Privacy policy and use of cookies

regarding the website and the app Wellmade

Update to EU Regulation 2016/679
(General Data Protection Regulation GDPR)


Date of last update: 20 april 2021

Your privacy is important to us. That’s why this Privacy Policy is intended to provide a) information on how Wellmade processes your personal data, and b) indications on the methods, timing and nature of the information that each Data Controller must provide to users when connecting to web pages, regardless of the purpose of the link.

Please read the following and, if you do not agree with the content of this document, we ask you not to register and not to use our service.

We wish to inform you that any personal data you provide will be subject to processing in line with EU Regulation No. 2016/679 (hereinafter “GDPR”) and under the following terms:


1 – The data controller

In accessing and browsing the Wellmade website (, hereinafter “the Website”), data referrring to identified or identifiable natural persons may be processed. The Data Controller is Fondazione Cologni dei Mestieri d’Arte (referred to in the remainder of this document as the “Data Controller”), registered in the companies register in Milan, under the Administrative and Economic Index (REA) no. 1660303, Tax Code/VAT number 97155080159/12788720154 with registered office in Via Lovanio no. 5, 20121 Milano (MI) –

2 – Location of the data processing

Data processing related to the Website services is carried out at the registered office of Fondazione Cologni dei Mestieri d’Arte (address above) by designated technical staff, or by personnel carrying out temporary maintenance activities. Personal data provided by users who request information (e.g. newsletters, etc.) are processed for the sole purpose of carrying out the requested service or activity.

3 – Purpose of data processing

Data and information obtained or collected by Wellmade will be used and processed for non-commercial purposes, for example:

a) managing the user subscription process;
b) processing and handling the publication of reviews, editorial contents, data sheets of artisans, expert ambassadors of made in Italy products and circuits of craftsmen, sending legal or technical messages and other related information;
c) to communicate and promote activities also through social media channels;
d) handling surveys and polls to improve our service and the service offered by the Portal;
e) solving potential complaints, claims and disputes with our users and ensure that our rights towards third parties are respected;
f) to locate and prevent fraud, conducting inquiries and assessing risks, checking the identification data provided by users and performing controls;
g) complying with any legal obligations.

Moreover, Fondazione Cologni will use and process the user’s personal data for the following additional non-commercial purposes:

a) to forward the user the monthly newsletter of the Foundation;
b) to send communications, information and invitations related to the initiatives and events organized by Fondazione Cologni dei Mestieri d’Arte or its partners;
c) to send envelopes and parcels, on the base of specific requests communicated by the user.

4 – Legal basis

The legal basis of this Privacy Policy is founded on article 6 para. 1 lett. a) of the GDPR.
More exactly, the above-mentioned article refers to the express consent of the User, i.e. the expression of free, specific, and informed will with which the User expresses his/her consent so that his/her personal data be processed.

5 – Field of application

The management procedures, below, refer to this Website, regarding the processing of personal data of users who consult it and who interact with the services and web pages accessible electronically from the address corresponding to the homepage of the Website.

The information is provided exclusively in relation to the Website and its parts. This is not extendable to other websites or pages not belonging to the Website itself (including those accessible by the user also through direct links from this Website).

6 – Disclosure of personal information

Wellmade does not disclose your personal data to third parties. For specific initiatives which form part of particular projects, such as – by way of example but not limited to – contests, promotional projects, events, creation of lists of specialists or similar initiatives, we will expressly request your authorisation to provide your data to third parties, specifying in each case the legal basis for processing the data in this way.

We may collate all our users’ personal information and provide it in an aggregate and anonymised form to third parties, such as – for example – advertising agencies, in line with specific agreements for marketing and promoting the Fondazione Cologni dei Mestieri d’Arte and its projects. In this scenario, this information will be transferred so that:

– No third parties can identify individual users;
– Only data which is necessary to carry out the requested services is processed;
– No third parties can share the aggregate data obtained.

We may share personal information with third parties entrusted by Wellmade to provide technical maintenance or event management services. In this case, we will ask these third parties to only use this information to provide these specific services to Wellmade.

We may share information as part of a change in the company structure, for example dissolution, merger, consolidation or sale of the company’s assets, or in the unlikely event of insolvency.

Data may be used to establish responsibility for any potential cyber offences or damages to the Website, only upon the request of the appropriate supervisory bodies.

7 – Types of data processed

a) Special Categories of Personal Data (previously known as sensitive data)
Wellmade does not process special categories of personal data.

b) Navigation data
During the normal course of operation, the IT systems and software procedures required for the functioning of the Website may acquire personal data whose transmission is implicit in the use of internet communication protocols.
This information is not collected in order to identify users, but by its nature it may allow, through elaboration and association with data detained by third parties, the identification of the users. The following are included in this category of data:

• Computer IP addresses or domain names used by users accessing the website;
• Uniform Resource Identifier of the resources requested;
• Time of request;
• Method used to make the request to the server;
• Size of the file obtained in response;
• The numerical code indicating the response status from the server (‘success’ or ‘error’, etc.) and other parameters relating to the operating system and IT environment of the user.

This data is only used to obtain anonymous statistics about the Website usage, and to check that it is functioning correctly.

c) Data voluntarily provided by users
The voluntary, express and optional sending of email to the addresses listed on the Website involves the subsequent acquisition of the sender’s address to facilitate a reply, and any other personal data and information included in the email content.

d) Data voluntarily provided by registered users
Upon user registration, we will collect personal information such as name, email address, postal address, telephone number, username, password and an identifying profile image via the relevant form. Apart from the username and profile image, no other personal information will be visible to other users of the Website.

Registered users are authorised to add new content, which may be publicly visible to all users visiting the relevant section of the Website: for example, reviews of artisans and their products and services. The user declares to be fully responsible for publishing new content, and to possess all relevant rights to publish it. If false, incorrect or inappropriate content is published, the Data Controller reserves the right to approve, refuse or delete the publication of such content at its sole discretion. The Data Controller is not liable in any way for the content of published reviews, leaving all responsibility to the user, whether or not the author of the content.

If the data provided belong to third parties, the user will ensure that these third parties have been informed of the contents of this Privacy Policy and that the user has received prior authorisation to send this data to the Data Controller for the purposes indicated.

e) Data voluntarily provided by registered Artisans
If the user chooses to register on the Website as an Artisan, he/she accepts the data processing terms and conditions as per the previous point, which apply to all registered users.

The users also declare to be fully responsible for the images and texts uploaded on their personal profile pages, which will be publicly visible to all website visitors subject to prior approval by the Data Controller, which is non-contestable. They accept that this content may be used by the Data Controller on various online and offline platforms to promote the Wellmade project or to describe the Artisan’s activities. If any uploaded content belongs to third parties, the Artisan will ensure that these third parties have been informed of the contents of this Privacy Policy, and that the Artisan has received prior authorisation to provide this information to the Data Controller for the described purposes. Artisans will keep the Data Controller harmless of any responsibility for the use of this content.
Artisans agree to communicate any change in their personal, contact or service details shown on their personal profile page, to ensure that any information is correct for website users. The Data Controller cannot be held responsible if the Artisans do not update their data. The Data Controller reserves the right to change the public content present on the Artisans’ personal profile page, subject to their prior approval.
The Artisans agree to receive reviews on their personal profile page written by other users registered on the Website, which will be publicly visible by all Website visitors. The Artisans have the right to ask the Data Controller to remove or correct such reviews where they deem them inappropriate, untruthful or incorrect. The Data Controller agrees to consider such request and to protect the professional and personal profile of the Artisans (within the limits of their role and excluding any legal proceedings). If the Data Controller deems it necessary, it may verify the information published by the users but cannot guarantee to the Artisans that such information will actually be removed or corrected. The final decision rests with the Data Controller and is non-ebatable.

8 – Processing methods and security measures

Personal data are processed with automated tools for the time strictly necessary to carry out the purposes for which they have been collected.

Specific security measures are in place to prevent unauthorised or unlawful processing, accidental disclosure, destruction, damage or loss of data, and illicit/incorrect use or unauthorised access. Data processing is carried out in adherence to article 32 of the GDPR in relation to security measures, possibly also by specially appointed and trained collaborators in accordance with the provisions of Article 29 of the GDPR.

The Data Controller will use safety technologies and procedures to ensure that personal data are protected. This is carried out via requesting individual credentials which are held exclusively by the Fondazione Cologni dei Mestieri d’Arte staff authorised to access the confidential data. Fondazione Cologni dei Mestieri d’Arte will use devices which are continuously updated to ensure the security of personal data processing and storage.

Whilst all possible organisational and technical measures are adopted, it is not possible to absolutely guarantee complete data security.

9 – Data storage methods and timescales

Collected personal data is stored in electronic databases by Fondazione Cologni dei Mestieri d’Arte. The data are physically present on a server located in the Fondazione Cologni dei Mestieri d’Arte offices and it is backed-up on an external NAS (Network Attached Storage) connected to the Fondazione Cologni dei Mestieri d’Arte offices, whose function is to allow users to access and share mass memory.

Paper copies of some documents are filed in folders kept in the internal archives of the Fondazione Cologni dei Mestieri d’Arte. Access to the electronic databases and the paper-based archives is regulated via specific access limitations.

Data will be stored for the time necessary to fulfil the purposes for which it was collected, and in any case in adherence to the current legislation in force.

10 – Rights of interested parties

At any time, the User may exercise the right to request the Data Controller access to the User’s personal data (art. 15 GDPR) and their rectification (art. 16 GDPR) or erasure (art. 17 GDPR) or the restriction of the processing that concerns his/her data (art. 18 GDPR), to object to their processing (art. 21 GDPR), in addition to the data portability right (art. 20 GDPR) and to lodge a complaint with the Privacy Authority. Te user can exercise his/her rights with a written request sent to the above contact details.

For more information and any requests relating to the upholding of Wellmade’s Data Protection Policy, as well as your data deletion, please contact us via email at



On this page, the Data Controller provides the Website users (hereinafter “the Website”) with information about the cookies used and/or proposed for storage.

Under the terms of art. 6 and 7 of the GDPR, as well as in accordance with the provisions of Measure no. 229 of May 8, 2014 issued by the Guarantor for the protection of personal data, this Cookie Policy is illustrated so as to be used as extended information.

This extended information on the use of cookies must be acknowledged having read the privacy policy, pursuant to art. 13 and 14 of the GDPR above (and in any case available in the specific section “privacy and cookies” on the Website, in the footer of the home page).

The purpose of this cookie policy is also to describe the elements required by law, to describe the characteristics and purposes of the cookies installed by the Website.

1 – Cookies

Cookies are small text strings which are sent to the user’s terminal (usually their browser) by websites they visit. They are stored on the user terminal and then re-transmitted to the websites in the subsequent visits made by the user to the same websites. While browsing a website, users may receive cookies from other websites or web servers, known as ‘third party’ cookies. That occurs because the visited website may contain elements such as images, maps, audio files, or links to single web pages on different domains, which are located on servers different from those where the visited page is stored.

Cookies are usually present in substantial numbers on each user’s browser and are sometimes stored for a long period of time. They are used for various purposes such as IT authentication, monitoring browsing sessions, and memorizing specific information on the user’s configuration of his/her access to a particular server, and so forth. To appropriately regulate such devices, it is necessary to distinguish them by considering their users’ purposes, as there are no technical characteristics which allow to diufferentiate among them. This actually is the approach adopted by the Italian Parliament, which has set out the obligation to obtain from users their informed consent to install cookies for purposes other than those having a purely technical nature, as per EC Directive no. 136/2009. In such perspective and for the purposes of this decision, cookies may be categorised into two main groups: “technical” cookies and “profiling” cookies.

a) Technical cookies
Technical cookies are used exclusively to carry out communications on an electronic network, or those strictly necessary for a company providing IT services which have been expressly requested by a contracting party or user. They are not used for other purposes and are usually directly installed by the data processer or the web manager (or webmaster). They may be grouped as follows:

Browser or session cookies – they allow users to browse and use a website (for example to make purchases online or use credentials to access particular sections);
Analytical cookies – they are considered equivalent to technical cookies as long as they are used directly by the webmaster to gather aggregated information about the number of visitors and the pattern of the website visits;
Functional cookies – they allow users to browse within pre-determined criteria, such as language or products to purchase in order to improve the quality of the service. It is not necessary to obtain prior consent from users to install these cookies.

b) Profiling cookies
Profiling cookies aim at creating a the user’s profile. They are used to send advertising messages which adhere to the preferences shown by the user while browsing. In light of the highly invasive nature of these cookies on the user’s private sphere, Italian and European legislation orders the users to be appropriately informed about their use so as to provide their valid consent.

2 – Types of cookie used by the website

a) Proprietary statistical cookies: they help the owners of the website to understand how users interact with the website, collecting and transmitting information in an anonymous form. Specifically:

_ga HTML 2 years
First URL found:
Description of the cookies’ purpose: Recording a unique ID used to general statistical data on how the visitor uses the website.Initialiser
Initialiser: Script tag, page and source line number: 770.
Data sent to: United States (adequate)
Prior consent enabled: No


_gat HTML Session
First URL found:
Description of the cookies’ purpose: Used by Google Analytics to limit the frequency of requests
Initialiser: Script tag, page and line number: 770.
Data sent to: United States (adequate)
Prior consent enabled: No


_gid HTML Session
First URL found:
Description of the cookies’ purpose: Recording a unique ID used to generate statistical data on how the visitor uses the website.
Initialiser: Script tag, page and line number: 770.
Data sent to: United States (adequate)
Prior consent enabled: No


b) Third party statistical cookies:

collect Pixel Session
First URL found:
Description of the cookies’ purpose: unclassified
Initialiser: Webserver
Data sent to: Italy (adequate)
Prior consent enabled: No

Google Analytics

This is a web analysis service provided by Google Inc. (‘Google’) which uses cookies stored on user terminals for statistical analysis on website usage in aggregate form (control of access, visits, events, actions and studies of user browsing routes on the website). Such information is collected by Google Analytics, who process it to create reports for the website owners about the activities on their websites. This website does not use (and does not allow third parties to use) Google analysis tool to monitor or collect personal identification information.
In fact, this Website applies the mechanism provided by Google analytics to render all users’ IP addresses anonymous.
This mechanism operates by masking a part of the IP address at the moment it is obtained by the proprietary website, deactivating all the settings for sharing data with Google. In this way, the information collected is anonymous and only used for the Google Analytics service to allow the Fondazione Cologni dei Mestieri d’Arte to carry out internal statistical analysis, useful for optimising the Website and the services offered. In any case, Google offers the possibility for visitors who do not want their browser data to be sent to Google Analytics, to selectively deactivate such option, installing the ‘opt-out’ component provided by Google on their browser (see

Data generated by Google Analytics are stored by Google using the methodology laid out here:

Google Inc’s Privacy Policy as an autonomous data processer for the Google Analytics service is available here:

c) Unclassified cookies: they are cookies which are in a classification phase, together with the providers of individual cookies.

concretes HTTP Session
First URL found:
Description of the cookies’ purpose: unclassified
Initialiser: Script tag, page and line number: 770.
Data sent to: United States (adequate)
Prior consent enabled: No

3 – Third party links

The Website may include “buttons” which allow visiting users to navigate to and interact directly with social networks in one click, such as Facebook or Instagram. Such social networks may, in turn, request personal data from users. These websites have their own Privacy Policies and conditions of use, which we recommend users to read when visiting third party websites, as they may be very different from this Policy. Fondazione Cologni dei Mestieri d’Arte is not liable for the collection or use of information carried out by third party websites.

4 – Disabling cookies

Browser settings may be adjusted to limit, block or eliminate cookies. The process varies slightly according to the type of browser used. For detailed instructions, click on the link relating to the relevant browser below:
– Further information on disabling cookies on Mozilla Firefox;
– Further information on disabling cookies on Chrome;
– Further information on disabling cookies on Internet Explorer;
– Further information on disabling cookies on Safari;
– Further information on disabling cookies on Opera;
– Further information on disabling cookies on Microsoft Edge.

Some sections of the website are only accessible by enabling cookies. Disabling them may mean that the user cannot access anymore some of the content or fully experience the functioning of the website.

5 – Consent

Using this Website, the users give their consent to the processing of their data and the use of cookies, in line with the terms and conditions of this Privacy Policy. If the users do not intend to give their consent to such processing, they must immediately cease browsing the Website. Continuing to navigate the Website is for all intents equivalent to providing the consent.