Privacy Policy – Disclosure pursuant to EU Reg. 2016/679 and Article 13 of Legislative Decree 196/03

This page describes how to manage the site (hereinafter, the “Website”) with reference to the processing of personal data of Users consulting the Website.
This information is intended for those who interact with the web services accessible electronically from the address: also pursuant to EU Regulation 2016/679 regarding the protection of personal data (GDPR – General Data Protection Regulation) and any other applicable law.
This information concerns all personal data collected and processed by GALILEO NETWORK S.p.A. (hereafter, “GALILEO NETWORK”) through the Website with the exception of:

  • Cookies: regarding cookies, please refer to the specific extended information.This privacy statement applies only to the site and not to other websites accessed by Users via links.

By visiting the Website, the User implicitly accept the practices described in this Privacy Policy.
The following Privacy Policy describes the way in which GALILEO NETWORK manages the processing of personal data relating to its customers.
Based on EU Regulation 2016/679 regarding personal data protection (GDPR) and any other applicable law, GALILEO NETWORK hereby informs Users that the processing of personal data will be based on principles of correctness, legality and transparency in respect of the rights, fundamental freedoms and dignity of the subjects involved, with particular reference to privacy, individual identity and the right to the protection of personal data. This information is provided pursuant to Article 13 of the GDPR and is subject to updates that will be promptly published on our Website.
1. The Data Controller
The Data Controller of the personal data collected through our Website is Galileo Network S.p.A. with registered office in Padua in Via Transalgardo 1, 35129, enrolled in the Business Registry of Padua under no. 180986, fiscal code and VAT no. 01793260280.
2. Rights of the Data Subject
The subject or person concerned is protected by the rights referred to in Chapter III of the GDPR, in particular:

  • [Right of access] The data subject has the right to obtain from the Data Controller confirmation that personal data concerning him or her is or is not undergoing processing and in this case, to obtain access to the personal data and the following information:

a) The purposes of the processing;
b) The categories of personal data concerned;
c) The recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organisations;
d) Where possible, the envisaged period for which the personal data will be stored or, if not possible, the criteria used to determine that period;
e) The existence of the right to request rectification or erasure of personal data from the Data Controller or to restrict the processing of personal data concerning the Data Subject or to object to such processing;
f) The right to lodge a complaint with a supervisory authority;
g) Whereby the personal data is not collected from the Data Subject, any available information regarding its source;
h) The existence of an automated decision-making procedure, including profiling and, at least in such cases, significant information regarding the logic involved, as well as the significance and the envisaged consequences of such processing for the Data Subject;
i) If personal data is transferred to a third country or international organisation, the Data Subject shall have the right to be informed of the existence of appropriate safeguards relating to such transfer, pursuant to Article 46 of the Regulation.

  • [Right to rectification] The Data Subject has the right to obtain the correction of any inaccurate personal data without undue delay from the Data Controller. Taking into account the purposes of the processing, the Data Subject has the right to obtain the integration of incomplete personal data, including by means of providing a supplementary declaration.
  • [Right to erasure] The Data Subject has the right to have the Data Controller delete all personal data concerning him or her without undue delay, with the Data Controller being obliged to erase the personal data without unwarranted deferment whereby one of the following reasons exists:

a) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
b) the Data Subject revokes his or her consent on which the processing is based pursuant to Article 6 of the GDPR, paragraph 1, letter a), or Article 9 of the GDPR, paragraph 2 letter a), and whereby there is no other legal basis for the processing;
c) the Data Subject opposes the processing pursuant to Article 21 of the GDPR, paragraph 1, and there is no legitimate overriding reason to proceed with the processing, or the Data Subject objects to the processing pursuant to Article 21 of the GDPR, paragraph 2;
d) the personal data has been unlawfully processed;
e) personal data must be erased due to compliance with a legal obligation envisaged in the European Union or Member State to which the data controller is subject;

  • [Right to limit processing] The interested party has the right to obtain from the Data Controller the limitation of processing under any of the following circumstances:

a) the Data Subject contests the accuracy of the personal data, for the period necessary for the Data Controller to verify the accuracy of such personal data;
b) the processing is unlawful and the Data Subject opposes the erasure of the personal data and instead requests the restriction of its use;
c) the Data Controller no longer needs the personal data for the purposes of the processing, but it is required by the Data Subject to establish, exercise or defend a right in court;
d) the Data Subject is opposed the processing pursuant to Article 21 of the GDPR, paragraph 1, pending verification of the possible prevalence of the legitimate reasons of the Data Controller overriding those of the Data Subject.

  • [Right to data portability] The Data Subject has the right to receive the personal data concerning him or her, which he or she has provided to the Data Controller, in a structured, commonly-used and machine-readable format and has the right to transmit such data to another Data Controller without hindrance from the Data Controller to have provided the personal data, whereby:

a) the processing is based on consent pursuant to Article 6 of the GDPR, paragraph 1, letter a), or of Article 9 of the GDPR, paragraph 2, letter a), or on a contract pursuant to Article 6 of the GDPR, paragraph 1, letter b);
b) the processing is carried out by automated means.

  • [Right to oppose] The Data Subject has the right to oppose at any time, for reasons connected with his or her own particular situation, to the processing of personal data concerning him/her pursuant to Article 6 of the GDPR, paragraph 1, letters e) or f), including profiling on the basis of such provisions. The Data Controller will refrain from further processing of the personal data except whereby it is possible to demonstrate the existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and liberties of the Data Subject or for the assessment, exercise or the defence of a right in court.

3. Type of user data collected by GALILEO NETWORK
GALILEO NETWORK collects various types of personal identification data in order to proceed with the response to the request for information or to subscribe to the Newsletter. Such data may include, but is not limited to, the name and surname, address, telephone numbers and email addresses. Users provide this information voluntarily through the request form, email messages, telephone, and so on.
In addition to the personal data listed above, the User is free to disclose personal data contained in emails, telephone calls, complaint forms and other types of communication related to the provision of Services by GALILEO NETWORK.
Any User who discloses the personal data of third parties guarantees that they have previously obtained their consent and have informed such parties in advance of the terms and purposes for which GALILEO NETWORK will want to process such. If requested by GALILEO NETWORK, the User will provide evidence of consent obtained before the transfer of personal data.

3.1 Other data collected by GALILEO NETWORK
GALILEO NETWORK also collects certain types of information that does not permit personal identification, which may refer to the URLs of reference, the IP addresses of Users and their utilisation of the Website, information on the browser used, and the like.
Some of this information is collected through Cookies, being fragments of data sent from the Website via a web server and saved on the User’s computer, which are intended to help GALILEO NETWORK identify the person in question as a User. The User has the right to modify their browser settings and to deny consent to the saving of the company’s Cookies.

All information regarding the Cookies used by GALILEO NETWORK is contained in our Cookie Policy.

4. Data processing system
Personal data is processed by automated and non-automated means, for the duration strictly necessary for the purposes of the processing.

4.1 Purpose of the processing of personal data by GALILEO NETWORK

  1. GALILEO NETWORK will process the data collected mainly so as to offer services requested by the customer/User ensuring all the necessary support.
  2. We may use the aforementioned data for the periodic sending of communications regarding important changes to services, new features, updates to technical problems and news, promotional activities, and so on.
  3. The User’s data may also be utilised to study the way in which the customer uses the services and to carry out relative analyses, reports and research necessary to improve the activity of GALILEO NETWORK in rendering the customer experience ever more satisfactory.
  4. GALILEO NETWORK processes personal data for the fulfilment of legal obligations or directives required by local authorities and other competent bodies.
    The provision of personal data is not mandatory, but in the case of refusal or partial conferment, GALILEO NETWORK reserves the right not to approve the request for Services or to limit the use of some of them.

5. Communication of User data to third parties
All personal data collected by GALILEO NETWORK is handled in a strictly confidential manner. We may disclose your personal data if required by law. Such data may be disclosed in whole or in part to our business partners, external consultants, auditors, collaborators or other third parties involved in providing the services requested in a timely and quality manner; for administrative purposes, billing and other matters related to your account; for the management of correspondence that includes emails, telephone calls and all other relative activities necessary for the fulfilment of the obligations of GALILEO NETWORK towards the agreement concluded. GALILEO NETWORK may transfer the personal data of the User should the company be sold or as part of restructuring projects.

6. GALILEO NETWORK’s actions to ensure the safety and prevention of loss, misuse and alteration of the User’s information
We guarantee the strict application of the standard security measures provided by the industry for the protection of personal data of the User. Without limitation, such measures include: the backup of all data uploaded; the ability to ensure on a permanent basis the confidentiality, integrity, availability and resilience of the processing systems and services; the capacity to promptly restore availability of and access to personal data in the event of a physical or technical incident; the procedures for testing, verifying and regularly assessing the effectiveness of the technical and organisational measures in order to guarantee the security of the processing.

Security and privacy restrictions that will go beyond our control may apply. By communicating his or her data to GALILEO NETWORK, the User understands and accepts that the security, integrity and confidentiality of such data may not be 100% guaranteed.

7. Data Processors
In order to ensure the prompt and qualified provision of services, GALILEO NETWORK may transfer all or part of its obligations under agreements established with third parties in charge of providing services to customers on behalf of GALILEO NETWORK. All third parties appointed as Data Processors will be obliged to maintain the security and confidentiality of Users’ personal data, and to process such according to our instructions.
Any third parties are duly registered as Data Processors with the respective data protection authority in compliance with the applicable laws in force.
The list of Data Processors appointed by GALILEO NETWORK will be available upon request at any time.

8. Location of the processing of personal data
Users’ personal data will be processed at the offices of GALILEO NETWORK, in Via della Croce Rossa 14 in Padova, Italy and at the offices of any third parties involved and designated as Data Processors.

9. Transfer of data abroad
Users’ personal data will not be transferred abroad.

10. Changes to the Privacy Policy
GALILEO NETWORK reserves the right to modify this Privacy Policy at any time. Such changes will become effective and binding upon publication on the Website The User agrees to periodically check for updates and revisions. By continuing to utilise the services and Website of GALILEO NETWORK following the publication of any revision, the User accepts the aforementioned changes.

In the case of any questions related to this Privacy Policy, please contact: [email protected].