HM Network’s Cookie Policy

This document is part of our privacy policy (available at: Privacy and Cookie Policy)

Welcome to HM Network!

We value your privacy. For this reason, we process all your personal data lawfully, fairly and in a transparent manner.

One of the ways in which we collect your data is through web ‘cookies’.

Cookies are small text files that are placed on your computer or device by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

Our website uses two main categories of cookies. The first category includes strictly necessary and performance cookies. The second category regards third party cookies.

  1. First category of cookies (Data that HM-Network collects).

HM Network collects data through this first category of cookies for three main purposes:

  1. to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site.
  2. to ensure network and information security[1].
  3. to keep track that you have read our privacy policy and you are informed about how we use our cookies.

Although the use of this kind cookies for the applicable law[2] determines the collection of your personal data, the latter is restricted to online identifiers associated with your device and its characteristics. Moreover, we do not make any attempt to find out the identities of those visiting our website. We usually analyse data collected through our cookies in aggregate form, for example, through the google analytics dashboard[3].

The use of these category of cookies on the HM Network website is limited as above exposed and justifiable by law-established legitimate interests of HM Network as described by the article 6(f) of the GDPR.[4]  In this regard, HM Network commits itself to collect and process personal data from its web cookies ‘without overriding the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child’ (GDPR, Art. 6(f)).

Moreover, because we are strongly committed to respecting your privacy, we make sure that you are free to consent to our cookies.

In this regard, when you visit our website we store our cookies on your device only if you are informed of our privacy and cookies policy and you explicitly consent to the use of our cookies through a privacy web banner.

The privacy web banner and the cookies control panel

A privacy web banner is displayed when you first access our website, when you delete our cookies from your device, and after our cookies expire (TIME TO EXPIRE). Furthermore, this web banner contains a link to our privacy and cookies policy, and a link to a ‘cookies control panel’ where you can see more details about our cookies and where you can selectively choose to activate or deactivate them. This web banner is not the only point of access to our privacy and cookies policy and cookies control panel. These can be accessed in every moment through links on our website. Thus, you will always have the possibility to modify the consent to the use of our cookies.

All cookies are ‘inactive’ by default, the only exception regards cookies that are strictly necessary for the functioning of our website and that are ‘always active’.

Finally, you can also control or limit the access of any cookies through your web browser. Moreover, to opt-out of being tracked by Google Analytics across all websites you can visit: http://tools.google.com/dlpage/gaoptout.

To find out more about cookies, including how to see what cookies has been set and how to manage and delete them, please visit: www.allaboutcookies.org.

  1. Second category of cookies (Data collected by third parties)

Our website may contain links to third-party websites and services, including those of social media platforms, partner networks and advertisers. These third-party websites and services may store on your device cookies and through them collect your personal data. We do not collect this data for ourselves and we do not have control over what data is collected and how this data is used. However, we inform you of the presence and the name of these cookies and we allow you to activate and deactivate them through the same cookies control panel described above.

You will find this category of cookies under the name of ‘Third Party Cookies’ in our cookies control panel. By default, cookies included in this category are inactive and you may need to activate them in order to allow them to be stored on your device and to start to collect your data.

Unfortunately, we do not have control over all third-party data collection practices. For this reason, we suggest you adjust the settings of your browsers and/or install plug-ins and add-ins if you wish to minimize these third-party data collections. For more information about this please read the following paragraph.

Other methods to control the use of web cookies.

You can always control or limit the access of any cookies through your web browser. Moreover, to opt-out of being tracked by Google Analytics across all websites you can visit: http://tools.google.com/dlpage/gaoptout.

Finally, to find out more about cookies, including how to see what cookies has been set for our and other websites and how to manage and delete them, please visit: www.allaboutcookies.org.


[1] GDPR, Recital 49: The processing of personal data to the extent strictly necessary and proportionate for the purposes of ensuring network and information security, i.e. the ability of a network or an information system to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services offered by, or accessible via, those networks and systems, by public authorities, by computer emergency response teams (CERTs), computer security incident response teams (CSIRTs), by providers of electronic communications networks and services and by providers of security technologies and services, constitutes a legitimate interest of the data controller concerned. This could, for example, include preventing unauthorised access to electronic communications networks and malicious code distribution and stopping ‘denial of service’ attacks and damage to computer and electronic communication systems.

[2] GDPR, Recital 30: Natural persons may be associated with online identifiers…such as internet protocol addresses, cookie identifiers or other identifiers…. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.

[3] Google, Google Analytics, 2018. Available at: https://www.google.com/analytics/#?modal_active=none 

[4] GDPR, Recital 47 also states that fraud prevention constitutes a legitimate interest. Recital 49 also states that necessary and proportionate processing for network security constitutes a legitimate interest.