INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA PURSUANT TO REGULATION (EU) 2016/679 (“GDPR”)
In compliance with the principles established by Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, ITA offers users the opportunity to interact with its institutional portal accessible through the address https:// www.madeinitaly.gov.it, a website dedicated to Made in Italy, which will complement the communication campaign planned for the Formula 1 Grand Prix del Made in Italy e dell’Emilia Romagna on 18 April 2021 and which, more generally, will enrich ITA’s promotional activities for Italian excellence.
In order to ensure that the processing is carried out in accordance with the Regulation, ITA, as Data Controller, provides the following information to data subjects pursuant to Article 13 of the Regulation and highlights the information concerning the processing of personal data carried out for the performance of its institutional purposes, on the basis of the conditions of lawfulness referred to in Article 6 of the Regulation.
Data Controller and Data Protection Officer
The Data Controller of your data is ITA – Italian Trade & Investment Agency (ICE – Agenzia per la promozione all’estero e l’internazionalizzazione delle imprese italiane), with registered office in Via Liszt, 21 – 00144 Rome, Tel.06 59921 (hereinafter referred to as “ITA” or “Data Controller”). The Data Protection Officer (DPO), designated by the Data Controller to carry out the functions provided for by the EU General Data Protection Regulation, can be reached at the email address firstname.lastname@example.org.
The Data Processor is the company Justbit S.r.l. with registered office in Via Giuseppe Martucci, 32, Rome, Italy, which manages the technological infrastructure of the Portal.
Purpose of processing and legal basis
We use your personal data to introduce you to Italy’s excellences and allow you to discover Made in Italy, from the best known and traditional aspects to the most unusual and innovative ones. Data are processed by ITA for purposes of carrying out its institutional tasks and in the public interest, for the fulfilment of obligations required by law or regulation, and to allow effective institutional communication.
The processing is based on the following legal bases: (i) processing is necessary for the performance of a task carried out in the public interest by the Data Controller under art. 6, para. 1, letter “e”; (ii), processing is necessary for compliance with a legal obligation to which the controller is subject, e.g. legal obligations, regulations, execution of measures of judicial or administrative authorities (art. 6, para. 1, letter “c”) of the Regulation.
ITA processes personal data in compliance with the principles provided for by the Regulation, subjecting processing to the principles of correctness, lawfulness and transparency, for explicit and legitimate purposes related to the fulfilment of the law, institutional aims, and administrative activities instrumental to them. We only process personal data that are adequate, relevant and limited to what is necessary in relation to the purposes for which they are collected and processed.
Data are processed by suitably trained ITA staff acting as authorised data processing personnel, or by any persons authorised for occasional maintenance operations of the systems, applications and data necessary for the portal services.
The processing is carried out in such a way as to ensure adequate security of personal data, through the use of automated tools, including confidentiality and protection, by means of technical and organisational measures aimed at preventing the loss of data, unlawful or incorrect use and unauthorised access.
The data will not be used for any purpose other than those described in this notice, unless we inform you in advance.
Your personal data is managed through online software or cloud services, located within the European Union, in compliance with the rights and guarantees provided by the General Data Protection Regulation (EU) 2016/679 (GDPR).
Type of data processed
Within the limits of the purposes and methods described in this information notice, the processing concerns anonymous browsing data, service data such as information relating to internet traffic, location of participants, identifiers of the computer tools used (browser, operating system, screen resolution) metadata (date and time of computer accesses, duration of session on the platform, URL of the web page browsed).
Personal data will be stored for a period of time not exceeding the period required to fulfil the purposes or as provided for by law.
In the performance of our institutional activities, your data may be communicated to other entities exclusively for the purpose of ensuring you receive the best possible service or to fulfil tasks in the public interest and specific legal obligations. ITA ensures that your data will be processed solely for institutional purposes.
Rights of the Data Subject
The data subject may exercise their rights at any time, and in particular access their personal data, request data to be limited or corrected, updated if incomplete or erroneous, and deleted if collected in breach of the law, as well as object to their processing, without prejudice to the existence of legitimate reasons on the part of the Data Controller. You also have the right to portability, i.e. to receive in a structured, commonly used and machine-readable format the personal data you have provided. In order to exercise your rights, you may consult the page on ITA institutional website at the following link: https://www.ice.it/it/privacy, or contact the Data Controller or the Data Protection Officer at the address indicated below.
Finally, we inform you that you may lodge a complaint with the Italian Data Protection Authority (Autorità di Controllo Italiana – Garante per la protezione dei dati personali) – Piazza Venezia n. 11 – 00187 Rome.
For more information, please send your request to the following e-mail address: email@example.com.
This notice may be supplemented with further indications, also in consideration of regulatory changes and/or measures of the European Data Protection Board (EDPB) and the Italian Data Protection Authority.
Last updated: April 2021