This information on privacy rights describes the processing of the personal data uploaded to or collected on the website www.pass.juventus.com (“Website”)
For the sake of clarity: the personal data that you uploaded when you registered your “Juventus Fan Account” are processed according to the statement on the use of personal data that you read and accepted at the moment of the registration.
Aggregate data. Aggregate data means the information on groups or categories of users, which do not identify and cannot be reasonably used to identify an individual user;
Anonymous data. Anonymous data means the information which do not identify and cannot be reasonably employed to identify an individual user;
Application. Application means a program or a service managed by Deltatre (or on behalf of Deltatre) which can be displayed in different environments and on-line platforms, mobile or otherwise, including those managed by third parties which allows us to directly interact with you;
Minors. Minors mean the individuals identified by us as minors who are not able, according to the law applicable, to grant their consent to the collection and the processing of Personal data (as defined below);
Data Controller. Means the personal data controller responsible for the personal information collected by the Website when you purchase a subscription i.e. Deltatre S.p.A with registered offices in Via Millio n. 41, 10141, Torino, Italy (also indicated as “We”),
Data Processor. The Data Processor is an individual or entity which carries out the processing of Personal data on behalf of one or more data controllers, authorised to carry out the data processing only according to the instructions of the Data Controller;
IP Address. The IP Address is associated to the access point through which the internet connection is carried out and it is usually controlled by the Internet Service Provider (ISP) of the user;
Notice. A Notice may be sent by e-mail to you at the last e-mail address indicated, through the publishing of amendment notices on the Website or the Application or using other means according to the current laws;
Parents. The Parents term refers to a parent or a legal guardian;
Personal data. Personal data means the information which identify (directly or indirectly) a specific individual, for example the name, the postal address, the e-mail address, the telephone number, the navigation data, the IP Address. When they are directly or indirectly associated to Personal data, the Anonymous data are also processed as Personal data;
Website. the website www.pass.juventus.com .
2. Type of Personal data collected
We collect two basic types of information: Personal data and Anonymous data; furthermore, we may use either Personal or Anonymous data for the creation of a third type of information: Aggregate data.
We collect the following categories of Personal data:
• data of the transaction uploaded when one of our products or services is purchased on our Website or through our Applications, which include information on the purchased products/services and the payment information;
• information on your location at the moment of the visit to our Website or the use of our Application, including the location information provided by a mobile device which interacts with our Website or Applications, or related to your IP address, provided that the processing of such data is allowed by the applicable legislation;
• use, display and technical data, including the device identification code or your IP Address, the moment in which you visit the Website, uses our Applications on third-party websites and platforms.
3. Method of collection of the Personal data
• We collect the Personal data uploaded by you when you, after signing up on the Website, purchase the subscriptions, contact our customer care. We may collect Personal data when you reply to questionnaires or surveys, take part in a promotion, a game or a competition or otherwise interact with us. Please acknowledge that when you provide Personal data to third party platforms or websites, the data sent may be collected separately by the third-party website or platform. We collect Personal data complying with the provisions of the current legislation on privacy; furthermore, the Personal data collected by third party websites and platforms are subject to the directives on privacy of such third-party websites and platforms. The decisions concerning privacy made by the user on third party websites and platforms shall not apply to the use by us of the Personal data directly collected by us.
• The IT systems and the software procedures employed for running the Website collect, during their normal course of operation, some Personal data whose transmission is implied by the use of the Internet communication protocols. Such information are not collected to be associated to identified concerned persons, but, due to their own nature, may, through processing and the association with data held by third parties, allow the identification of the users. This category of data includes IP Addresses or domain names of computers used by users who connect to the site, URL addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method utilized to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters related to the operating system and the IT environment of the user. Such data are used only to obtain anonymous statistical information on the Website and to check its correct functioning and are stored for the time defined by the relevant legislation. The data may be used to ascertain responsibility in case of hypothetical computer crimes against the Website.
4. Purpose of the processing
The processing of the Personal data (including their recording in our database) seeks to achieve the following primary purposes:
a) enable you to access to the web pages of the Website where it is possible to receive the online services, guarantee the correct provisions of the services requested by you, and, therefore, perform in a correct and a timely manner all the obligations arising from the contractual relationship established, and also the obligations provided for the current legislation or regulations, in particular obligation related to tax or public security purposes; we may use the Personal data to personalize the content viewed by the user;
b) for administrative and accounting purposes, including the transmission, if any, by e-mail of business invoices, for the delivery of notices to you which regard the account or the transactions carried out;
In all the cases under points a), b) and c) above, the Data Controller shall not be obliged to procure any specific consent from you. All the processing detailed above seek, actually, primary purposes for which art. 24 of the Privacy Code excludes the need to procure a specific consent from the interested party, either because the processing is required for complying with an obligation set by the law, by a regulation or by the EC legislation, or because the processing is required for carrying out any duty arising from an agreement in which the concerned person is one of the parties, or for meeting, before the execution of the agreement, specific requests of the concerned person. In the case where you do not intent do provide in any case the requested Personal data, which are required based on the above, this would lead to the impossibility to receive all the services for which the provision of the data is in any case required based on technical and contractual reasons. It would remain in any case possible to browse the Website and to display only the contents and the materials available without subscription.
Complying with the Privacy Code and your choices, the data may be also processed for the following secondary purpose:
d) to be communicated to Juventus for the processing of your market profile (by sampling the consumption patterns), seeking, both to monitor the satisfaction degree of customers for ensuring the best satisfaction of their needs, both to send customer specific information and/or advertising material, using automated systems, such as e-mail, fax, SMS or MMS or by ordinary post.
We will require Juventus to comply with current regulations concerning the handling of such information, giving you all the necessary information so that you are able to exercise your rights of access, rectification and cancellation, if you wished so.
In all the cases detailed under point d) above, the data may be processed only if a specific consent is granted. The lack of any declaration of consent shall be held as a denial. Then, by granting the optional consent, you specifically acknowledge and authorise such further possible processing. In any case, even if you granted your consent to seek the purposes listed under points d), you remain in any case free to cancel it in any moment, by sending a clear notice on the matter to the following e-mail: email@example.com. or postal address Deltatre spa, Via Millio n. 41, 10141, Torino, Italy. The denial will not involve any consequence, except for the impossibility of being included in statistical analysis and/or profiling and to receive promotions, discounts and focused communications, based on the provided data, or to be informed on any marketing and promotional/advertisement initiatives. Therefore, for such further purposes, the processing shall be carried out only according to the purposes and based on the specific consent granted by you when you purchase the subscription.
5. Disclosure and diffusion of the data
Any collected data may be disclosed only to:
• Juventus for the purpose of carrying out first level customer care activities, in such case Juventus is appointed as Data Processor;
• Juventus for the purposed listed in points d) of Clause 4 above, upon your consent, and within the limits and under the conditions described in Clause 4 above;
• external trusted subjects which are entrusted by us with certain task or parts thereof, that are required for supplying or distributing the services offered through the Website (for example: hosting companies, project managers, programmers, system experts and database administrators) In such case, these subjects will be appointed as Data Processor. The full list of Data Processors is available upon request.
• We use a specialist third party payment company to process your payment information if you choose to purchase a subscription: we do not receive any of your payment card details.
• to any entity (Public Authorities includes) which may access to the Personal data based on statutory and administrative provisions;
• to any public and/or private subject, individuals and/or entities (legal, administrative and tax consultancy firms, judicial authorities, Chamber of Commerce, labour authorities, etc.), if the disclosure is required or functional for the correct performance of the contractual obligations and of the statutory obligations;
• to banks and to companies which manage national and international payment circuits through which the on-line payments of the products purchased through the Website are carried out.
6. Method of data processing
The processing of the Personal data shall be mainly carried out using electronic or in any case automated means, according to the modes and with the appropriate means for ensuring the safety and the confidentiality of the data themselves, in accordance with the current legislation on data protection , shall be adopted in order to ensure the minimum level of protection provided for by the law, allowing the access only to the persons appointed for the processing by the Data Controller or by the Data Processors appointed by the Data Controller.
All your Personal data are stored on our secure servers or on those of our suppliers or commercial partners and may be accessed and used based on our standards and our security policies (or equivalent standards for our suppliers or commercial partners).
The security measures we have adopted include:
- severe restrictions on access to your personal data, based on necessity and solely for the purposes communicated;
- perimeter security systems to prevent unauthorised external access;
- permanent monitoring of access to IT systems to identify and stop the misuse of personal data;
- tracking of access to your personal data by internal personnel and verification of the related purpose;
- using encrypted means via Secure Socket Layer (SSL) technology for transactions on our Website that require the entering of personal data.
7. Possible disclosure by the interested party of third party Personal data
In case you insert in the Website Personal data of third parties (not your own personal information), you are responsible for: (i) informing these third parties of the purpose of the collection of his / data; (ii) getting an approval from those third parties; and (iii) informing the third party of his rights of access, rectification, cancellation and / or opposition of their Personal data. To that effect, you guarantee that any third party data which shall be indicated in such way (and which shall be accordingly handled as if the third party granted his informed consent to the processing and the disclosure of the data to the Data Controller) was collected by the user himself in full compliance with the Privacy Code. To this regards, you grant the widest indemnification with regards to any objection, claim, request for compensation of any damage arising from the processing, etc. which may be received the Data Controller from any third party interested based on the provision of the data indicated by the user violating the applicable provisions on Personal data protection.
8. International transfer, storing and processing of the Personal data
The data are stored on servers located in Italy. There is the possibility that the Personal data are stored on a cloud, that means that the data may be managed by a provider of cloud services on behalf of Data Controller and stored in different locations worldwide. If our activity implies the transfer of Personal data to third parties located in different places worldwide, for the purposes described in this privacy information, wherever the Personal data are transferred, stored or processed by us, we shall adopt suitable organizational and contractual measures for safeguarding the Personal data and we shall impose similar requirements, which are not less restrictive, to the providers of the cloud services, including the obligation to process the Personal data only for the purposes listed above. Furthermore, when we use or disclose Personal data transferred from countries which entered into Safe Harbor Agreements with the USA, we comply with the Safe Harbor principles as defined by the US Department of Commerce, we use standard contractual clauses approved by the European Commission, we adopt other measures under the legislation of the European Union for ensuring an appropriate protection, or we obtain your consent.
9. The privacy rights of Minors
With regards to the functionalities of the Website, we do not intentionally collect Personal data of Minors. According to the applicable laws, the Parent must grant his consent to the collection of the Personal data of the Minor; the registration to the Website by the Minor shall be therefore be authorised by the Parent and carried out under the supervision of the Parent himself, for that reason, the e-mail address supplied must be the e-mail address of the Parent. The Parent has the right to review and to request the removal of the
The subscriptions on the Website can be purchased only by persons over 18 years.
10. Rights of the interested party
On certain conditions, you are entitled to request:
- access to your personal data,
- a copy of the personal data you have provided to us (‘portability’),
- the adjustment of data in our possession,
- the deletion of any data for which the legal precondition for processing no longer exists,
- to deny processing for direct marketing purposes,
- to revoke your consent, in cases where the processing is based on consent,
- to limit the way in which We process your personal data.
The exercising of the above rights is subject to certain exceptions that are intended to safeguard the public interest (e.g. the prevention or identification of crimes) and our interests (e.g. maintaining professional secrecy). Should you wish to exercise any of the above rights, We will check that you are entitled to do so and will usually respond within one month.
We endeavour to respond to any complaints or reports concerning the methods used to process your data. Nevertheless, should you wish, you may forward your complaints or reports to the authority responsible for data protection using the following contact details: Garante per la protezione dei dati personali - Piazza di Monte Citorio no. 121 - 00186 ROMA - Fax: (+39) 06.69677.3785 - Telephone: (+39) 06.696771 - Email: firstname.lastname@example.org - Certified email address: email@example.com .
11. Amendments to this privacy information
Occasionally, we may amend this privacy information in order to include new technologies, industry practices and statutory requirements, or other purposes. We shall inform you through a relevant Notice in the case where such amendments are significant and we shall obtain your consent if so provided by the current laws.
12. How to contact us
Last update: October 9, 2017