Choose your language

Privacy

Policy statement pursuant to Article 13 of Legislative Decree No. 196 of 30.6.2003.

"Protection of individuals and other subjects with regard to personal data processing"

The Personal Data Protection Code, adopted by Legislative Decree No. 196 of 30 June 2003 with subsequent amendments and additions, (hereinafter referred to as "the Code"), requires subjects referring to themselves as personal data "controllers" pursuant to Article 4 of said Law, to provide all Data Subjects with precise information about the processing of their personal data. With regard to its scope, Article 5 establishes that the provisions of the Code do not apply to the processing of personal data concerning legal entities, companies, organisations or associations.

Cassa di Compensazione e Garanzia S.p.A., hereinafter ("CC&G" or the "Company"), as the data controller, therefore intends to provide the detailed information required relating to personal data processing as governed by the Code (hereinafter the "Data").

CC&G belongs to the London Stock Exchange Group (hereinafter "LSE Group", "LSEG" or the "Group"), composed of the London Stock Exchange Group plc and its direct and indirect subsidiaries, and is subject to the management and coordination of London Stock Exchange Group Holdings Italy S.p.A., together with the other Italian companies: Borsa Italiana S.p.A., BIt Market Services S.p.A., Monte Titoli S.p.A., MTS S.p.A., GATElab S.r.l. and EuroTlx SIM S.p.A..

Data collected by CC&G from the Data Subjects or third parties or otherwise acquired in the context of activities performed by companies of the LSE Group (in particular name, surname, address, occupation, position held, employer/ associated company, phone number and email address, information regarding financial reliability and integrity) may be processed in accordance with the aforementioned law and the confidentiality obligations to which CC&G is subject.

1.   PURPOSE OF THE PROCESSING

The Data may be processed by CC&G and other Italian companies of the LSE Group, by electronic and/or in paper means, for the following purposes:

a) to gather preliminary information or subsequent Data upon conclusion of a contract, including an economic and financial evaluation of the risks involved or of legal agreements of a non-financial nature; the fulfilment of obligations arising from contractual relationships with LSE Group Companies; the proper management of the contractual relationship and related obligations; for administrative and accounting purposes, as defined in Article 34 (1)-ter of the Code; the handling of correspondence, including by fax or e-mail, and activities closely related to and necessary for the fulfilment of existing mutual obligations;

b) the fulfilment of obligations under applicable laws, regulations and Community legislation, or regulations issued by Supervisory Authorities and bodies, or administrative practices;

c) purposes related to the activities of LSEG companies, such as, by way of example but not limited to

, surveys on the level of satisfaction with the quality of services rendered, preparation of studies, reporting, statistical or scientific activities and public relations activities.

The provision of Data for the above mentioned and its processing for such purposes does not require consent.

The Data is only accessible by persons within the LSEG companies who require such access by virtue of their activities or duties, such as, by way of example but not limited to: employees in charge of external and customer relations, employees in charge of market supervision, accounting staff, secretarial staff, managers and officers of LSEG companies. Such persons, who shall be kept to the strictest minimum, will process data in the capacity of "Data Processors", appointed for this purpose who are adequately trained to prevent loss, destruction, or unauthorised access or processing of the data.

The Data Controller is Cassa di Compensanzione e Garanzia S.p.A., with headquarters at  via Tomacelli 146, Rome, in the person of its Managing Director. The Data Controller is available to answer all questions relating to the processing of personal data.

2.    DISCLOSURE OF DATA TO THIRD PARTIES

CC&G may disclose the data for the purposes for which it is collected, both within the LSE Group, or to:

a) Supervisory Authorities and Bodies, or other persons indicated by them, pursuant to orders issued by them, or established by law, including Community legislation, regulations or administrative practices;

b) third parties appointed as data processors, whose support CC&G relies on for purposes strictly related and connected with those referred to in point 1 (a), (b) and (c), namely:

- banks and finance companies, professionals, external companies employed for the provision of services, including persons engaged in debt collection;

- third parties that print, pack, and deliver communications to Data Subjects;

- third parties that provide technology and IT services;

- companies or entities that manage Italian or foreign markets with which one or more LSEG companies may enter into alliances and/or working relationships, and third parties whose support such entities or companies rely on;

- third parties which perform IT, statistical or scientific activities.

A list of data processors designated by CC&G may be requested at any time.

3.   TRANSFER OF DATA ABROAD

The Data of Data Subjects may be transferred abroad, including outside the European Union, to the entities specified in point 2, for the purposes indicated in point 1 above, with or without the aid of electronic or other automated methods.

4.   METHOD OF PROCESSING

CC&G shall process the Data of Data Subjects in a lawful and proper manner, thereby ensuring confidentiality and safety. The processing - which includes the gathering of data and any other operation included in the definition of "processing" in accordance with Article 4 of the Code (including, by way of example but not limited to, the recording, processing, communication, storage and destruction of data) - shall be performed by manual, computerised and/or electronic, automated or similar means, employing organisational methods and processes strictly related to the purposes indicated.

In particular, the processing of data for the purposes of Article 7 (4,) (b) of the Code may take place not only through automated contact methods, on the basis of Article 130, (1) and (2) of the Code, but also by traditional methods such as paper mail and phone calls made by an operator).

CC&G does not record telephone conversations, except those which may be recorded, upon prior notice to the user, but solely for requirements relating to the transparency of transactions requested and/or executed. Recordings are archived with restricted access and are in no circumstances available to persons not expressly authorised.

The fact that CC&G is part of LSEG also means that the Data Subject's Data, in compliance with the above conditions, may be stored on computer systems at LSE plc, its subsidiaries or related companies. Data is stored for the time necessary to fulfil the purposes for which it was collected, in accordance with law and any orders issued by the Garante (Data Protection Authority). Pursuant to Article 24, letter i-ter) of the Code, consent is not required if the processing relates to the communication and exchange of data between companies within the same group (parent companies, subsidiaries or related companies pursuant to Article 2359 of the Italian Civil Code, or companies under common control) and between consortia, business networks, groupings and associations of undertakings including temporary associations, if such communication or exchange is carried out for the following administrative and accounting purposes: purposes related to the conduct of internal organisational activities; purposes required for the fulfilment of contractual and pre-contractual obligations, the management of an employment relationship in all of its phases, the keeping of accounts and the application of tax, trade union, social security, health, hygiene and workplace safety legislation (Article 34 (1)-ter of the Code).

5.   EXERCISE OF RIGHTS

The Law provides that all Data Subjects must be informed of their rights under the Law. A list of these rights is set out at Article 7 of the Law; it provides, inter alia, that the Data Subjects may request access to their data, obtain a copy of the processed data and, if necessary, that it be updated, amended, supplemented, deleted or blocked, and withhold consent for the processing of the data concerning them, in whole or in part, for legitimate reasons.

Furthermore, with specific reference to the processing of personal data for the purposes of Article 7, (4) (b) of the Code, the Data Subjects are entitled to object to such processing, in whole or in part. In particular, the right to object to the processing of personal data for the purposes of "direct marketing" by automated means, also extends to processing by traditional methods. Data Subjects may, however, express a wish to receive communications relating to the above uses solely by traditional methods, when such methods are adopted by the company.

Data Subjects may assert the aforementioned rights by contacting, in the manner required by law, Cassa di Compensanzione e Garanzia S.p.A., with headquarters at  via Tomacelli 146, Rome, for the attention of the Data Controller.