties in their quality of autonomous data controllers for the following reasons:

  • to permit to third companies a merger, acquisition or sale of all or part of the Data Controller assets;
  • to fulfill the obligation provided by the law, regulations, protocols and national and EU legislation;
  • to implement laws required by public Authorities;
  • to allow the defence in court, for example, in case of violations by the web-users.

Your data shall not be divulged.

Data transfer outside the EU

The Data Controller stores your data in Switzerland, compliant to the adequacy decision of the European Commission no. 2000/518 dated 26/5/2000.

Storage and deletion of data

The Data Controller stores personal data for the time necessary to achieve the purposes for which data are collected and further processed, including any retention period required under the applicable legislation (e.g. retention of accounting documentation) and, in any case, for a maximum of 24 months from the storage of the personal data.

Use of Cookies

To improve browsing on the Website, the Data Controller uses the so-called cookies. Cookies are small text files, generally made up of letters and numbers, that are saved by the users’ web browser on their PC and contain pseudo-anonymized data. Cookies permit a website to recognize the users’ computer, to trace their browsing through several pages of a website and to identify those users who return to a website.

Cookies can be technical, analytics and profiling.

The Website uses the following technical cookies:

Nome Origine Funzione Scadenza
cookieconsent_dismissed Cookie tecnico Memorizza le impostazioni di utilizzo dell’utente in relazione all’accettazione della policy sui cookies 1 mese
cookie_notice_accepted Cookie tecnico Memorizza le impostazioni di utilizzo dell’utente in relazione all’accettazione della policy sui cookies 1 mese
wordpress_test_cookie WordPress Cookie operativo utilizzato dal WordPress session
wp-settings-1  Wordpress Cookie operativo utilizzato dal WordPress session
wp-settings-time-1  Wordpress Cookie operativo utilizzato dal WordPress session
wordpress_logged_in_  Wordpress Cookie operativo utilizzato dal WordPress per memorizzare l’utenza di collegamento a WordPress session

The Website uses instruments reducing the identification impact of cookies such as “gat._anonymizelp” to ensure the anonymization of the IP addresses (so-called “IP-masking”) and Google does not match information collected with others it already avails of as indicated in its policy at the link: Data Controller informs users that they can deactivate or remove cookies in their web browser following the instructions given at the following links:

The Website uses also Analytical Cookies set by third-party providers, for example, by Google.

More precisely:

a) Google Analytics

The Data Controller uses the web analytics service Google Analytics offered by Google Inc. (“Google”), in order to analyze the usage of the Website’s pages. The information generated from cookies about users’ usage of the Website’s pages  is usually transmitted to and stored in a Google’s server located in the USA. The Data Controller utilizes Google Analytics exclusively with the extension “ga(‘set’, ‘anonymizeIp’, true)” ensuring that IP addresses are only processed as a shortened version, in order to exclude any direct reference to individual people. Google may communicate data to third parties, only in case if it is required by law or provided third parties process data on behalf of Google. Google will not disclose the users’ IP address in association with any other Google data.

Users can prevent the recording and saving of data by Google Analytics at any time by installing a browser plugin released by Google which can be downloaded at the following link:

The Website does not use profiling cookies.

Social Media Plug-ins

This Website uses social media plug-ins furnished by the most important social networks (e.g. Facebook and Twitter). When visiting the webpage the browsing data may be transferred directly to the social networks concerned, even without users’ direct interaction. Users acknowledge and agree that the operation of social networks’ plug-ins is managed directly by the company that manages the corresponding plug-in. When users use the plug-ins available through the Website (e.g. log in with their access credentials to a social network, or link their accounts, click on the Facebook “Like” or “Share” button), the users’ browser establishes a direct connection with the server of that social network, which sends the contents of the plug-in directly to the users’ browser.

The Data Controller may therefore receive data relating to users, in accordance with the social network’s terms of use and privacy policy and may add data to users’ personal data already collected through its own services. If the user opts to share information with the social networks, the Data Controller will share the data with them in accordance with the user’s preferences. To prevent those social networks from collecting the personal information of the user, please check the relevant conditions on the social network website.

Most specifically, the Website uses:

  a) Facebook

The Website uses Facebook Social Plug-ins operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). If users access Website’s pages that contain such plug-in, the users’ browser will establish a direct link with Facebook servers.

If the user is logged in to Facebook, Facebook can attribute the visit by the user to their Facebook account. If the user interacts with the plugins, e.g. by clicking on the “Like” button or posting a comment, the respective information is transmitted directly from the user’s browser to Facebook and saved there. The purpose and scope of the processing of data by Facebook, in addition to the respective user rights and setting options for the protection of their privacy, can be found in the Facebook Privacy Policy (

  b) Google “+1”

The Website uses the “+1″ interface of the social network Google Plus, which is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). If the user presses the “+1″ button, the user’s browser will establish a direct link with Google servers. The content of the “+1″ interface will be transmitted directly from Google to the user’s browser and integrated from here into the website. The purpose and scope of the processing of data by Google, in addition to the respective user rights and setting options for the protection of their privacy, can be found in the “+1” Privacy Policy (

  c) Instagram

The Website has integrated the Instagram service, provided by Instagram. The Data Controller receives no information on the content of the data transmitted and its usage by Instagram. For this reason, please refer to the Instagram data-protection clarification for further information:

 In order to prevent the providers of the respective Social Media Plug-in from collecting information about users, they can log out from the Social Media network at the beginning of their visit to the Website and delete any cookie that might exist from their browser.

 Subjects’ rights

According to the DPA and theGDPR, users have the right to obtain from the Data Controller the information about the existence of personal data referring to them and the communication in an intelligible form; the origin of personal data, the purposes and modalities of the processing; an update, correction or integration of data. Moreover, users may, at any time, revoke their consent, request the interruption of the processing, the deletion, anonymization or the block of the information being processed. Users may refuse, fully or partially, the processing: a) for legitimate reasons on the processing data concerning them; b) for the purpose of sending advertising material or for carrying out market researches or commercial communications.

Users have also the rights referred to in articles 16-21 GDPR (right of confirmation, right to be forgotten, right of processing limitation, right of data portability, right to object) and the right to complain to the Supervisor Authority.

In order to exercise the rights above and to request information, users may write to the following e-mail address or at the postal address MILAN ILLUSTRATIONS AGENCY S.a.r.l., with registered office in  Chemin des Esserts 59, CH-1936 Verbier (VS) – Switzerland or by calling the following number +0041 796798100.

In the same way, users can revoke, correct and delete data at any time.

Data Controller and Data Processor

The Data Controller of the processing of users’ data is MILAN ILLUSTRATIONS AGENCY S.a.r.l, with office in., with registered office in  Chemin des Esserts 59, CH-1936 Verbier (VS) – Switzerland. The internal Data Processor is Shefalika Marescotti. The updated list of the data processors and of the persons in charge of the processing is kept at the premise of the Data Controller.