In compliance with the obligations deriving from Community legislation, (General Data Protection Regulation No. 679/2016, GDPR) and national legislation (Legislative Decree 30 June 2003 No. 196, Code for the protection of personal data) and subsequent amendments
pursuant to Articles 13 and 14 of the GDPR 679/2016 and art. 13 of Italian Legislative Decree 196/2003, we hereby inform you that the information and data collected by Autovia Padana S.p.A. will be subject to processing in compliance with the principles set out in these articles.
This policy is intended for all subjects who interact with Autovia Padana S.p.A., including users of the company website.
1. Types of Data collected
Autovia Padana S.p.A. collects some Persona Data such, without limitation, name, surname, date of birth, address, gender, nationality, email address and other information which may be necessary for the purposes of managing the motorway services and any photographic images of the vehicle in the event of motorway anomalies related to toll charges owed.
The User assumes responsibility for the Personal Data, including that of third parties, provided on the Facebook page, relieving the Data Controller of its own direct responsibility.
The processing of all Personal Data collected will be carried out in compliance with the relevant regulation, reminding the User that explicit consent is not required to use the motorway service.
2. Purposes of processing
The collected data is processed for the purposes of managing the motorway service, with specific reference to the contractual obligations deriving from use of the service and which concern the institutional functions exercised by Autovia Padana S.p.A.:
- communications with the user concerning use of the service and the infrastructure, as well as toll transactions and any requests related to these, exercised by Autovia Padana S.p.A. as the Concession Holder of the Piacenza – Brescia section and branch to Fiorenzuola d’Arda;
- communications with the user concerning safety deriving from use of the service and infrastructure of the Piacenza – Brescia section and branch to Fiorenzuola d’Arda;
- communications of a contractual nature with customers and/or suppliers concerning administrative, commercial, tax and legal relationships which may derive from them;
- respect any obligations deriving from the relationship established with the user;
- acquisition of information for the management of the contractual relationship, Telepass or other (product sales), at the BLUE Points of Cremona and Brescia.
3. Method of processing
The processing of Personal Data may be performed on paper, via computers and electronically, and then entered into the relevant databases which can be accessed by the Data Processors who will be made aware of information and consult, use, process and compare it, as well as carry out any other appropriate operation including automated ones, in full compliance with the legal provisions required to ensure, among other things, the confidentiality and security of the data as well as the accuracy, updating and relevance of data in relation to the purposes declared.
In addition to this, we hereby inform customers that the computer systems and software procedures used to operate the service, and this website, may acquire, during their normal operation, their Personal Data, the transmission of which is implicit in the use of Internet communication protocols. This information, which is not collected to be associated with identified data subjects, through processing and association with the data held by third parties, by its very nature could allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the user. This data is only used to obtain anonymous statistical information relating to use of the site and to check its correct functioning. This data is deleted immediately after processing. The data could be used to determine responsibility in the hypothetical event a computer crime is committed against the site.
We hereby inform customers that the data managed following the establishment of contractual relationships with Autovia Padana S.p.A. is then processed in compliance with currently applicable Italian Legislative Decree 196/03 and Regulation (EU) 2016/679, and is used only for the purposes aimed at the smooth functioning of the company business and of the service provided.
4. Nature of the provision of data
Data provision is:
a) Mandatory to achieve the purposes related to the obligations required by Community laws, regulations or legislation;
b) Optional, but sometimes necessary for the correct establishment and/or continuation of the relationship with our Company, and for smooth navigation of the site.
Any refusal to provide data or its incompleteness may mean it is impossible for the Data Controller to provide the services in their entirety and meet legal obligations.
5. Data communication scope
Where required to provide the services, customer data may be disclosed to our Company personnel (to the IT, Administration, Legal, Business, and Technical departments in accordance with the aims to be achieved, possibly following the request of the data subject), third-party companies also involved in access control and/or surveillance services, and companies that perform IT and plant services related to the activities performed.
The communication of data referred to above does not require authorisation as it is inherent to the provision of services, to defend a right in a court of law, or to pursue a legitimate interest of the Data Controller. For any further communication which requires the prior consent of the customer, we will proceed accordingly.
6. Data retention period
The personal data collected, including taking into account any choices made by the data subjects regarding erasure or withdrawal of consent which occur during processing, will be processed for a period corresponding to the needs for which it was collected, in compliance with the contractual obligations with the data subject, or according to current applicable legislative or regulatory provisions, or for a retention period deemed appropriate in the event of any disputes.
7. Data Controller – Data Protection Officer (DPO) and Data Processors
To implement the legal provisions, as well as for the operational functioning of some services, the following roles have been appointed:
- DPO (Data Protection Officer);
- Data Manager;
- Data Processors:
- External Processors.
8. Rights of the concerned person
As required by the law, the Customer has the right to know what personal data is used and its origin, to verify its accuracy or request that information is supplemented or updated, rectified or restricted. The Customer also has the right to request the erasure, transformation into anonymous form or blocking of data processed in violation of the law, as well as to object, for legitimate reasons, to the processing of his data and to modify or withdraw consent which was previously given, without prejudice to the lawfulness of the processing based on the consent given prior to its withdrawal.
We also inform the Customer of his right to lodge a complaint with the Data Protection Authority whose contact references can be found at the following link www.garanteprivacy.it
Requests can be managed by writing to the following email address: firstname.lastname@example.org