Privacy Policy

Information on the processing of personal data

In accordance with Articles 13 and 14 of EU Regulation No. 2016/679 dated 27 April 2016 (hereinafter “Privacy Regulation”), the following information is provided regarding the processing of the personal data of users who access the www.gruppoa2a.it website and its subdomains. The information notice is not provided for any other websites consulted by the user via links.

1. Who holds the personal data?

The Data Controller of the personal data is A2A S.p.A with registered office in Via Lamarmora, 230 – 25124 Brescia and with management and administrative offices in Corso di Porta Vittoria, 4 – 20122 Milan

2. Who can be contacted?

For all matters regarding the processing of your personal data and the exercising of your rights, you may contact the Data Protection Officer (DPO), at dpo.privacy@a2a.eu

3. Why is personal data processedi?

Purposes of data processing	Legal basis for processing
Navigation data is used for the sole purpose of obtaining information on the use of the website, to check its correct functioning and to optmize its service.	The legitimate interest of the Controller in ensuring the proper functioning and optimal use of the website for users.
The data you provide through the contact form is processed for the sole purpose of providing the services that are requested (for example: request for information, sending a CV, sending an investor information request, subscribing to the Press Alert service, receiving newsletters, etc...).	To carry out your request (falling under, more in general, the performance of a contract or to take steps prior to a contract the request of the party concerned, in accordance with Article 6 c. 1 lett. b of the Privacy Regulation).
Processing may be aimed at responding to requests from competent authorities and bodies, etc..	Compliance with a legal obligation.

4. Which personal data is processed?

The following personal data is processed:

navigation data collected during use of the site (e.g. IP addresses or domain names of the computers of users logging into the website, the time of the request, the method used to submit the request to the server, the code number giving the status of the response given by the server and other parameters relating to the operating system and the browser used by the user);
personal data (e.g. first name, surname) and contact details (e.g. landline and/or mobile numbers, email address) collected in the forms found on the site;
other data that falls under the above categories.

5. How is the data processed?

Processing is carried out by authorized personnel in the performance of their duties, with or without the use of electronic means, according to the principles of lawfulness and fairness so as to protect the confidentiality and rights of the person concerned at all times.

6. Who is the personal data communicated to?

Your personal data may be made available to:

companies providing filing services, IT services, marketing services, social media management services that will act as Data Processors;
competent authorities and bodies that will act as Data Controllers.

Your data will not de disseminated (made available to unspecified parties).

7. Will your data be transferred to other countries?

Your data will be processed within the European Economic Area (“EEA”). Notwithstanding this and by way of exception, should a transfer outside the EEA be necessary, such transfer will take place on the basis of an adequacy decision by the European Commission, if applicable, or with the appropriate guarantees required under the Privacy Regulation.

8. . For how long will your data be stored?

Your data will be stored for as long as is necessary to achieve the purposes for which it will be processed or to comply with legal obligations, and in particular:

in the CAREERS section, for a CV, it will be kept for 3 years from the date of its collection;
in the INVESTOR section, for requests for information and subscriptions to the Press Alert, it will be stored for 1 month after the user has unsubscribed from the service; for the newsletter service for the entire period that you intend to use the service. If you unsubscribe, you will no longer receive our newsletter and your data will be cancelled from our systems within the following 2 months.

The duration of cookies used on the site can be found in the relevant section of this information notice.
In the event of litigation, the aforesaid storage period may be extended by up to 10 years from the date of settlement of the litigation.

9. What are your rights?

You have the right to ask the Data Controller to:

confirm as to whether or not your personal data is being processed and, if so, to obtain access (right to access);
rectify any inaccurate personal data or to integrated any incomplete personal data (right to rectification);
delete the data on one of the grounds provided for in the Privacy Regulation (right to be forgotten);
restrict the processing on one of the grounds provided for in the Privacy Regulation (right to restriction);
receive the data you have provided to the Controller in a structured, commonly used and machine-readable format and to transmit such data to another Data Controller (right to data portability).

Right to object. When processing is carried out to pursue a legitimate interest of the Controller, we hereby inform you that you may object to such processing at any time. In this case, the Controller will refrain from further processing your personal data, unless there are compelling legitimate grounds for processing, or for the establishment, exercise or defense of rights in legal proceedings.
You can exercise you rights by sending an email to the DPO (dpo.privacy@a2a.eu) with the company name of the Data Controller, or by writing to the Data Controller.
Without prejudice to any other administrative or jurisdictional recourse, you may lodge a complaint with the Data Protection Authority, if you consider that the processing that concerns you violates the Privacy Regulation.

10. Where is personal data obtained from?

The navigation data necessary for the functioning of the website is acquired by the computer systems and software procedures that are used to operate it.
The personal data collected through the contact form is provided by you and any refusal to provide it prevents us from processing your requests.

11. Is the data subject to automated decisions?

The data will not be subject to decisions based solely on automated processing, including profiling, that produce legal effects on your person or significantly affect your person.

12. Cookie

The website uses cookies and tracking tools to collect user browsing data, such as the IP address.
These are usually short strings of text that are placed and stored by the website manager (or by the manger of a third party website, the so-called “third parties”) inside the user’s device (e.g. a computer, tablet, smartphone, etc.).
The following tools are used in the website.

Cookies and technical tools that are strictly necessary to ensure the correct and optimal functioning of the site itself or to provide the service requested by the user concerned.
This category includes some tools (e.g. Google Maps, Sketchfab, Spotify) which, when in operation, carry out limited processing of personal data (this is basically limited to the IP address only) solely to provide the services requested by the user such as displaying maps on the website, using the virtual assistant (chatbot) and listening to podcasts directly on the site.
It is not necessary to obtain the user’s consent to use such tools.
Third party cookies and analytic tools solely for processing aggregated and anonymous statistics.
It is not necessary to obtain the user’s consent to use such tools.
Tools aimed at “improving the browsing experience” of the individual user.

The operation of these tools is subject to the user's prior consent, which the user is free to express in the cookie banner and subsequently at any time by accessing the "Change Cookie Preferences" section link in the footer.
For more information on the individual cookies and tracking tools used in the site, please refer to the cookie policy at the following link.
Further information is available on the website page of the Garante per la Protezione dei Dati Personali

(1) Regolamento generale sulla protezione dei dati (GDPR).
(2) Trattamento: qualsiasi operazione o insieme di operazioni, compiute con, o senza, l’ausilio di processi automatizzati e applicate a dati personali, o a insiemi di dati personali, come la raccolta, la registrazione, l’organizzazione, la strutturazione, la conservazione, l’adattamento o la modifica, l’estrazione, la consultazione, l’uso, la comunicazione mediante trasmissione, diffusione o qualsiasi altra forma di messa a disposizione, il raffronto o l’interconnessione, la limitazione, la cancellazione o la distruzione.
(3) Titolare del trattamento: la persona fisica o giuridica, l'autorità pubblica, che determina le finalità e i mezzi del trattamento di dati personali.

Useful resources

Services

Useful resources

Emergency response Suppliers Remit Segnalazioni Whistleblowing

Services

Gas, Electric and Energy E-Mobility Energy Efficiency Distribuzione energia elettrica e gas District Heating Water cycle Smart City Public Lighting

Services

Urban Waste Hygiene Energy and material recovery

A2A S.p.A. - P.I. 11957540153

Legal notes Privacy policy Cookie Policy Sitemap Edit cookie preferences