This disclosure is provided, pursuant to Article 13 of Italian Legislative Decree No. 196 dated 30 June 2003 ”Data Protection Code” (hereinafter the “Code”), to those who interact with the web services of the Company, accessible on-line at the following address: www.cdpequity.it
The disclosure also aspires to Recommendation No. 2/2001 which the European authorities for data protection adopted so as to identify a number of minimum requirements for the collation of personal data on-line.
The disclosure is provided exclusively for the website www.cdpequity.it and not for other websites possibly consulted by the user via link.
Data controller and supervisor
The Data Controller is CDP Equity, with registered offices in Corso Magenta 71, Palazzo Busca, 20123 Milan (MI), Italy.
The Data Supervisor is the head of the CDP Equity compliance division, domiciled for the purpose of his/her function care of the Company’s registered offices.
Data processing location
The data processing associated with the web services of this website takes place care of the Company’s registered offices.
Scope and purpose of the processing
The data processing associated with the web services of this website is carried out solely by technical staff appointed for this purpose. The personal data provided by the data subjects who forward requests for disclosure material or information or other specific requests, will be used solely for the purpose of carrying out the aforesaid requests.
Types of data processed
a) Data provided voluntarily by the user
The optional, explicit and voluntary transmission of e-mail to the addresses indicated on the CDP Equity website involves the subsequent acquisition of the address of the sender, necessary for replying, as well as any other personal data included in the message.
b) Connection data
The IT systems and the software procedures tasked with the functioning of this website acquire certain personal data whose transmission is implicit in the use of Internet communication protocols. This is information which is not collated in order to be associated with the parties identified, but which due to its very nature could permit, via processing and association with data held by third parties, the identification of the users.
This category of data includes IP addresses or the domain names of the computers used by the users who connect up to the website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used for submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the reply given by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the user.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check the correct functioning thereof. Furthermore, the aforementioned data could be used for ascertaining liability in the event of cyber crimes to the detriment of CDP Equity and for such purposes therefore made available to the legal authorities.
No personal data is acquired intentionally by the website. Cookies are not used for the transmission of personal information, nor are so-called “persistent cookies” of any type used, or systems for tracing the users. The use of so-called “session cookies” (which are not stored in a persistent manner on the user’s computer and disappear after the browser is closed) is strictly limited to the transmission of the session IDs (made up of random numbers generated by the server) necessary for permitting the secure and efficient navigation of the website.
Optional nature of the conferral of data
Without prejudice to the matters specified above for the navigation data, the user is free to provide their personal data in order to request the forwarding of disclosure material and other communications. Failure to confer the same may mean it is impossible to obtain whatever has been requested.
Data processing formalities
The personal data is processed using automated and non-automated instruments, for just the period of time necessary for achieving the purposes for which it was collated, including therein the maintenance of subsequent relations with the user deriving from their initial request. Specific security measures are observed in order to prevent the loss of the data, illicit or incorrect use and unauthorised access to the same.
Rights of the parties concerned (data subjects)
The parties to whom the personal data refers (hereinafter “Data subjects”) have the right at any time to obtain confirmation of the existence or otherwise of said data and to gain awareness of the content and origin, check the accuracy or request the supplementing or up-dating of the same, or its adjustment as per Article 7 of the Code. Pursuant to the same article, the data subjects have the right to request the cancellation, transformation in anonymous form, blocking of data processed in violation of the law, as well as oppose the processing of the same in any event, for legitimate reasons.
Requests of the data subjects
In order to exercise the rights indicated above or for further requests for information on the protection of personal data, it is possible to contact the following e-mail address: firstname.lastname@example.org
or make contact by ordinary mail to Cdp Equity, Corso Magenta 71, Palazzo Busca, 20123 Milan (MI), Italy, sent for the attention of the Data processing supervisor.