New international recognition: Irion stands out for its distinctive capabilities in augmented data quality
Request a demo
Use Case Overview
Learn how to develop applications tailored to meet unique business needs.
Success stories
So many companies have solved Data Management problems with Irion EDM: their testimonials.
Featured
Governance Hub: the heart of Reale Group’s Data Governance
Matching of Listed Derivatives
Reinsurance – Stop Loss
Calculation of port performance fees

Privacy

WEBSITE PRIVACY POLICY
https://www.irion-edm.com/it/
Arts. 13–14 of EU Regulation 2016/679

We hereby inform users, pursuant to arts. 13–14 of EU Regulation 2016/679 (hereinafter also “GDPR”), about the processing of personal data carried out through this Website (hereinafter also the “Site”), without extending to other websites that users may reach via links contained therein.

The processing of personal data is carried out in compliance with applicable data protection legislation and is based on the principles of fairness, lawfulness, transparency, and data protection.

Data Controller: Irion S.b.r.l., registered office at Via Livorno, 60 – 10144, Turin (TO) Phone: 0113818311 | Email: [email protected]

Data Protection Officer: Spaziottantotto S.r.l., registered office at Corso Ferrucci, 77/9 – 10138, Turin (TO) Phone: 0114337431 | Email: [email protected]

This notice constitutes a general obligation that must be fulfilled before, or at the latest at the time of, the commencement of direct collection of personal data. Where personal data are not collected directly from the Data Subject, the notice must be provided within a reasonable time, or at the time of communication (not registration) of the data (to third parties or to the Data Subject). Pursuant to the General Data Protection Regulation (GDPR – Reg. (EU) 2016/679), the undersigned Organisation, acting as Data Controller, provides the following information:

Sources and Categories of Personal Data

Personal data processed by the Organisation are collected directly from the Data Subject during browsing of the Site, use of its available features, and completion of contact forms, information request forms, event registration forms, or forms relating to other services that may be offered.

In this context, browsing data and technical data may be processed, collected automatically by the IT systems and software procedures used to operate the Site, as well as data relating to the manner in which the user interacts with the Site. Additionally, identifying and contact data voluntarily provided by the Data Subject may be processed, including first and last name, company, professional role, email address, phone number, and any further personal data that may be included in messages sent via the contact form or the contact details published on the Site.

The Organisation does not intentionally collect special categories of personal data as defined under art. 9 of the GDPR (e.g., data capable of revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic, biometric, health-related data, or data concerning a person’s sex life or sexual orientation). Should such data be spontaneously transmitted by the user — including via the contact form or through the submission of other documentation (e.g., a CV) — they will be immediately deleted, unless strictly necessary to fulfil the request received or to comply with legal obligations.

Cookies

This Website uses cookies, which are saved in the browser or, more generally, on the user’s device, in order to ensure the correct functioning of the Site, store certain preferences, and, where applicable, enhance the browsing experience. Cookies are small text files sent by the Site to the user’s device (usually the browser) and stored for retransmission to the same Site on subsequent visits. Some cookies last only for the duration of a session; others may persist for longer periods, depending on their purpose.

Further details, as well as instructions for managing preferences and modifying or revoking consent to the use of cookies, are available in the Site’s Cookie Policy

Browsing Data

The IT systems and software procedures used to operate the Site automatically acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected with the intent of associating it with identified individuals; however, by its very nature, it could — through processing and combination with data held by third parties — allow users to be identified. This category includes, for example: IP addresses and domain names of the devices used, URI/URLs of requested resources, time of request, submission method, response file size, server status codes (e.g., success/error), and other parameters relating to the user’s operating system and IT environment. These data are used solely for the purpose of generating anonymous/aggregate statistics on Site usage and for verifying its correct operation and security. They are retained for the minimum time necessary for those purposes and are generally deleted once processing is complete. The data may also be used to establish liability in the event of hypothetical cybercrime offences against the Site.

This Site uses SSL or TLS encryption to ensure the security of communications and protect the transmission of content and data, including requests submitted by users through the Site. An encrypted connection can be identified when the URL in the browser’s address bar begins with “https://” (rather than “http://”) and/or a padlock icon is displayed. When encryption is active, data transmitted cannot be read by unauthorised third parties.

Profiling Data

No profiling data concerning the Data Subject’s habits or consumption choices are directly collected. However, through links or embedded third-party elements, such information may be collected by independent or distinct entities. Please refer to the Third-Party Cookies section of the Cookie Policy in this regard.

Data Voluntarily Provided by the User

The optional, explicit, and voluntary submission of communications to the addresses published on the Site entails the acquisition of the sender’s email address — necessary to provide a response — as well as any additional personal data contained in the communication.

Similarly, the voluntary completion and submission of forms on the Site entails the processing of the personal data entered therein, solely for the purpose of fulfilling the user’s request. Such data may include identifying and contact information such as first and last name, company, professional role, phone number, email address, and any further information voluntarily entered by the user in the message. It is understood that the Site does not request or intentionally collect special categories of personal data as defined under art. 9 of the GDPR. Should such data be spontaneously communicated by the user, they will be immediately deleted, unless strictly necessary to fulfil the request received or to comply with legal obligations.

Should the user communicate personal data relating to third parties through the Site, the user is solely responsible for doing so and warrants that they are authorised to communicate or disclose such data, holding the Data Controller harmless from any claims or demands by third parties.

Newsletter

Email addresses used for the sending of informational and promotional communications are acquired following voluntary subscriptions by Data Subjects — which may be subject to a confirmation request — as well as in the context of commercial relationships relating to products or services of the Data Controller analogous to those already purchased or requested. Communications may concern product and service updates, informational or promotional content, event invitations, in-depth materials, and, more generally, professional information related to the Data Controller’s activities. It is noted that contacts are not acquired from public directories or third-party databases.

The recipient may at any time object to the sending of further communications or withdraw any consent previously given, by using the unsubscribe link included in each message or by contacting the Data Controller at the details provided in this notice.

Contact Form

The completion and submission of the contact form on the Site entails the processing of personal data voluntarily provided by the user, solely for the purpose of fulfilling requests for information, quotations, or other enquiries submitted via the contact form. The form is not designed to collect special category data; users are therefore invited not to transmit such information. Should such data nonetheless be spontaneously transmitted, they will be immediately deleted, unless strictly necessary to fulfil the request received or to comply with legal obligations.

Event and Initiative Registration

Through the Site, the Data Subject may provide personal data for the purpose of registering for events, initiatives, or other activities promoted by the Data Controller and/or its third-party partners.

Such data, collected directly from the Data Subject, may include identifying, contact, and professional data, as well as any further information voluntarily communicated in connection with the relevant request submitted through the Site.

Should data that are not relevant to the purpose pursued be provided in connection with such communications, they will be processed in compliance with applicable legislation and, where not necessary, will be deleted.

The detailed privacy notice is available at the following link: Events Privacy Notice

Online Surveys and Feedback

The completion and submission of surveys, questionnaires, or feedback forms that may be present on the Site entails the processing of personal data voluntarily provided by the user, for the purpose of collecting opinions, evaluations, and feedback regarding the services, events, activities, or content offered by the Data Controller, as well as analysing the results obtained and improving its services and organisational processes.

Where a form includes free-text fields, users are invited not to enter unnecessary personal data or data belonging to special categories as defined under art. 9 of the GDPR. Should such data be spontaneously provided, they will be processed to the extent strictly necessary and, where possible, promptly deleted.

Careers

Through the Site, users may submit a job application by providing their personal data and an up-to-date CV, accompanied by an authorisation to process personal data and, where data belonging to special categories are included, explicit consent to their processing (as defined under art. 9 of the GDPR).

The detailed privacy notice is available on the Informativa Smart Recruiters (Pdf)

Purposes and Legal Bases for Processing

Personal data are processed for the following purposes:

To enable browsing of the Site and ensure its correct functioning (art. 6(1)(f) of the GDPR);
To manage requests submitted by users through the Site in the course of the Organisation’s normal activities (art. 6(1)(b) of the GDPR), including, without limitation:
receiving, evaluating, and handling requests for information, contact, further details, demonstrations, quotations, or other enquiries submitted via the Site;
contacting the user and providing a response via the contact details they have provided;
carrying out the organisational and operational activities strictly necessary to fulfil the request received;
managing service communications related to the submitted request, including confirmations, updates, and further operational instructions;
To comply with legal obligations and with orders issued by competent Authorities (art. 6(1)(c) of the GDPR), including, without limitation, administrative, accounting, and fiscal obligations related to the provision of services and/or the management of contractual relationships, and to handle requests and inspections by Authorities or authorised bodies;
For the establishment, exercise, or defence of a legal claim in judicial or extrajudicial proceedings, on the basis of the Data Controller’s legitimate interest (art. 6(1)(f) of the GDPR);
For security purposes and to protect the Site and its systems, on the basis of the Data Controller’s legitimate interest (art. 6(1)(f) of the GDPR), in particular for the management and retention of browsing and usage logs necessary to ensure security and prevent and counter unauthorised access, cyberattacks, and malicious or fraudulent activities.

In addition, personal data may be processed for the following purposes:

To manage registrations for events, initiatives, or other activities promoted by the Data Controller — including in collaboration with third-party partners — received through dedicated forms on the Site, as well as for related organisational activities, communications concerning participation (art. 6(1)(b) of the GDPR), and, where applicable, the collection of images/video (art. 6(1)(a) of the GDPR);
To send the Data Controller’s newsletter — subject to the Data Subject’s consent — containing updates, informational content, in-depth materials, and communications relating to the activities, products, services, events, and initiatives promoted by the Data Controller (art. 6(1)(a) of the GDPR);
To carry out direct marketing activities — subject to the Data Subject’s consent — including the sending of promotional and commercial communications regarding the Data Controller’s products, services, events, initiatives, or other activities (art. 6(1)(a) of the GDPR);
Subject to the Data Subject’s specific consent, to communicate personal data (limited to what is necessary) to third-party partners acting as independent Data Controllers, so that they may process such data for their own marketing purposes; a complete and up-to-date list of third-party partners receiving the data is available upon request (art. 6(1)(a) of the GDPR).

Consequences of Refusing to Provide Data

The provision of personal data required for the purposes referred to in points (b) and (f) above is necessary to enable the Data Controller to fulfil the Data Subject’s requests and carry out related activities. Refusal to provide the necessary data may result in the impossibility of pursuing such purposes.

The provision of data for the purposes referred to in points (g), (h), and (i) is optional. Failure to provide data or to give consent will not affect the user’s ability to access the Site and its features, but will make it impossible to pursue the additional purposes set out therein. Similarly, failure to consent to the use of cookies will not impair browsing of the Site, but may prevent the activation of additional features or the pursuit of purposes associated with the use of such tools, as specified in the Cookie Policy.

With regard to browsing data, certain personal data are automatically acquired by the IT systems and software procedures used to operate the Site.

Methods of Data Processing

Data related to the Site’s web services are processed using automated tools for the minimum time necessary to achieve the purposes for which they were collected. Data may be processed on servers located in Italy, within the European Union, or, where necessary, outside the EU, in compliance with the guarantees provided by applicable legislation to protect the rights and freedoms of the Data Subject. Processing is carried out exclusively by personnel authorised to process data or by parties responsible for maintenance and administration operations. Appropriate technical and organisational measures are implemented to ensure an adequate level of security, aimed at preventing, among other things, data loss, unlawful or improper use, unauthorised access, and breaches of confidentiality.

Data processing refers to collection, recording, organisation, storage, processing, modification, deletion, and destruction of data, or any combination of two or more such operations. In relation to the purposes set out above, personal data are processed using manual, IT, and electronic tools, in accordance with logic strictly related to those purposes and, in any case, in a manner that guarantees the security and confidentiality of the data. Personal data will therefore be processed in accordance with the methods set out in art. 5 of the GDPR, which provides, inter alia, that data shall be processed lawfully and fairly, collected and recorded for specified, explicit, and legitimate purposes, accurate and, where necessary, kept up to date, relevant, complete, and not excessive in relation to the purposes of processing, and in compliance with the fundamental rights and freedoms and dignity of the Data Subject — with particular regard to privacy and personal identity — through appropriate protection and security measures. The Organisation has implemented and will continue to develop its system for the security of data access and storage.

No automated decision-making processes (e.g., profiling) are carried out.

Transfers Outside the EU

The processing of personal data takes place primarily in Italy or, in any case, within the European Union. However, due to requirements connected with the use of services, tools, or suppliers employed by the Data Controller in connection with activities carried out through the Site, data may also be transferred to countries outside the European Union.

In such cases, the transfer takes place in compliance with the conditions and guarantees provided by applicable legislation, in order to ensure an adequate level of protection and the safeguarding of the Data Subject’s rights.

Processing that takes place in countries outside the European Union when, at the Data Subject’s request, connections to the Site originate from such countries falls outside the responsibility of the Data Controller.

Retention Period

Personal data will generally be retained for the time necessary to pursue the purposes of processing for which they were collected. With regard in particular to data processed in connection with participation in events and data processed on the basis of consent given for marketing purposes, such data will be retained for a maximum period of 24 months from collection, unless the Data Subject renews their consent. In the absence of renewal, the data will be deleted.

It is understood that the Data Controller may retain data for a longer period where necessary to comply with legal obligations and/or to give effect to orders or requests from competent Authorities.

Categories of Recipients

Personal data, to the extent strictly necessary, may be communicated to:

Authorised personnel and Data Processors carrying out specific tasks and operations related to the functioning of the Site and the management of requests (e.g., administration and maintenance of the Site and IT systems, fulfilment of requests submitted via the Site, organisation of events and initiatives, sending of newsletters and informational or promotional communications, as well as operational support);
Third-party partners involved in the organisation of events, initiatives, or other activities promoted in collaboration with the Data Controller, where necessary for managing registration and the conduct of the relevant initiative;
Third-party partners acting as independent Data Controllers, for their own marketing purposes, exclusively subject to the Data Subject’s specific consent;
In the cases and to the parties provided for by law.

Personal data are not subject to further disclosure, except as required by law or following anonymisation.

A complete list of Data Processors is available upon request by writing to the Data Controller at: [email protected]

Data Subject’s Rights

The Data Subject may at any time exercise, in relation to the Data Controller, the rights provided for under arts. 15–22 of the GDPR (regulation), where applicable (access, rectification, erasure, restriction, portability, objection, absence of automated decision-making processes). The Data Subject also has the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) at www.garanteprivacy.it. Where processing is based on consent, the Data Subject may withdraw it at any time; withdrawal does not affect the lawfulness of processing carried out on the basis of consent prior to withdrawal.

Requests should be addressed to the Data Controller by email at: [email protected]

Format of this Notice

This privacy notice is available in a format that can be automatically accessed via any standard web browser.

Should you experience any difficulty in viewing this notice, please inform us so that we may, where appropriate, provide it through alternative means.

This document is subject to updates. Users are invited to consult it periodically to check for any amendments.

Scroll to Top
Irion EDM® Application
Irion Premium Data Quality & Governance
Use Case Overview​
Success stories
Featured
Overview
Services
Partner Program
Partner Portal
Resource Center
Access the Irion Support portal, where you’ll find technical documentation, community, glossary, and other resources to make the most of our platform.
A story of innovation
Careers
Request a demo
Irion EDM® Application
Irion Premium Data Quality & Governance
Use Case Overview​
Success stories
Featured
Overview
Services
Partner Program
Partner Portal
Resource Center
Access the Irion Support portal, where you’ll find technical documentation, community, glossary, and other resources to make the most of our platform.
A story of innovation
Careers
Request a demo