<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Privacy - Exprivia</title>
	<atom:link href="https://www.exprivia.it/es/category/privacy/feed/" rel="self" type="application/rss+xml" />
	<link></link>
	<description>Digital. Trust. Growth.</description>
	<lastBuildDate>Fri, 05 Jun 2026 13:09:02 +0000</lastBuildDate>
	<language>es</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	
	<item>
		<title>Política de privacidad y cookies</title>
		<link>https://www.exprivia.it/es/privacy/politica-de-privacidad-y-cookies/</link>
		
		<dc:creator><![CDATA[Alessio Brasili]]></dc:creator>
		<pubDate>Thu, 04 Jun 2026 04:36:02 +0000</pubDate>
				<category><![CDATA[Privacy]]></category>
		<guid isPermaLink="false">https://www.exprivia.it/sin-categoria/politica-de-privacidad-y-cookies/</guid>

					<description><![CDATA[<p>Esta política de privacidad y cookies se proporciona a los usuarios/visitantes que interactúan con el sitio web oficial del Grupo Exprivia, al que se puede acceder electrónicamente desde la dirección https://www.exprivia.it, que corresponde a la página de inicio del sitio, de conformidad con: Artículo 13 del Reglamento UE 2016/679; de la Disposición nº 229  [...]</p>
<p>L'articolo <a href="https://www.exprivia.it/es/privacy/politica-de-privacidad-y-cookies/">Política de privacidad y cookies</a> proviene da <a href="https://www.exprivia.it/es/">Exprivia</a>.</p>
]]></description>
										<content:encoded><![CDATA[<div class="fusion-fullwidth fullwidth-box fusion-builder-row-1 fusion-flex-container has-pattern-background has-mask-background nonhundred-percent-fullwidth non-hundred-percent-height-scrolling" style="--awb-border-radius-top-left:0px;--awb-border-radius-top-right:0px;--awb-border-radius-bottom-right:0px;--awb-border-radius-bottom-left:0px;--awb-flex-wrap:wrap;" ><div class="fusion-builder-row fusion-row fusion-flex-align-items-flex-start fusion-flex-content-wrap" style="max-width:1248px;margin-left: calc(-4% / 2 );margin-right: calc(-4% / 2 );"><div class="fusion-layout-column fusion_builder_column fusion-builder-column-0 fusion_builder_column_1_1 1_1 fusion-flex-column" style="--awb-bg-size:cover;--awb-width-large:100%;--awb-spacing-right-large:1.92%;--awb-margin-bottom-large:0px;--awb-spacing-left-large:1.92%;--awb-width-medium:100%;--awb-order-medium:0;--awb-spacing-right-medium:1.92%;--awb-spacing-left-medium:1.92%;--awb-width-small:100%;--awb-order-small:0;--awb-spacing-right-small:1.92%;--awb-spacing-left-small:1.92%;"><div class="fusion-column-wrapper fusion-column-has-shadow fusion-flex-justify-content-flex-start fusion-content-layout-column"><div class="fusion-text fusion-text-1"><p>Esta política de privacidad y cookies se proporciona a los usuarios/visitantes que interactúan con el sitio web oficial del Grupo Exprivia, al que se puede acceder electrónicamente desde la dirección <a href="https://www.exprivia.it/es/">https://www.exprivia.it,</a> que corresponde a la página de inicio del sitio, de conformidad con:</p>
<ul>
<li>Artículo 13 del Reglamento UE 2016/679;</li>
<li>de la Disposición nº 229 de 8 de mayo de 2014 de la Autoridad Italiana de Privacidad (Identificación de los procedimientos simplificados para el suministro de información y la obtención del consentimiento para el uso de cookies);</li>
<li>de la Disposición nº 231 de 10 de junio de 2021 de la Autoridad Italiana de Privacidad (Directrices cookies y otras herramientas de seguimiento), que complementa la Disposición nº 229 de 2014 y proporciona importantes aclaraciones para facilitar a los responsables del tratamiento la correcta aplicación del marco normativo vigente;</li>
<li>de la Recomendación nº 2/2001 del Grupo de Trabajo del Art. 29 sobre requisitos mínimos para la recogida de datos en línea en la UE;</li>
<li>de la Directiva 2009/136/CE, por la que se modifica la Directiva 2002/58/CE (la llamada Directiva sobre intimidad en las comunicaciones electrónicas), relativa al tratamiento de los datos personales y a la protección de la intimidad en el sector de las comunicaciones electrónicas;</li>
<li>las Directrices del WP 29 de 10 de abril de 2019, ratificadas por el Consejo Europeo de Protección de Datos y sustituidas por las Directrices 05/2020 sobre el consentimiento en virtud del Reglamento 2016/679 adoptadas el 4 de mayo de 2020</li>
</ul>
<p>Esta política describe cómo gestionar únicamente el sitio web oficial del Grupo Exprivia, pero no otros sitios web externos que puedan ser consultados por el usuario a través de enlaces en el sitio web del Grupo Exprivia. Se puede proporcionar información adicional en secciones específicas.</p>
<p>El tratamiento de datos personales recogidos en determinados formatos en algunas secciones del sitio web (por ejemplo, las secciones «Boletín», «Contacto», «Denuncias» y «Solicitudes de empleo») se rige por divulgaciones específicas, disponibles en las secciones correspondientes del sitio web.</p>
<p>El acceso al Sitio no requiere que el usuario/visitante proporcione ningún dato personal.</p>
<h2>1) TIPO DE DATOS TRATADOS Y FINALIDAD DEL TRATAMIENTO</h2>
<h3>1.1) Finalidad del tratamiento</h3>
<p>El tratamiento de los datos personales de los usuarios/visitantes tiene como única finalidad permitir a los usuarios navegar por el Sitio Web. Los datos personales de los usuarios también pueden utilizarse para cumplir obligaciones legales. En algunas secciones del Sitio Web, en las que se ofrecen servicios de información organizados por el Responsable del Tratamiento, podrán recogerse y tratarse otros datos personales y preferencias sólo tras recabar el consentimiento expreso del visitante.</p>
<h3>1.2) Datos facilitados voluntariamente por el usuario</h3>
<p>El envío voluntario y explícito de correos electrónicos a las direcciones indicadas en los distintos canales de acceso de este sitio conlleva la posterior obtención de los datos del remitente/usuario, necesarios para responder a las solicitudes producidas, así como cualesquiera otros datos personales introducidos por el mismo.</p>
<p>Los datos personales proporcionados por los usuarios sólo se revelarán a terceros si la revelación es necesaria para cumplir las peticiones de los usuarios. Los datos recogidos no se conservarán durante más tiempo del necesario para cumplir la finalidad para la que se adquirieron. Estos periodos de conservación se aplican generalmente a todos los datos personales que se han recopilado para responder a las solicitudes.</p>
<h3>1.3) Datos de navegación</h3>
<p>La plataforma «software» responsable del funcionamiento de este sitio web adquiere, en el curso de su funcionamiento normal, ciertos datos personales cuya transmisión está implícita en el uso de los protocolos de comunicación de Internet.</p>
<p>Se trata de información que no se recoge para ser asociada a interesados identificados, pero que por su propia naturaleza podría, a través del tratamiento y asociación con datos en poder de terceros realizado sólo previa solicitud expresa de la Autoridad Judicial, permitir identificar a los usuarios.</p>
<p>Esta categoría de datos incluye las direcciones IP o los nombres de dominio de los ordenadores utilizados por los usuarios que se conectan al sitio, las direcciones URI (Uniform Resource Identifier) de los recursos solicitados, la hora de la solicitud, el método utilizado para enviar la solicitud al servidor, el tamaño del archivo obtenido como respuesta, el código numérico que indica el estado de la respuesta dada por el servidor (correcto, error, etc.) y otros parámetros relacionados con el sistema operativo y el entorno informático del usuario. Estos datos se utilizan con el único fin de obtener información estadística anónima sobre el uso del sitio y comprobar su correcto funcionamiento.</p>
<h3>1.4) Política de Cookies</h3>
<p>Las cookies son pequeños archivos de texto que los sitios visitados por los usuarios envían a sus terminales, donde se almacena información que luego se transmite de nuevo a los mismos sitios en visitas posteriores. Los terminales a los que se hace referencia son, por ejemplo, un ordenador, una tableta, un smartphone o cualquier otro dispositivo capaz de almacenar información. La información codificada en las cookies puede incluir datos personales, como una dirección IP, un nombre de usuario, un identificador único o una dirección de correo electrónico, pero también puede contener datos no personales, como la configuración de idioma o información sobre el tipo de dispositivo que utiliza una persona para navegar por el sitio web.</p>
<p>Además de la información anterior, una cookie suele contener el nombre del dominio de Internet (la dirección IP del sitio) del que procede la cookie, el «tiempo de vida» de la cookie (es decir, una indicación de cuándo caduca la cookie) y un código numérico, normalmente un número único generado aleatoriamente.</p>
<p>Este sitio no utiliza herramientas de rastreo pasivo como las huellas dactilares, sino que utiliza exclusivamente identificadores activos como las cookies.</p>
<h4>1.4.1) Cookies técnicas utilizadas por este sitio y su finalidad</h4>
<p>Este sitio utiliza cookies técnicas, que se instalan automáticamente tras el acceso al sitio, para el correcto funcionamiento del mismo.</p>
<p>Este tipo de cookies incluye las cookies de navegación o de sesión, cuyo único fin es permitir la transmisión de una comunicación a través de una red de comunicaciones electrónicas o en la medida estrictamente necesaria para que el prestador de un servicio de la sociedad de la información explícitamente solicitado por la parte contratante o el usuario pueda prestar dicho servicio, o las cookies de funcionalidad, que permiten al usuario navegar de acuerdo con una serie de criterios seleccionados que, entre otras cosas, no contienen datos personales (por ejemplo, el idioma, las opciones de determinados tipos de cookies relativas al tipo de dispositivo no técnico) con el fin de mejorar el servicio prestado al usuario.</p>
<p>Las cookies técnicas utilizadas por este sitio caducan cuando se cierra el navegador, excepto las que contienen las cookies no técnicas elegidas por el usuario, que tienen una fecha de caducidad de 6 meses.</p>
<p>En cualquier momento, el usuario seguirá teniendo la opción de aceptar o no el uso de cookies cambiando la configuración de su navegador. En caso de que el usuario utilice diferentes ordenadores en distintas ubicaciones, deberá asegurarse de que cada navegador está configurado correctamente. El usuario puede eliminar fácilmente cualquier cookie instalada en la carpeta de cookies siguiendo los procedimientos proporcionados por el navegador utilizado.</p>
<h4>1.4.2) Cookies publicitarias o de elaboración de perfiles</h4>
<p>Determinadas secciones del sitio web utilizan plataformas de terceros que muestran contenidos para ofrecer determinados tipos de publicidad, incluidos los relacionados con los servicios de información ofrecidos a través del sitio web, así como determinados anuncios basados en los intereses de los usuarios. En particular, estas secciones utilizan cookies y tecnologías de seguimiento proporcionadas por HubSpot, una plataforma de automatización de marketing y CRM utilizada con el fin de recopilar datos, analizar el comportamiento de los usuarios y enviar comunicaciones personalizadas. Las cookies de HubSpot permiten controlar las interacciones de los usuarios con el sitio web (por ejemplo, cumplimentación de formularios, descarga de contenidos, visualización de páginas específicas) y mejorar la calidad y pertinencia de los mensajes enviados.</p>
<p>La información recopilada por HubSpot puede incluir la dirección IP, la ubicación geográfica aproximada, el tipo de dispositivo y el comportamiento de navegación dentro del sitio. El Propietario procesa los datos de acuerdo con el principio de minimización y no los comparte con terceros para fines distintos de los indicados.</p>
<p>Los terceros autorizados también pueden instalar cookies cuando interactúas con los servicios de Exprivia. Entre los terceros se incluyen motores de búsqueda, redes sociales y empresas que proporcionan servicios publicitarios. Estos terceros utilizan cookies en la entrega de contenido publicitario, incluida la publicidad basada en intereses, para evaluar la eficacia de sus anuncios y prestar servicios en nombre de Exprivia.</p>
<p>Los anuncios personalizados, a veces conocidos como anuncios basados en intereses, forman parte de la experiencia del usuario del sitio web del Grupo Exprivia. Mostramos anuncios personalizados para ayudarte a encontrar y descubrir funciones, productos y servicios que puedan interesarte. También puedes ver estos anuncios en otros Servicios y sitios de terceros. Las cookies utilizadas en esta categoría se utilizan con el fin de seleccionar anuncios personalizados, medir la eficacia de los anuncios mostrados, detectar y prevenir el fraude y el daño a la reputación de las marcas y vendedores que se anuncian con Exprivia, así como desarrollar, solucionar problemas y mejorar nuestros servicios de publicidad.</p>
<p>Puedes solicitar la eliminación de tu información personal de nuestros sistemas publicitarios en cualquier momento. Si no solicitas la eliminación, conservaremos tu información personal durante el tiempo que sea necesario para perseguir los fines publicitarios descritos en esta Política, como la selección de anuncios personalizados o la detección de actividades fraudulentas.</p>
<p>A menos que se eliminen manualmente, las cookies publicitarias permanecen en tu navegador hasta 13 meses después de que nos hayas dado tu consentimiento para utilizarlas.</p>
<p>Utilizamos información personal sobre tus interacciones con los Servicios de Información disponibles en el sitio web de Exprivia para personalizar los anuncios. Creamos grupos de visitantes, basándonos en los intereses identificados por su navegación.</p>
<p>También podemos utilizar cookies e identificadores similares, como tu dirección IP, para seleccionar anuncios personalizados y comprender en qué anuncios se hace clic o se muestran. Por ejemplo, podemos utilizar tu dirección IP para limitar el número de veces que se te muestra el mismo anuncio.</p>
<p>El sitio web de Exprivia utiliza cookies publicitarias y de elaboración de perfiles de terceros para las que se requiere tu consentimiento explícito y específico.</p>
<p>Por defecto, todas las cookies publicitarias y de elaboración de perfiles están desactivadas. El usuario puede consentir su uso o desactivarlas en cualquier momento utilizando el enlace «Configuración de cookies» situado en el pie de página de cada página web. Si el visitante accede al sitio por primera vez o el sitio web no encuentra la cookie técnica inherente a las elecciones realizadas sobre las cookies, el sitio web presentará un banner con un breve aviso informativo y dará la posibilidad de aceptarlas todas, rechazarlas todas o personalizarlas individualmente.</p>
<h4>1.4.3) Cookies de terceros y de plugins sociales</h4>
<p>Las páginas web del Grupo Exprivia pueden contener plug-ins, como los de las Redes Sociales. Si accedes a una de nuestras páginas web con un plug-in de este tipo, tu navegador de Internet se conecta directamente a la red social y el plug-in se muestra en tu pantalla a través de la conexión de tu navegador.</p>
<p>Exprivia utiliza el Plug-in AddToAny para permitir a los usuarios compartir contenidos informativos publicados en el sitio web en diversas plataformas sociales. Para más información sobre el Plug-in AddToAny, consulta el siguiente enlace <a href="https://www.addtoany.com/privacy">Política de Privacidad de AddToAny</a>. Antes de utilizar estos Plug-ins, se invita al interesado a consultar la política de privacidad de las propias redes sociales, en sus páginas oficiales. En algunos casos, los Plug-ins pueden hacer uso de cookies de terceros.</p>
<p>El sitio web de Exprivia utiliza cookies de terceros de YouTube para mostrar los vídeos del Grupo Exprivia publicados en el Canal Exprivia. Para obtener más información, consulta el siguiente enlace <a href="https://www.youtube.com/static?gl=IT&amp;hl=it&amp;template=terms">Política de privacidad de YouTube</a>.</p>
<p>Además, el sitio web de Exprivia utiliza cookies analíticas. Las cookies de Google Analytics recopilan información sobre cómo los visitantes utilizan el sitio web. Los datos recogidos incluyen el número de visitantes, la fuente de la que proceden y las páginas que visitan. Exprivia recopila esta información de forma agregada y anónima con el único fin de analizar las secciones del sitio que más te interesan y mejorar lo que ofrecemos a través del sitio. Para más información, consulta el siguiente enlace <a href="http://tools.google.com/dlpage/gaoptout">http://tools.google.com/dlpage/gaoptout.</a></p>
<p>Por defecto, todas las cookies de terceros y de plug-ins sociales están desactivadas. El usuario puede consentir su uso o desactivarlas en cualquier momento utilizando el enlace<em>«Configuración de cookies</em>» situado en el pie de página de cada página web. Si el visitante ha iniciado sesión en el sitio por primera vez o el sitio web no encuentra la cookie técnica inherente a las elecciones realizadas sobre las cookies, el sitio web presentará un banner con una breve información y dará la posibilidad de aceptarlas todas, denegarlas todas o personalizarlas individualmente. En algunos casos, desactivarlas puede no permitirte utilizar determinadas funcionalidades.</p>
<p align="justify">También te informamos de que, si no aceptas las cookies de marketing, no podrás ver los vídeos temáticos publicados también en los canales de YouTube de las empresas del Grupo y producidos por ellas (por ejemplo, podcasts). Por esta razón, si intentas acceder a cada página web que contenga dichos vídeos sin haber habilitado previamente las cookies de marketing, aparecerá una advertencia en cada página explicándote por qué el vídeo es inaccesible y recordándote que puedes cambiar tus opciones en relación con las cookies de marketing. Con este fin, para facilitar tu navegación, también encontrarás un enlace a la página web «Configuración de cookies» que te permite habilitar estas cookies. Esta habilitación también puede ser temporal, ya que podrás volver a deshabilitar las cookies de marketing inmediatamente después de ver el vídeo que te interesa, y en cualquier momento.</p>
<h4>1.4.4) Nueva presentación del Banner de Solicitud de Consentimiento</h4>
<p>La reiteración de la solicitud de consentimiento en presencia de un incumplimiento previo de prestarlo es una actividad ilegítima que, por tanto, Exprivia no llevará a cabo.</p>
<p>El banner de adquisición del consentimiento puede serte reenviado en los siguientes casos:</p>
<ul>
<li>Cuando hayan transcurrido al menos seis meses desde la presentación anterior de la pancarta;</li>
<li>En el caso de que las condiciones de tratamiento hayan cambiado significativamente y, por lo tanto, el banner también cumpla la función de información con respecto a los cambios que se han producido (por ejemplo, en el caso de cambios en las cookies de terceros);</li>
<li>Cuando Exprivia no pueda tener conocimiento de que una cookie ya ha sido previamente almacenada en el dispositivo para ser transmitida, en una visita posterior del mismo usuario, al sitio que la generó (por ejemplo, cuando el usuario opta por eliminar las cookies legítimamente instaladas en su dispositivo sin que el propietario pueda tener conocimiento de la voluntad del usuario de mantener la configuración predeterminada y, por lo tanto, de seguir navegando sin ser rastreado).</li>
</ul>
<h4>1.4.5) Cómo controlar la configuración de las cookies.</h4>
<p>También puedes eliminar las cookies existentes y bloquear la instalación de nuevas cookies a través de la configuración de tu navegador.</p>
<p>Los usuarios/visitantes pueden decidir en cada caso si aceptan o no las cookies configurando su navegador para que genere una advertencia cada vez que se guarde una cookie. Los navegadores más populares ofrecen la posibilidad de bloquear únicamente las cookies de terceros, aceptando sólo las cookies propias del sitio. Consulta los sitios web de información del navegador utilizado.</p>
<h4>1.4.6) ENLACES A OTROS SITIOS</h4>
<p>La navegación por el sitio web del Grupo Exprivia proporciona acceso, a través de enlaces, a otros sitios web gestionados por terceros. Estos sitios pueden recoger información personal sobre ti. Exprivia no controla los sitios operados por dichas partes y no se hace responsable de su conducta.</p>
<p>Los requisitos de privacidad y seguridad de los datos personales procesados en sitios enlazados a o desde el sitio web del Grupo Exprivia no están cubiertos por esta política de privacidad. Exprivia, por lo tanto, no es responsable de la conducta de privacidad de estos sitios.</p>
<h2>2) MODALIDADES DE TRATAMIENTO Y ALMACENAMIENTO DE DATOS</h2>
<p>Los datos personales se procesan con medios automatizados (por ejemplo, utilizando procedimientos y medios electrónicos) y/o manuales (por ejemplo, en papel) durante el tiempo estrictamente necesario para lograr los fines para los que se recogen y, en cualquier caso, de acuerdo con la normativa pertinente. Se observan medidas de seguridad específicas para evitar la pérdida de datos, usos ilícitos o incorrectos y accesos no autorizados.</p>
<p>No se aplicará ningún proceso automatizado de toma de decisiones a los datos recogidos.</p>
<p>Transcurrido este plazo, los datos se eliminarán o se harán anónimos, a menos que sea necesario seguir almacenándolos para cumplir obligaciones legales o para cumplir órdenes emitidas por autoridades públicas.</p>
<h2>3) SUMINISTRO FACULTATIVO DE DATOS</h2>
<p>El suministro de datos personales por parte del interesado, para las finalidades descritas en el párrafo anterior (1.2), es opcional. El hecho de no proporcionarlos puede imposibilitar la navegación en determinadas secciones del sitio o el seguimiento de las solicitudes presentadas.</p>
<h2>4) TITULAR, DELEGADO DE PROTECCIÓN DE DATOS (DPO) Y PERSONAS DESIGNADAS</h2>
<p>Los Responsables del Tratamiento de los datos personales relativos a las personas identificadas o identificables que hayan consultado este sitio son las Empresas pertenecientes al Grupo Exprivia:</p>
<ul>
<li>Exprivia S.p.A. con domicilio social en via A. Olivetti, 11- Molfetta (BA);</li>
<li>Exprivia Projects Srl con domicilio social en Viale del Tintoretto 432 &#8211; Roma.</li>
</ul>
<p>Los Responsables del Tratamiento han designado a un Delegado de Protección de Datos o Responsable de Protección de Datos de conformidad con los artículos 37 y siguientes del Reglamento UE 2016/679, con el que se puede contactar:</p>
<ul>
<li>para Exprivia SpA en la siguiente dirección de correo electrónico: <a href="mailto:dpo_expriviaspa@exprivia.com">dpo_expriviaspa@exprivia.com</a></li>
<li>para Exprivia Projects Srl en la siguiente dirección de correo electrónico: <a href="mailto:dpo_expriviaprojects@exprivia.com">dpo_expriviaprojects@exprivia.com</a>.</li>
</ul>
<p>El tratamiento relacionado con los servicios web de este sitio es gestionado exclusivamente por personal técnico, designado/autorizado e instruido en el correcto tratamiento de los datos personales, que en ningún caso serán difundidos.</p>
<h2>5) COMUNICACIÓN Y/O DIFUSIÓN DE DATOS</h2>
<p>A excepción de lo indicado en el apartado 1.2, los datos personales facilitados por el usuario no se comunicarán a terceros ni se difundirán ni se transferirán a terceros países (fuera de la UE) sin el consentimiento explícito del interesado.</p>
<h2>6) DESTINATARIOS DE LOS DATOS</h2>
<p>Para la consecución de los fines descritos, o cuando ello sea indispensable o exigido por la ley o por autoridades con potestad para imponerlo, los Responsables del Tratamiento se reservan el derecho de comunicar los datos a destinatarios pertenecientes a las siguientes categorías:</p>
<ul>
<li>el Delegado de Protección de Datos, para el seguimiento de las solicitudes de privacidad de los interesados y para cualquier otra eventualidad que entre dentro de sus funciones, según lo establecido en el artículo 39 del Reglamento UE 2016/679;</li>
<li>Autoridades de control y, en general, entidades públicas o privadas con funciones públicas (por ejemplo: Prefectura, Jefatura de Policía, Autoridades Judiciales, en cualquier caso sólo en la medida en que se cumplan los requisitos previos establecidos en la legislación aplicable);</li>
<li>otras empresas matrices, filiales o asociadas, de conformidad con el artículo 2359 del Código Civil italiano;</li>
<li>empresas o despachos profesionales en el marco de relaciones de asistencia y asesoramiento;</li>
<li>personas que lleven a cabo el control, la auditoría y la certificación de las actividades realizadas por los Titulares;</li>
<li>proveedores del Responsable del tratamiento, designados formalmente como encargados del tratamiento.</li>
</ul>
<h2>7) DERECHOS DE LOS INTERESADOS</h2>
<p>«Los interesados», es decir, las personas físicas a las que se refieren los datos, tienen derecho, en cualquier momento, a acceder a la información que les concierne y a solicitar que se actualice, rectifique y complete, así como su supresión, transformación en forma anónima o bloqueo, limitación de su tratamiento y portabilidad, así como a oponerse en todo caso total o parcialmente a su tratamiento, por motivos legítimos, de conformidad con los artículos 15 a 22 del Reglamento UE 2016/679.</p>
<p>Además, los interesados pueden revocar su consentimiento en cualquier momento si el tratamiento de sus datos se basa en el consentimiento. La retirada del consentimiento no invalida el tratamiento anterior. Ten en cuenta que el interesado siempre puede oponerse al tratamiento con fines promocionales.</p>
<p>El tratamiento de datos personales realizado con fines de seguridad de la información o con fines defensivos entra dentro del ámbito del tratamiento por interés legítimo del Responsable del Tratamiento, en cuyo caso el interesado sólo podrá oponerse por motivos relacionados con su situación particular, que el Responsable del Tratamiento valorará sin perjuicio del cumplimiento de los fines defensivos.</p>
<p>Para cualquier información relativa al tratamiento de datos, así como para el ejercicio de los derechos establecidos en los artículos 15 a 22 del Reglamento UE 2016/679, los usuarios pueden enviar un correo electrónico a las direcciones del RPD arriba indicadas.</p>
<p>Además, los interesados tienen derecho a dirigirse al Garante per la protezione dei dati personali, con sede en Roma, Piazza Venezia, 11, o a cualquier otra autoridad, para presentar una reclamación sobre el tratamiento de sus datos personales con arreglo al artículo 77, en caso de que consideren que se ha producido una violación de sus datos personales, véase <a href="http://www.garanteprivacy.it/">www.garanteprivacy.it.</a></p>
<h2>8) CAMBIOS EN LA POLÍTICA DE PRIVACIDAD</h2>
<p>Esta Política de Privacidad puede estar sujeta a cambios a lo largo del tiempo -también en relación con la posible entrada en vigor de nuevas normativas sectoriales, la actualización o prestación de nuevos servicios o innovaciones tecnológicas-, por lo que invitamos al usuario/visitante a consultar periódicamente esta página.</p>
<div>
<div>
<div class="CookieDeclaration" dir="ltr" lang="it">
<p class="CookieDeclarationDialogText">El respeto a tu confidencialidad es nuestra prioridad.</p>
<p>Exprivia y terceros seleccionados utilizan cookies o tecnologías similares con fines técnicos y, con tu consentimiento, también para otros fines especificados en el Sitio Web. <a href="https://www.exprivia.it/?page_id=3">política de cookies</a>para garantizar la funcionalidad técnica, medir el rendimiento de los contenidos, analizar nuestra audiencia y mejorar nuestros productos y servicios.</p>
<p>Puedes dar, rechazar o revocar libremente tu consentimiento en cualquier momento accediendo a tu panel de preferencias mediante el enlace «Mostrar detalles» en el banner o el enlace «Configuración de cookies» en la parte inferior de la página web, o puedes consentir el uso de estas tecnologías mediante el botón «Aceptar todas», rechazarlas mediante el botón «Rechazar» o gestionarlas según su clase mediante el botón «Aceptar las seleccionadas». Tus preferencias sólo se aplicarán a este sitio web y no afectarán a tu navegación.</p>
<p>Tu consentimiento se aplica a los siguientes sitios web: www.exprivia.it</p>
</div>
</div>
</div>
</div></div></div></div></div>
<p>L'articolo <a href="https://www.exprivia.it/es/privacy/politica-de-privacidad-y-cookies/">Política de privacidad y cookies</a> proviene da <a href="https://www.exprivia.it/es/">Exprivia</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Privacy Policy &#038; Cookies Exprivia Group</title>
		<link>https://www.exprivia.it/es/privacy/privacy-policy-cookies-exprivia-group/</link>
					<comments>https://www.exprivia.it/es/privacy/privacy-policy-cookies-exprivia-group/#respond</comments>
		
		<dc:creator><![CDATA[Marco Mina]]></dc:creator>
		<pubDate>Fri, 22 May 2026 17:57:26 +0000</pubDate>
				<category><![CDATA[Privacy]]></category>
		<guid isPermaLink="false">https://new.exprivia.it/?p=14536</guid>

					<description><![CDATA[<p>Data Controller We inform you that your personal data will be processed by Exprivia S.p.A., with its registered office in Molfetta (BA) at Via A. Olivetti, 11, in its capacity as Data Controller. Purposes Your data, including your email address, will be collected directly from you when you complete the form and will be processed  [...]</p>
<p>L'articolo <a href="https://www.exprivia.it/es/privacy/privacy-policy-cookies-exprivia-group/">Privacy Policy &#038; Cookies Exprivia Group</a> proviene da <a href="https://www.exprivia.it/es/">Exprivia</a>.</p>
]]></description>
										<content:encoded><![CDATA[<h3>Data Controller</h3>
<p>We inform you that your personal data will be processed by Exprivia S.p.A., with its registered office in Molfetta (BA) at Via A. Olivetti, 11, in its capacity as Data Controller.</p>
<h3>Purposes</h3>
<p>Your data, including your email address, will be collected directly from you when you complete the form and will be processed for the purpose of sending you the information you have requested, including requests for documents published on the Exprivia website (e.g. papers, white papers, reports) or to manage your registration requests for participation in events organised by Exprivia (e.g. webinars).</p>
<p>Should you give your specific consent, your data, including your email address, may also be used for promotional purposes to send you advertising material, commercial communications, or to carry out direct marketing or market research activities. The sole consequence of not giving your consent will be that we will not send you advertising material, promotional brochures, invitations to workshops or other events. However, failure to provide consent for direct marketing purposes will in no way affect the processing of your request for information.</p>
<p>Your data is also processed to comply with legal obligations and, where necessary, for defence purposes or to comply with orders from the authorities.</p>
<h3>Legal basis for processing</h3>
<p>The legal basis for the processing consists of pre-contractual purposes, legal obligations, and legitimate interest, which in this case consists of defence (purely hypothetical) or IT security purposes, and to process your request for information or your request to register for events organised by Exprivia. With regard to processing carried out on the basis of legitimate interest, you may object on grounds relating to your particular situation. Should you exercise your right to object, the Data Controller shall refrain from further processing your personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.</p>
<p>Furthermore, another legal basis, with regard to processing for direct marketing purposes, is consent, which may always be withdrawn easily and free of charge by using the email addresses provided below. Any withdrawal of consent shall not affect the lawfulness of processing based on consent prior to such withdrawal.</p>
<h3>Transfer</h3>
<p>The processing of your personal data to fulfil your requests for information will not be subject to transfer to third parties or to countries outside the EU. However, intra-group transfers may take place if necessary to fulfil your request.</p>
<p>In the case of requests to participate in events organised by Exprivia, third parties invited by Exprivia as speakers may become aware of your data and will process it as independent data controllers.</p>
<p>Your data will not, under any circumstances, be disclosed.</p>
<h3>Retention</h3>
<p>The data collected via this form will be retained for the period strictly necessary to process your request.<br />
Should you consent to the use of your data for direct marketing purposes, your data, including your email address, may be used for up to two years, unless you exercise your right to object, which you may always do regarding the use of your data for marketing purposes, or unless you provide new consent. In accordance with the principle of accountability, the documentation evidencing your consent may, however, be retained for up to ten years for evidential purposes.</p>
<h3>Rights</h3>
<p>You have the right to withdraw any consent you may have given at any time and to exercise the rights set out in Article 15 et seq. of the GDPR (access, correction, updating, objection to processing, rectification, integration, restriction, etc.) by contacting the Data Privacy Officer appointed by the Data Controller at <a href="mailto:dpo_expriviaspa@exprivia.com">dpo_expriviaspa@exprivia.com</a> or directly at the Data Controller’s registered office or via email at ufficioprivacy@exprivia.com. You may also lodge a complaint with the Data Protection Authority in the event of a personal data breach <a href="http://www.garanteprivacy.it/">www.garanteprivacy.it</a>. To find out more about your rights, please read Exprivia’s <a href="https://www.exprivia.it/it/132/cookie-and-privacy-policy.php">privacy policy</a>.</p>
<p>L'articolo <a href="https://www.exprivia.it/es/privacy/privacy-policy-cookies-exprivia-group/">Privacy Policy &#038; Cookies Exprivia Group</a> proviene da <a href="https://www.exprivia.it/es/">Exprivia</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.exprivia.it/es/privacy/privacy-policy-cookies-exprivia-group/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Reported party privacy policy</title>
		<link>https://www.exprivia.it/es/privacy/reported-party-privacy-policy/</link>
					<comments>https://www.exprivia.it/es/privacy/reported-party-privacy-policy/#respond</comments>
		
		<dc:creator><![CDATA[Marco Mina]]></dc:creator>
		<pubDate>Fri, 22 May 2026 15:55:19 +0000</pubDate>
				<category><![CDATA[Privacy]]></category>
		<guid isPermaLink="false">https://new.exprivia.it/?p=14532</guid>

					<description><![CDATA[<p>People involved   The companies Exprivia S.p.A. and Exprivia Project S.r.l., each in its capacity as data controller, provide the following privacy information pursuant to art. 13 and 14 GDPR expressly referenced in art. 13 of Legislative Decree 24/2023 implementing EC Directive 2019/1937 of the European Parliament and Council of 23 October 2019, concerning the  [...]</p>
<p>L'articolo <a href="https://www.exprivia.it/es/privacy/reported-party-privacy-policy/">Reported party privacy policy</a> proviene da <a href="https://www.exprivia.it/es/">Exprivia</a>.</p>
]]></description>
										<content:encoded><![CDATA[<div class="fusion-fullwidth fullwidth-box fusion-builder-row-2 fusion-flex-container nonhundred-percent-fullwidth non-hundred-percent-height-scrolling" style="--awb-border-radius-top-left:0px;--awb-border-radius-top-right:0px;--awb-border-radius-bottom-right:0px;--awb-border-radius-bottom-left:0px;--awb-flex-wrap:wrap;" ><div class="fusion-builder-row fusion-row fusion-flex-align-items-flex-start fusion-flex-content-wrap" style="max-width:1248px;margin-left: calc(-4% / 2 );margin-right: calc(-4% / 2 );"><div class="fusion-layout-column fusion_builder_column fusion-builder-column-1 fusion_builder_column_1_1 1_1 fusion-flex-column" style="--awb-bg-size:cover;--awb-width-large:100%;--awb-margin-top-large:0px;--awb-spacing-right-large:1.92%;--awb-margin-bottom-large:0px;--awb-spacing-left-large:1.92%;--awb-width-medium:100%;--awb-spacing-right-medium:1.92%;--awb-spacing-left-medium:1.92%;--awb-width-small:100%;--awb-spacing-right-small:1.92%;--awb-spacing-left-small:1.92%;"><div class="fusion-column-wrapper fusion-flex-justify-content-flex-start fusion-content-layout-column"><div class="fusion-text fusion-text-2"><h3><strong>People involved</strong></h3>
<p>&nbsp;</p>
<p>The companies Exprivia S.p.A. and Exprivia Project S.r.l., each in its capacity as data controller, provide the following privacy information pursuant to art. 13 and 14 GDPR expressly referenced in art. 13 of Legislative Decree 24/2023 implementing EC Directive 2019/1937 of the European Parliament and Council of 23 October 2019, concerning the protection of persons who report violations of EU law and laying down provisions concerning the protection of persons reporting violations of national regulatory provisions.</p>
<p>The following information is provided <strong>for the purpose of transparency towards the reported</strong> person and any interested party potentially referred to in a report and therefore involved in the same (hereinafter jointly referred to as the «reported subject»), primarily to make them aware of the limitations imposed on the exercise of certain rights foreseen by (EU) Regulation 2016/679 of the European Parliament and Council of 27 April 2016 (GDPR):</p>
<ul>
<li><strong>Right to information</strong> &#8211; the right to be informed about the processing of personal data pursuant to articles 13 and 14 of the GDPR is restricted in light of the secrecy and confidentiality obligations imposed by Art. 12 of Legislative Decree no. 24/2023 which guarantees the confidentiality of the data, as well as the risk of undermining or seriously hindering the pursuit of the purposes of the processing connected to the reports filed as part of the whistleblowing system (see Article 14, paragraph 5, letters b) and d) of the GDPR).</li>
<li><strong>Other rights of the data subject &#8211; </strong>the rights referred to in articles 15 to 22 of the GDPR are not ruled out in absolute terms for the interested party but cannot be exercised (by filing a request with the Data Controller or a complaint pursuant to article 77 of the GDPR) even regarding knowledge of the source of the data, if this might effectively and tangibly constitute a prejudice to the secrecy of the reporting party&#8217;s identity (see article 2-undecies of the Privacy Code and article 23 of the GDPR). Art. 2-undecies of the Privacy Code, as of 15 July 2023 under paragraph 3, regarding the specific limitations on the rights of the interested party, effectively establishes that the rights cannot be exercised whenever the confidentiality of the identity of the person who reports the violations they have become aware of during their employment relationship or other functions as required by EU Directive 2019/1937 concerning the reporting of violations of European Union rules, or that reports the violations referred to in Articles 52 bis and 52 ter of Legislative Decree 385/1993 (i.e. violations of the Bank of Italy by bank personnel) or the reports presented before Consob or the Bank of Italy by bank personnel is effectively and tangibly threatened.</li>
</ul>
<p>In particular, in fulfilling the obligation pursuant to art. 2 undecies paragraph 3 of the Privacy Code, the reported person and the other persons involved are informed that the exercise of their rights referred to in articles 15 &#8211; 22 of the GDPR:</p>
<ul>
<li>may stand, where the source of the data and therefore knowledge of the whistleblower&#8217;s identity is concerned, only if the whistleblower has given his/her consent or whenever knowledge of the whistleblower&#8217;s identity is essential for the accused to be able to mount a defence. The reported party is informed that in this latter case the whistleblower has the right to know, in writing, the reasons behind the disclosure of the confidential data when knowledge of his/her identity is essential for the defence of the person involved (see Article 12, paragraphs 5 and 6 of Legislative Decree 24/2023);</li>
<li>may stand within the limits set forth in art. 2 <em>undecies</em> of the above Privacy Code (see art. 13 paragraph 3 of Legislative Decree 24/2023) and may be performed in accordance with the provisions of the law or regulation that govern the sector (including Legislative Decree 231/2001 );</li>
<li>may be delayed, limited or ruled out with a reasoned communication sent without delay to the interested party, unless the communication may compromise the purpose of the limitation, for the time and within the limitations required of a necessary and proportionate measure, having taken into due account the fundamental rights and legitimate interests of the interested party, in order to safeguard the confidentiality of the identity of the whistleblower and in order to safeguard certain interests inherent in the performance of defensive investigations or the exercise of rights to defence;</li>
</ul>
<p>In such cases, the rights of the interested party may also be exercised through the Italian Data Protection Authority according to the provisions of Article 160 of the Privacy Code, in which case the Italian Data Protection Authority informs the interested party that it has carried out all the necessary checks or reviews, or the interested party may also exercise the right to lodge a judicial appeal.</p>
<p>The exercise of the rights by the reported person (including the right of access) may therefore be upheld within the limits foreseen by applicable law and, in particular, it is noted that the request will be assessed by the entities entrusted with this task in order to reconcile the need to protect the rights of individuals with the need to combat and prevent violations of the rules of good corporate management or of the regulations applicable in this field.</p>
<h4><strong>Categories of personal data and source of collection</strong></h4>
<p>The personal data related to the reported person is collected in the context of the report and the documentation provided by the reporting party. The following categories of personal data relating to the reported party may be collected:</p>
<ul>
<li>personal data (e.g. name, surname, place and date of birth);</li>
<li>contact details (e.g. e-mail address, telephone number, postal address);</li>
<li>data of a professional nature (e.g. hierarchical level, affiliated business area, company role, type of relationship entertained with the companies of the Exprivia Group or other third parties, profession);</li>
<li>any other information referring to the reported party that the whistleblower decides to share with the Data Controller in order to better substantiate their report, regarding:
<ul>
<li>relevant unlawful conduct pursuant to Legislative Decree 24/2023 such as civil, criminal, administrative and accounting offences and violations of European Union regulations as well as significant unlawful conduct pursuant to Legislative Decree 231/2001 or violations of the entity&#8217;s organisation and management model;</li>
<li>irregularities and/or unlawful conduct, whether through commission or omission, which constitute or may constitute a violation of the principles enshrined in the Code of Ethics of the Exprivia Group, in company policies and rules and/or which may result in fraud or damage, even of a potential nature, against colleagues, shareholders and stakeholders in general or which constitute acts of an illicit nature or that may be deemed detrimental to the interests and reputation of the company itself;</li>
<li>improper or suspicious activities and payments, other than expenses or contributions expressly provided for by the Data Controller companies, or even donations made by said Data Controller companies to public officials or donation requests that such public officials or private entities may make.</li>
</ul>
</li>
</ul>
<h4><strong>Data Controller, data protection officer and appointees</strong></h4>
<p>The Data Controllers responsible for the processing of the personal data related to identified or identifiable persons collected through reporting are the Companies belonging the Exprivia Group:</p>
<ul>
<li>Exprivia S.p.A. with registered offices in Via A. Olivetti, 11- Molfetta (BA);</li>
<li>Exprivia Projects Srl with registered offices in Via della Bufalotta 378 – Rome.</li>
</ul>
<p>The Data Controllers have appointed a person responsible for the protection of personal data or Data Protection Officer in compliance with Art. 37 and following of EU Regulation 2016/679, who may be contacted:</p>
<ul>
<li>for Exprivia SpA at the following address and email: <a href="mailto:DPO_ExpriviaSpa@exprivia.com">DPO_ExpriviaSpa@exprivia.com</a></li>
<li>for Exprivia Projects Srl at the following address and email: <a href="mailto:DPO_ExpriviaProjects@exprivia.com">DPO_ExpriviaProjects@exprivia.com</a></li>
</ul>
<p>The data processing connected to the report is handled exclusively by specifically appointed/authorised personnel, trained in the correct processing of personal data which, in no case, shall be disclosed.</p>
<p>You may contact the Data Controllers or the DPO at the emails indicated above to exercise these rights.</p>
<h4><strong>Purpose of the processing</strong></h4>
<p>The processing is carried out in order to:</p>
<ul>
<li>undertake the necessary investigative activities aimed at establishing the validity of the reported facts, acquired in the execution of the employment relationship and related to illegal or fraudulent activities that may consist of civil, criminal, administrative or accounting offences or the failure to comply with the organisation model pursuant to decree 231/2001 and based on precise and consistent factual elements, or on violations of the organisation and management model of the Companies of the Exprivia Group, that have come to light as a result of the functions performed;</li>
<li>Ensure compliance with the prohibition to engage in direct or indirect retaliatory or discriminatory acts against the reporting party for reasons directly or indirectly connected to the report, also through communication to ANAC or the National Labour Inspectorate;</li>
<li>Adopt the disciplinary sanctions foreseen by the Employer in accordance with the organisational model referred to in Law 231/2001 both towards those who violate the measures introduced to protect the reporting subject and towards those who file reports with malicious intent or through gross negligence that turn out to be unfounded.</li>
</ul>
<p>The legal basis of the processing, for all reports that concern civil, criminal, administrative and accounting offences as prescribed by national legislation or the European Union rules provided for in Directive 2019/1937, should be identified in fulfilment of the legal obligations of the data controller referred to in Legislative Decree 24/2023 implementing the aforementioned Directive. The legal basis is, therefore, constituted by art. 6 lett. C of the GDPR and where reports are made relative to the performance of activities for the provision of services in favour of public bodies the legal obligation is based on art. art. 54 bis, paragraph 2, of Italian Legislative Decree 165/2001.</p>
<p>With reference to the «special» data foreseen by art. 9 of the GDPR (e.g. data on health, race, ethnicity, sexual orientation, political, trade union and religious beliefs, genetic data, biometric data, etc.) the legal basis is to be found in the provisions of art. 9, par. 2 lett. f), which relates to the ascertainment, exercise or defence of a right in court, it being understood that, with regard to some aspects related to the employment relationship, the legal basis can be found in lett. b) of the same provision.</p>
<p>On the other hand, with regard to judicial data, collection can be carried out if it is designed to prevent the criminal liability of the company in accordance with the rationale of law 231/2001 and in compliance with the provisions of art. 10 of the GDPR.</p>
<h4><strong>Methods of data processing and storage</strong></h4>
<p>Personal data is processed with automated means (e.g. using electronic procedures and media) and/or manually (e.g. in hard copy format) for the time strictly necessary to achieve the purposes for which it was collected and, in any case, in compliance with the applicable legal provisions on the matter. Specific security measures are followed to prevent data loss, unlawful or incorrect use, and unauthorised access.</p>
<p>No automated decision-making and profiling will be applied to the collected data.</p>
<p>The documentation will be retained for a period of five years in accordance with the provisions of art. 14 of Legislative Decree 24/2023 and taking into account the provision related to administrative sanctions in the event of various non-compliances envisaged by art.   21 of Legislative Decree 24/2023 which make it therefore necessary to proceed with retention. Once this term has elapsed, the data will be erased or anonymised, unless their further retention is required to fulfil legal obligations or to comply with orders issued by Public Authorities or for defence-related needs.</p>
<h4><strong>Data transfer</strong></h4>
<p>The recipients of the data collected as a result of the report, where appropriate, are the Companies&#8217; internal whistleblowing offices, the Supervisory Authority, the Judicial Authority, the Court of Auditors (for reports made that refer to the activities of the entities in favour of which the Group companies provide public services), ANAC and the National Labour Inspectorate.</p>
<p>In particular, data may be transmitted to:</p>
<ul>
<li>external consultants (e.g. law firms) possibly involved in the investigative phase of the report;</li>
<li>The Internal Office responsible for managing reports set up in compliance with the obligation pursuant to Legislative Decree 24/2023 and the corporate functions involved in the examination and evaluation of reports;</li>
<li>manager(s) of the department(s) involved in the report (e.g. Internal Audit department, Legal department, Supervisory Body or other reference departments for the reported subject);</li>
<li>organisational positions tasked with carrying out investigations on reports in cases where their knowledge is essential in order to understand the reported events and/or to conduct the relative related investigation and/or processing activities;</li>
<li>institutions and/or Public Authorities, Judicial Authorities, Police Entities, investigative Agencies;</li>
<li>supervisory body appointed pursuant to Legislative Decree 231/2001 exclusively for the predicate offences and in instances that involve the violation of the organisational models, of the specific approved procedures and of the Code of Ethics;</li>
<li>manager responsible for the prevention of corruption and transparency (RPCT), where appointed;</li>
<li>ANAC and National Labour Inspectorate when retaliatory acts against the reporting party have been confirmed.</li>
</ul>
<p>The personal data collected are also processed by the Data Controller&#8217;s personnel, who act on the basis of specific instructions provided in relation to the purposes and procedures of the same processing having first been appointed as an authorised data processor pursuant to art. 2 quaterdecies of the Privacy Code. The personal data collected will not be disseminated, nor will it be transferred to third countries (outside the EU).</p>
<p>You may exercise the rights referred to in art. 15 &#8211; 22 of the GDPR, without prejudice to the limitations of which you have also been informed in this information sheet, such as the right of access, rectification, erasure (right to be forgotten), limitation or portability through the Data Controllers at their offices or by email also to the DPO. Using the same methods, you can request the list of managers appointed pursuant to Art. 28 GDPR in relation to the processing referred to in this information sheet.</p>
</div></div></div></div></div>
<p>L'articolo <a href="https://www.exprivia.it/es/privacy/reported-party-privacy-policy/">Reported party privacy policy</a> proviene da <a href="https://www.exprivia.it/es/">Exprivia</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.exprivia.it/es/privacy/reported-party-privacy-policy/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Reporting party privacy policy</title>
		<link>https://www.exprivia.it/es/privacy/reporting-party-privacy-policy/</link>
					<comments>https://www.exprivia.it/es/privacy/reporting-party-privacy-policy/#respond</comments>
		
		<dc:creator><![CDATA[Marco Mina]]></dc:creator>
		<pubDate>Fri, 22 May 2026 15:44:29 +0000</pubDate>
				<category><![CDATA[Privacy]]></category>
		<guid isPermaLink="false">https://new.exprivia.it/?p=14522</guid>

					<description><![CDATA[<p>REGULATORY PRINCIPLES This information is provided to users/visitors who interact with the official web system of the Exprivia Group, for reports on potential illicit acts or irregularities that have come to their attention in the context of work and is aimed at promoting a culture of ethics and lawfulness against irregular conduct witnessed, accessible  [...]</p>
<p>L'articolo <a href="https://www.exprivia.it/es/privacy/reporting-party-privacy-policy/">Reporting party privacy policy</a> proviene da <a href="https://www.exprivia.it/es/">Exprivia</a>.</p>
]]></description>
										<content:encoded><![CDATA[<div class="fusion-fullwidth fullwidth-box fusion-builder-row-3 fusion-flex-container nonhundred-percent-fullwidth non-hundred-percent-height-scrolling" style="--awb-border-radius-top-left:0px;--awb-border-radius-top-right:0px;--awb-border-radius-bottom-right:0px;--awb-border-radius-bottom-left:0px;--awb-flex-wrap:wrap;" ><div class="fusion-builder-row fusion-row fusion-flex-align-items-flex-start fusion-flex-content-wrap" style="max-width:1248px;margin-left: calc(-4% / 2 );margin-right: calc(-4% / 2 );"><div class="fusion-layout-column fusion_builder_column fusion-builder-column-2 fusion_builder_column_1_1 1_1 fusion-flex-column" style="--awb-bg-size:cover;--awb-width-large:100%;--awb-margin-top-large:0px;--awb-spacing-right-large:1.92%;--awb-margin-bottom-large:0px;--awb-spacing-left-large:1.92%;--awb-width-medium:100%;--awb-spacing-right-medium:1.92%;--awb-spacing-left-medium:1.92%;--awb-width-small:100%;--awb-spacing-right-small:1.92%;--awb-spacing-left-small:1.92%;"><div class="fusion-column-wrapper fusion-flex-justify-content-flex-start fusion-content-layout-column"><div class="fusion-text fusion-text-3"><h3>REGULATORY PRINCIPLES</h3>
<p>This information is provided to users/visitors who interact with the official web system of the Exprivia Group, for reports on potential illicit acts or irregularities that have come to their attention in the context of work and is aimed at promoting a culture of ethics and lawfulness against irregular conduct witnessed, accessible electronically at the address <a href="https://whistleblowing.exprivia.it/#/">https://whistleblowing.exprivia.it/#/</a></p>
<p>The following information is provided, pursuant to:</p>
<ul>
<li>13 of EU Regulation 2016/679;</li>
<li>Italian Legislative Decree 24 of 2023, which repealed paragraph 2 bis of Art. 6 of Italian Legislative Decree 231/2001 and specifically introduced in art. 13, the obligation to issue privacy disclosures to whistleblowers as well as to the persons involved;</li>
<li>Resolution no. 311 of 12 July 2023 &#8211; “Guidelines on the protection of whistleblowers reporting violations of EU law and protection of whistleblowers reporting violations of national regulatory provisions. Procedures for the submission and management of external reports», better known as the Whistleblowing Guidelines, published in the Official Journal General Series no. 172 of 25 July 2023;</li>
<li>the Opinion of the Personal Data Protection Authority, issued on 6 July 2023, regarding the Guidelines Information Sheet on the protection of whistleblowers who report violations of EU law and the protection of whistleblowers who report violations of Italian regulatory provisions. Procedures for the presentation and management of external whistleblowing reports adopted by ANAC (docweb no. 9912239);</li>
<li>the Operating Guide for private entities entitled “New whistleblowing regulations” adopted by Confindustria in October 2023;</li>
<li>the Directive (EU) 2019/1937 of the European Parliament and the Council of 23 October 2019, concerning the protection of whistleblowers who report violations of EU law (OJEU L. 305 of 26/11/2019, p. 17–56).</li>
<li>law no. 179 of 30 November 2017, «Provisions for the protection of the authors of reports of crimes or irregularities of which they have become aware in the context of a public or private employment relationship», which entered into force on 29 December 2017, which provides for an article concerning the «Protection of employees or collaborators who report offences in the private sector «, and establishes, for the first time in our legal system, specific measures to protect whistleblowers in the private sector, adding para. 2-bis within art. 6 of the Italian Legislative Decree no. 231 of 8 June 2001, «Regulations on the administrative liability of legal persons, companies and associations also not recognised as legal entities, pursuant to art. 11 of law no. 300 of 29 September 2000»; This paragraph 2-bis was replaced by art. 24 of Italian Legislative Decree no. 24 of 2023, which establishes that the Organisational Models 231 provide for internal whistleblowing channels, for the prohibition of retaliation and for the disciplinary system;</li>
<li>Opinion of the Personal Data Protection Authority of 4 December 2019, doc web no. 9215763, on the outline of the “Guidelines for the protection of the authors of reports of crimes or irregularities of which they have become aware by reason of an employment relationship pursuant to art. 54 bis of Italian Legislative Decree 165/2001 («whistleblowing») of ANAC.</li>
</ul>
<h3>PURPOSE OF THE WHISTLEBLOWING REPORTS</h3>
<p>The system is intended for employees of the Exprivia Group and all those who in general operate in Italy and abroad, on behalf or for the benefit of the Group, or who have business relationships with the latter through any type of contract or assignment and who have become aware of the unlawful act that will be reported within the work context.</p>
<p>The events to be reported must concern, in general, the reasonable and legitimate suspicion or awareness in good faith of unlawful conduct or irregularities of which one has gained knowledge in the context of the work activity that may be detrimental to the integrity of the Exprivia Group, such as, for example, the violation of Italian laws which include violations of the predicate offences under Legislative Decree 231/2001, violation of the Organisational Model 231 as well as the violation of the directly applicable European regulations and implementing rules on public contracts; services, products and financial markets and prevention of money laundering and terrorist financing; products and services safety and compliance with the law; transport safety; environmental protection; radiation protection and nuclear safety; animal food and feed safety as well as animal health and welfare; public health; consumer protection; privacy and personal data protection and the security of networks and information systems, as well as other specifically identified European regulations.</p>
<p>On the other hand, the following should not be the subject of whistleblowing reports:</p>
<ul>
<li>requests related to a personal interest of the whistleblower, or of the person who has filed a complaint with the judicial or accounting authority that relate to his/her individual employment or employment relationships;</li>
<li>reports of violations already governed by other European Union acts stated in Part II of the Annex to Legislative Decree 24/2023;</li>
<li>reporting on national security, defence systems and similar matters.</li>
</ul>
<p>This policy describes the management methods of the official system of the Exprivia Group, but not of other external websites that may be consulted by the user via links. Additional information may be provided within specific sections.</p>
<p>Italian Legislative Decree 24/2023, art. 12, requires that the identity of the whistleblower and any other information that may be inferred, directly or indirectly, be protected, unless the whistleblower has given his/her consent to the disclosure of his/her report to third parties.</p>
<p>In the context of disciplinary proceedings against the reported person, the identity of the whistleblower may not be disclosed if the allegation of the disciplinary charge is based on further investigations beyond the report.</p>
<p>It should be noted that if the knowledge of the whistleblower is essential for the defence of the reported person, the whistleblowing report may be used in the disciplinary proceedings against the reported person only if the whistleblower gives his/her consent to the disclosure of his/her identity or the set forth legal conditions are met. This disclosure is issued as of now, also pursuant to art. 12 paragraphs 5 and 6 of Legislative Decree 24/2023.</p>
<p>With regard to the cases in which it is necessary to identify the whistleblower, please refer to the Whistleblowing Reporting Procedure prepared by the Data Controllers.</p>
<p>It should be noted that to protect privacy, whistleblowing reports are exempt from the accessing procedures set forth in Italian Law 241/1990 as well as other civic access procedures.</p>
<p>Please indicate in your report that you wish to keep your identity confidential and that you wish to make use of the regulatory protection system also against retaliation.</p>
<h3>WHISTLEBLOWING CHANNELS</h3>
<p>Please be reminded that for reporting purposes you may use all the whistleblowing channels adopted by the Data Controller companies, such as:</p>
<ul>
<li>The IT platform accessible from the website of the Data Controller companies;</li>
<li>The telephone number of the company switchboard to be used depends on whether or not you wish to release information on your identity, although we would remind you that the telephone in any case allows your voice to be heard and that it is a type of personal data for which you may be identifiable;</li>
<li>Request for a meeting that can be sent, through the company switchboard, to the reporting management office set up at the Data Controller companies and that can be contacted directly in person or by telephone at the dedicated number activated by the Data Controller companies;</li>
<li>Submission on paper by post. If you choose this method, please use a double envelope and insert the report in a separate envelope addressed to the whistleblowing office.</li>
</ul>
<p>On the other hand, please avoid sending your reports by email or by certified email, given that, as highlighted by the Personal Data Protection Authority in its Opinion of 6 July 2023 on the ANAC Guidelines of 2023 regarding whistleblowing reports, such methods do not allow us to protect the confidentiality of your identity in view of the technical security measures protecting such methods.</p>
<p>The internal reporting channels are established, in the private sector, in compliance with the Organizational Model 231 or an internal deed (e.g. Regulation) based on said Model.</p>
<h3>THE RIGHT OF RETRACTING THE WHISTLEBLOWING REPORT</h3>
<p>We remind the whistleblower that if he/she chooses to do so, he/she will always be able to retract the whistleblowing report by means of a notice to be sent through the channel originally selected for submitting the report. The investigation may continue in any event, if it concerns a serious matter.</p>
<h3>TYPE OF DATA PROCESSED AND PURPOSE OF THE PROCESSING</h3>
<p>The processing is carried out in order to:</p>
<ul>
<li>fulfil all the obligations set forth in Legislative Decree 24 of 2023 on whistleblowing, which ratified EU Directive 2019/1937;</li>
<li>initiate the necessary investigative activities aimed at verifying the validity of the reported fact, learnt during the course of the employment relationship and regarding unlawful or fraudulent activities, as specified in Legislative Decree 24/2023, which may concern:</li>
</ul>
<ol>
<li>administrative, accounting, civil or criminal offences;</li>
<li>unlawful conduct relevant for the purposes of Italian Legislative Decree no. 231/2001;</li>
<li>offences falling within the scope of European Union law;</li>
<li>acts or omissions that harm the financial interests of the European Union, including violations of European Union rules;</li>
<li>internal market acts or omissions or acts or omissions that undermine the acts of the European Union stated in the preceding points.</li>
</ol>
<ul>
<li>prohibiting retaliatory or discriminatory acts pursuant to art. 19 of Legislative Decree 24/2023, direct or indirect, against the whistleblower and the facilitators for reasons related, directly or indirectly, to the whistleblowing report, also through communication to INPS;</li>
<li>adopting the disciplinary sanctions foreseen by the Employer in accordance with the organisational model referred to in Law 231/2001 both with regard to those who violate the measures introduced to protect the reporting subject and those who file reports with malicious intent or through gross negligence that turn out to be unfounded;</li>
<li>fulfilling legal obligations (e.g. Euro Reg. 679/2016, Italian Legislative Decree 24 of 2023 on whistleblowing, etc.).</li>
</ul>
<p>The legal basis of the processing is inherent in the need to fulfil a legal obligation to which the Data Controller is subject, with reference to the provisions contained in Legislative Decree 24 of 2023 on the ratification of EU Directive no. 2019/1937 regarding whistleblowing, as well as in Law no. 179 of 30 November 2017 («Provisions for the protection of the authors of reports of crimes or irregularities of which they have become aware in the context of a public or private employment relationship») and in Italian Legislative Decree no 231 of 8 June 2001 («Regulations governing the administrative liability of legal persons, companies and associations, including those without legal personality, pursuant to art. 11 of law no. 300 of 29 September 2000»).</p>
<p>In more detail, the processing of personal data carried out by the Data Controller is therefore necessary to fulfil a legal obligation to which the Data Controller is subject (art. 6, § 1, letter c) of Regulation 679/2016), and, with regard to particular categories of data (art. 9, § 2, letter b) of Regulation 679/2016) or to data relating to criminal convictions and offences, may also be considered necessary for the performance of a task of public interest contemplated by the law (art. 6, § 1, lett. e) and art. 9, § 2, lett. g) and 10 of the Regulations.</p>
<p>The personal data of those reported may also be used for the fulfilment of legal obligations. The data of the reporting parties may be processed only in the cases provided for by current legislation.</p>
<p>The provisions for protecting the privacy and security of personal data processed on the sites linked from or to the Exprivia Group site are not covered by this privacy policy. Therefore, Exprivia is not responsible for the privacy practices of these sites.</p>
<h3>METHOD OF DATA PROCESSING AND STORAGE</h3>
<p>Personal data is processed with automated means (e.g. using electronic procedures and media) and/or manually (e.g. in hard copy format) for the time strictly necessary to achieve the purposes for which it was collected and, in any case, in compliance with the applicable legal provisions on the matter and therefore no later than five years from the date of the communication of the final outcome of the whistleblowing procedure, as provided for in art. 14 of Legislative Decree 24/2023.</p>
<p>Specific security measures are followed to prevent data loss, unlawful or incorrect use, and unauthorised access. No automated decision-making and profiling will be applied to the collected data.</p>
<p>After this period, the data will be deleted or anonymised, unless further retention is required to fulfil legal obligations or to comply with orders issued by public authorities or to exercise the right of defence.</p>
<h3>SPECIFIC NEWS FOR THE REPORTING CHANNEL CONSISTING OF THE IT PLATFORM</h3>
<p>The Data Controllers do not track whistleblowers who use the IT channel.</p>
<h3>SPECIFIC NEWS FOR THE WHISTLEBLOWING CHANNEL CONSISTING OF DIRECT MEETINGS</h3>
<p>The whistleblower, pursuant to art. 13 of Legislative Decree 24/2023, may request to be heard by the Internal Whistleblowing Office to submit the report through a direct meeting.</p>
<p>In this case, in accordance with the provisions of Italian Legislative Decree 24/2023, art. 14, paragraph 4, the minutes of the meeting shall be drawn up.</p>
<p>If the minutes are drawn up, the whistleblower has the right to verify, rectify and confirm the minutes of the meeting by signing them.</p>
<h3>SPECIFIC NEWS FOR THE REPORTING CHANNEL CONSISTING OF THE TELEPHONE LINE</h3>
<p>The whistleblower may also submit his/her allegations of an unlawful act by telephone.</p>
<p>The whistleblowing report is documented in writing through a report of the conversation, by the Internal Whistleblowing Office; the whistleblower verifies, rectifies or confirms the content of the detailed report by signing it.</p>
<p>In the short statement issued over the phone, reference is made to the link where this extended statement can be found.</p>
<h3>DATA CONTROLLER, DATA PROTECTION OFFICER (DPO) AND APPOINTEES</h3>
<p>Independent Data Controllers of personal data relating to identified or identifiable persons collected through this system are the Companies belonging to the Exprivia Group:</p>
<ul>
<li>Exprivia S.p.A. with registered offices in Via A. Olivetti, 11- Molfetta (BA);</li>
<li>Exprivia Projects S.r.l. with registered offices in Via della Bufalotta 378 – Rome.</li>
</ul>
<p>The Data Controllers have appointed a person responsible for the protection of personal data or Data Protection Officer in compliance with Art. 37 and following of EU Regulation 2016/679, who may be contacted:</p>
<ul>
<li>for Exprivia S.p.A. at the following email address: <a href="mailto:DPO_ExpriviaSpa@exprivia.com">DPO_ExpriviaSpa@exprivia.com</a></li>
<li>for Exprivia Projects Srl at the following email address: <a href="mailto:DPO_ExpriviaProjects@exprivia.com">DPO_ExpriviaProjects@exprivia.com</a></li>
</ul>
<p>The processing connected to the web services of this site are exclusively handled by technical personnel, appointed/authorised and trained in the correct processing of personal data which, under no circumstances, will be disseminated.</p>
<p>For the purposes of managing the whistleblowing procedure, the persons authorised to the data processing were also identified as the parties who make up the Whistleblowing Report Office pursuant to art. 2 <em>quaterdecies</em> of the Privacy Code.</p>
<p>The whistleblowing report management office is an internal office. For contact details and composition of said office, see the Whistleblowing Procedure published on the websites of the Data Controller companies.</p>
<h3>COMMUNICATION AND/OR DISSEMINATION OF DATA</h3>
<p>The recipients of the data collected following the whistleblowing report, if necessary, are the Judicial Authorities, the Court of Auditors and the ANAC.</p>
<p>In particular, data may be transmitted to:</p>
<ul>
<li>external consultants (e.g. law firms) possibly involved in the investigative phase of the report;</li>
<li>the members of the Internal Whistleblowing Office and the corporate functions involved in the review and assessment of the reports;</li>
<li>organisational positions tasked with carrying out investigations on reports in cases where their knowledge is essential in order to understand the reported events and/or to conduct the relative related investigation and/or processing activities;</li>
<li>institutions and/or Public Authorities, Judicial Authorities, Police Entities, investigative Agencies;</li>
<li>supervisory body appointed pursuant to Legislative Decree 231/2001 where the report concerns a predicate offence or the violation of the Organisational Model 231;</li>
<li>manager responsible for the prevention of corruption and transparency (RPCT &#8211; Responsabile prevenzione corruzione e trasparenza ), where appointed;</li>
<li>the reported person where knowledge of the identity of the whistleblower is necessary for the defence of the reported person;</li>
<li>INPS and ANAC when retaliatory acts against the reporting party have been confirmed</li>
</ul>
<p>The personal data collected are, above all, processed by the Data Controller&#8217;s staff who make up the Internal Whistleblowing Office and act on the basis of specific instructions provided for the purposes and procedures of the same processing.</p>
<p>These instructions are contained both in the specific procedure published on the website and in the instructions prepared also for training purposes.</p>
<p>The personal data collected will not be disseminated, nor will it be transferred to third countries (outside the EU).</p>
<h3>DATA RETENTION</h3>
<p>The Data Controllers are required to retain the whistleblowing report for no more than five years from the date of the final outcome of the reporting procedure (art. 14, paragraph 1, of the Decree). In the event that this outcome must be communicated to the whistleblower who provided his/her personal data, this term refers to the date of communication of the final outcome to the whistleblower as per the ANAC Guidelines resolution no. 211 of 11 July 2023.</p>
<p>The Data Controllers shall protect confidentiality during this period (without prejudice to the cases provided for in art. 12, paragraphs 3-5, of the Decree), and, after this period has elapsed, since the report would have to be cancelled, the possibility of tracing the identity of the whistleblower would in any case be removed (Part One, Section 4.1.3)</p>
<p>All data received in the whistleblowing report that are clearly irrelevant with respect to the reported matter will be erased.</p>
<p>Erasure shall take place in different ways depending on how the whistleblowing report is received, i.e. by deletion, destruction, etc.</p>
<p>Erasure from the IT platform, for example, will take place through deletion.</p>
<p>During the entire period of data storage, the whistleblower who has decided not to remain anonymous (and who may use the system of protection against retaliation), has the right of access to all documents relating to the investigation and proceedings until they are cancelled.</p>
<h3>DATA SUBJECT RIGHTS</h3>
<p>The “data subjects”, i.e. the natural persons to whom the data refers, have the right, at any time, to access the information concerning them and to ask for its updating, rectification and supplementation, as well as erasure, anonymisation or blocking, the restriction of processing, and data portability, as well as to object to, for legitimate reasons, data processing in full or in part, in accordance with articles 15 to 22 of EU Regulation 2016/679.</p>
<p>Furthermore, if the processing of their data is based on consent, the data subjects may withdraw it at any time (for example for the purpose of communicating the identity of the reported person, where this knowledge is not essential for his/her defence). The withdrawal of consent does not invalidate the previous processing. Please note that the interested party can always oppose the processing for promotional purposes.</p>
<p>Portability consists of the right of the interested party to receive, in a structured format, commonly used and readable by an automatic device, the personal data provided to the Data Controllers, as well as the transmission of the same to another data controller, and this at any time, even upon the termination of any relationships with the Data Controllers.</p>
<p>The processing of personal data for IT security purposes or for protection needs fall in the category of processing for the legitimate interests of the Controller, in which case the data subject may object only for reasons connected to his or her specific situation, which the Controller will evaluate without prejudice to the execution of the defensive purposes.</p>
<p>For any information regarding the processing of data, as well as to exercise the rights provided for in articles 15 to 22 of EU Regulation 2016/679, users can send an email to the addresses of the DPO specified above.</p>
<p>Furthermore, interested parties have the right to contact the Data Protection Authority for the protection of personal data or other authorities to lodge a complaint regarding the processing of their personal data, in the event of a breach of law, pursuant to art. 77 of the GDPR information.</p>
</div></div></div></div></div>
<p>L'articolo <a href="https://www.exprivia.it/es/privacy/reporting-party-privacy-policy/">Reporting party privacy policy</a> proviene da <a href="https://www.exprivia.it/es/">Exprivia</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.exprivia.it/es/privacy/reporting-party-privacy-policy/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
