Pursuant to Article 13 of Regulation (EU) 679/2016 as subsequently amended and supplemented (“GDPR”) and to the UK and European laws and regulations complementing it, as subsequently amended and supplemented (“Privacy Applicable Law”), and in relation to your personal data (the “Data”), this information notice provides for the following.
1 – DATA CONTROLLER
The Data Controller is Telespazio UK Ltd, with registered office in Capability Green, Luton.
2 – PURPOSE OF DATA PROCESSING
The Data processing:
(a) is aimed at the completion by the Data Controller of the operations to be performed for purposes that are strictly connected with and/or necessary to the fulfilment of the requests submitted, from time to time, by the user through the website https://www.leonardocompany.com (the “Requests” and the “Website”, respectively) and/or by e-mail. In this regard, for restricted area login, you may be requested to enter your Data for registration;
(b) may also be aimed at providing commercial information on the services carried out by the Data Controller and/or by its associated companies;
(c) may be aimed at compliance with obligations required by law or applicable regulations, as well as by decisions and guidelines issued by the competent supervisory and control authorities/bodies.
3 – TYPES OF DATA PROCESSING
(a) will be processed in the manners and according to the procedures that are strictly necessary to meet the Requests and through the operations or set of operations set out in Article 4, paragraph 1, number 2 of the GDPR;
(b) will also be processed by using electronic or automated tools. In this regard, please note that the Data will be stored in paper archives located at the registered office of the Data Controller and in electronic archives located both at the said office and at servers in Italy;
(c) will also be processed by using fax, e-mail or any other remote communication technique. The Data Controller also uses the same methods when it discloses the Data to third parties for these purposes, as detailed in paragraph 6 below.
4 – PROVISION OF THE REQUESTED DATA AND LEGAL BASIS OF DATA PROCESSING
Without prejudice to the data subject’s rights, the provision of Data may be:
(a) required by Law or Regulation with regard to the purposes referred to in paragraph 2, letters (a) and (c) above;
(b) optional, with regard to the purposes referred to in paragraph 2, letter (b) above. In this case, the Data will be processed with the prior consent of the data subject, required through specific pages of the Website from time to time.
5 – REFUSAL TO PROVIDE DATA
Should you refuse to provide your Data or to give your consent, if required, to their being processed:
(a) in the cases referred to in paragraph 4, letters (a) and (c) above, this will make it impossible for the Data Controller to meet the Requests;
(b) in the case referred to in paragraph 4, letter (b) above, this will make it impossible to provide you with the commercial information regarding the services provided by the Data Controller and by its associated companies.
6 – TRANSMISSION OF DATA
(a) For the purposes referred to in paragraph 2, letters (a) and (c) above, or for the discharge of specific obligations required by law, the Data may be transmitted to other subjects and specifically to advisors that help the Data Controller to meet the Requests (e.g., law and tax firms);
(b) For the purposes referred to in paragraph 2, letter (b) above, the Data may also be transmitted to associated companies.
7 – DISSEMINATION OF DATA
The Data will not be disseminated (meaning for this purpose, giving knowledge of Data to indeterminate subjects, in any form, including by making available or consulting), without prejudice to the hypothesis in which the disclosure is requested , in accordance with law, by law enforcement agencies, judicial authorities, information and security bodies or other public entities for the purposes of defence or security of the state or for the prevention or prosecution of offenses.
8 – TRANSFER OF DATA ABROAD
Data will be processed by Controllers as identified above also by making use of other parties who will act as managers - internal or external - of the processing or in their capacity as representative. In this context and for the purposes described above, Data may be transferred to countries outside the EU, in which case, the Controller undertakes to ensure that the recipient respects the same standards required by European Union legislation. In particular, the employees or collaborators of the business units involved in the negotiation and contractual relationships established between the supplier and Leonardo Group (e.g. Purchases, Administration, Help Desk, etc.) may become aware of Data. This transfer, where the case occurs, will be governed by the use of standard contractual clauses adopted by European Commission with Decision 2010/87 / EU and any subsequent amendments or, alternatively, on the basis of an adequacy decision of the Commission, on the basis of binding corporate rules and / or any other instrument permitted by the relevant legislation.
9 – DATA SUBJECT’S RIGHTS
9.1 - With regard to the Data in our possession, please be informed that you are entitled to exercise the rights provided for by the Privacy Applicable Law. Specifically, you are entitled:
a) to obtain confirmation from the Data Controller as to whether or not Data relating to you exist; to be informed of their origin, the reasons for and the purposes of the Data processing, of the categories of subjects to whom the Data may be transmitted, as well as of the Data Controller’s and Data Processor’s identification details;
b) to obtain access to Data, change into anonymous form, blocking, amendment, integration or erasure, limitation of Data processing;
c) to object to the processing of Data in the cases provided for by the Privacy Applicable Law;
d) to exercise the right to Data portability, within the limits provided for in Article 20 of the GDPR;
e) to withdraw the consent (where this is the necessary legal basis of the Data processing) at any time without prejudice to the lawfulness of the Data processing based on consent before its withdrawal;
f) to lodge a complaint with the Data Protection Authority, in accordance with the procedures and the decisions and guidelines published on the official website of the Italian Data Protection Authority www.garanteprivacy.it.
9.2 - Any corrections, erasures or limitations of Data processing carried out upon your request - unless this proves impossible or involves a disproportionate effort - will be transmitted by the Data Controller to each of the recipients to whom the Data have been disclosed. If you request it, the Data Controller may inform you of such recipients.
9.3 - For the exercise of the rights referred to in paragraph 9.1 above, as well as for any communications, requests or reports on data privacy, please send an email to the Telespazio UK Data Protection inbox, at the following contact details: firstname.lastname@example.org
If you want to be informed of any changes or amendments to the data protection policies applied by Telespazio UK Ltd, mainly resulting from regulatory developments, please consult this document on an ongoing basis.
10 – Data Retention period
Data will be processed by Controllers for the period necessary for the purposes for which they were collected and for the entire duration of any contractual relationship. In any case Data will be kept for a period not exceeding 10 years after the termination of said relationship, exclusively for purposes related to the fulfilment of legal obligations or the rights defence of the Controller in court.