Pursuant to Articles 13 and 14 of EU Regulation 2016/679 of 27 April 2016(1) (hereinafter the “Privacy Regulation”), we provide you with the following information regarding the processing(2) of the personal data of users accessing the website of www.innovation.a2a.eu and its sub domains. The policy does not apply to any linked website.
1.Who processes personal data?
The data controller(3) is A2A S.p.A. with registered office in via Lamarmora, 230 – 25124 Brescia and executive and administrative offices in Corso di Porta Vittoria, 4 – 20122 Milan.
2.Who can be contacted?
For all questions concerning the processing of personal data and the exercise of your rights, you may contact the Data Protection Officer (DPO), at the following email firstname.lastname@example.org.
3.Why are personal data processed?
|Processing purposes||Legal basis of processing|
|Browsing data are used only to acquire anonymous statistical information on website usage and to monitor its proper functioning. Users are not identified.||The legitimate interest of the Controller in managing the website.|
|The data you voluntarily provide by registering with the Portal are processed for the sole purpose of enabling participation in the open innovation initiatives promoted by the A2A Group.||Implied consent freely given by you.|
|To comply with legal obligations (e.g. instructions from authorities or the courts, etc.).||Compliance with the law.|
4.What personal data are processed?
The following categories of data are processed:
Other data in the above categories.
5.How are the data processed?
Processing is carried out by authorised persons in performing their assigned tasks, with or without the aid of electronic tools, according to the principles of lawfulness and integrity, in order to protect the data-subject’s rights and privacy at all times.
6.To whom are personal data communicated?
Your personal data may be disclosed to:
Your data will never be disseminated (made available to indeterminate parties).
7.Are the data transferred to third countries?
Your personal data will be processed within the European Economic Area (“EEA”). If it is exceptionally necessary to transfer your personal data outside the EEA, such transfer will take place on the basis of an adequacy decision of the European Commission, where applicable, or subject to appropriate safeguards required by the Privacy Regulation.
8.How long are the data stored?
Your data will be retained for the time necessary to achieve the purposes for which they are processed or to comply with legal obligations and, in particular:
9.What rights can you exercise?
You have the right to ask the Data Controller to:
To exercise your rights, you may send a written request to Data Controller or to the Data Protection Officer, identifying the A2A Group company to which your request is directed.
Without prejudice to any other administrative or legal remedy, you have the right to lodge a complaint with the Personal Data Protection Authority, should you believe your processing has violated the Privacy Regulation.
10.What is the source of the personal data?
The navigation data necessary for the computer management of the site are acquired by the computer systems and software procedures that govern its operation.
Personal data necessary to register on the portal are provided by you and any refusal to provide them will prevent you from accessing the service.
11.Are the data subject to automated decisions?
The data will not be subject to decisions based solely on automated processing, including profiling, which produce legal effects concerning you or which significantly affect you
When you access or otherwise interact with this site and its functions (such as digital services, apps, t
WHAT ARE COOKIES?
Cookies are text files containing small quantities of information which are stored (during a user’s visit, or for subsequent visits as well) on the computer or mobile device used by a user to visit a website. On subsequent site visits by the user, any cookies previously stored on the device are sent back to the site which had installed them. This allows the site to recognise a specific device for technical reasons (such as to store any user-defined site-navigation settings and other preferences), and/or analytical and/or profiling when the user has expressly consented to the same. Cookies installed on user devices do not acquire user emails, pull data from the hard drive, or transmit viruses.
Cookies may be divided into two major categories:
Proprietary cookies: cookies installed by the operator of the site the user is visiting.
Third-party cookies: cookies installed by the operator of a different site through the site the user is visiting.
TYPES OF COOKIES INSTALLED ON THIS WEBSITE
(1) General Data Protection Regulation (GDPR).
(2) Processing: any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
(3) Data controller: the natural or legal person or public authority that determines the purposes and means of the processing of personal data.