To provide the personalised and standard services offered by this website, ENTSORGAFIN SPA, in its capacity as Data Controller, processes certain identification data, which are needed to provide the services.
In accordance with Article 13 of Italian Legislative Decree 196 of 30 June 2003, ENTSORGAFIN SPA guarantees, within the scope of statutory provisions, that personal data will be processed with full respect for the fundamental rights and freedoms and the dignity of the data subject (Article 4 (1i) of the Personal Data Protection Code), in particular as concerns the confidentiality, the personal identity, the rights and the protection of the personal data.
This privacy statement provides information on how the website entsorga.it is managed in relation to the processing of the personal data of the users of its services. The statement is provided in accordance with Italian Legislative Decree 196/2003 (the “Personal Data Protection Code”) only in relation to the website in question and not for any other websites that you may access via links, for which ENTSORGAFIN SPA assumes no liability whatsoever.
Personal data may be collected automatically when browsing or using the website and the services it offers, or may be provided voluntarily by you.
Personal data collected automatically by the Data Controller or through third parties may include, by way of example only: cookies, browsing history, passwords, given and family names and e-mail addresses.
Browsing history and other data
The computer systems and software procedures that enable this website to work acquire, when running normally, certain personal data, whose transmission is implicit in the use of Internet communication protocols. The information is not collected to be associated to identified data subjects; however through its processing and association with data held by third parties, the nature of the information could permit the identification of our users. This category of data includes the IP address or domain name of the computer you use to connect to the website, the uniform resource identifier (URI) addresses of the resources you request, the time of the request, the method employed to submit the request to the server, the size of the file obtained in response, the status code of the response given by the server (OK, error, etc.) and other parameters connected with your operating system and computing environment. Such information is used solely for the purposes of gathering anonymous statistical data on website usage and to check the website works correctly and is erased immediately after its processing. The data may be used at the request of the competent Authorities to investigate liability in the event of cybercrime damaging the website.
Cookies, or other tracking tools, may be placed by this website or the owners of third-party services used by the website to identify you and save your preferences, strictly for the purposes of providing the services requested by you, unless otherwise specified.
If you choose not to provide certain personal data, the website may not be able to provide you with its services.
Personal data will be collected and processed for the purposes of:
The provision of data is optional, except where it is specified that the information is required to enable access to the services offered.
Data processing is necessary for the purposes stated in point 1 of the section above. The non-transmission or incorrect transmission of any of the information may limit or disable the full use of the features and services available on the website.
In relation to the optional provision of data, further information on the cookies placed on your computer by this website is provided in our "Cookies Policy", which can be read in full here or in summary form in the cookie banner appearing on the website.
You can return to our Cookies Policy at any time and change the consent options previously provided, check and/or modify the status of services activated, and request any additional services you may choose.
In compliance with the provisions of the Personal Data Protection Code requiring the adoption of minimum and suitable security measures necessary to minimise the risk of privacy breaches by third parties, ENTSORGAFIN SPA has put in place all IT security measures, which are updated on a constant basis and whenever shown to be necessary.
Personal data will be processed at the business premises of the Data Controller and at any other premises where the parties involved in processing are located. For more information, you can contact the Data Controller at the address provided.
Personal data will be processed, within the limits of the general authorisations issued by the Data Protection Authority, by data processors expressly and specifically designated for the purpose by ENTSORGAFIN SPA. Personal data may also be processed by outsourcers engaged to provide services connected with the purposes of processing and which our organisation may designate as data processors in charge of the data processing operations they perform, to ensure greater protection. All data processors will process personal data in compliance with the instructions provided by the Data Controller, according to the operating profiles assigned to them on the basis of the duties they perform, as necessary and relevant to perform specific tasks within the scope of the services requested, and exclusively for the purposes stated in this privacy statement.
The list of data processors in charge of processing is constantly updated and can be obtained by written request, as explained further on in the section on the rights of data subjects.
Personal data may be disclosed, meaning that the information may be provided to certain entities, in the following cases:
Personal data will not be published, meaning that the information will not be disseminated in any way, either by being made public or available for consultation, unless you specifically give your free and informed consent for each type of processing.
Defence of legal claims
Personal data may be used in the defence of the Data Controller in legal action or in the preparatory stage for legal action against claims of misuse of the information or of connected services by you. You represent that you understand that the Data Controller may be required to reveal your personal information at the request of public authorities.
The Data Controller for the processing of personal data is ENTSORGAFIN SPA, registered office at S.P. per Castelnuovo Scrivia n. 7/9 - 15057 Tortona (AL) – ITALY.
ENTSORGAFIN acts as the external data processor in charge of data processing for the companies ENTSORGA ITALIA SPA and TERRITORIO E RISORSE SRL, which have delegated compliance with data protection requirements to the parent company ENTSORGAFIN SPA.
This privacy statement should therefore be considered extended to and valid for the companies ENTSORGA ITALIA SPA and TERRITORIO E RISORSE SRL, in their capacity as data controllers.
Data subjects may exercise their rights under Article 7 of the Personal Data Protection Code (Right to Access Personal Data and Other Rights) in relation to the data referring to them at any time. In particular, you have the right to obtain confirmation as to whether or not your personal data are being processed; the right to access the data and obtain information as to the source of the data; the right to verify the accuracy of the data; and the right to have the data supplemented or updated. You may request the rectification or blocking of your personal data if they are incomplete or inaccurate or were collected in violation of laws in force. Similarly, you may also object to the processing of your personal data on legitimate grounds and may request, on those same grounds, their erasure, providing it is in accordance with laws in force and where ENTSORGAFIN SPA is not subject to other data storage or processing obligations.
You can exercise your rights or obtain an updated list of data processors by request under Article 13 (f) of the Personal Data Protection Code, by writing to the Company by ordinary post or by e-mail at the address firstname.lastname@example.org, or by writing to the data processor directly, available at the Data Controller’s registered office, via the e-mail address provided, to obtain a prompt response.
The Data Controller reserves the right to amend this privacy statement at any time, notifying users of the amendments on this page. As such, we recommend that you visit this page regularly, taking as your reference the Last Modified date at the bottom of the page. If you do not accept any amendments made to this privacy statement, you will be required to stop using the website and its connected services, and you may request the Data Controller to remove your personal data. Unless otherwise specified, the previous privacy statement will continue to be applied to your personal data collected up until that time.
Publication Date: 2018, February 14