Privacy Policy

This document sets out the methods and purposes of the processing of personal data (hereinafter, “Data”) carried out within the scope of your relationship as customer, supplier, partner, or consultant with Gestione Governativa Navigazione Laghi, which manages and provides the scheduled public transport service on Lake Maggiore, Lake Garda, and Lake Como, as well as any further information required by law, therein included information on your rights as Data Subject and their exercise.

Your Data will be processed by Gestione Governativa Navigazione Laghi, VAT Number 00802050153, with registered office in Via Lodovico Ariosto 21, (20145) Milan, Italy, in the person of Mr. Renato Poletti as legal representative (hereinafter “GGNL”, or “Data Controller”).

The Data Controller has a Data Protection Officer (DPO or Data Protection Officer), appointed pursuant to Article 37 of the GDPR. The Data Protection Officer can be contacted at the following email address: privacy@navigazionelaghi.it

Your Data will be processed in full compliance with the provisions dictated by EU Regulation 2016/679 (hereinafter, the “GDPR”), the Italian Legislative Decree No. 196/2003, as last amended by Legislative Decree No. 101/2018 (the “Privacy Code”) and the provisions of the Data Protection Authority (jointly referred to as “Privacy Regulations”). The Processing shall be based on the principles of fairness, lawfulness, transparency, accuracy and protection of your privacy and your rights.

The processing of Your Data is aimed at achieving the following purpose(s):

1. Entering and executing contractual relationships with customers, suppliers, or with independent contractors and/or consultants, including for professional services: we may process Your Data for the purposes of establishing, executing, and managing contractual relationships, providing the services requested, responding to reports and/or complaints, or to request a refund for the services provided.
   If the Data Subject is a customer, we may use your Contact Details, and in particular your email or mobile phone number, to provide you with information about the service, informing you of the occurrence of circumstances that may alter the service or affect its proper and efficient performance (for example, the status of the service due to weather conditions, strikes, etc.).
   The provision of such Data is necessary for the performance of the contractual relationship to which the Data Subject is party or in order to take steps prior to entering into a contract, therefore the processing of such Data for the purposes indicated does not require the consent of the Data Subject.
2. Carrying out administrative-accounting procedures, such as bookkeeping and treasury management, as well as invoicing (e.g., verification and registration of invoices), in accordance with the requirements of the applicable legislation, or for the performance of other obligations provided for by laws, regulations and EU legislation.
   In this case, the legal basis that legitimizes the processing of Data by GGNL is the need to comply with a legal obligation to which GGNL is subject.
3. Operational management and strictly related purposes for accessing the website and in particular the reserved areas thereof we collect your data to enable you to:
   • navigate our institutional website: www.navigazionelaghi.it (hereinafter the “Website”);
   • download documents relating to the services you have purchased (e.g., travel tickets);
   • register on the Website to use the service of the “newsletter” section, or other functionalities;
   • carry out other requests made through the Website.

   Access to the dedicated area will result in the display of the contact details you provided when signing the service subscription agreement so that you can verify them. Please help us keep your data up to date by contacting us if there are any changes.
   The provision of such Data is necessary for the performance of the contractual relationship, therefore the processing of such Data for the purposes indicated does not require the consent of the Data Subject.

4. Customer Satisfaction Surveys: GGNL may use your Contact Details to conduct institutional surveys aimed at measuring the level of satisfaction (so-called customer satisfaction) of the service provided.
   The legal basis for the processing of Data is the necessary consent for each specific purpose.
5. Marketing and promotional activities: GGNL collects your Contact Details for marketing and advertising purposes, aimed at informing you about promotional sales initiatives through automated contact methods (e-mail, text messages and other mass messaging tools) and any other traditional contact methods (e.g., telephone calls with an operator), or for market research, surveys, statistical processing and if our business partners legitimately communicate your Data to us.
   The legal basis for the processing of Data is the necessary consent to the processing for each specific purpose. The consent for each purpose may be revoked at any time through the privacy form on the Site. [NOTE: currently not visible on the website]
6. Compliance with legally binding requests to fulfil legal obligations, regulations, or court orders: GGNL may process your personal data to comply with a legal obligation and/or to defend a right in court.
   The legal basis for the processing is the fulfilment of a legal obligation with which GGNL is obliged to comply.
7. Reporting of the ascertained violation and subsequent obligations: GGNL may process your Data during the verification of tickets if the report of violation must be completed for the purposes of the correct reporting of the ascertained violation, the consequent legal communications and notifications and the subsequent stages of verification of payment of the penalty.
   The legal basis for the processing is the fulfilment of a legal obligation with which GGNL is obliged to comply.

The following categories of data about you may be collected and processed:

• personal and contact details: information relating to your name, place and date of birth, tax ID number, address, telephone number, place of work, email address and, if you connect to our Website or download our app, including via on-board wi-fi connections, with social login (i.e. through the account of a social to which you are subscribed), also the information visible in that social according to the privacy settings you have set. It should be noted that in the event of violations against minors, you will also be asked for the data of persons exercising parental responsibility;
• data resulting from use of the Website and access to the social pages of GGNL: in this context, as better specified in the Cookie Policy present on the Website and to which reference should be made, third-party cookies may be installed;
• data resulting from the signing of a contractual relationship: consider, for example, the data of the supplier in the case of commercial contracts, the personal data necessary for the processing and issuance of single or season tickets in the case of purchase on the Website.

To improve the protection, integrity, and accessibility of Your Data, GGNL uses a wide range of security measures.

Although it is currently known that it is not possible to fully guarantee security from fraudulent intrusion into the transmission of Data over the Internet and on the websites, we are committed to providing physical, electronic, and procedural safeguards to protect Your Data in accordance with the law and with the utmost responsibility.

All Your Data is stored on our secure servers by automated, electronic, computerised or telematic means, as well as on paper, or on the servers of our suppliers or business partners appointed as Data Processors and is accessible and usable in accordance with our standards and security policies (or equivalent standards for our suppliers or business partners).

No automated decision-making processes will be used pursuant to Article 22 of the GDPR.

GGNL observes specific security measures to prevent loss of Data, unlawful or incorrect use and unauthorised access. We adopt, among others, measures such as:

• the strict restriction of access to your Data, on a need-to-know basis and only for the purposes disclosed;
• perimeter security systems to prohibit unauthorised access from outside;
• permanent monitoring of access to information systems to detect and stop misuse of data;
• penetration tests on a six-month basis to detect any gaps in perimeter security;
• tracking of access to your data by internal staff;
• transactions on our Website that require you to enter your Data are encrypted using Secure Socket Layer (SSL) technology;
• where we have provided you with (or where you have chosen) credentials to enable you to access certain parts of our Website or other portals, applications or services provided by us, you shall be responsible for the secrecy of such credentials and for complying with any other security procedures we provide to you. In this respect, we ask you not to share your credentials with anyone.

GGNL retains Your Data only for the time strictly necessary to achieve the purposes set out in paragraph 3 of this privacy policy for which they were collected and for any other related legitimate purpose.

Therefore, if Data are processed for two different purposes, we will retain such Data until the purpose with the longer retention period expires but will no longer process the Data for that purpose for which the retention period has expired.

Data that is no longer required, or for which there is no longer a legal basis for its storage, is irreversibly anonymised (and thus can be stored) or securely destroyed.

[NOTE: European and national legislation does not specifically dictate a retention period: it does not exist, and cannot exist, because the retention periods vary depending on the specific purpose of processing pursued. However, the retention periods in some specific cases have been defined by the Data Protection Authority by means of provisions or opinions, in other cases they have been determined by the practical experience of trade associations, so they are not real constraints]

The retention periods in relation to the different purposes listed in paragraph 3 of this notice are as follows:

• fulfilment of contractual obligations, administrative-accounting procedures and invoicing: the Data processed to fulfil any contractual obligation may be stored for the entire duration of the contract and in any case for no longer than the following 10 years (in the case of season tickets or nominative cards for 1 year following the expiry of the card), in order to check any outstanding debts or to comply with legal obligations (e.g., accounting documentation). For data collected through ticket validation (chip on paper, smart card, QR code, EMV, NFC), the data is anonymised after 24 hours;
• operational management and purposes strictly related to access to the Website: the Data processed for this purpose may be stored for 1 year following the duration of the contract for which access to the Website was made;
• customer satisfaction survey purposes: the Data processed for this purpose may be stored for 3 years from the date of the survey;
• marketing purposes: personal data processed for marketing purposes may be retained for 2 years from the date on which we obtained your last consent for such purposes (except for your objection to receiving further communications); [NOTE: data relating to marketing are among those most affected by the provisions of the Privacy Supervisory Authority, so it is advisable to retain the data for a period not exceeding 24 months]
• reporting of the ascertained violation and subsequent obligations: the data processed for the above purpose will be stored for 6 years from the completion of the sanctioning procedure. [NOTE: the administrative offence is time-barred after 5 years, so retaining the information for 10 years may be excessive. 6 years allows to consider also 1 “buffer” year];
• litigations: if it is necessary for us to defend or bring legal proceedings or make a claim against you or any third party, we may retain Data that we reasonably consider necessary to process for such purposes for as long as such claim may be pursued.

The Data collected will not in any way be disclosed or communicated to third parties, except in the cases provided for in this Policy and/or the GDPR and, in any case, in the manner permitted by them.

Your Data will be accessible, within the scope of their respective functions, to employees and collaborators of GGNL designated to carry out specific tasks and/or functions as authorised/appointed processors insofar as this is strictly necessary for the pursuit of the purposes referred to in paragraph 3 of this privacy policy.

Some Data may also be processed by third parties, appointed as External Data Processors, which the Data Controller uses or may use for the management of the contractual relationship, for the provision of services and for the organisational requirements of its business. By way of example, the Data may be communicated to:

• public and private persons who can access the Data by virtue of legal provisions, regulations or EU legislation, within the limits provided for by these rules;
• persons who need access to the Data for purposes related to the contractual relationship in place between the parties, to the extent strictly necessary for the performance of ancillary tasks (such as, for example, banks and credit institutions, technical service providers, hosting providers, IT companies, communication agencies, mail carriers and shipping companies);
• consultants, to the extent necessary for the performance of their professional assignment.

The updated list of External Data Processors is available at the headquarters of the Data Controller and is at the disposal of the Data Subject upon request by e-mail to privacy@navigazionelaghi.it. [NOTE: it is necessary to establish a list to be frequently updated of all data processors who have been appointed or will be appointed by GGNL]

The management and storage of Data acquired will take place in archives or on servers located within the European Union owned by the Data Controller and/or External Data Processors.

Your Data are not subject to disclosure and will not be transferred outside the European Union. In any case provided that, where necessary, the Data Controller shall have the right to move the location of the servers to extra-EU countries. In this case, GGNL ensures as of now that the transfer of Data outside the EU will take place in accordance with Articles 44 et seq. of the GDPR and with the applicable legal provisions by entering, if necessary, agreements that ensure an adequate level of protection.

As a Data Subject, you may exercise the rights recognised by the Privacy Law and, in particular:

• right to access, i.e., the right to obtain confirmation from GGNL that your Data is or is not being processed and, if so, to obtain access to it (Article 15 GDPR);
• right to rectification, i.e., the right to have inaccurate data corrected and/or incomplete data supplemented (Article 16 GDPR);
• right to be forgotten, i.e., the right to obtain the cancellation, transformation into anonymous form, or blocking of data processed in violation of law, including data that does not need to be retained for the purposes for which it was collected or subsequently processed in certain circumstances provided for by law (Article 17 GDPR);
• right to receive certification that the operations of rectification and/or erasure have been brought to the attention, also as regards their content, of those to whom the Data have been communicated or disclosed, except where this proves impossible or involves the use of means manifestly disproportionate to the protected right;
• right to restrict processing, i.e., the right to object to processing, or rather to obtain the restriction of processing of Personal Data in accordance with the law (article 18 GDPR);
• diritto ad essere informato delle rettifiche e cancellazioni e delle limitazioni del trattamento dei Dati (art. 19 GDPR);
• diritto alla portabilità, ossia il diritto di ricevere i Dati in un formato strutturato, di uso comune e leggibile a livello informatico nonché il diritto di trasmettere i dati ad un altro titolare del trattamento. Tale diritto alla “portabilità” si applica solo ai Dati forniti dall’Interessato e può essere soggetto ad alcune restrizioni, così come previsto dalla Normativa Privacy (art. 20 GDPR);
• right to be informed of rectification and erasure and of restrictions of processing of Data (article 19 GDPR);
• right to portability, i.e., the right to receive the Data in a structured, commonly used, and machine-readable format as well as the right to transmit the Data to another data controller. This right to “portability” applies only to Data provided by the Data Subject and may be subject to certain restrictions, as provided for in the Privacy Regulations (article 20 GDPR);
• right to object, i.e., the right to object to the processing of Data where there are legitimate reasons, including with regard to the processing of data for marketing and profiling purposes (article 21 GDPR);
• right not to be subject to automated decision-making process, including profiling, i.e., the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or significantly affects him or her in a similar way (article 22 GDPR);
• right to withdraw the consent given, at any time, without affecting the lawfulness of processing based on consent before its withdrawal (article 7 GDPR);
• right to lodge a complaint with the Personal Data Protection Authority (Piazza Venezia, 11 – 00187 Rome – certified e-mail: protocollo@pec.gpdp.it) in case of unlawful processing (article 77 GDPR) if you are not satisfied with the way we process your Data, or with our response.

The exercise of all these rights by the Data Subject is subject to the exceptions provided for in the Privacy Code, and in particular:

• article 2-undecies (Restrictions to the rights of the data subject). In particular, these are restrictions aimed at safeguarding the public interest (e.g., prevention or identification of crimes) and our interests (understood as legitimate and compelling reasons);
• article 2-duodecies (Restrictions for reasons of justice).

GGNL undertakes to respond to requests from the data subject within one month, except in cases of particular complexity for which it could take up to three months. In any case, the Data Controller will provide the data subject with the reason for the delayed response within one month of the request. The outcome of the request will be provided in writing or in electronic format. In case of a request for rectification, cancellation and limitation of processing, the Data Controller will communicate the results of the requests received by the Data Subject to each of the recipients of their Data, unless this proves impossible or involves a disproportionate effort.

The Data Controller shall:

• notify any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored, or otherwise processed to the Data Protection Authority without undue delay and, where possible, within 72 hours after having become aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay;
• communicate any Data breach to the Data Subject without undue delay if such breach constitutes a high risk for the rights and freedoms of natural persons, except in cases where the Data Controller has promptly implemented appropriate technical and organisational protection measures, or rather such communication would require disproportionate efforts.

To exercise the rights referred to in paragraph 8 of this Policy (“Rights of the Data Subject”), you may submit a written request to the DPO, who can be contacted at the following address: privacy@navigazionelaghi.it

If you have any questions about the processing of your data by us, please use the privacy web form in the “Contact” section of the Website.