RCS Sports & Events S.p.A, with its registered office in Milan, Via A. Rizzoli 8, is the Controller of Personal Data gathered on this site in accordance with Regulation (EU) 2016/679 (GDPR)
Personal Data and browsing data
In accordance with the effort and care that RCS Sports & Events dedicates to the safeguard of personal data, we hereby inform you about the procedures, purposes and scope of communication and disclosure of your personal data and about your rights, in accordance with Article 13 of the GDPR.
- CATEGORIES OF PERSONAL DATA PROCESSED BY THE DATA CONTROLLER
To offer you the services provided by its own Websites, RCS Sports & Events, in its capacity as Data Controller (hereafter, for brevity, the “Controller”), shall processes some personal data necessary for the performance of the services.
Such data can be provided implicitly by the instruments you use to access and use the services, or they can be provided explicitly by you.
The Controller may process the following categories of personal data of the users:
- technical browsing data pertaining to the IP address, to the identifying codes of the devices employed by the user to utilise the website or the services, to the characteristics of the browser and to the access times;
- browsing data directed at profiling provided indirectly through utilisation of the service and obtained and analysed with the user’s consent;
- common identifying data provided by the user (e.g. name, surname, email, telephone number, etc.) for the utilization of the products and of the services;
- PURPOSES AND LEGAL BASES OF THE PROCESSING
The data and the cookies received from you shall be processed by RCS Sport & Events with the necessary methods and procedures to provide the services you have required or signed up for (Contractual purposes), and to fulfil any additional purposes you have agreed to.
Specifically, RCS Sports & Events will process your data to send you the newsletter(s) issued by the Controller to which you have subscribed.
Only with your express consent may your data be used to carry out statistical analyses, market surveys by or on behalf of third parties, promotional activities through social media and to send commercial information about the products and about the promotional initiatives of the Controller (Direct marketing purposes).
Also with your consent, the data may be used for purposes of automated profiling carried out by collecting your browsing information when you access and utilise the Services provided by the Website. By means of statistic correlation algorithms, such information will be matched to the same information coming from other users to identify the common traits and group together similar ones within interest classes. By assigning your browser to an interest class, our systems will then be able to offer you contents that better suit your tastes and will present advertisements that better meet your needs and better address the interests of the advertisers, reducing the level of interference with utilisation.
On the date you are reading this Policy, the Controller uses the profiling data to aggregate marketing profiles, to manage relations with advertisers and improve their campaigns, to infer patterns of utilisation of its products and services, and to assist the sales departments in the development of digital strategies (Profiling purposes).
Lastly, with your explicit consent, your data may be provided to other Companies operating in the publishing, financial, automotive insurance, energy, basic commodities industries, as well as to humanitarian and charitable organisations, which may contact you as Controllers of independent initiatives – the updated list is at your disposal and it may be requested from the Data Processor at the address provided below – for statistical analyses, market surveys and transmission of commercial information about the products and promotional initiatives. (Third party marketing purposes).
Communications for market surveys or commercial information about the products and the promotional initiatives may be carried out by postal mailing, email, telemarketing, SMS, MMS.
We hereby inform you that some activities may be carried out through suppliers, specifically appointed as Data Processors, who may reside outside the European Union.
The legal bases of the purposes described above are the execution of your request as data subject and the consent you have expressed.
- DISCLOSURE, COMMUNICATION AND PARTIES ACCESSING THE DATA
Your personal data shall not be disclosed, but they may be communicated when necessary for the provision of the service to third parties (such as third party technical service providers, postal couriers, hosting providers, IT companies), appointed, if necessary, as Data Processors by the Controller to fulfil any technical or organisational tasks that are instrumental in the provision of the services.
Access to the data is also allowed to categories of the Controller appointees involved in the organisation for data processing (administrative, sales, marketing, customer service personnel, system administrators).
The updated list of Data processors may always be requested from the Controller.
We shall retain the right to communicate the data to third parties if you have given your specific, optional consent.
- TRANSFER OF DATA ABROAD
Your personal data shall be processed by the Controller within the territory of the European Union. If technical and/or operational issues make it necessary to rely on parties located outside the European Union, or if it becomes necessary to transfer some of the data collected to cloud-based technical systems and services located outside the area of the European Union, the processing activities shall be regulated in accordance with the provisions of Chapter V of the Regulation and authorised on the basis of specific decisions by the European Union. Hence, all precautions necessary to assure the most comprehensive protection of personal data shall be taken, basing said transfer: a) on decision of adequacy of the recipient third party countries expressed by the European Commission; b) on adequate guarantees expressed by the recipient third party in accordance with Article 46 of the Regulation; c) on the adoption of Corporate binding rules.
- PERSONAL DATA PROCESSING AND RETENTION PERIOD
In accordance with Article 5.1 e) of the GDPR, the Controller shall process your data for no longer than is necessary for the provision of the services for which the personal data are processed and shall be stored for the 6 following months for the completion of the administrative activities, as well as for the time necessary to fulfil legal obligations.
If you have authorised the profiling treatment, the anonymous data observed from time to time shall be erased 12 months after processing has started.
- RIGHTS OF THE DATA SUBJECT
The Controller guarantees to you that you may exercise, at any time, the rights granted by Article 12 of the GDPR. Specifically, you have the right:
- to know whether the Controller holds and/or processes personal data about you and to access them in full, also obtaining copies thereof (Article 15 Right of access by the data subject),
- to the rectification of inaccurate personal data or to the completion of incomplete personal data (Article 16 Right to rectification);
- to the erasure of personal data held by the Controller if one of the reasons specified by the GDPR applies (Right to erasure, Article 17);
- to ask the Controller to restrict processing only to some personal data, if one of the reasons specified by the Regulation (Article 18 Right to restriction of processing);
- to request and receive all your personal data processed by the Controller, in a structured, commonly used and machine-readable format or to request transmission to another controller without hindrance (Article 20, Right to data portability);
- to object to all or part of the data processing for the purposes of transmitting advertising material and market surveys (“Consent”) (Article 21 Right to object)
- to object to all or part of the data processing in automatic or semiautomatic mode for profiling purposes (“Consent”)
You may exercise these rights by communicating to the Data Controller/Data Protection Officer whose addresses are indicated in the dedicated section of this policy.
Moreover, you always have the right to file a complaint with the Italian Authority for the Protection of Personal Data, at the address email@example.com or through the Website http://www.gpdp.it.
- DATA PROTECTION OFFICER
The Controller has identified and appointed a Data Protection Officer, in accordance with Article 37 of the GDPR, and has established an office for the management of requests pertaining to the privacy of their users and customers.
To exercise your guaranteed rights, you may contact us at the following addresses:
- Office of the Data Protection Officer – RCS Sports & Events S.r.l. – Via A. Rizzoli 8, 20132 Milan, Italy;
- Privacy Office – RCS Sports & Events S.r.l. – Via A. Rizzoli 8, 20132 Milan, Italy;
- or by sending an email to the address: firstname.lastname@example.org.
- LATEST REVISION
Cookies are small aggregates of text stored locally in the temporary memory of your browser, and hence in your computer for periods of time that may vary according to the need, generally between a few hours and some years, with the exception of the profiling cookies, whose maximum duration is 365 calendar days.
Using the cookies, it is possible to record semi-permanently information about your preferences and other technical data that allow for easier browsing and greater ease of use and effectiveness of the site itself. For example, cookies can be used to determine whether a connection between your computer and our sites has already been carried out, to highlight changes or maintain log-in information. For your protection, only the cookie stored on your computer is identified.
- TYPES OF COOKIES
There are two families or types of cookies:
- Those installed by the owner and data controller of the website, called first party cookies, and
- Cookies installed by “third parties” (third party cookies).
The responsibility and the management of first party cookies rest directly with the Data Controller.
There may be six different types of cookies on this website or product:
- Technical, session and analytics Cookies
These cookies are necessary for the correct operation of the site. They are used to manage site access operations (login), to store configuration preferences (where available), or to integrate any plug‑in required for viewing specific content.
Cookies used for statistical and performance analysis are equally considered to be technical cookies, provided that they are configured to collect data in an aggregate and anonymous form, providing an overview of the performance of the sites and content.
- Traffic and performance analysis cookies
These cookies enable us to know in what way visitors use the website, what contents they access and what regions they come from, allowing us to assess and improve the operation and promote the production of contents that better meet our users’ information needs. These cookies require the consent of the users, who can opt out directly with the respective controllers.
- Profiling cookies for marketing and advertising purposes
These cookies are used to deliver advertising content within a site or application. These cookies are used, for example, to track the position of the advertisement and verify if a user has already seen the advertising message, but also to follow the users while they are browsing, to define their profile and present advertising related to their personal interests and socio-demographic characteristics.
- Widgets and other tools for interconnection with external sites and functions
- Tracking pixels or web beacons
- Usability tools
These are application-coded features that allow the website owner to analyse how users interact with the contents and the features of a website in order to verify its ease of use, design quality and as an aid for planning improvement changes. These scripts are configured to avoid capturing any elements typed by the user that would undermine their privacy and are subject to explicit consent. Refusal to consent, when present in the pages of this site, is managed directly by the Data Controller.
- WHICH COOKIES ARE INSTALLED ON THIS SITE?
- COOKIES NOT SUBJECT TO CONSENT
- Technical, session and analytics cookies
- Nielsen NetRatings (Audiweb) for official access statistics
- Adobe Omniture for internal access and traffic statistics
- Google Analytics for internal‑use access and traffic statistics
- COOKIES SUBJECT TO CONSENT
The cookies listed under this paragraph are subject to your consent. You can consult the list and give your consent in a simplified way in the manner indicated in the information banner that you saw the first time you accessed this site, or selectively by clicking the button below.
For all cookies installed by third parties unknown to the Controller for which personal data is processed, subject to your prior consent, also through this website, you can exercise your right to object via the following website: http://www.youronlinechoices.eu/it/
Because each browser – and often different versions of the same browser – may differ significantly from each other, if you prefer to act independently using your browser preferences, you can find detailed information about the necessary procedure in your browser’s Help menu. For an overview of how to act for the most common browsers, please visit: http://www.cookiepedia.co.uk/index.php?title=How_to_Manage_Cookies
- PROCESSING PERIOD
Cookies managed directly by the Controller have a maximum duration of 365 days, barring any voluntary renewals you carry out by reiterating consent.
The profiling cookies managed by the Controller are anonymous. Upon expiry, they remain within statistical systems and profiling platforms exclusively for general statistical purposes, in aggregate form, and can no longer be traced back to your browser.
The duration of cookies managed by third parties is indicated in the respective Cookie Policies.
- MORE INFORMATION ON YOUR RIGHTS
Any request for information or clarification or for exercising rights can be sent to the Data Processor at the following addresses:
– Office of the Data Protection Officer – RCS Sports & Events S.r.l. – Via A. Rizzoli 8, 20132 Milan, Italy;
– Privacy Office – RCS Sports & Events S.r.l. – Via A. Rizzoli 8, 20132 Milan, Italy;
– or by sending an email to: email@example.com