24 ORE Group and protection of privacy


Dear User,

Thank you for visiting our site.

The 24 ORE Group has always paid great attention to matters concerning protection of the personal data it processes. It does so not only because they are subject to specific legislation (Italian Legislative Decree no. 196/2003 – The Personal Data Protection Code) but also, and above all, because safeguarding of data is one of our Group’s fundamental assets. These are the reasons why we constantly endeavour to provide our users with an Internet experience that fully respects and protects their privacy.


Reason for this notice

On the rest of this page we describe how the site is managed as regards handling and processing of the personal data of users consulting it. This is an official information statement provided also as required by Article 13 of Italian Legislative Decree no. 196 (the Personal Data Protection Code) to those interacting with the web services directly provided by the 24 ORE Group and electronically accessible via the address:

www.gruppo24ore.com

which corresponds to the home page of the 24 ORE Group’s official website.

The information statement is provided for the 24 ORE Group site and not for any other websites consulted by the user via links.

The information statement is based on Recommendation 2/2001, which European personal data protection authorities, grouped in the Working Party established by Article 29 of Directive 95/46/EC, adopted on 17 May 2001 to identify some minimum requirements for collecting personal data on-line and, in particular, the procedures, timing, and nature of the information that controllers of the processing of personal data must give to users when the latter access web pages, regardless of the purposes of such access.

We therefore ask that you read our Privacy Policy, illustrated below.

The Privacy Policy and standards applied by the 24 ORE Group for personal-data production are based on the following principles:

1) PRINCIPLE OF RESPONSIBILITY

The handling and processing of personal data is managed on an ongoing basis by persons made specifically responsible for this inside the corporate organisation.


2) PRINCIPLE OF TRANSPARENCY

Personal data are collected and subsequently processed according to the principles established by the Privacy Policy adopted by the 24 ORE Group and indicated in this Privacy Policy. At the time of any submittal of data by the user, the latter is provided with a concise but complete information statement, as required by Article 13 of Italian Legislative Decree no. 196/2003.


3) PRINCIPLE OF RELEVANCE OF COLLECTION

Personal data are treated in a legal and correct manner. They are registered for given, explicit and legitimate purposes. They are relevant to and do not exceed the purposes of handling and processing. They are kept for the time necessary for the purposes of collection.


4) PRINCIPLE OF PURPOSE OF USE

The purposes of the handling and processing of personal data are made known to those concerned at the time of collection. Any new processing of data, if extraneous to stated purposes, is activated after providing a new information statement to the person concerned and asking for consent, when so required by Italian Legislative Decree no. 196/2003. In any case, personal data are not communicated to third parties or disclosed without the prior consent of the person concerned, except in the cases expressly indicated by Article 24 of Italian Legislative Decree no. 196/2003.


5) PRINCIPLE OF RIGHT TO CHECK

Personal data are accurate and are updated over time. They are also organised and kept in such a way as to give the person concerned the possibility of knowing, if he/she so desires, which data have been collected and recorded, as well as of checking their quality, of requesting any rectification, addition, and deletion due to legal infringements or opposition to processing, and of exercising all other rights, pursuant to and within the limits of Article 7 of Italian Legislative Decree no. 196/2003, at the addresses indicated in the information statements present in 24 ORE Group sites as required by Article 13 of Italian Legislative Decree no. 196/2003.


6) PRINCIPLE OF SECURITY

Personal data are protected by technical, electronic, organisational, logistical and procedural security measures against risks of destruction or loss, also accidental, and of unauthorised access or of prohibited processing. These measures are regularly updated based on technical progress, the type of data and the specific characteristics of handling and processing. They are also constantly monitored and checked on an ongoing basis.

The Privacy Policy is applied in all companies of the 24 ORE Group that handle and process personal data.
Third parties performing support activities of any type for provision of services by 24 ORE Group companies, in connection with which they perform personal-data processing operations, are designated as Data Processors by the companies and are under contractual obligation to comply with security and confidentiality measures for handling and processing. The identity of these third parties is made known to users. In some cases, if processing operations take place under the direct authority of 24 ORE Group companies, employees of third-party companies that work with 24 ORE Group companies may be appointed to perform processing.

With the consent of those concerned, if so required by law, and in any case after provision of an appropriate information statement specifying the various purposes, personal data may be communicated to third parties, public and private, extraneous to the 24 ORE Group, who will process the data in the capacity of autonomous data controllers, as per the definition contained in Italian Legislative Decree no. 196/2003. Our Group is in no way responsible for handling and processing of personal data performed by these third-party data controllers.

In addition, the 24 ORE Group takes no responsibility for:

  1. The rules and methods for management of personal data of other websites, accessible from our pages via various types of links
  2. The contents of any e-mail services, web spaces, and chat forums provided to users.

Following consultation of this site, data relating to identified and identifiable persons may be handled and processed. The Data Controller or proprietor of such handling and processing is:

Il Sole 24 ORE SpA
Viale Sarca 223
20149 Milan (MI) – Italy
Further or different data controllers (in particular in other Group companies) responsible for the handling and processing of personal data necessary to provide specific services will be indicated in the information statements provided at the time when any data is collected.


Where data are processed

Handling and processing connected with the web services offered by this site take place at the locations of 24 ORE Group companies and possibly at the locations of external Data Processors. They are managed by those designated to do so and appointed to manage the services requested, marketing activities – when requested by the user – data-storage activities, and occasional maintenance operations.


Scope of data communication

Personal data submitted may be communicated to third parties to meet legal obligations, to execute orders coming from public authorities legitimated to do so, or to enforce or defend a right in the courts.

If you so desire, you can also make use of the 24 ORE Group services and products, or receive marketing information from 24 ORE Group companies. Given this, the data you submit may be communicated in Italy to 24 ORE Group companies to accomplish such purposes.

If necessary for specific services or products requested, personal data may be communicated to third parties who, in the capacity of autonomous data controllers, perform functions strictly connected with and functional for provision of the services and products in question. Without communication of data, these services and products cannot be supplied.

Personal data will not be disclosed, unless the service requested so requires.


Types of data collected and ways in which they are processed

You should be aware of the fact that, via your browsing in the 24 ORE Group site, your professional and personal interests may be monitored. This type of information, however, is collected solely and exclusively for the purpose of providing the services requested and possibly to check the quality of services offered. They do not aim in any way to profile users.

Data voluntarily provided by the user

The types of personal data collected and processed in the 24 ORE Group site are those necessary to provide the various services offered. Data collected are processed using paper-based, automated and remote electronic systems and applying a rationale strictly related to the purposes of processing.

Your fax and telephone numbers and your e-mail address may also be used to provide you with services. It is therefore obvious that, if this information is not submitted, you cannot be provided with services requiring the use of these instruments. If you do not give your consent to the use of e-mail, telephone, and fax for the purposes of promotional information or direct marketing or interactive commercial communication, these instruments will not be used for this purpose.

Specific privacy information statements are shown in the pages of the site set up for any submittal of personal data.

Any voluntary dispatch of electronic mail to addresses indicated in the site leads to acquisition of the sender’s address, as well as of any other information contained in the message. These personal data will be used solely for the purpose or executing the service or action requested.


Data relating to browsing

It is useful for you to know that, during their normal operations, the site’s software procedures acquire some personal data whose transmission is implicit in the use of Internet communication protocols. Even though they are data not designed to be associated with identified users, by virtue of their nature, if they are associated with other data held by third parties (your Internet service provider, for example) they may permit identification of users.

This category of data includes the IP addresses or domain names of the computers utilised by users accessing the site, the URL (Uniform Resource Locator) addresses of the resources requested, the time when the request is made, the method used to submit the request to the server, the size of the response file, the numerical code indicating server response status (successful, error, and so on), and other parameters relating to the user’s operating system and computer environment.

These data are used solely for anonymous statistics on site use and to to check its proper operation.


To find out more….

For further information concerning privacy, you can consult the following pages, which describe:


  1. How our site uses cookies

  2. How our site uses IP addresses.


The Data Controller and, according to the service requested, designated Data Processors preserve – for a limited period as per legal regulations – the log of accesses/browsing performed in order to respond to any requests coming from the judicial authority or from another public body legitimated to ask for the log to ascertain any liabilities in the case of computer crimes.

Apart from data from browsing (as specified above), users are free to submit or not to submit the personal data requested in the various services’ registration forms. On these forms some data may be marked as “compulsory”: this means that the data in question are essential for provision of the service requested. If these data are not submitted, the service requested cannot be provided and users will be unable to benefit from related opportunities.

When any data are submitted, the person concerned – as required by Article 13 of Italian Legislative Decree no. 196/2003 – is given a concise but comprehensive information statement concerning processing purposes and approaches; the compulsory or optional nature of data submittal; the consequences of non-submittal; the parties or categories of parties to whom personal data may be communicated and the scope of disclosure of such data; rights under Article 7 of Italian Legislative Decree no. 196/03 (access, addition, updating, rectification, and deletion due to legal infringements or opposition to processing, etc.); and the identity and location of the data controller and of the data processor(s). The person concerned is then asked to give his/her informed and free consent, expressed in specific form and documented as required by law, when the latter so requires. If personal data are submitted in subsequent phases, additions made to previous information statements will be provided and any new consent to processing required by the Code.

Security measures applied to protect data collected

The 24 ORE Group uses “secure” architectures and technologies to protect personal data against abusive disclosure, alteration, or improper use.

The steps taken to protect personal data specifically aim to minimise the risks of destruction or loss, also accidental, of data, unauthorised access, or processing that is prohibited or not consistent with the purposes of collection. These security measures obviously meet the minimum requirements indicated by the Italian legislator (Technical Protocol for minimum security measures as per Articles 33 and 36 of Italian Legislative Decree no. 196/2003).

The companies belonging to 24 ORE Group have defined and adopted a common Security Standard that includes additional measures (organisational, procedural, and technological) to assure an adequate standard of security for personal data processed in their computer systems.

Regular risk analyses are performed to check compliance with the standards set and also to adopt any new security measures necessary following organisational changes and technological innovations, or changes in the type of data collected.

Our security measures are constantly monitored and checked regularly.

Rights of people submitting personal data

The persons to whom the personal data refer have the right at all times to obtain confirmation of the existence or otherwise of such data, know their content and origin, check their accuracy, and ask for data additions or updating or rectification (Article 7 of Italian Legislative Decree no. 196/2003).

Pursuant to the same article, the person concerned has the right to request deletion, transformation into anonymous form or blocking of data illegally processed, and also, in any case, to oppose – for legitimate reasons - handling and treatment of his/her data.

Requests should be sent to the e-mail address privacy@info.ilsole24ore.com or to the specific contacts indicated in the information statements provided to users when any personal data is collected.


Use of cookies

First of all – what are cookies?

A cookie is a small text file (just a few bytes) exchanged between a website and your browser. The website manager normally uses it to memorise the information necessary to improve browsing inside the site.

Can I turn them off or change them?

The leading and most widely used browsers accept all cookies on a default basis. You can change this option via the functionalities present in your browser. You can do this by disabling the entire function or by at least requiring request of your explicit consent for each incoming cookie when it is received.

Are cookies used in the 24 ORE Group site?

In the 24 ORE Group site cookies are associated with your computer and do not identify the end-user. If you are a registered user of the site, some cookies – temporarily stored until you finish browsing – may be associated with your user registration. Use of cookies aims to (a) facilitate, customise and speed up your browsing experience at our site (for example: keeping the shopping “trolley” up to date in the e-commerce area); (b) control access to services for which you have registered; and (c) create anonymous site-access statistics. If you decide to disable these cookies, you will lose a large part of customisation functionalities and some services may not be usable.

Can other cookies reach me from the 24 ORE Group site?

Some companies supply advertisements on the 24 ORE Group site. These companies may use cookies to ensure that you are not shown the same advertisements too often or for statistical purposes to calculate traffic data in order to improve advertising content. The cookies are read by companies in anonymous form, i.e. without actually identifying you. They are managed directly by the companies concerned, who are autonomous data controllers. The 24 ORE Group has no access to such data, nor can it control the way in which they are subsequently used.

Use of IP addresses

An IP address is a number automatically assigned to your computer whenever you connect with Internet via your Internet provider or from a corporate LAN/WAN that uses the same Internet protocols.

Similarly to your home address, to which others can send you material, the IP address is used by the website to send you its pages.

IP addresses are anonymous data for us, as they cannot be directly associated with a specific user. They are used solely for the 24 ORE Group’s statistical purposes to monitor accesses to services provided.