Web Site, accessibility to the company's it tools, Whistleblowing system and other services
Autostrade per l'Italia S.p.A. hereinafter referred to as "ASPI" provides, pursuant to European Regulation 2016/679 (GDPR) and current national legislation, the information regarding the processing of data of users browsing the website www.autostrade.it (hereinafter referred to as the "Website") and interact with the web services provided by the same site. To this end, this page describes the procedures for managing the Website in relation to its visitors and users.
The pages of the website may contain links to the websites of other parties, to which this data security declaration shall not extend. This information is therefore only provided for the ASPI website and not for any other websites that may be visited by the user via links.
1. DATA CONTROLLER
Autostrade per l'Italia S.p.A. with registered office in Rome, Via A. Bergamini 50, 00159, tax code, Rome Companies Register entry number and VAT No. 07516911000.
The Data Protection Officer (DPO) for Autostrade per l'Italia S.p.A. is domiciled for the purpose at the Company's registered office.
2. TYPES OF DATA VOLUNTARILY PROVIDED BY USERS/VISITORS, PURPOSES
Specifically, the optional, explicit and voluntary sending of electronic mail by the user through the web channels provided by ASPI (by way of example but not limited to: firstname.lastname@example.org, email@example.com), to submit communications, requests and/or complaints, implies the acquisition of the sender's e-mail address, as well as any other personal data included in the communication, which is necessary to reply to the requests/complaints. The processing of such personal data has the sole purpose of enabling ASPI, the Data Controller, to respond to the questions and requests for clarification received, as well as to receive users' suggestions or to manage communications with which the user submits complaints. In the event of any requests involving the processing of special categories of data pursuant to Article 9 of the GDPR (e.g. health data), ASPI will process such data as indicated in the specific reference Information and, where necessary, only after explicit consent by the user or any family member concerned.
in the /en/privacy page,
in the People section for online applications at the link /en/persons/join-the-team
in the Contact section for reimbursement requests at https://webform.autostrade.it/rimborsi/
on the RMPP online payment page /en/rmpp/
ASPI collects technical information relating to Web Site users' browsing data.
Specifically, the computer and telematic systems and software procedures used to operate the Website acquire specific data during their normal operation, the transmission of which is implicit in the use of web communication protocols or is useful for better management and optimisation of the system.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Website in order to check its proper functioning.
A cookie is a short string of text that is sent to your browser and possibly saved on your computer; this generally occurs every time you visit a website. Each cookie is unique for the browser and device used to access the
Website; generally, cookies are designed to improve the operation of the Website and the user's experience when using it.
On www.autostrade.it, cookies are used for the following purposes and classification.
2.2 SYSTEM OR TECHNICAL COOKIES
Technical Cookies are used to enable the best quality of use of the website according to the characteristics of the browser used on your computer or on any other Internet tool.
These cookies enable the user to browse the website and use its functions, e.g., to access secure areas of the site.
Lacking these cookies, the website may not provide the services of authentication and proper functioning of the Website.
Cookies are not always defined by ASPI: in some cases, they are automatically generated and used by the software platforms used.
However, they are intended for the sole purpose of the general operation of the website.
2.3 HOW TO DISABLE COOKIES FROM YOUR BROWSER
Users/visitors can change their browser settings to disable cookies or to be notified that cookies are being sent to their device. Users/visitors may refer to the instruction manual or help screen of their browser to find out how to adjust or change their browser settings.
Below is an example:
Internet Explorer http://windows.microsoft.com/it-it/windows7/block-enable-or-allowcookies
In the case of different devices or browsers, the user/visitor must ensure that each browser in each device is correctly set to respect the user's desired cookie preferences.
If you choose to disable all cookies, the necessary, functional and performance cookies will also be blocked and this may cause troubles while browsing the Website.
3. DATA PROCESSING METHODS
Personal data, provided as indicated in point 2 above, will be processed, in compliance with the regulations in force, through computer and telematic tools and by implementing procedures strictly related to the above- mentioned purposes so as to ensure the confidentiality and security of the data.
4. DATA RETENTION PERIOD
Personal data of users/visitors will only be stored for as long as necessary for the purposes for which they are collected in compliance with the principle of minimisation pursuant to Art. 5.1.c) of the GDPR.
5. DATA RECIPIENTS
Within Autostrade per l'Italia SpA, only persons tasked with the processing by the Data Controller and authorised to perform processing operations within the scope of the aforesaid activities may acquire the personal data provided.
Personal data may be disclosed to third parties (parent/subsidiary companies involved or third-party companies) who are required to process the information for the same purposes as set out in point 2 above, and which are, to this end, appointed “Data Processors”.
The complete list of persons appointed as Data processors is available from the DPO. Under no circumstance may personal data be disseminated.
6. RIGHTS OF DATA SUBJECTS
Articles 15-22 of the GDPR allow data subjects to exercise specific rights; data subjects may obtain from the Data Controller: access, correction, cancellation, restriction of processing, revocation of consent as well as portability of data concerning them.
Data subjects may also object to the processing. Where the data subject exercises the right to object to the processing, the Data Controller reserves the right not to process the request, and thus to continue processing, if there are compelling legitimate grounds for processing that prevail over the interests, rights and freedoms of the data subject.
The above rights may be exercised by submitting a request to the Data Protection Officer at the following PEC (certified mail) address without formalities: firstname.lastname@example.org using the forms provided by the Data Controller on the website www.autostrade.it.
Please note that the data subject may lodge a complaint pursuant to Article 57 letter f) of the GDPR with the Data Protection Authority.
Version 2.1 of 09.02.2022