Privacy policy – Investors

On this page, the ITELYUM group of companies describes how it processes your personal data submitted via the form (the “Form”) available at https://www.itelyum.com/investitori/ on this website (the “ITELYUM Website”).
For any questions, please contact privacy@itelyum.com.

WHY THIS NOTICE

Since May 25, 2018, all EU Member States apply new privacy rules under EU Regulation No. 2016/679 (General Data Protection Regulation, “GDPR”), together with national laws, including Legislative Decree 101/2018.
The GDPR provides stronger protection for users and imposes new obligations and responsibilities on those who process personal data, including data collected through websites.
For more information, please consult the resources of the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali), which explain the rules and your rights.
A fundamental principle is transparency: users must be informed in advance—clearly and completely—about what personal information is collected, by whom, for what purposes and for how long, whether it is used for commercial or profiling purposes, whether it is shared with third parties, and must be able to effectively control how their data are managed.
This notice is provided pursuant to Article 13 GDPR and draws on the Article 29 Working Party Guidelines on Transparency.

This notice is addressed to users who complete the registration form to create a personal account and access the features ITELYUM reserves for registered users. In responding to your request, ITELYUM will process the personal data you voluntarily provide. Details on how these data are handled are provided below.

DATA CONTROLLER AND CONTACTS

The Data Controller for the personal data covered by this notice is the ITELYUM group of companies, represented for this purpose by the parent company Itelyum Regeneration S.p.A., registered office: Via Oglio 12, Milan (Italy).
For any communication or request regarding the data submitted through this web platform, you may contact privacy@itelyum.com. References: EU Regulation 2016/679 and Legislative Decree 101/2018.

DATA PROTECTION OFFICER (DPO)

A Data Protection Officer (DPO) can be reached at dpo@itelyum.com for any request concerning your data.

TYPES OF DATA PROCESSED

In addition to the browsing data described in the Website Privacy Policy and email communications, the registration Form for access to the reserved area requires the following data:

  • identification and/or fiscal data;
  • contact details.

The Controller will process these data, where necessary, only with your prior explicit consent, with the utmost confidentiality, in compliance with applicable law and solely for the purposes set out below.

PURPOSES AND LEGAL BASIS

Data collected through the Form are processed only as necessary to create your personal profile and enable access to your reserved area.
The legal basis for this processing is your explicit consent as a data subject, obtained in accordance with the GDPR.

With reference to specific purposes:

  • for registration to the reserved area, navigation, social media, and marketing activities, the legal basis is your optional explicit consent (Art. 6(1)(a) GDPR), expressed by selecting the relevant checkboxes in the data collection form; lack of consent does not affect your ability to register to the Website unless consent is strictly required for that specific activity;
  • for sharing data with independent controllers consisting exclusively of subsidiaries within the ITELYUM group, the legal basis is legitimate interest (Art. 6(1)(f) GDPR).

DATA RECIPIENTS

Your data submitted via the Form may be accessed exclusively by:

  • staff and collaborators of companies within the ITELYUM group;
  • IT service providers;
  • email service providers;
  • website management and operation providers;
  • occasional maintenance and repair providers;
  • cloud service providers;
  • hosting and virtual server providers;
  • management software provider;
  • connectivity and telephony providers;
  • chat and communication tool providers;
  • file transfer service providers;
  • remote assistance providers.

Data will not be disclosed to categories other than those indicated, nor will they be disseminated or made public. They may be communicated to competent Authorities where required by applicable law or upon request of authorized parties.

TRANSFERS OUTSIDE THE EU

Your data may be stored on servers located outside the EU if the Controller’s IT and software providers foresee this or use cloud technologies that, by their nature, cannot guarantee the exact location of the data.
Currently, the European Commission has issued adequacy decisions for a limited number of countries (e.g., Andorra, Argentina, Australia (PNR), Canada, Faroe Islands, Guernsey, Isle of Man, Israel, Jersey, New Zealand, Switzerland, Uruguay). Your personal data may therefore be transferred by services used (e.g., Skype, Gmail) to countries without an adequacy decision, and the Controller may not be able to provide autonomous appropriate safeguards at all times.
The Controller selects providers capable of offering high standards of security and data protection.

DATA RETENTION

Personal data provided via the Form will be retained for as long as necessary to allow you to use the services offered by the Controller.
Your personal data will be kept until you exercise your right to erasure under Article 17 GDPR. You may exercise this right by emailing privacy@itelyum.com.

YOUR RIGHTS

As a data subject, you have the rights provided by the GDPR:
Access (Art. 15), Rectification (Art. 16), Erasure/Right to be Forgotten (Art. 17), Restriction (Art. 18), Notification of rectification/erasure (Art. 19), Data Portability (Art. 20), Objection (Art. 21).
You may also withdraw your consent at any time; withdrawal takes effect when the Controller becomes aware of it and does not affect the lawfulness of processing based on consent before its withdrawal.

In some cases (erasure, restriction, objection), exercising your rights may make it impossible, in whole or in part, to follow up on your requests via the Form or to provide services to you.

Rights may be exercised informally or by email to privacy@itelyum.com. You will receive a timely response.

RIGHT TO WITHDRAW CONSENT

You may withdraw consent in the same way it was given, including by email to privacy@itelyum.com or via the available buttons/links. Upon receipt, processing will be stopped and processors/sub-processors will be instructed accordingly. Withdrawal does not affect the lawfulness of prior processing.

RIGHT TO LODGE A COMPLAINT

You have the right to lodge a complaint with a Supervisory Authority. In Italy: Garante per la Protezione dei Dati Personali via the online form available at www.garanteprivacy.it.

OBLIGATION TO PROVIDE DATA

Providing personal data requested by the Form is optional; however, failure to provide the data required in the relevant fields will make it impossible to process your account registration request.

PROFILING AND AUTOMATED DECISION-MAKING

Data voluntarily provided via the Form will not be used for profiling or to activate automated decision-making processes.

SECURITY MEASURES

Itelyum Regeneration S.p.A., as Controller, applies appropriate technical and organizational measures in accordance with the GDPR to minimize risks to your personal data (including destruction or loss—accidental or otherwise—unauthorized access, or processing that is unlawful or incompatible with the purposes stated in this Notice).

METHODS OF PROCESSING

Processing is carried out pursuant to Article 32 GDPR using IT and electronic tools, as well as manual/paper methods.
Data are stored in electronic and paper archives so they can be identified and, where necessary, selected in aggregate form, for no longer than is necessary for the purposes described in this Notice. Periodic checks will ensure data are relevant and not excessive in relation to the obligations and purposes of processing.

RULES OF CONDUCT – COMMUNICATION AND DISCLOSURE

To comply with applicable law, if the Form is misused to commit unlawful acts and/or any criminally prosecutable conduct, the Controller reserves the right to inform the Public Authority.

CHANGES TO THIS NOTICE

This Notice may be updated following new features added to the Website’s services or based on user feedback.
An updated version may be published at any time on the Website page and will take effect from the date of publication. If this Notice changes while we are in contact with you, we will duly inform you.

Save as PDF

Need more information?

If you need more details about our services or want to discover how Itelyum can support your company in sustainable waste management and resource regeneration, we are here to help. Contact us to receive tailored information, prompt responses, and customized solutions for your environmental and industrial needs.

Get in touch