Privacy Policy*
INFORMATION ON THE PROCESSING OF PERSONAL DATA
Dear User,
With this document, drawn up in accordance with Art. 13 of EU Regulation no. 679/2016 (hereinafter also referred to as the "Regulation") Issel Nord S.r.L. informs you, as the data subject for the processing of personal data, of the following.
- REGISTERED USERS
1.1 Data Controller
The data controller for the processing of the personal data requested from you (such as name, surname, e-mail and password) is Issel Nord S.r.L., VAT number 00861600112, with registered office in Follo Via Trieste 4, (hereinafter also referred to as the "Controller"), e-mail privacy@isselnord.it, Tel. (+39) 0187 941414, Fax (+39) 0187 941420.
The Data Protection Officer ("DPO"), responsible of data protection for Fincantieri S.p.A., can be contacted at the following email address: privacy@fincantieri.it.
1.2 Purpose and legal basis of the personal data processing
Your personal data will be processed, with the support of computer and/or paper, solely for the following purposes and on the following legal basis:
- purpose of managing the reserved area of the site of reports to the Oversight Board: through management of the area of the site reserved for whistle-blowing reports and the data of registered users; processing carried out on the basis of the express consent of the data subject;
- Purpose of auditing and compliance of reports to the Oversight Board: by carrying out the activities related to the application by the Controller of Legislative Decree 231/2001 and the requirements thereof; processing carried out on the basis of the legitimate interest of the Controller.
It should also be noted that your data will be communicated and processed within Issel Nord S.r.L. by personnel duly appointed and instructed by the Controller.
1.3. Recipients of personal data
Your personal data may be transmitted, in close relation to and where compatible with the purposes set out above, to the following categories of persons:
- Oversight Board and support staff;
- service providers;
- any other parties, to whom current legislation provides for the obligation of disclosure.
- The contact data of the external data processors who carry out activities in the interest of the Controller, can be requested by you at the following e-mail address privacy@isselnord.it.
1.4. Transfer of personal data to a third country or an international organisation
The Controller does not intend to transfer your personal data to countries outside the European Union.
5. Nature of Data Provision and Consequences of Non-Provision
The data related to registration on the website for reports to the Oversight Board are optional and are processed based on the legal obligations to which the Controller is subject; failure to provide them prevents users from completing the registration activities.
The data related to reports made on the website for reports to the Oversight Board Function and collected by it are necessary to allow for the proper management of the reports themselves.
- NON-REGISTERED USERS
2.1. Data Controller
. The Data Controller for the personal data that you may decide to provide (such as name, surname, email) is is Issel Nord S.r.L., VAT number 00861600112, with registered office in Follo Via Trieste 4, (hereinafter also referred to as the "Controller"), e-mail privacy@isselnord.it, Tel. (+39) 0187 941414, Fax (+39) 0187 941420..
The Data Protection Officer ("DPO"), responsible of data protection for Fincantieri S.p.A., can be contacted at the following email address: privacy@fincantieri.it.
2.2 Purposes of the personal data processing and legal basis
Your personal data will be processed, using computerized and/or paper-based means, exclusively for the purpose of auditing and compliance of reports to the Oversight Board, through activities carried out by the Controller related to the application of Legislative Decree 231/2001, and reports based on Legislative Decree 24/2023; the processing, if not attributable to the execution of contractual and/or legal obligations on the part of the Controller, will be carried out on the bases of the legitimate interest of the Controller.
It is also noted that your data will be communicated and processed within Issel Nord SrL. by personnel duly appointed and instructed by the Controller.
2.3 Data retention period
Your data will be retained in relation to the purpose of managing whistleblowing reports, for no more than 5 years from the date of communication of the final outcome of the reporting procedure.
2.4 Nature of data provision and consequences of non-provision
The data related to reports made on the website for reports to the Oversight Board Function and collected by it are necessary to allow for the proper management of the reports themselves.
- ALL USERS
3.1 Recipients of personal data
Your personal data may be transmitted, closely related and compatible with the purposes outlined above, to the following categories of subjects:
- Oversight Board and supporting personnel;
- service providers;
- any other subject to whom current legislation requires communication.
Contact details of external data processors carrying out activities in the interest of the Controller may be requested by you at the following email address: privacy@isselnord.it.
3.2 Transfer of personal data to a third country or an international organization
The Controller may transfer your personal data outside the European Economic Area ("EEA"). To protect your data in the context of international transfers, the Controller will adopt appropriate safeguards, such as decisions of adequacy by the European Commission pursuant to Article 45 of the Regulation, standard contractual clauses approved by the European Commission, and contractual instruments that provide adequate guarantees (Article 46 of the Regulation). Alternatively, transfers will take place in the presence of derogations provided for in Article 49 of the Regulation (i.e., consent of the data subject, necessity of the transfer for contractual/pre-contractual measures, overriding public interest, defense in legal proceedings, vital interests of the data subject or other individuals, data entered in a public register).
3.3 Rights of the data subject
We inform you that, as a data subject, you have the right to obtain from the Controller:
Right of access:
(Article 15 of the Regulation)
|
confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, the right to obtain, among other things, access to your personal data and information regarding the purposes of the processing, the categories of personal data concerned and the recipients or categories of recipient to whom the personal data have been or will be disclosed.
|
Right to rectification:
(Article 16 of the Regulation)
|
(i) rectification without undue delay of inaccurate personal data concerning you and (ii) completion of your personal data, where incomplete.
|
Right to erasure ("right to be forgotten"):
(Article 17 of the Regulation)
|
erasure of personal data concerning you without undue delay (the Data Controller has the obligation to erase personal data without undue delay in the cases set out in Article 17 of the Regulation).
|
Right to restriction of processing:
(Article 18 of the Regulation)
|
restriction of processing in the cases set out in Article 18 of the Regulation.
|
Right to data portability:
(Article 20 of the Regulation)
|
receipt in a structured, commonly used and machine-readable format of personal data concerning you; the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, in the cases set out in Article 20 of the Regulation.
|
Right to object to processing carried out under Article 6(1)(e) or (f):
(Article 21 of the Regulation)
|
objection, at any time, on grounds relating to your particular situation, to the processing of personal data relating to you under Article 6(1)(e) or (f), including profiling on the basis of such provisions.
|
At any time, you may exercise the above-mentioned rights through a formal request sent to the email address privacy@isselnord.it.
Furthermore, you have the right to lodge a complaint with the Italian Data Protection Authority if you believe that the processing concerning your personal data violates the provisions of EU Regulation No. 679/2016.