Privacy Policy

Information on the processing of personal data

Under the terms of articles 13 and 14 of EU Regulation 2016/679 of 26 April 2016 (hereafter referred to as the ‘Privacy Regulation’), we provide the following information relative to the processing of the personal data of users who access the website www.a2a.eu and its sub-domains. The information is not applicable to any other sites consulted by the user by means of links.

1. Who holds the personal data?

The holder of the personal data is A2A S.p.A. with registered office in Via Lamarmora 230, 25124 Brescia, Italy, and head office in Corso di Porta Vittoria 4, 20122, Milan, Italy.

2. Who can be contacted?

For all queries related to the processing of personal data and the exercising of rights, contact the Data Protection Officer (RPD - Responsabile della Protezione dei Dati personali) at the following e-mail address: dpo.privacy@a2a.eu.

3. Why is personal data processedi?

Purpose of processing	Legal grounds of processing
Data on Internet activity is used for the sole purpose of gathering anonymous statistical information on the use of the website and to check its correct functioning. Users are not identified.	The legitimate interest of the holder in the administration of the Internet site.
The data that you provide voluntarily by means of contact forms is processed for the sole purpose of performing the service or the operation requested (for example, the sending of a curriculum vitae, the sending of a request for information for investors, signing up for the Press Alert service so as to receive notifications about the publication of press releases, the sending of proposals, advice, suggestions on services provided and on company initiatives in the sphere of sustainability and innovation, etc.).	The conclusion, the implementation of a contract or answers to pre-contract enquiries.
In order to comply with legal obligations (for example, orders, provisions or rulings issued by public authorities or the courts of law, etc.).	Compliance with a legal obligation.

4. Which personal data is processed?

The following categories of data are processed:

Internet use data (eg. IP addresses or the domain names of computers utilized by the users who connect to the website, the date and time of the request, the method used to make the request to the server, the code indicating the state of the response given by the server and other parameters related to the operating system and to the browser utilized by the user);
personal information (eg. name, surname);
contact data (eg. telephone numbers, landline and/or mobile, e-mail address);
other data relative to the categories inidcated above.

5. How is the data processed?

The processing is carried out by the personnel authorized to do so in the performance of their duties, with or without the support of electronic equipment, in accordance with the principles of lawfulness and correctness so as to safeguard at all times the confidentiality and the rights of the party involved.

6. Who is the personal data communicated to?

Your personal data can be made available to:

companies that provide services of record-keeping, IT services, marketing and social media management services, other companies of Group A2A that, according to each individual case, may act as data controller or processor;
Research agencies and universities, which act as data controller;
Public bodies or public security authorities in the execution of their legal duties will act as data controller.

Your data will not be divulged (made available to unspecified parties).

7. Is the data sent to other countries?

The Controller reserves the right to send your personal data to countries belonging to the European Economic Area (EEA), or to third countries outside the EEA that guarantee an acceptable level of protection, equivalent to that ensured within the European Union, on the basis of a decision of acceptability by the European Commission and/or towards which the Privacy Authority has authorized the sending of personal data.

8. For how long is the data kept?

Your data will be stored for the time necessary to achieve the purposes for which it is being processed or to ensure compliance with the law and, specifically:

in the CAREERS section, for the sending of a curriculum vitae, it will be held for three years from the date on which it is received;
in the INVESTORS section for enquiries and registration for the Press Alert service, it will be held for one month following the date on which the user unscubsribes from the service;
in the INNOVATION and SUSTAINABILITY sections, for the sending of proposals, advice and suggestions on the services provided and on company initiatives in the sphere of innovation and sustainability, it will be held for 18 months.

Information on the duration of the cookies used on the website can be consulted in the relevant section of this information sheet.

In the event of disputes, the length of time for which data can be held can be extended to 10 years from the definition of the dispute.

9. Which rights can be exercised?

You have the right to ask the Data Controller:

for confirmation that processing of your personal data is or is not under way and, if under way, that you can have access (right of access);
for correction of personal data that is incorrect or the completion of incomplete personal data (right of rectification);
for the deletion of the data if there is motivation as foreseen in the Privacy Regulation (right to erasure);
for limitation of the processing when one of the cases foreseen by the Privacy Regulation exists (right to restrict processing);
to receive the information provided to the data controller in a structured format, for normal use and readable using an automatic device, and to transmit such data to another data controller (right to data portability);
to object at any moment to the processing of your data for a legitimate interest on the part of the data controller and for marketing and profiling purposes (right to object);
to withdraw, at any time, consent given for the proceesing of your data, without compromising the lawfulness of the processing based on the consent given prior to the withdrawal.

To exercise your rights, you can make a written request to the Data Controller or Data Protection Officer, indicating the A2A Group company to which the request is addressed.
Except in the case of other administrative or legal complaints or appeals, you have the right to ask the Privacy Authority to ensure protection of your personal data should you deem that its processing violates the privacy Regulation.

10. From which source does personal data originate?

Internet usage data necessary for the administration of the website is obtained from the computer systems and software procedures that regulate its functioning.
The personal data gathered by means of contact forms is conferred by you and refusal to do so prevents your request from proceeding

11. Is the data subjected to automated decision making?

The data will not be subjected to decisions based solely on automated processing, including profiling, which may have legal effects that concern or significantly affect your person.

12. Cookie

Cookies are text files that contain small quantities of information, which is stored, for the duration of the visit or more than one visit to a website, on the computer or mobile device of the user who visits a website. In later visits by the user to the website, the cookie previously stored on the device is again sent to the site that installed it. This allows the site to recognise a specific device for technical purposes (for example, to memorize site settings and use preferences entered by the user), and/or for analysis and/or profiling purposes if the user has given their consent. Through the installation of cookies on the user’s device, it is not possible to obtain the user’s e-mail address, to recover data from their hard drive or to transmit computer viruses.
Cookies can fall into two distinct macro-categories:
Proprietary cookies: cookies installed by the administrator of the site that the user is visiting.
Third-party cookies: cookies installed by the administrator of a different site by means of the site that the user is visiting.

TYPES OF COOKIE INSTALLED ON THIS WEBSITE
For details of our Cookie Policy, you can consult the dedicated page.

(1) Regolamento generale sulla protezione dei dati (GDPR).
(2) Trattamento: qualsiasi operazione o insieme di operazioni, compiute con, o senza, l’ausilio di processi automatizzati e applicate a dati personali, o a insiemi di dati personali, come la raccolta, la registrazione, l’organizzazione, la strutturazione, la conservazione, l’adattamento o la modifica, l’estrazione, la consultazione, l’uso, la comunicazione mediante trasmissione, diffusione o qualsiasi altra forma di messa a disposizione, il raffronto o l’interconnessione, la limitazione, la cancellazione o la distruzione.
(3) Titolare del trattamento: la persona fisica o giuridica, l'autorità pubblica, che determina le finalità e i mezzi del trattamento di dati personali.

Useful resources

Services

Useful resources

Emergency response Suppliers Remit

Services

Gas, Electric and Energy E-Mobility Energy Efficiency Distribuzione energia elettrica e gas District Heating Water cycle Smart City Public Lighting

Services

Urban Waste Hygiene Energy and material recovery

A2A S.p.A. - P.I. 11957540153

Legal notes Privacy policy Cookie Policy Sitemap Edit cookie preferences