Privacy Policy

The Data controller is SeaCorridor S.r.l., with registered office in San Donato Milanese, Piazza Ezio Vanoni, 1, which can be contacted through the section Contact us.

a) Legal and necessary purposes for the provision of services - processing necessary to fulfil a contractual or legal obligation to which the data controller is subject or to execute a specific request by the data subject

The personal data of the User may be processed, with no need for their consent, where this is necessary in order to fulfil obligations deriving from provisions of the law, as well as standards codes or procedures approved by authorities and other relevant institutions.

Furthermore, the User's personal data will be processed for purposes relating to and/or connected with the provision of services by the Company in the context of navigation on the Website.

This data - the provision of which is necessary for the operational performance of the service - will also be processed by electronic means, recorded in special databases, and used strictly and exclusively in the context of navigation on the Website.

Since the communication of the User's personal data for the aforementioned purposes is necessary for the maintenance and provision of all services related to navigation on the Website, failure to provide such information will make the provision of the specific services in question impossible.

b) Commercial and marketing purposes - consent

The User's personal data may also be processed, subject to their consent, for the following additional purposes functional to the business of the Data Controller or a third party:

• market research, economic analysis and statistics;
• marketing of the Data Controller's and/or a third party services, sending of advertising/information/promotional material and participation in initiatives and offers aimed at rewarding the Data Controller's customers;
• customer satisfaction surveys on the quality of the services provided.

These activities may concern products and services of the Data Controller, as well as of subsidiaries of SeaCorridor S.r.l. or of their business partners, and may also be carried out through an automated calling system, without the intervention of an operator, mail, including electronic mail, and SMS (Short Message Service) messages.

Consent to the processing of data and communication to the entities listed below for the aforementioned purposes is optional and may be revoked at any time via the Contact us.

c)Protection of a right in a court of law

Additionally, the personal data of the User will be processed each time it is necessary in order to ascertain, exercise or protect a right of the Data Controller or other companies coming under the scope of SeaCorridor Srl control in a court of law.

d) Data Controller's legitimate interest

The Data Controller may, without the User's consent, process the personal data collected in the following cases:

• in the event of extraordinary merger, business unit sale or transfer operations, in order to allow for the operations necessary to due diligence and prior to the transfer, to be completed. It is understood that data will only be processed for the aforementioned purposes if it is strictly necessary, in aggregate/anonymous form as far as possible.
• analysis in anonymous and aggregate form and, with exclusive reference to the direct and on-demand service of Financial Events, also "in plain text", i.e. in non-anonymous form (in the context of this service, only the following data will be processed in any case: personal data, contact data, company name, city of reference), of the use of the services used to identify users' habits and propensities, to improve the services provided and to meet specific user needs, or the preparation of initiatives related to the improvement of the services provided.
• anonymous and aggregated analysis of the use of the services used, to identify users' habits and propensities, to improve the services provided and to meet specific users' needs, or prepare initiatives related to the improvement of the services provided.
• analysis of the positioning of the brand and SeaCorridor's reputation on the internet (web listening). This includes, in particular, identifying and evaluating what is being said on the internet - the contents of which are accessible to the public - about SeaCorridor and its activities/customers, in order to capture the opinions, intentions, moods and market trends, and needs of SeaCorridor's stakeholders so that the services offered by the company can be improved. This is done by keyword searches, without identifying users.

For the pursuit of the purposes set out in point 3, the Data Controller may communicate the User's personal data to third parties, for example, thosebelonging to the following subjects or categories of subjects:

• police forces, armed forces and other public administrations in fulfilment of obligations envisaged by laws, regulations or European Communitylegislation. In this event, in accordance with applicable data protection legislation, there is no obligation to acquire prior consent of the data subjectto such communications;
• companies, entities or associations, or parent companies, subsidiaries or related companies in accordance with Article 2359 of the Italian Civil Code,or between these and companies under joint control as well as between consortia, business networks and groupings and temporary joint ventures and withsubjects adhering to such, LIMITED to communications made for administrative and/or accounting purposes;
• IT service providers

The Data Controller takes the utmost care to ensure that the communication of the User's personal data to the aforementioned recipients only concerns thedata necessary to achieve the specific purposes for which they are intended.

The User’s personal data is kept in the databases of the Data Controller and will only be processed by authorised staff. The latter will be provided withspecific instructions on the purpose and methods of processing. This data will not be disclosed to any third parties apart from those envisaged above and,in any case, with the limits set out therein.

Lastly, we would remind you that the User’s personal data will not be disseminated, except in the cases described above and/or envisaged by the law.

For any of the purposes indicated under point 3, the User’s personal data may be transferred outside the EU, including through inclusion in shared databases managed by third party companies that may or may not fall within the scope of SeaCorridor Srl control. The management of the database and the processing of such data shall be bound to the purposes for which the data was collected and take place in complete compliance with the standards of confidentiality and security pursuant to applicable personal data protection laws.

Each time the User’s personal data is transferred internationally, outside EU territory, the Data Controller will take all contractual measures suitable and necessary to guarantee a suitable level of protection of the personal data, in accordance with that specified in this personal data processing disclosure, including, amongst others, the Standard Contractual Clauses approved by the European Commission.

The data shall not be kept for any longer than is necessary for the purposes for which it was collected or subsequently processed, in line with what is set forth by legal obligations.

As data subject, the User has the following rights over the personal data collected and processed by the Data Controller for the purposes indicated in point 3: (i) right of access, in particular requesting confirmation of the existence of the User’s personal data in the Company’s archives at any time and their being made available in a clear, intelligible form and the right to know the origin, logic and purpose of processing, with the express, specific indication of appointees and data processors and any third parties to whom the User’s data may be disclosed; (ii) right to obtain the updating and correction of the data (except for evaluation data), the erasure of superfluous data or their transformation into anonymous form and the blocking of processing and definitive erasure in the event of unlawful processing; and (iii) if the criteria are met, the restriction of processing and the portability of the data. The law also grants the interested party the option of lodging a complaint with the Data Protection Authority, if the User should note any breach of your rights in accordance with applicable legislation on personal data protection.

The User may exercise the rights listed above via the section Contact us, or by writing to the Data Protection Officer dpo@sea-corridor.com.

13/05/2023