Privacy Policy
Below are the privacy policies related to the processing of personal data carried out by Open Fiber, as the Data controller.
Open Fiber S.p.A., with registered office in Largo Guido Donegani 2 – 20121 Milan, MI, Italy, VAT No. 09320630966, in its capacity as Data Controller (hereinafter referred to as the “Data Controller” or “Open Fiber”), hereby informs you, pursuant to Article 13 of EU Regulation No. 2016/679 (hereinafter referred to as the “General Data Protection Regulation” or “GDPR”), that your personal data (hereinafter referred to as “Data”) may be processed in the manner and for the purposes outlined below.
Purpose and Legal Basis of Processing
Your personal data—including, but not limited to, name, address, city, postal code, company name and VAT number (or the VAT number of the entity/organisation you represent), telephone number, and email address—will be processed (as defined under Art. 4, paragraph 2 of the GDPR) for the purpose of managing activities related to the fibre cabling of the building for which you serve as Administrator. The legal basis for the processing is the legitimate interest pursuant to Article 6(1)(f) of the GDPR.
Data Retention Periods
The Data concerning you will be retained only for as long as necessary to fulfil the purpose outlined in Article 1.
How Data Are Used
The processing of Data is carried out using both paper and electronic means, with appropriate measures in place to ensure the security and confidentiality of the Data, in compliance with the provisions of Chapter II (Principles) and Chapter IV (Data Controller and Data Processor) of the GDPR. Data may be processed by internal or external individuals who are specifically authorised and bound by a confidentiality obligation.
Scope of Data Circulation
The Data may also be processed by third-party companies that perform activities on behalf of the Data Controller, acting as external Data Processors(for example, credit institutions, professional firms, suppliers or consultants who manage and/or assist in the management or maintenance of the electronic and/or telematic tools we use, insurance companies that provide insurance services, for the time strictly necessary to ensure optimal service performance). Your Data will only be accessible to Open Fiber staff members who require it to perform their roles or duties
. Such personnel will be appropriately instructed to prevent the loss, destruction, unauthorised access, or improper processing of the Data. Without your explicit consent, the Data Controller may disclose your Data to supervisory authorities, judicial bodies, and any other entities to which disclosure is mandatory under the law (pursuant to Art. 6(b) and (c) of the GDPR).
Nature of Provision
The provision of your Data for the purpose outlined in point 1 is mandatory. Refusal to provide such Data, or the provision of inaccurate and/or incomplete information as specified in point 1, would hinder communication between Open Fiber and the apartment blocks involved in the fibre optic cabling project. In any case, you may exercise your right to object to processing by writing to privacy@openfiber.it.
Data Dissemination
Your Data will not be disclosed.
Transfer of Data abroad
Your Data will not be transferred outside the European Union or the European Economic Area. However, the Data Controller reserves the right, if necessary, to relocate servers to countries outside the EU. In such cases, the Data Controller ensures that any transfer of Data outside the EU will be carried out in compliance with Articles 44 and following of the GDPR, as well as other applicable legal provisions, by entering into agreements that guarantee an adequate level of protection, if required.
Data Controller and Data Protection Officer
The Data Controller is Open Fiber S.p.A., – a sole shareholder company, subject to the direction and coordination of Open Fiber Holdings S.p.A. – with its registered office at Largo Guido Donegani 2, 20121 Milan, MI, Italy, VAT number, tax code, and registration with the Milan Register of Companies no. 09320630966, and can be contacted at the following email address privacy@openfiber.it. Open Fiber has appointed a Data Protection Officer (DPO) in accordance with Article 37 of the GDPR, who can be contacted at the following address: dpo.of@openfiber.it
Exercise of rights
We inform you that, as a Data Subject (“Data Subject”), you have the right to exercise your rights under the GDPR, including the following: a)The right, pursuant to Art. 15 of the GDPR, to obtain confirmation as to whether or not Data relating to you are being processed and, if so, to access the Data and the following information (i) the purposes of the processing; (ii) the categories of Data concerned; (iii) the recipients or categories of recipients to whom the Data have been or will be disclosed, particularly if they are in third countries or international organisations;
(iv) where possible, the expected retention period of the Data or, if not possible, the criteria used to determine this period; (v) the existence of the Data Subject’s right to request rectification or erasure of the Data, restriction of its processing, or to object to its processing from the Data Controller; (vi) the right to lodge a complaint with a supervisory authority, pursuant to Art. 77 ff. of the GDPR; (vii) if the Data were not collected from the Data Subject, any available information about their source; (viii) the existence of automated decision-making processes, including profiling, as referred to in Art. 22(1) and (4) of the GDPR, and, at least in such cases, meaningful information about the logic involved, as well as the significance and potential consequences of such processing for the Data Subject; (ix) the right to be informed of the existence of appropriate safeguards as defined in Article 46 of the GDPR regarding the transfer of Data, if they are transferred to a third country or international organisation; b) The Data Subject shall also have the right (where applicable) to exercise their rights under Articles 16-21 of the GDPR, including the Right to rectification, the Right to be forgotten, the Right to restriction of processing, the Right to data portability, and the Right to object. We inform you that Open Fiber is committed to responding to your request no later than one month from the date of its receipt. This deadline may be extended depending on the complexity or number of requests, and Open Fiber will inform you of the reason for any extension within one month of your request. The outcome of your request may be provided to you in writing, either in hard copy or in electronic form.
Methods of Exercising Rights
The Data Subject may exercise the aforementioned rights at any time and request an updated list of Data Processors by submitting a request to the following email addresses: privacy@openfiber.it or dpo.of@openfiber.it
If you believe that the processing of your Data violates the provisions of the Regulation, you have the right to lodge a complaint with the Data Protection Authority, as provided under Article 77 of the Regulation, or to seek judicial remedy pursuant to Article 79 of the Regulation, following the procedures and instructions published on the Authority’s official website: www.garanteprivacy.it
Download the privacy policy in pdf format
Open Fiber S.p.A., with registered office in Largo Guido Donegani 2 – 20121 Milan, MI, Italy, VAT No. 09320630966, in its capacity as Data Controller (hereinafter referred to as the “Data Controller” or “Open Fiber”), hereby informs you, pursuant to Articles 13 and 14 of EU Regulation No. 2016/679 (hereinafter referred to as the “General Data Protection Regulation” or “GDPR”), that your personal data (hereinafter referred to as “Data”) may be processed in the manner and for the purposes outlined below.
Purpose and Legal Basis of Processing
Your Data—including, but not limited to, personal information, address, city, postal code, telephone number, and email address—will be processed (as defined in Article 4, paragraph 2 of the GDPR) for the purpose of telemarketing. Specifically, this processing aims to present you with the opportunity to activate internet services via the Open Fiber infrastructure through telecommunications operators. The legal basis for the processing is your consent, in accordance with Article 6(1)(a) of the GDPR.
Your Data was provided to Open Fiber by AdSalsa Italia Publicidad Sucursal s.l.u., which collected it in its private Database based on the specific consent you previously granted.
Data Retention Periods
The Data concerning you will be retained only for as long as necessary to fulfil the purpose outlined in Article 1 and, in any case, will be deleted by the Data Controller no later than 6 months from the commencement of the activity.
How Data Are Used
The processing of Data is carried out using electronic means, with appropriate measures in place to ensure the security and confidentiality of the Data, in compliance with the provisions of Chapter II (Principles) and Chapter IV (Data Controller and Data Processor) of the GDPR. Data may be processed by internal or external individuals who are specifically authorised and bound by a confidentiality obligation.
Scope of Data Circulation
The Data will also be disclosed to third-party companies acting on behalf of the Data Controller in their capacity as Data Processors(such as, but not limited to, call centre agencies and list providers), for the time strictly necessary to ensure the optimal performance of their activities. The call centre agency may make “silent” phone calls in accordance with applicable legislation and the provisions issued by the Data Protection Authority (refer to the General Measure of 20 February 2014). Your Data will be accessible only to those within Open Fiber who have been specifically authorised and identified based on their role and responsibilities. Such personnel will be appropriately instructed to prevent the loss, destruction, unauthorised access, or improper processing of the Data. Without your explicit consent, the Data Controller may disclose your Data to supervisory authorities, judicial bodies, and any other entities to which disclosure is mandatory under the law (pursuant to Art. 6(b) and (c) of the GDPR).
Nature of Provision
The provision of your Data for the purpose outlined in point 1 is optional. Refusal to provide such Data, or the provision of inaccurate and/or incomplete information as specified in point 1, would hinder communication between Open Fiber and the users involved in telemarketing activities. In any case, you may exercise your right to object to processing by writing to privacy@openfiber.it
Data Dissemination
Your Data will be shared between the Data Controller and the Data Processors duly appointed to carry out the activities.
Transfer of Data abroad
Your Data will not be transferred outside the European Union or the European Economic Area. However, the Data Controller reserves the right, if necessary, to relocate servers to countries outside the EU. In such cases, the Data Controller ensures that any transfer of Data outside the EU will be carried out in compliance with Articles 44 and following of the GDPR, as well as other applicable legal provisions, by entering into agreements that guarantee an adequate level of protection, if required.
Data Controller and Data Protection Officer
The Data Controller is Open Fiber S.p.A., – a sole shareholder company, subject to the direction and coordination of Open Fiber Holdings S.p.A. – with its registered office at Largo Guido Donegani 2, 20121 Milan, MI, Italy, VAT number, tax code, and registration with the Milan Register of Companies no. 09320630966, and can be contacted at the following email address: privacy@openfiber.it
Open Fiber has appointed a Data Protection Officer (DPO) in accordance to Article 37 of the GDPR, who can be contacted at the following address: dpo.of@openfiber.it
Exercise of Rights
We inform you that you, as a Data Subject (“Data Subject”), have the possibility to exercise the rights provided by the GDPR, namely: a) the right, pursuant to Art. 15, to obtain confirmation as to whether or not Data relating to you is being processed and, if so, to obtain access to the Data and the following information:
(i) the purposes of the processing (ii) the categories of Data concerned; (iii) the recipients or categories of recipients to whom the Data have been or will be disclosed, in particular whether third countries or international organisations; (iv) where possible, the expected period of retention of the Data or, if this is not possible, the criteria used to determine this period v)the existence of the Data Subject’s right to request from the Data Controller the rectification or erasure of the Data or the restriction of the processing to object to its processing; vi) the right to lodge a complaint with a supervisory authority, pursuant to Art. 77 ff. of the GDPR; vii) where the Data are not collected from the Data Subject, all available information on their origin; viii) the existence of an automated decision-making process, including profiling as referred to in Article 22(1) and (4) of the GDPR, and, at least in such cases, meaningful information on the logic used, as well as the importance and expected consequences of such processing for the Data Subject (ix) the right to be informed of the existence of adequate safeguards within the meaning of Article 46 of the GDPR relating to the transfer, if the Data is transferred to a third country or international organisation.
The Data Subject shall also (where applicable) have the possibility to exercise the rights under Articles 16-21 of the GDPR (right to rectification, right to be forgotten, right to restriction of processing, right to Data portability, right to object). We inform you that Open Fiber is committed to responding to your request no later than one month from the date of its receipt. This deadline may be extended depending on the complexity or number of requests, and Open Fiber will
inform you of the reason for any extension within one month of your request. The outcome of your request may be provided to you in writing, either in hard copy or in electronic form.
Methods of Exercising Rights
The Data Subject may exercise the aforementioned rights at any time and request an updated list of Data Processors by submitting a request to the following email addresses:
privacy@openfiber.it or dpo.of@openfiber.it
If you believe that the processing of your Data violates the provisions of the Regulation, you have the right to lodge a complaint with the Data Protection Authority, as provided under Article 77 of the Regulation, or to seek judicial remedy pursuant to Article 79 of the Regulation, following the procedures and instructions published on the Authority’s official website: www.garanteprivacy.it
Download the privacy policy in pdf format
Open Fiber S.p.A., with its registered office at Largo Guido Donegani 2, 20121 Milan, MI, Italy, VAT No. 09320630966, in its capacity as the Data Controller of its employees’ personal data (hereinafter referred to as the “Data Controller”), hereby informs you, pursuant to Article 13 of EU Regulation No. 679/2016 (hereinafter the “General Data Protection Regulation” or “GDPR”), that your personal data (hereinafter referred to as “Data”) related to, connected with, and/or necessary for your employment relationship may be processed in the manner and for the purposes outlined below.
Purpose and Legal Basis for Processing
Your Data will be processed (as defined in Article 4, paragraph 2 of the GDPR) for the following purposes:
- a) The establishment, management, and termination of the employment relationship with our Company;
- b) The processing and payment of remuneration, as well as the handling of all related administrative and accounting tasks;
- c) Compliance with legal, regulatory, and legislative obligations applicable to the employment relationship, including obligations towards tax authorities and social security and welfare agencies;
- d) The provision of training courses (both mandatory training required by law and any non-compulsory training courses);
- e) Ensuring health and safety;
- f) Monitoring employees’ expenses (e.g., travel, telephone services, vehicles);
- g) The use of work tools;
- h) Access control.
The legal basis for the processing is identified, for example, in the establishment, execution, and potential termination of the employment contract between you and the Company, as well as in the obligations directly and/or indirectly arising from or related to that contract.
Personal Data Subject to Processing
In particular, the Data in question includes:
– Your name, address, or other personal identifiers, as well as information concerning your family members, social security details, educational and employment history, and possibly your bank account details (common Data), along with videos and photographs.
The Data Controller may also process “special categories of personal data” as defined in Article 9 of the GDPR and Data relating to “criminal convictions and offences” as defined in Article 10 of the GDPR for the purposes outlined above. Regarding personal data, photos, and videos processed for video surveillance purposes, all Data Subjects can consult the extended privacy notice available on the notice boards at the reception of the company offices and via the following link: https://openfiber.it/privacy-policy/
Special Categories of Personal Data and Data Relating to Criminal Convictions or Offences
Other Data referred to in Article 9 of the GDPR may be processed, specifically Data that can reveal:
- Health status (e.g. documentation of disability for the purposes of
- mandatory employment; sickness, maternity, or accident certificates for documenting work absences; Data regarding inability to work for assignment to specific tasks or to apply particular work-related prescriptions; Data on inability to work for family allowance purposes);
- Membership in a trade union, association, or union-like organisation (for example, when requesting salary deductions for the payment of membership fees); – Racial and ethnic origin;
- Religious beliefs (e.g. in cases of leave and/or religious holidays other than Catholic holidays, in accordance with applicable legislation), as well as philosophical or other beliefs.
Data revealing any criminal convictions and ongoing criminal proceedings may also be processed in accordance with Presidential Decree (D.P.R.) 14 November 2002, No. 313, as amended and supplemented. (‘Testo unico delle disposizioni legislative e regolamentari in materia di casellario giudiziale, di anagrafe delle sanzioni amministrative dipendenti da reato e dei relativi carichi pendenti (Testo A)’); such Data will be processed in compliance with the principles set out in Article 10 of the GDPR.
The aforementioned Data will be processed by personnel who require it for the performance of their duties or based on their hierarchical position within the relevant organisational unit, and in any case, solely for the purposes outlined in paragraph 1 of this information notice.
Data Retention Periods
The Data provided will be retained for the entire duration of your employment relationship with our Company and, subsequently, for the period required by applicable laws and regulations. Certain types of Data related to the employment relationship may be retained for as long as necessary to protect Open Fiber’s legal defence needs in court, to respond to requests for information from social security agencies, or to meet requests from authorities and/or judicial police for investigative purposes.
How Data Are Used
The processing of Data is carried out using both paper and electronic means, with appropriate measures in place to ensure the security and confidentiality of the Data, in compliance with the provisions of Chapter II (Principles) and Chapter IV (Data Controller and Data Processor) of the GDPR. Data may be processed by internal or external individuals who are specifically authorised and bound by a confidentiality obligation.
Scope of Data Circulation
The Data may also be processed by third-party companies that perform activities on behalf of the Data Controller, acting as External Data Processors(for example, credit institutions, professional firms, suppliers or consultants who manage and/or assist in the management or maintenance of the electronic and/or telematic tools we use, insurance companies that provide insurance services, for the time strictly necessary to ensure optimal service performance). Your Data will only be accessible to staff members of the Company who require it to perform their roles or duties within the organisation. Such personnel will be appropriately instructed to prevent the loss, destruction, unauthorised access, or improper processing of the Data.
Without your explicit consent, the Data Controller may disclose your Data to supervisory authorities, judicial bodies, and any other entities to which disclosure is mandatory under the law (pursuant to Art. 6(b) and (c) of the GDPR).
Nature of Provision
The provision of Data is mandatory for the performance of the activities outlined in paragraph 1 above,
Purposes and Legal Basis of Processing,
letters a), b), c), d), and e). Any refusal to provide such Data will prevent us from properly managing the employment relationship and fulfilling our legal and/or contractual obligations to you.
Please note that for the processing of Data as described above, your consent is not required, as the processing is necessary to comply with legal obligations and/or those arising from the employment contract to which you are a party. Consent is also not required from the Data Subject or their relatives by virtue of applicable law and the current authorisation of the Data Protection Authority for the processing of sensitive Data in private employment relationships. Under these provisions, the processing of special categories of Data, including health-related Data, as well as their communication and disclosure within the limits of the authorisation, is permitted without the written consent of the Data Subject, in order to fulfil legal and regulatory obligations related to the management of the employment relationship. Similarly, consent is not required for the processing of judicial Data, in accordance with the law and the current authorisation of the Data Protection Authority for the processing of judicial Data by private entities, public economic bodies, and public authorities.
Data Dissemination
Your Data will not be disclosed to any unspecified persons.
Transfer of Data abroad
Data will not be transferred outside the European Union. However, the Data Controller reserves the right, if necessary, to relocate servers to countries outside the EU. In such cases, the Data Controller ensures that any transfer of Data outside the EU will be carried out in compliance with Articles 44 and following of the GDPR, as well as other applicable legal provisions, by entering into agreements that guarantee an adequate level of protection, if required.
Video Surveillance
Pursuant to Article 3.1 of the General Provision on Video Surveillance issued by the Data Protection Authority on 29 April 2004 and the General Provision on Video Surveillance of 8 April 2010, we inform you that a video surveillance system is in operation for the purpose of monitoring access and areas subject to potential risks. As this system involves automatic and generalised recording, individuals entering video-surveilled areas cannot avoid being filmed. The sole purpose of this surveillance is to ensure the safety of staff and third parties, protect the company’s assets, and assist in identifying perpetrators of offences, thereby facilitating the protection of violated rights in the event of unlawful actions. Through the above-mentioned video surveillance system, Data concerning you, in the form of your images, may also be processed. We inform you that the processing of Data collected via the cameras is conducted in accordance with the provisions of the above-mentioned General Provisions on video surveillance.
The Data collected will not be disclosed or shared and will be retained only for as long as is strictly necessary to achieve the aforementioned purposes, in compliance with applicable laws and regulations.
Data Controller and Data Protection Officer
With registered office in Largo Guido Donegani 2 – 20121 Milan, MI, Italy, VAT No. 09320630966 – Open Fiber has appointed a Data Protection Officer (DPO or Data Protection Officer) pursuant to Article 37 of the GDPR who may be contacted, for matters concerning the processing of your Data, at the following address: dpo.of@openfiber.it
Exercise of Rights
As a Data Subject, we inform you that you may exercise the following rights under the GDPR:
- a) The right, pursuant to Article 15 of the GDPR, to obtain confirmation as to whether or not Data concerning you is being processed and, if so, to access the Data and the following information: i) The purposes of the processing; ii) The categories of Data concerned; iii) The recipients or categories of recipients to whom the Data has been or will be disclosed, particularly if these recipients are in third countries or international organisations; iv) Where possible, the expected retention period of the Data or, if not possible, the criteria used to determine this period; v) The existence of the Data Subject’s right to request rectification or erasure of the Data from the Data Controller, restriction of its processing, or objection to its processing; vi) The right to lodge a complaint with a supervisory authority, pursuant to Articles 77 and following of the GDPR; vii) Where the Data was not collected directly from the Data Subject, all available information about its source; viii) The existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR, and meaningful information about the logic involved, as well as the significance and expected consequences of such processing for the Data Subject; ix) The right to be informed of the existence of adequate safeguards, pursuant to Article 46 of the GDPR, concerning the transfer of Data, if the Data is transferred to a third country or international organisation.
- b) The Data Subject shall also have the right (where applicable) to exercise their rights under Articles 16-21 of the GDPR, including the Right to rectification, the Right to be forgotten, the Right to restriction of processing, the Right to Data portability, and the Right to object.
We inform you that our Company is committed to responding to your request no later than one month from the date of its receipt. This deadline may be extended depending on the complexity or number of requests, and the Company will inform you of the reason for any extension within one month of your request. The outcome of your request may be provided to you in writing, either in hard copy or in electronic form.
Methods of Exercising Rights
The Data Subject may at any time exercise the aforementioned rights and the updated list of Data Processors by sending a request to the following e-mail addresses: privacy@openfiber.it or dpo.of@opefiber.it
Download the privacy policy in pdf format
Open Fiber S.p.A., with registered office in Largo Guido Donegani 2 – 20121 Milan, MI, Italy, VAT No. 09320630966, in its capacity as Data Controller (hereinafter referred to as “Data Controller” or “Open Fiber”), hereby informs you, pursuant to Article 13 of EU Regulation No. 679/2016 (hereinafter the “General Data Protection Regulation”or“GDPR”)
that the personal data you provided through the above form may be processed in the manner and for the purposes outlined below.
Where applicable, it is necessary for each recipient of this information notice to share its contents with their employees, collaborators, and contractors whose Data will be processed as part of the contractual relationship with Open Fiber.
Purpose and Legal Basis of Processing
The personal data to be processed include: (i) personal information; (ii) Curriculum Vitae; (iii) contact details; and, where applicable, (iv) Data relating to criminal convictions and offences, or Data relevant for the purposes of the Declaration in lieu of Anti-Mafia Certification.
personal data will be processed for the following purposes: negotiation, signing and performance of the commercial agreement.
The legal basis for the processing is:
– The execution of the contract and related pre-contractual measures, pursuant to Article 6(1)(b) of the GDPR; – The authorisation provided by an internal regulation concerning personal data related to criminal convictions and offences, in accordance with Article 10 of the GDPR.
Data Retention Periods
The Data concerning you will be stored according to the following criteria:
- For a period not exceeding 10 years from the end of the contractual relationship;
- For a period not exceeding the time necessary to fulfil regulatory obligations.
How Data Are Used
The processing of Data is carried out using paper-based and digital media, and electronic tools, with appropriate measures in place to ensure the security and confidentiality of the Data, in compliance with the provisions of Chapter II (Principles) and Chapter IV (Data Controller and Data Processor) of the GDPR. Data may be processed by internal or external individuals who are specifically authorised and bound by a confidentiality obligation.
Scope of Data Circulation
The Data may be processed by third-party companies that perform activities on behalf of the Data Controller, acting as Data Processors(for example, credit institutions, professional firms, suppliers or consultants who manage and/or assist in the management or maintenance of the electronic and/or telematic tools we use, insurance companies that provide insurance services, for the time strictly necessary to ensure optimal service performance). Your Data will only be accessible to staff members of the Company who require it to perform their roles or duties within the organisation. Such personnel will be appropriately instructed to prevent the loss, destruction, unauthorised access, or improper processing of the Data.
Without your explicit consent, the Data Controller may disclose your Data to supervisory authorities, judicial bodies, and any other entities to which disclosure is mandatory under the law (pursuant to Art. 6(b) and (c) of the GDPR).
Nature of Provision
The provision of your Data for the purpose outlined above is mandatory. Refusal to provide such Data, or the provision of inaccurate and/or incomplete information would prevent the performance of the Contract.
Data Dissemination
Your Data will not be disclosed to any unspecified persons.
Transfer of Data abroad
Data will not be transferred outside the European Economic Area. However, the Data Controller reserves the right, if necessary, to relocate servers to countries outside this area. In such cases, the Data Controller ensures that any transfer of Data will be carried out in compliance with Articles 44 and following of the GDPR, as well as other applicable legal provisions, by entering into agreements that guarantee an adequate level of protection, if required.
Data Controller and Data Protection Officer
The Data Controller is Open Fiber S.p.A., with registered office in Largo Guido Donegani 2 – 20121, MI Milan, Italy, VAT No. 09320630966, and can be contacted at the following email address: privacy@openfiber.it
Open Fiber has appointed a Data Protection Officer (DPO) in accordance with Article 37 of the GDPR, who can be contacted at the following address: dpo.of@openfiber.it
Exercise of Rights
We inform you that you, as a Data Subject (“Data Subject”), have the possibility to exercise the rights provided by the GDPR, namely:
a. the right, pursuant to Art. 15, to obtain confirmation as to whether or not Data relating to you is being processed and, if so, to obtain access to the Data and the following information: (i) the purposes of the processing (ii) the categories of Data concerned; (iii) the recipients or categories of recipients to whom the Data have been or will be disclosed, in particular whether third countries or international organisations; (iv) where possible, the expected Data retention period or, if this is not possible, the criteria used to determine that period v) the existence of the Data Subject’s right to request from the Controller the rectification or erasure of the Data or the restriction of the processing or to object to its processing; vi) the right to lodge a complaint with a supervisory authority, pursuant to Art. 77 ff. of the GDPR; vii) where the Data are not collected from the Data Subject, all available information on their origin; viii) the existence of an automated decision-making process, including profiling as referred to in Article 22(1) and (4) of the GDPR, and, at least in such cases, meaningful information on the logic used, as well as the importance and the expected consequences of such processing for the Data Subject (ix) the right to be informed of the existence of adequate safeguards within the meaning of Article 46 of the GDPR relating to the transfer, if the Data are transferred to a third country or international organisation;
b. the Data Subject shall also (where applicable) have the possibility to exercise the rights set out in Articles 16-21 of the GDPR (right to rectification, right to be forgotten, right to restriction of processing, right to Data portability, right to object).
We inform you that the Data Controller is committed to responding to your request no later than one month from the date of its receipt. This deadline may be extended depending on the complexity or number of requests, and the Company will inform you of the reason for any extension within one month of your request. The outcome of your request may be provided to you in writing, either in hard copy or in electronic form.
Methods of Exercising Rights
The Data Subject may exercise the aforementioned rights at any time and request an updated list of Data Processors by submitting a request to the following email addresses: privacy@openfiber.it or dpo.of@openfiber.it
If you believe that the processing of your Data violates the provisions of the Regulation, you have the right to lodge a complaint with the Data Protection Authority, as provided under Article 77 of the Regulation, or to seek judicial remedy pursuant to Article 79 of the Regulation, following the procedures and instructions published on the Authority’s official website: www.garanteprivacy.it.
Download the privacy policy in pdf format
Download the privacy policy in pdf format
In order not to receive any further communication from Open Fiber and to be removed from our systems click here.