• Home >
  • The Protection of Personal Data

The Protection of Personal Data by Ferrovie dello Stato Italiane S.p.A.

Premise

On the 6th April 2016, the European Union approved a major reform of the legal framework relating to the protection of personal data by adopting the "General Data Protection Regulation" (GDPR or Regulation), directly applicable in all Member States. The Regulation replaces Directive 95/46 / EC ("Data Protection Directive") and its application becomes mandatory beginning on the 25th May 2018, two years after its entry into force.

The new Regulation reinforces the protection of the rights to protection of personal data (Data Protection), in line with the recognition of the protection of personal data as a fundamental right of the EU. The Regulation also represents a necessary and urgent response to the challenges posed by technological developments that allow the collection and processing of large amounts of personal data in real time, allowing the development of automated decisions that go beyond human intervention. The Regulation meets the need to protect the private sphere increasingly felt by European citizens.

The Ferrovie dello Stato Group believes that the protection of its Customers, Employees, and Suppliers personal data is an obligation independent of simple regulatory compliance. For this reason, it has its own Data Protection Framework understood as a set of roles and responsibilities, internal rules, and methodologies, aimed at guaranteeing the management and mitigation of risks of the rights and freedoms of natural persons linked to the handling of personal data. 

Subjects’ Rights

EU Regulation 2016/679 (articles 15 to 23) gives interested parties the right to exercise specific rights. In particular, in relation to the processing of personal data, subjects have the right to ask Ferrovie dello Stato Italiane S.p.A.: access to personal data; the rectification, deletion, and portability of personal data; limitation of data handling; and opposition to handling. In particular:

  • Right to access: You may ask Ferrovie dello Stato Italiane S.p.A. to confirm whether or not the processing of your personal data is underway, and if so, obtain access to your personal data;
  • Right of rectification: You can demand that Ferrovie dello Stato Italiane S.p.A. correct any inaccuracies in your personal data;
  • Right to cancellation/deletion: You can, under certain circumstances, demand that Ferrovie dello Stato Italiane S.p.A. delete your personal data;
  • Right to portability: You can, under certain circumstances, demand a copy of your personal data in a structured format, commonly used and readable by automatic device from Ferrovie dello Stato Italiane S.p.A. You also have the right to transmit them to another data controller without hindrance from Ferrovie dello Stato Italiane S.p.A;
  • Right of limitation of handling: You can, under certain circumstances, demand that Ferrovie dello Stato Italiane S.p.A limit the processing of your personal data;
  • Right to object to processing: You can object at any time, for reasons connected with your particular situation, to the processing of your personal data; Ferrovie dello Stato Italiane S.p.A. must hence refrain from further processing your personal data, unless it proves the existence of binding legitimate reasons for proceeding with the processing that prevail over your interests, rights, and freedoms or, in the event of an investigation, exercise or defend your rights in a court of law.

Furthermore, you can lodge a complaint against the Supervisory Authority, which in Italy is the Guarantor for the Protection of Personal Data.

At any time, you can ask to exercise your rights to Ferrovie dello Stato Italiane S.p.A. by emailing titolaretrattamento@fsitaliane.it or by contacting the Data Protection Officer at protezionedati@fsitaliane.it.

Information on the Protection of Personal Data

Personal data processing for users who visit the www.fsitaliane.it website

This information (together with other documents mentioned within) describes the personal data that we collect from users and how we process it. This information only concerns the processing of personal data of users who visit the fsitaliane.it website, for the purposes specified below, and does not concern any information collected through other means, methods, sources, or any other sites accessible by the user through links present on fsitaliane.it, unless explicitly specified.

Please refer to the specific information provided during the data collection phase for details on each process; specifically, this refers to:

Below are references for Ferrovie dello Stato Italiane S.p.A.:

  • Ferrovie dello Stato Italiane S.p.A.'s Data Controller is the Chief Executive Officer, with registered offices in Piazza della Croce Rossa, 1 - 00161 (Rome), who can be contacted via titolaretrattamento@fsitaliane.it.
  • The Data Protection Officer can be contacted at via protezionedati@fsitaliane.it.  

The personal data collected/processed by the site is detailed below, within the limit of the purposes defined in this statement:

  • personal data supplied voluntarily (e.g. name, surname, email address, etc.) will be processed only for the purposes described in the "Information on the protection of personal data" specifications prepared by the Data Controller for the various online services. Such information, which can be consulted at the time the data is provided, will provide further information, such as legal bases of processing, any recipients of personal data collected, the retention period of personal data (or the criterion for determining such period), the existence of automated decision-making processes, including profiling, in addition to all useful information, also reported at the end of this section, for the exercise of privacy rights;
  • the sending on a voluntary basis of e-mail to the addresses indicated on this Website entails the subsequent acquisition of the sender's e-mail address and any other personal data included in the electronic communication, as well as the sender's data, necessary to respond to requests. This data is used for the sole purpose of providing requested information;
  • • data will not be used for different purposes except with the explicit consent of the interested party;
  • • when users browse the site, we collect technical information about the hardware and software used by visitors. This information does not provide the User's personal data, but only technical/IT data that is used in an aggregate and anonymous way for the sole purpose of improving the quality of the service and providing statistics concerning the use of the Site. For further information consult the section detailing the use of cookies.

Personal data will be processed with automated tools only for the time strictly necessary to achieve the purposes for which it was provided and any related IT support will be protected through the adoption of appropriate technical and organizational measures pursuant to art. 32 of the GDPR.

SHARE:
Share on Linkedin