This policy statement describes the way in which Olivetti - in its capacity as Data Controller - collects, uses, shares and conserves personal data in compliancy with (EU) Regulation 2016/679 of the European Council and Parliament of 27 April 2016 (General Data Protection Regulation).
For questions relating to this privacy statement, or the way in which the personal data of a data subject (customers, suppliers, employees etc..) is managed by the Data Controller - exercising your recognised rights in this respect - and for all questions associated with how information is processed, please contact the Group’s Data Protection Officer, Olivetti Data Officer (“DPO Telecom Italia Group, c/o TIM S.p.A. Via Gaetano Negri n.1- 20123 Milan”), using either of the addresses given here:
The Data Controller is Olivetti S.p.A. – with HQ at Via Jervis, 77 - 10015 Ivrea (TO).
Your personal data may be processed for the purposes forming an integral part of the contractual relationships established between the parties, a few of which are described below just as examples, and not exhaustively:
Apart from the purposes described above, the data may also be processed to fulfil obligations prescribed by law, regulations or EU standards, as well as the provisions of Supervisory Authorities active in the sector. The transfer of your data is necessary for the above-mentioned purposes; failure to submit this data, or the submission of partial or inexact data could result in the impossibility to initiate or continue with the contractual activities referred to above.
The personal data collected for the purpose covered by this policy statement will be conserved until consent is withdrawn, apart from cases where the same information is subject to other types of processing by the same Data Controller, or a longer period conservation is not required or permitted by law.
Data is processed manually (for example, using hard copies) and/or by means of IT and telematic instruments. Your personal data, including traffic data, is organised and processed in a manner that is suitable to meet the purposes mentioned above, while at the same time ensuring that the data and communications remain safe and confidential. The IT systems and software will be configured in a way to minimise the use of personal and identification data that is not necessary for the purposes of the processing indicated above.
Your personal data may be processed by Olivetti also to provide services to customers, such as support, information, publicity, promotions and sales. Employees and operators, acting under the direct authority of their respective “Delegated Controllers”, are termed “Data Processors”. To accomplish these tasks they are provided with adequate operating instructions, also from Third-party subjects to which Olivetti delegates certain activities (entirely or in part), in order to fulfil the purposes indicated in Point 2).
In this case, said subjects will act in the capacity of autonomous Data Controllers, or otherwise will be designated as Data Officers or Data Processors.
If Data Officers or Processors are designated, Olivetti will provide them with appropriate operating instructions, in particular emphasising the minimum safety measures necessary to ensure the confidentiality and security of data.
The Third-party subjects referred to above belong essentially to one of the following categories:
Data subjects have the right to obtain from the data controller confirmation as to whether or not personal data concerning them is being processed and, if so, to obtain access to the personal data and the following information:
The data subject has the right to obtain from the data controller erasure of their personal data without any unjustifiable delay. The data controller, in turn, is obliged to erase the personal data without any unjustifiable delay, if any of the following conditions exist:
The data subject has the right to obtain from the data controller a restriction in the processing of their personal data when one of the following conditions applies:
The data subject possesses the right to receive in a structured, commonly-used format, readable by an automatic device, the personal data they have provided to Olivetti, the Data Controller, and also the right to transmit this data to another Data Controller without hindrance by Olivetti.