Cookie policy

Notice to data subjects on the processing of personal data (art. 13 GDPR 2016/679)

This notice on the use of cookies on the website www.idclex.com is given to the user to comply with the General Security Measure of the Italian Data Protection Authority of 8 May 2014 “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies”;  reference is made to the document Policy Privacy  published on this website, equally drawn up in compliance with art. 13 of EU Regulation 2016/679, to appoint Data Controller, Data Protection Officer, methods and purposes of processing, transfer of data and rights of the data subjects.

WHAT ARE COOKIES?

Cookies are small text files that the website may send, during navigation, to the device concerned, be it a computer, notebook, smartphone, tablet, etc.; cookies are normally stored directly on the browser used to navigate. The same website that sent them can then read and register the cookies that are found on the same device to obtain information of various type.  

Cookies are used for different purposes: performance of IT authentication, monitoring of sessions, storage of information on specific configurations regarding the users accessing the server, etc. Additional information on cookies is available on www.allaboutcookies.org .

WHY DO WE USE COOKIES?

This internet site may use cookies for different reasons. In some parts of our site, cookies are essential and without them some of our services cannot be requested.

We are constantly seeking new ways to improve our website and to make the knowledge of our services easier. Therefore, it is important for us to understand how our website is used. 

HOW MANY TYPES OF COOKIES ARE THERE?

There are two fundamental macro categories with different characteristics: technical cookies and third parties’ cookies. Technical cookies are generally necessary for the proper functioning of the website and to enable browsing; without them it may happen that some pages are not displayed correctly or some services are not available.  For example, a technical cookie is indispensable to keep the user connected during the entire visit of a website or to store the settings of language, visualization and so on. 

Technical cookies can be further subdivided into:

  • navigation or session cookies that ensure standard navigation and use of the website;
  • feature cookies that allow the users to navigate according to a series of selected criteria (e.g. language, the products selected for buying) with the aim of improving the service provided to users;
  • analytical cookies, comparable to technical cookies and used directly by the website manager to gather aggregated information about the number of users and how they visit the website.

Technical cookies may also be provided by third parties (referred to as “third-party cookies”) and may correspond to all the types given above, they may be managed in aggregated and anonymous form or in a form enabling the identification of website visitors, including if occasional. 

Finally, there are also profiling cookies that have the purpose of profiling users and are used to send advertising messages in line with the preferences shown by the same during browsing.

WHAT COOKIES DOES THIS WEBSITE USE?

This website uses technical cookies, director of third parties, aimed at ensuring the proper functioning of the website without which browsing would not be possible. The above-described cookies are all gathered and analysed in aggregate and anonymous form. Instead, the use of profiling cookies is excluded. 

SOCIAL NETWORK COOKIES

They are cookies that enable the user profile present on social networks to interact with this website. These cookies are not indispensable for the functioning of this internet site. 

The most common use of such cookies is to facilitate the sharing of content. 

The management of the information collected from “third parties” is governed by the relevant policies that may be checked on social networks themselves.  

Support in istitutional relations

  • For managing relations with administrative bodies(Authority for the Protection of Personal Data, Competition and Market Authority, Institute for Insurance Supervision)
  • For the establishment and authorization of undertakings to carry out insurance activities in the Italian Republic
  • To European under takings for the process of notifying the Institute for Insurance Supervision of their intention to operate in the Italian Republic
  • For the establishment of intermediaries based in Italy and their authorization to perform the brokerage activity in the Italian Republic
  • For the process for European intermediaries of notifying the Institute for Insurance Supervision of their intention to operate in the Italian Republic

Documents, processes and compliance check

  • Drafting and revising information sets for life and non-life products
  • Drafting reporting agreements under art. 107, clause 3 of Legislative Decree 209/2005
  • Drafting horizontal cooperation agreements under Art.22, clause 10 of Legislative Decree 179/2012 converted by law 221/2012
  • Planning sales methods with remote communication techniques and compliance check of web portals, processes, scripts for telephone operators
  • Planning sales methods for instant insurance
  • Drafting ad hoc procedures for the POG under Art. 30 decies of Legislative Decree 209/2005 and IVASS regulation 45/2020

Advertising, consumer rights, privacy and data protection

  • Issues relating to advertising communication law
  • Planning prize events in accordance with Presidential Decree 430/2001
  • Issues relating to civil, insurance and consumer law regarding the activities of undertakings operating inItaly under the rules on establishment or under the freedom to provide services
  • Civil, insurance and consumer law issues relating to distribution and broker agenet works

Artificial Intelligence

  • Consulting and general training for compliance with EU Regulation 2024/1689 (AI ACT)
  • Obligations for AI users: support for conducting fundamental rights impact assessments and meeting transparency requirements for limited risk AI systems.
  • Obligations for AI providers: consulting to meet governance and data quality requirements, drafting technical documentation, and assessing IT security requirements.
  • Obligations for importers of AI: Verification of compliance of the high risk AI system.
  • Obligations for AI distributors: assessment of AI system compliance, implementation of corrective actions where necessary.
  • Consulting for the certification of artificial intelligence management systems according to ISO42001.

Cybersecurity

  • Compliance Regulation 38/2018 IVASS
  • Rulo CISO (Chief Information Security Officer) outsourcing
  • Training
  • Advice on the implementation of EIOPA guidelines on security and governance of information and communication technology
  • Conducting security testing, vulnerability assessment and penetration testing to assess the security posture with regard to quantifying cyber insurance policy premiums of insurance company client organisations
  • Advice on obtaining ISO27001, ISO22301 and other international standards focused on data protection and information security
  • Consulting for the drafting of Business Continuity plans
  • Consulting on the application of the TIBER-IT framework for conducting advanced cybersecurity testing.
  • Compliance DORA Regulation on Operational Digital Resilience.
  • Risk analysis of ICT suppliers

Privacy

  • Compliance EU Regulation 2016/679 (GDPR)
  • Consulting for compliance with Italian data protection regulations (Legislative Decree 196/2003)
  • DPO (Data Protection Officer) role in outsourcing
  • Training
  • Compliance with the Privacy Guarantor Order on System Administrators’ Logs
  • Compliance with the Italian Data Protection Authority’s provision on cookie management
  • Conducting impact assessments for data processing using new technologies
  • Compliance management in the insurance chain
  • Data processing in tender notices of insurance companies awarded contracts
  • Subjective role of privacy in bancassurance
  • Processing of health data in the context of life insurance policies and claims management
  • Processing of data of third party beneficiaries of life insurance policies
  • Processing of judicial data in the context of checks carried out by the anti-money laundering function
  • Privacy impact assessment of usage-based insurance policies
  • Regulating data protection in the use of Artificial Intelligence in the insurance value chain (IVASS and EIOPA guidelines):
    • predictive models of disease development patterns (design and development of insurance products);
    • advanced risk assessments that combine traditional and new data sources (including IoT data);
    • Price optimisation: microtarget/individualised pricing based on individual non-risk behavioural data;
    • virtual assistants and chatbots using natural language processing (NLP) and insurance semantics to support customer communication;
    • Advanced fraud analysis: complaint scoring, anomaly detection, social network analysis and behavioural patterns;
    • Automated segmentation of claims by type and complexity and automated verification of invoices and payment process.
  • Compliance in the design and development of insurance apps in the Insurtech sector
  • Data protection in the insurance agent network
  • Data protection in the network of insurance adjusters
  • Turnkey privacy compliance for Insurtech start-ups