Autogrill and protection of your data
Thank you for visiting Autogrill’s website.
Autogrill is committed to safeguarding your privacy.
We advise you to read this policy statement on the confidentiality of personal data at Autogrill.
Why this notice?
This page describes how the personal data of users of the site are handled.
The notice is in the interest of personal data protection and is also provided because we are required under art. 13, decree law 196/2003 (personal data protection code) to give such information to everyone that interacts with Autogrill web services accessed via: http://www.autogrill.com/.
The notice only applies to Autogrill’s website and not to other sites that users may access via links.
The notice also takes into account Recommendation 2/2001 adopted on 17th May 2001 by the European personal data protection authorities, meeting in the Group instituted under art. 29, EC Directive 95/46, for identifying minimum requisites for collection of personal data on-line, and in particular the information on procedures, timings and nature of data that “data controllers” must give users when they visit the site, whatever their reason for so doing.
The “Data Controller”
Following consultation of this site, data relative to identified or identifiable persons may be processed.
The”controller” of such processing is Autogrill S.p.a., Strada 5, Palazzo Z, 20089 Rozzano (MI).
Location of data processing
Processing relating to the web services on this site is done at the address given above and only by staff engaged to do such processing. It may occasionally be done by persons engaged to provide support and maintenance operations and eventually designated as responsible for or engaged to do the processing, where required by law.
No data deriving from the web service is communicated or made public.
Personal data supplied by users asking to be sent information (bulletins, newsletters, reports or other documents) are used exclusively for the purpose of providing the service requested and are only communicated to third parties if necessary to that end.
In this connection, at the time of providing their data, users are given a summary yet comprehensive notice regarding the purposes and methods of processing.
Such notice also includes information on:
the obligatory or optional nature of supplying data;
the consequences of not supplying it;
the subjects or categories of subjects to which personal data may be communicated;
the contexts of such disclosure of data;
users’ rights under art. 7, decree law 196/03 (access, integration, updating, correction, erasure in the case of unlawful processing, withholding of consent to processing, etc.);
the identity and registered office of the data controller.
Users are then invited to give their informed and free consent, in the specific form provided, which is documented in the manner required by law. If personal data are provided in a number of phases, information may be added to the notice already given and further consent to processing may be requested as required by the Code.
Types of data processed
The information systems and software procedures used to manage this site acquire certain personal data during normal operations transmission of which is implicit in using Internet communication protocols.
Such information is not collected in order to be associated with identified users but could by its very nature enable users to be identified by processing of and association with other data kept by third parties.
This category of data includes the IP addresses or domain names of users’ computers connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, time of request, method used to submit requests to the server, numerical code indicating the response state of the server (done, error, etc.) and other parameters relating to the user’s operating system and IT environment.
These data are only used to obtain anonymous statistical information on the use of the site and to run operational checks and are cancelled immediately after processing. Such data could be used to ascertain liability in the case of alleged computer crimes affecting this site. Save for this eventuality, web contact data are not at present held for more than seven days.
Data provided voluntarily by users
Optional, explicit and voluntary sending of e-mails to the addresses indicated in this site entails subsequent acquisition of the sender’s address, which is needed to reply to requests, and of any other personal data included in the e-mail.
Summary information on privacy will be indicated or displayed from time to time in the pages of the site referring to specific services available on request.