Last updated January 02, 2020
INFORMATION NOTICE REGARDING THE PROCESSING OF VISITORS’ PERSONAL DATA IN ACCORDANCE WITH EU REGULATION 2016/679 (“GDPR”)
Via Broletto 44 20121 Milano
T: (+39) 02 85672200 F: (+39) 02 85672901
C.F. e P.I. 02380270427
PERSONAL DATA PROCESSED
Full name, place and date of birth and other elements indicated in the identification document, as well as the image displayed through the closed circuit video surveillance systems in operation at the Company's offices.
Closed-circuit video surveillance systems are in operation at the Company's head offices, appropriately indicated before the relative range of action by the affixing of specific signs according to the General Provision on the Video-surveillance of the Privacy Authority of 8 April 2010. The cameras are installed outside and inside the building and record the access passages and the areas around the perimeter of the building.
DATA PROCESSING PURPOSES DATA
LEGAL BASIS FOR PROCESSING
DATA RETENTION PERIOD
24 hours from the moment in which the images were taken, exception for special needs for further conservation in relation to festivities or the closure of offices or businesses, as well as in cases where it is necessary to adhere to a specific inquiry by the judicial or police authorities. The recordings in any case are never kept for more than a week
Monitoring physical access points, other than through video surveillance
Compulsory: refusal to provide data means that the data subject cannot access the Controller's premises as a visitor. Entering video surveillance areas involves gathering, recording, retaining and generally using the images of data subjects.
Data may be communicated to parties operating as data controllers, such as supervisory bodies or authorities, or public organizations authorized to request data, such as public security/legal authorities.
Data may be processed on behalf of the controller by parties appointed as data processors, such as security companies, and companies providing maintenance for video surveillance systems, providers of assistance related to the automatic detection system.
SUBJECTS AUTHORIZED TO PROCESSING DATA
The data may only be processed by employees in company departments who are responsible for carrying out the activities outlined above and have been authorized to process the data and received suitable operating instructions.
PERSONAL DATA TRANSFERS OUTSIDE THE EU
The data may be transferred abroad to non-European countries, and in particular in the USA, a country whose level of data protection has been deemed appropriate by the European Commission pursuant to art. 45 of the GDPR (Privacy Shield)
The decision of adequacy of the European Commission can be consulted at the following link: http://eur-lex.europa.eu/legal-content/IT/TXT/PDF/?uri=CELEX:32016D1250&from=IT
DATA SUBJECTS’ RIGHTS – COMPLAINT TO THE SUPERVISORY BODY
By contacting Ariston Thermo S.p.A. via mail address V.le A. Merloni 45 – Fabriano (AN), via e-mail sent to email@example.com, the data subjects may ask the data controller for access to the data concerning them, rectification of inaccurate data, integration of incomplete data, erasure of data and limitation of processing in the cases provided for by art. 18 GDPR, where applicable, as well as oppose, at any time, in whole or in part, on grounds relating to their particular situation, the processing of data necessary for the pursuit of the legitimate interests of the data controller.
The right to portability of the data referred to in art. 20 GDPR cannot be exercised because the processing is carried out in the legitimate interest of the data controller.
With regard to the images recorded, the right to correct or amend data as outlined in article 16 GDPR does not apply due to the intrinsic nature of the data (images captured in real time regarding an objective fact).
Data subjects shall be entitled to lodge a complaint with the relevant supervisory authority in the Member State where they have their habitual residence or employment or in the State where an alleged infringement has occurred.
DATA PROTECTION OFFICER (DPO)
Data Protection Officer (“DPO”) appointed by Data Controller pursuant to Art. 37 and following of the GDPR is Mr. Gabriele Faggioli.
It is possible to contact the Data Protection Officer (“DPO”) via e-mail at: DPO.AristonThermoGroup@aristonthermo.com