Italtel S.p.A. is particularly attentive to the aspects concerning the privacy of visitors to our own Web site www.italtel.com (hereinafter also referred to as “interested parties”). Through this page we intend to describe the management of the Internet site with reference to the processing of user’s personal data.Pursuant to Art. 13 and 14 of the Regulation (EU) 2016/679 (hereinafter “the Regulation” or “GDPR”), we wish to inform the users about the manner and purposes of processing the personal data of those who access and consult the Web site of Italtel, accessible via the Internet from the following address: http://www.italtel.com.
This Policy takes into account the regulations of the sector on the national and European level, with particular reference to:
- Recommendation No. 2/2001 of the Group Art. 29, relating to the minimum requirements for online data collection in the EU
- Directive 2009/136/EC, amending Directive 2002/58/EC (CD E-Privacy directive) concerning the processing of personal data and the protection of privacy in the electronic communications sector
Regarding the fruition of specific services by users, we will provide particular information as requested and where necessary with the specific consent to the processing of their personal data.
The Data Controller of the data processing and the Data Protection Officer (DPO)
The Data Controller of the processing of personal data is ITALTEL S.p.A., an Italtel Group company with a registered office in Settimo Milanese (MI), loc. Castelletto, Via Reiss Romoli snc. (the “Holder” or “ITALTEL”).
Pursuant to Art. 37 of the Regulation, ITALTEL has appointed the Data Protection Officer (DPO) , who can be reached at email@example.com.
PLACE OF THE DATA PROCESSING
The processing of personal data held by ITALTEL are performed at the ITALTEL headquarters, by persons authorised and trained by the same ITALTEL.
The computer systems and software procedures used to operating this Web site acquire, during their normal exercise, some personal data whose transmission is implicit in the communication protocols of the Internet.
This information is not collected to be associated with the interested identified users. Through their very nature and through processing and associations with data held by third parties, it is carried out only at the explicit request of the Judicial Authorities, could allow for identifing the users.
This category of data includes IP addresses or domain names of computers utilised by users who connect to the site, addresses in URI notation (Uniform Resource Identifier) of requested resources, time of request, the method used in submitting the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters regarding the operating system and the computer environment of the user.
These data represent the register of connections. These data are used only to obtain anonymous statistical information on site usage and to check its correct functioning. The log of connections is kept at the disposal of the Judicial Authority and performed only upon explicit request.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses on our site involves the subsequent acquisition of the personal data supplied, including, for example, the sender’s e-mail address used for replying to requests.
Specific summary information will be progressively reported or displayed on the pages of the site predisposed for particular services upon request.
The use of session cookies (which are not memorised in a persistent way on the user’s computer and disappear when the browser is closed) is strictly limited to transmitting session identifiers (consisting of random numbers generated by the server) necessary to consent the secure exploration and efficient site.
The session cookies used on this site avoid recourse to other potentially prejudicial techniques for the confidentiality of users’ browsing, and do not allow acquisition of personal data identifying the user.
Also used on this site are persistent cookies, i.e. cookies that remain stored on the computer’s hard disk until their expiration or cancellation by the users/visitors. The deletion of cookies does not preclude the use of the sites and/or applications listed above.
Through persistent cookies, users accessing the site are automatically recognised at each visit.
Users can set the browser on their own computer or mobile device in order to accept/refuse all cookies or to alert them every time it is stored in a cookie in order to evaluate whether or not to accept it.
By default, almost all web browsers are set to accept cookies automatically.
The user can still change the default configuration. Below are the references to set the management of cookies for major browsers:
Internet Explorer: http://support.microsoft.com/gp/cookies
The deletion of cookies does not preclude the use of the Service but involves the repetition of the authentication procedure, i.e. the reintegration of the access credentials from the user.
If you want to decide whether or not to accept cookies, you can also configure your browser to generate a warning each time a cookie is saved.
Warning: the disabling of all or part of the technical cookies can impair the use of the functionality of the Web site reserved for registered users. On the other hand, it is also possible to disable cookies completely regarding the usability of the public content.
The Web site www.italtel.com allows the transmission of Web site cookies or different web servers (CD cookies of “third parties”) that the user might receive on his terminal. This happens because the site may present elements such as images, maps, sounds, specific links to web pages of other domains that reside on a server different from the one in which the page requested is. In other words, these cookies are set directly by the operators of websites or servers other than our own.
The disabling of cookies “third party” does not in any way affect the navigability.
ITALTEL is outside the “third party cookies” operations, which is the responsibility of such third parties.
Dynamics 365 cookies
In particular, the site can make use of the following tools, which generate third-party cookies:
- Dynamics 365 Marketing – Long-term behavioral-analysis cookie. This cookie is set and/or read on any webpage where you have placed a Dynamics 365 Marketing website behavioral-analysis script. It enables Dynamics 365 Marketing to score leads based on their level of interaction with a given website. The cookie contains no personal information, but does uniquely identify a specific browser on a specific machine, and Dynamics 365 Marketing can use it to correlate this ID with an actual contact in the Dynamics 365 Marketing database. The cookie remains active for two years.
- Dynamics 365 Marketing – Short-term, single-visit cookie. This cookie is also set and/or read on any webpage where you have placed a Dynamics 365 Marketing website behavioral-analysis script. By default, it expires after just 30 minutes. Dynamics 365 Marketing uses it to group all page loads by a given visitor that are recorded by the same behavioral-analysis script and that occur within the configured timeframe. It will consider all of these as part of a single “visit” to the website.
- Dynamics 365 Marketing – Marketing page registration cookie. This cookie is set when a contact submits a marketing page where the relevant Remember my information checkbox has been selected. Allows the marketing page to display a pre-filled form the next time the same contact uses it. The information stored in the cookie is a cryptographic unique identifier and does not contain the data sent or the means for an external application to discover the information sent.
Except for that specified for navigation data, the user is free to provide personal data whenever requested, but their failure to transfer can involve the impossibility to provide the requested services.
PROCESSING METHODS AND PROTECTION TIMING
Personal data are processed with electronic and automated means for the time strictly necessary to achieve the purposes for which they were collected, however, in accordance with the provisions of enforced law within the matter. After this period, the data will be erased or transformed into an anonymous form, unless further retention is necessary to comply with legal obligations or to comply with orders given by Public Authorities and/or Supervisory Bodies.
Specific security measures are observed to prevent the loss of data, the illicit or incorrect use and unauthorised access in accordance with Art. 32 of the GDPR.
Furthermore, no personal data deriving from the web service is the object of diffusion.
Recipient categories, or those who may come to the know the data
To achieve the purposes described or, in the case in which it is indispensable or required by law or the authorities with the power to impose it, the Data Controller, in particular, reserves the right to disclose the data to:
- entities that perform computer maintenance services or the like;
- Supervisory Authorities and Bodies of control and, in general, subject, public or private, with significant public enforcement functions (g., Prefecture, Police Headquarters, and Judicial Authority, in each case only to the extent that it fulfils the conditions established by applicable law);
- other companies of the group of which the Data Controller is a part, or any parent company, subsidiary or related companies, pursuant to Art. 2359 c.c.
TRANSFER OF DATA TO COUNTRIES/ORGANISATIONS OUTSIDE THE EU
The transfer of data outside the EU is not expected in relation to our Web site users.
Where necessary and in limited cases, for some data, and for the purposes mentioned, user data may be transferred abroad to Countries/organisations outside the EU that ensure a level of personal data protection deemed adequate by the European Commission with its decision, or otherwise on the basis of other appropriate safeguards such as Standard Contractual Clauses adopted by the European Commission. A copy of the personal data may be transferred abroad, as well as the list of Countries/non-EU organisations in which such data have been transferred, may be requested of the data controller via regular mail sent to the headquarters of the data controller or by e-mail to firstname.lastname@example.org or email@example.com.
RIGHTS OF THE DATA SUBJECT
At any time, you may exercise your rights towards the Data Controller referred to in Chapter III of the GDPR, such as the right of access, rectification, integration, erasure, processing restriction, portability and the right to object in the presence of legal conditions.
The right to object (opt-out) the processing can be invoked at any time for the processing inherent to the purpose of promotion.
In order to assert your rights, you shall send a communication to the registered address of ITALTEL by specifying the subject “Privacy” to the recipient. Alternatively, such communication can be transmitted via email to firstname.lastname@example.org or by contacting the Data Protection Officer (DPO) by sending an email to email@example.com. Otherwise, you can request the list of Data Processorsfor internal and external processing.
Finally, please remember that you may lodge a complaint before the authority r for the protection of personal data (www.garanteprivacy.it).
Italtel reserves the right to change or update this policy at any time. Any changes or updates take effect immediately following publication on this Web site.
Settimo Milanese, 25 May 2018.