With reference to art. 13 of the European Regulation 679/2016 concerning the protection of personal data, as well as the free movement of such data (the “Regulation” or “GDPR”), we inform you that the Controller of the data communicated by the user or otherwise obtained as a result of the use of the website with URL http://www.italgas.it and its sub-domains (the “website”) is Italgas S.p.A. (hereinafter “Company” or “Controller”), based at Via Carlo Bo 11, 20143 Milan, Italy.
The presence of a link to this statement in the footer of the page confirms that visitors are on the Company’s website.
Type of data processed
- Browsing data
The computer systems and software procedures used to operate the website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols or is used to improve the quality of the service offered. This information is not collected in order to be associated with identified data subjects, but by its very nature could, through processing and associations, allow users to be identified.
This category of data includes IP addresses or domain names of computers used by users who connect to the website, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and IT environment.
These data are used to obtain anonymous statistical information on the use of the website and to check the correct functioning of IT systems. The data could also be used to ascertain responsibility in the event of hypothetical computer crimes or in case of damage to the Company or to third parties.
- Data provided voluntarily by the user
Users are not required to provide personal data to visit the website. However, contacts between users and the Company, through authentication to the website services and filling in contact forms, sending e-mails, messages or any type of communication to the addresses indicated on the website, involve the subsequent acquisition of common personal data, such as, for example, name, surname, address and telephone number, as well as any other personal data that will be provided by the user while spontaneously interacting with the Company through the website.
Specific information will be reported or displayed on the pages of the sites set up for particular services.
Purpose and legal basis of the processing
Personal data may be collected and processed for the following purposes:
- a) to allow navigation of the website, interaction with the contents therein, for registration and access to reserved areas of the website for the purpose of providing the online services offered by the Company;
- b) to manage user information requests;
- c) to comply with a legal obligation to which the Company is subject, including responding to any requests from the competent Authorities and bodies;
- e) where appropriate, to send questionnaires to the contact details issued at the time of filling in the online registration form in order to scheduling, by the Company, an adequate offer of its services.
For these purposes, the legal basis of the processing is the performance of a contract or the intention to enter into a contract (letters a, b), compliance with a legal obligation to which the Company is subject (letter c), or consent (letters d, e).
In relation to the purposes referred to in points a), b) and c), any refusal to provide data may determine the impossibility for the Company to provide the requested service, to comply with legal obligations and to process and respond to requests from users. Providing personal data through the contact forms on the website is not a legal or contractual requirement; however, the fields marked with an asterisk are mandatory fields, as this information is necessary to fulfill your request.
The processing of personal data for the purposes referred to in points d) and e) is based on consent; the provision of such data is optional and any refusal will have no consequence.
Methods of data processing and nature of the provision
Personal data processing will be carried out by persons authorized by the Company and / or by Processors which the Controller may engage to store, manage and transmit personal data by means of paper, IT and telematic tools according to the principles of law and protecting the confidentiality of the data subject and its rights through the adoption of appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
Your data will be kept for the period necessary to fulfill contractual and legal obligations in compliance with the principles of proportionality and necessity. The data retention period depends on the purposes for which they are processed and therefore may not be the same for all data. The criteria used to determine the applicable retention period are as follows: the retention of personal data covered by this information will take place for the time necessary (i) to manage the contractual relationship with the user, (ii) to handle complaints or specific requests from the user, (iii) to assert rights in court as well as (iv) for the time required by applicable law.
The data collected through the questionnaires for the purpose of developing the offer of services provided through the website will be deleted within 24 months.
The data relating to registration and access to restricted areas of the website will be automatically deleted after one year from the last access.
Personal data, in any case, will be kept for the time necessary to exercise the rights.
Communication, dissemination and transfer of data
Personal data will not be disseminated and may be communicated to the other companies of the Italgas Group for administrative and accounting management and control purposes, and to the competent authorities or public or private bodies for the fulfilment of obligations under the law.
The personal data collected may be processed by third-party suppliers, as data processors in relation to the services provided on behalf of the Company on the basis of specific contractual agreements, possibly for occasional maintenance operations and as necessary to perform services under specific requirements.
The data will be processed within the European Union and stored on servers located within the European Union. The same data may be processed in countries outside the European Union, provided that an adequate level of protection is guaranteed, recognized by a specific adequacy decision of the European Commission. Any transfer of Personal Data to non-EU countries, in the absence of an adequacy decision of the European Commission, will be possible only if adequate guarantees of a contractual nature are provided by the Controllers and Processors involved, including binding corporate rules (“Binding Corporate Rules “) and standard contractual clauses of data protection. If one of the above guarantees is adopted for transfers of Personal Data to non-EU countries, pursuant to Chapter V of the GDPR, an indication will be provided on how to obtain a copy of the guarantees adopted or where they were made available.
Rights of data subjects
The data subject may exercise, in relation to the processing of data described therein, the rights provided for by the Regulation (Articles 15-22 and 77), including:
- to obtain confirmation as to whether or not personal data concerning him or her are being processed and, where that is the case, to access to the personal data (right of access);
- to update, modify and / or correct personal data concerning him or her (right to rectification);
- to request the erasure or restriction of processing of data (right to be forgotten and right to restriction of processing);
- to object to processing of personal data concerning him or her (right to object);
- to withdraw consent at any time, where given, without prejudice to the lawfulness of processing based on consent before its withdrawal;
- to lodge a complaint to the Supervisory Authority;
- to receive a copy in a structured, commonly used and machine-readable format of the personal data concerning him or her and request that such data be transmitted to another controller (right to data portability).
Requests relating to the exercise of these rights may be addressed to the Data Protection Officer (hereinafter only “Data Protection Officer” or, in short, “DPO”) by sending an e-mail to email@example.com.
Identity and contact details of the Data Controller, of the Data Processors and contact details of the Data Protection Officer
The Data Controller is Italgas S.p.A., with registered offices in Milan, via Carlo Bo 11.
The updated list of any data processors is available at the headquarters of the Data Controller.
The Italgas Group has appointed a Data Protection Officer who can be contacted at the following e-mail address: firstname.lastname@example.org, or by ordinary mail at the headquarters of the Company.
The www.italgas.it website uses some cookies to make it easier to navigate
through its services and to allow an efficient use of the Company’s web pages. The cookies used also improve
the service provided to users, making the navigation more effective and / or enabling certain features.
What are cookies?
Cookies are small text files that the visited websites send to the browser. Cookies are stored on the user’s
device and then transmitted to the same websites at the next visit of the same user. In this way the website
or server recognizes the browser and remembers the preferences expressed by the user, as well as other useful
information to make easier her/his navigation.
Cookies differ from each other on the basis of who installs them on the user’s device (e.g. first- or
third-party cookies) and the purposes pursued by those who use them. Cookies have a duration dictated by their
expiration date (or by a specific action such as closing the browser) set at the time of installation.
Types of cookies
Cookies can be classified according to the entity that operates as Data Controller for the processing of
personal data collected through the cookie itself, and thus be distinguished between first-party cookies,
created by the website you are visiting directly, and third-party cookies, which are set by a website other
than that indicated in the navigation bar. In a website there may also be elements (images, maps, sounds,
specific links, etc.) sent to the device by a third party through the website that the user is visiting.
Cookies can also be divided according to the purpose in:
– Technical cookies
Technical cookies are used for the sole purpose of optimizing the user’s navigation on the website and to
allow the website to provide the user with the requested services.
Technical cookies are generally divided into navigation cookies, functionality cookies and analytical cookies.
- a) navigation cookies are essential to provide an optimal user experience or to allow the user to
authenticate on the website. Navigation cookies are normally session cookies and, therefore, once the
navigation browser is closed, they are deleted;
- b) functionality cookies are used for the purpose of memorizing certain user preferences (for example,
the language or country of origin), without having to reset them during subsequent visits. Functional
cookies are often persistent cookies, as they remain stored in the device even after the browser is
closed, until the expiry date set for them or until the user decides to delete them.
– Analytical cookies
Analytical cookies are used to collect statistical information, in an anonymous and aggregate form, on the
number of users accessing the website and on the related ways of use and interaction. When used to optimise
the website directly by its owner, which may collect information in aggregate form on the number of users and
how they visit the website, this type of cookie is assimilated to the technical cookies.
– Profiling cookies
Profiling cookies are aimed at creating profiles relating to the user to track their behavior and are used in
order to offer services such as, for example, sending of advertising messages in line with the preferences
expressed by the user while browsing.
How to disable or remove cookies
Cookies can be disabled or removed using the tools available in most browsers. Cookie preferences must be set
separately for each browser used, as each of them offers specific features and options.
non-authenticated navigation on the website www.italgas.it will be
available in any case with all its functions.
Below are the links that explain how to disable cookies on most popular browsers (for other browsers, we
suggest you search for this option in your software help).
Microsoft Edge: support.microsoft.com
Google Chrome: support.google.com
Mozilla Firefox: support.mozilla.org
Apple Safari: support.apple.com
To disable Google Analytics cookies only
Alternatively, it is possible to disable only Google Analytics cookies, using the additional opt-out component provided by Google for the main
browsers. In this way it will still be possible to use the on-line services of the website.
To remove cookies already stored on your device
Even if you withdraw your consent to the use of third-party cookies, the cookies may already have been stored
on the user’s terminal. For technical reasons it is not possible to delete these cookies but you can remove
them using the privacy settings. In fact, the browser options contain an option called “Delete navigation
data”, which can be used to remove cookies, site data and plug-ins.
The web page you are visiting uses the cookies listed in the Cookie Statement set out in the table below.
Last update of this information notice: April 2023
It may be necessary in the future to make changes or additions to the information, as a result of regulatory or business developments. The updated information is available at any time on the website www.italgas.it.