Effective Date: 03/20/2020
NTT Data Italia S.p.A. (“Company” or “we”), which can be contacted at the email address [email protected] wants to inform you about how we collect, use and disclose personal data from and about you, through this website (“Website“) and all its associated mobile sites (collectively, the “Company Services”), in compliance with all applicable data protection laws and regulations.
|The Company is the data controller of the personal data we collect from and about you through the Website and the Services.
For further information click here [LINK TO PARAGRAPH 1]
|What kind of personal data do we collect about you?
|The Company might collect data from and about you.
More in particular, the Company collects (1) data that you have volountarily shared with the Company, (2) activity data and (3) information shared with other sources.
However, we do not collect either financial information or special categories of personal data relating to you (e.g., health or judicial data).
For further information click here [LINK TO PARAGRAPH 2]
|How do we use your personal data?
|The main reason why we collect data about you is to allow you to use the Website or to provide you with our Company Services and to allow you to interact with such services.
We currently do not process your data to send offer, marketing communications etc. Should we plan this in future we will do it , only with your prior consent, For further information click here [LINK TO PARAGRAPH 3].
|On what ground do we use your personal data?
|Your personal data are mainly collected in order to allow you to use the Website and the relevant Services.
Your personal data are also necessarily collected to comply with legal obligation or to protect the legitimate interests of the Company.
Failure to provide such data may entail the impossibility to offer you the Company Services or grant you access to the Website, as the case may be.
For further information click here [LINK TO PARAGRAPH 4].
|How do we process your personal data?
|The security of your data is a priority for us. For this purpose, the Company has implemented adequate administrative, technical and physical measures to safeguard your personal data against loss, theft and unauthorized use, disclosure or modification.
For further information click here [LINK TO PARAGRAPH 5].
|Who can access to your personal data?
|The Company might share your personal data with (i) service providers, (ii) our affiliated companies and (iii) national authorities, when allowed by applicable laws.
We may also share your personal data with our commercial partners for their marketing purposes but only upon your prior optional consent.
For further information click here [LINK TO PARAGRAPH 6].
|Is your personal data transferred abroad?
|Your personal data might be transferred to other countries within the European Economic Area (EEA). In any case, we always make sure that appropriate and suitable safeguards compliant with applicable laws are in place to protect your personal data.
For further information click here [LINK TO PARAGRAPH 7].
|What are your rights with regard to your personal data?
|You have among others the right to access, integrate, update, amend and delete your personal data.
For further information click here [LINK TO PARAGRAPH 8].
|What is going to happen on May 25, 2018?
|The EU General Data Protection Regulation 2016/679 is becoming effective on May 25, 2018, introducing among others additional rights for individuals.
For further information click here [LINK TO PARAGRAPH 9].
|How can I contact you with regard to the processing of my personal data?
|You can contact us at the following email address [email protected].
- WHAT TYPE OF PERSONAL DATA DO WE COLLECT ABOUT YOU?
The Company collects (1) registration data, (2) data that you have volountarily shared with the Company, (3) activity data collected when you access and interact with the Website or the Company Service and (4) More in particular, the Company collects the following data from and about you:
- Registration data: none as we currentlyfdo tno have a registration form.
- Data that you have volountarily shared with the Company: we might collect your personal data (such as name surname, email, organization and phone number) if you submit a request through the contact form made available to you via Website.
- Information from Other Sources. We may supplement the information we collect with information from other sources, such as publicly available information from social media services and commercially available sources.
When the information collected from or about you does not identify you as a specific person, directly or indirectly, we may use that information for any purpose or share it with third parties, to the extent permitted by applicable data protection laws and regulations.
We do not collect:
- Special categories of personal data: we ask that you do not send us, and you do not disclose, any information included in a special category of personal data (such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the Website, the Company Services or otherwise.
- HOW DO WE COLLECT YOUR PERSONAL DATA?
We process the personal data we collect from and about you to:
- Allow you to use the Website and, as the case may be, provide you with the Company Services that best suit you;
- measure and improve those Company Services and features;
- improve your experience on the Website and with both online and off-line Company Services by delivering content you will find relevant and interesting;
- provide you with customer support and to respond to inquiries;
- complete a merger or sale of assets. With this regard if the Company sells all or part of its business or makes a sale or transfer of its assets or is otherwise involved in a merger or transfer of all or a material part of its business, the Company may transfer your information to the party or parties involved in the transaction as part of that transaction;
When the data collected from or about you does not identify you personally, we may use that information for additional purposes or share it with third parties.
- ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA?
The processing of your personal data for the purposes of:
- HOW DO WE PROCESS YOUR PERSONAL DATA?
With regard to the above mentioned purposes, the data is processed through both electronic and manual means, and is protected through adequate security measures. With this regards, although the Company uses appropriate administrative, technical, personnel and physical measures to safeguard personal data in its possession against loss, theft and unauthorized use, disclosure or modification, it cannot guarantee that all possible cyber-risks can be excluded.
- WHO HAS ACCESS TO YOUR PERSONAL DATA?
Third parties service providers entrusted with processing activities and duly appointed as processors when required by applicable laws, e.g. cloud service providers, other entities of the group, providers of services instrumental to or supporting the Company Services – and thus, by way of example and without limitation, companies that provide IT services, experts, consultants and lawyers – companies resulting from possible mergers, demergers, or other transformations, and
Company Affiliates, in their capacity of data controllers or data processors, a list of which Company Affiliates is available by contacting us ay [email protected].
Competent national authorities in order to comply with applicable laws.
- IS YOUR PERSONAL DATA TRANSFERRED ABROAD?
Your personal data may be transferred to countries within the European Economic Area (EEA), in particular in Germany and UK. Some non EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place appropriate and suitable safeguards to protect your personal data and that transfer of your personal data is in compliance with the requirements and the obligations provided by applicable data protection laws, such as standard contractual clauses adopted by the European Commission as per Articles 45 and 46 of the EU General Data Protection Regulation 2016/679 (the “GDPR“).
- WHAT ARE YOUR RIGHTS WITH REGARD TO YOUR PERSONAL DATA?
You have the right, at any given time, to:
- obtain confirmation as to whether or not your personal data exist and to be informed of its content and source, verify its accuracy or request integration, update or amendments;
- request the deletion, conversion to an anonymous form or restriction of any personal data processed in breach of the applicable law;
- oppose its processing, in all cases, for legitimate reasons.
Also, the additional rights outlined in Section 9 below will be effective from May 25, 2018.
- WHAT IS GOING TO HAPPEN FROM MAY 25, 2018?
From 25 May 2018, the GDPR will become effective and the following provisions will apply:
- Retention period applying to your personal data
At the end of the retention period your personal data will be either cancelled, anonymized or aggregated.
- Please refer to our Data Retention Policy which can be requested by sending an email at [email protected].
- Additional rights
- request to Company to limit the processing of your personal data where:
- You contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
- The processing is unlawful but you do not want us to erase the data;
- We no longer need the personal data for the purposes of the processing, but you require them for the establishment, exercise or defense of legal claims; or
- Where you have objected to processing justified on legitimate interests grounds pending verification as to whether the Company has compelling legitimate grounds to continue processing.
- object to the processing of your personal data;
- request the erasure of your personal data without undue delay;
- the right to data portability (i.e. to receive an electronic copy of your personal data, if you would like to port your personal data to yourself or a different provider), when we are relying upon your consent or the fact that the processing is necessary for the provision of the Company Services and the personal data is processed by automatic means;
- the right to lodge a complain with the relevant supervisory authority.
- CONTACT US
DATA Privacy Notice for the “NTT DATA R&D Forum 2019” (“Data Privacy Notice”)
according with the EU REGULATION 2016/679
of the European Parliament and of the Council of 27 April 2016
on the protection of personal data (“EU Data Protection Regulation”)
1. This is the Data Privacy Notice in relation to your registration – via this website (“Website”) to the event NTT DATA R&D Forum 2019 scheduled to be held in Tokyo from 12th to 14th of November 2019 (the “Event”).
2. You are hereby asked to confirm your consent on processing your Personal Data, according with EU Data Protection Regulation.
3. NTT DATA EMEA Ltd. (“EMEA” or simply “We”), whose address is at 3rd Floor, 2 Royal Exchange, London EC3V 3DG, United Kingdom, is one of the Regional Sub-holdings of NTT DATA Corp., stock listed in Japan.
4. EMEA is the Data Controller for the Purposes as set forth in the clause 3 below and with this Data Privacy Notice informs you, as Data Subject, on the following.
2.- NECESSARY INFORMATION WE NEED TO COLLECT FROM YOU
1. We need to collect and process the following information about you:
1. Your name, surname, job title, company, email, telephone number, country, date of arrival and departure and other personal information you may agree to provide including food preferences and allergies, provided that food preferences and allergies will be provided to Third Party Recipients, as defined in clause 4.1 below with no indication of your name and last name (collectively referred to as the “Personal Data“).
2. Please note that We will be unable to register you and to welcome you at the Event, until and unless you fill in the form in this Website and provide your acceptance to the processing of your Personal Data according to this Data Privacy Notice.
1. We use Your Personal Data in the following ways and for the following reasons (the “Purposes”):
a. to enable You to register to the Event;
b. to confirm You that You have been registered to attend the Event;
c. to organize suitable arrangements for Your on-site travel and accommodation at the Event;
d. to provide additional information on the scheduled elements.
4.- DISCLOSURE OF YOUR PERSONAL DATA
1. Your Personal Data will be collected by NTT Data EMEA, which may share your Personal Data to third parties recipients (“Third Parties Recipients”) exclusively to organize suitable arrangements for Your on-site travel and accommodation at the Event (e.g. selected hotel and restaurant(s), transfer company, printing company to print Your name as attendee at the Event, insurance company to provide adequate insurance coverage to You in relation to the participation at the Event).
2. It is not possible to list every single Third Party Recipient of your Personal Data. The updated list of Third Party Recipients who your Personal Data may have been submitted to, can be requested at any time to the EMEA Lead Data Protection Manager, as identified and at the email address set out in the clause 9 of this Data Privacy Notice.
5.- TRANSFER OF YOUR PERSONAL DATA
1. Please note that NTT DATA Group is a leading global IT services provider and that the guests invited to the Event might be coming from various regions and countries, so that your Personal Data will be shared on a need-to-know basis and consistently with the Purposes with other companies of owned or controlled by EMEA (“EMEA Group”), which means our subsidiaries, as defined in section 1159 of the UK Companies Act 2006, within or outside the EEA, provided that in any case, such transfers will comply with the appropriate guarantees as set forth in the applicable law, and in particular with the articles 45 and 46 of the EU Data Protection Regulation.
2. You have the right to obtain copy of your Personal Data stored and/or transferred outside the EEA and to obtain information on the place where such Personal Data are stored, as provided and at the email address set out in the below clause 8 of this Data Privacy Notice.
6.- PICTURES TAKEN DURING THE EVENT
1. Please note that during the Event some pictures may be taken and/or some video recording during Your participation at the Event. These pictures and/or videos may be shared on intranet and/or websites of the EMEA Group or on social media, subject to Your explicit consent. If You intend to provide Your consent, you are kindly requested to confirm Your consent on the specific section of the Website as available. Your pictures and/or videos will be taken for the duration of the Event and in any case for a period not longer than 24 months following the end of the Event, unless you renew Your Consent for any subsequent period.
7.- RETENTION PERIOD AND SAFETY MEASURES
1. All the Personal Data you provide will be stored and retained for the period which is strictly necessary to organize and to attend the Event (“Retention Period”).
2. EMEA will take the necessary steps to ensure that your Personal Data be treated securely, with an adequate level of protection and only in accordance with the Purposes set forth in this Data Privacy Notice.
3. After the Retention Period, and in any case not later than 30 business days following the conclusion of the Event, your Personal Data will be deleted if still stored in EMEA servers and/or Third Parties Recipients servers.
8.- YOUR RIGHTS
1. EMEA informs you that, according to the EU Data Protection Regulation, at any time you have the following rights related to your Personal Data:
a. to obtain confirmation as to whether or not your Personal Data exist and to be informed of its content and source, the purposes and modalities of the processing, as well as the logic involved in case of automated processing;
b. to request update, correction or rectification of your Personal Data;
c. to withdraw your consent, without prejudice to the lawfulness of the processing based on consent previously expressed before its withdrawal;
d. to request deletion without unjustified delay, anonymization or the block of data processed unlawfully, to object for legitimate reasons to data processing, as well as right to data portability;
e. to request to limit the processing of your Personal Data where (a) you object the accuracy of your Personal Data until EMEA have taken sufficient steps to verify its accuracy, (b) processing is unlawful and you opposes the erasure of the Personal Data and requests the restriction of their use instead, (c) EMEA no longer needs the Personal Data for the purposes of processing, but you require them for the establishment, exercise or defence of legal claims;
f. to object the processing according with Article 21, paragraph 1 of the EU Data Protection Regulation, pending the verification whether the legitimate grounds of EMEA override your legitimate grounds as data subject;
g. to object processing of your Personal Data and the processing activities performed on the basis of automated decisions, including profiling.
2. You can exercise the above rights by contacting the EMEA Lead Data Protection Manager, as provided and at the email address set out in the below clause 9 of this Data Privacy Notice.
3. EMEA informs you that you have also the right to lodge a complaint with a supervisory authority, if the legal conditions are met.
1. You are encouraged to contact the EMEA Lead Data Protection Manager, duly appointed by EMEA, at the following email address [email protected], in case:
1. You wish to exercise any rights as specified in the above clauses and/or set forth in any applicable laws, or
2. You have questions, comments and requests regarding this Data Privacy Notice, or
3. You would simply like to get guidance or assistance on compliance-related matters.
1. Unless otherwise provided herein, and where applicable, any term used under this Data Privacy Notice shall have the same meaning given to them in the EU Data Protection Regulation.
London, September 25th 2019