INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA
Italtel S.p.A. with registered office at Viale L. Schiavonetti, 270/F, 00173 Rome, in its capacity of Data Controller (hereinafter referred to as “ITALTEL” or the “Data Controller”), pursuant to Art. 13 and 14 of the Regulation (EU) 2016/679 (“GDPR”) wishes to inform you of the following.
CATEGORIES AND SOURCE OF PERSONAL DATA
ITALTEL processes your personal data as you are the legal representative, attorney and/or interface designated by the Client company in the management of contractual relationships between the customer and ITALTEL, or other companies of the Italtel Group.
Your personal data are made up of common data such as name, digital and telephone details, the role/responsibility held by you within the Client company, together with the economic and financial data, company name, registered offices, and bank details of the Client company.
The aforementioned personal data have been collected from you or have been provided by your employer or, in any case, by the Client company on behalf of which you operate and perform your activity.
PURPOSES OF THE PROCESSING
Your personal data may be processed for the following purposes:
- execution of the contractual relationship between ITALTEL and the Client company of which you are the interface designated and/or the legal representative or the attorney; such a contract can be, without limitation, a sale, services, licensing, maintenance contract, etc.;
- execution of related managerial, administrative and accounting obligations;
- fulfilment of legal obligations;
- promotion of new products similar to those already sold by the Data Controller, by sending promotional brochures, informative material, invitations to symposia, special events, conferences, seminars, workshops, etc.;
- market research prior to the development of new products/services similar to those already sold by the Data Controller and the identification and evaluation of the needs of the market (e.g. by filling in questionnaires) in relation to the market sector in which the Data Controller operates;
- information security;
- any defence needs.
LEGAL BASIS FOR THE PROCESSING
The legal basis for the processing is the fulfilment of contractual obligations between the parties, the related legal obligations, the legitimate interests of the Data Controller and the consent of the data subject.
The legitimate interest is established by security and defence needs of the Data Controller. You can always object to the processing carried out for the legitimate interests of Data Controller.
The Data Controller, in the event of exercising the right to object by the data subject, refrains from further processing of personal data unless he/she demonstrates compelling legitimate reasons for the processing that overrides the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
For the purpose of direct marketing of products and services similar to those that ITALTEL has already sold you, your prior consent for the use of your e-mail previously issued is not necessary but you can withdraw consent at any time, easily and freely rejecting such use, for example, using the links for the opt-out option included in each commercial communication.
PROCESSING METHODS AND DATA RETENTION
The processing will be performed using manual and/or automated means that are appropriate to ensure data security and confidentiality strictly related to the purposes of the processing.
Your data are stored for ten years starting from the termination of the contractual relationship, or until the expiration term of the rights that you or the Client company which has relations with ITALTEL could claim and, in case of legal action in progress, until the conclusion of all judicial levels of any process.
NATURE OF THE PROCESSING
Data provision is optional but necessary for the execution of the contractual relationship and, in particular, to fulfil the contractual obligations and any related administrative and accounting obligations.
TRANSFER OF PERSONAL DATA
The data of the Client company and, where necessary, your personal data can be disclosed to:
- auditing company for legal tax and accounting obligations;
- suppliers of products and services for the execution of the contractual relationship or for related obligations;
- public subjects and other customers for confirming the technical and professional requirements limited to the data concerning the economic activity ;
- public administration and public entities for complying with the law;
- banking institutions and insurance companies for the participation in tenders;
- third parties to ensure the exercise of the right of defence (law firms) or judicial authorities, in compliance with their orders.
The above subjects will operate as autonomous Data Controllers (e.g. public entities), or as Data Processors. The concerned data may be disclosed to other parties only if necessary for purposes of prevention, detection or repression of crime, in compliance with the applicable regulations.
TRANSFER OF PERSONAL DATA OUTSIDE THE EU
Some of your personal data may also be disclosed to other companies belonging to Italtel Group, abroad including extra-EU countries for the purpose of contract implementation or promotional purposes, or to agents or promoters for promotional purposes.
The transfer will be done in relation to countries with an adequate level of protection recognised by a decision of the European Commission, or in the presence of the conditions provided for by Art. 46 of the GDPR of appropriate safeguards, including but not limited to, standard contractual clauses, binding corporate rules, adherence to codes of conduct or certification systems and, in any case, in compliance with Chapter V of GDPR.
All extra-EU countries in which there are companies of the ITALTEL Group where your data could be transferred are listed on the www.italtel.com website, while the updated list of countries having personal data protection legislation considered adequate by the European Commission is accessible from the official website of the Italian Data Protection Authority on this link https://www.gpdp.it/temi/trasferimento-di-dati-all-estero.
In addition, ITALTEL may adhere to its industry’s Codes of conduct or to the certification mechanisms that would enable the transfer of data outside the EU in accordance with Art. 46 of the GDPR and, in this case, will also give the proper information through its own website.
DATA SUBJECTS’ RIGHTS
At any time, you may exercise your rights towards the Data Controller referred to Chapter III of the GDPR, such as the right of access, rectification, integration, erasure, restriction of processing, portability and the right to object in presence of legal conditions.
The right to object (opt-out) the processing for direct marketing can be invoked at any time.
In order to assert your rights, you shall send a communication to the registered office of ITALTEL by specifying “Privacy” in the subject. Alternatively, such communication can be sent to the e-mail address firstname.lastname@example.org, or by contacting the Data Protection Officer (DPO) by sending an e-mail to email@example.com. In the same manner, you can request the list of Data Processors.
Finally, please remember that you may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).
Rome, 14 April 2022