Privacy and Cookies

REGULATORY REFERENCES

Directive 2002/58/EC - on "the processing of personal data and the protection of privacy in the electronic communications sector"
Regulation (EU) 2016/679 of the European Parliament and of the Council of the Union of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”).
Legislative Decree 30 June 2003 no. 196 - the “Italian Data Protection Code", as subsequently amended and supplemented.

THE DATA CONTROLLER

When users visit this website, personal data relating to identified or identifiable persons may be processed. The "Data Controller" responsible for such processing is RAI WAY S.p.A., tax code and VAT no. 05820021003, with registered office at Viale Castrense, 9, 00182 – Rome, Italy.

THE DATA CONTROLLER

The processing operations connected with the web services of this website take place at the aforementioned premises of the Data Controller and are carried out only by personnel expressly authorised by the latter, or by any third-party suppliers appointed to perform occasional maintenance operations, who are appointed as Data Processors pursuant to article 28 of the GDPR. The data collected will be retained - for each category of data processed - only for the period necessary to fulfil the specific purposes set out in the short-form privacy notices displayed on the relevant pages of the website and prepared for particular services.

TYPE OF DATA PROCESSED

Browsing data

The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected for the purpose of being associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users that connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and the user's IT environment. These data are used solely to obtain anonymous statistical information regarding use of the website and to verify its correct operation and is deleted immediately after processing. The data may be used to establish liability in case of hypothetical cybercrimes against the website. Save where necessary for such purposes, web contact data are not retained for more than seven days.

Data provided voluntarily by the user

The optional, explicit and voluntary provision of personal data by the user through the contact forms available on the website entails the subsequent acquisition of the data provided by the user, which are necessary to respond to users’ requests. Specific short-form privacy notices are made available on the pages containing data collection forms.

COOKIES

Cookies are small text files containing a certain amount of information exchanged between a website and the user's device (usually the browser). They are mainly used to enable websites to function properly and more efficiently, as well as to provide information to website owners. Cookies can be either session or persistent. Session cookies are stored on the user’s device for a limited period of time and are deleted as soon as the user closes the browser. Their use is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the website. Persistent cookies, on the other hand, remain stored on the user’s device until a predetermined expiry date. These, which are not directly deleted when the browser is closed, make it possible to remember the choices made by the user on the website, as well as to collect information about the pages of the website visited by the user, the frequency with which the website is visited and to identify the user's browsing pattern, in order to improve the experience on this website. Cookies, whether session cookies or persistent cookies, can be either First Party cookies or Third Party cookies depending on whether the party installing the cookies on the user's terminal is the same operator of the site that the user is visiting (in which case they are First Party cookies) or a different party (in which case they are Third Party cookies).

Cookie used by this site

This website makes use of both First Party and Third Party cookies as it makes use of the functionality of the Google Analytics services, offered by Google Inc. Google Analytics uses cookies to collect and analyse information on how users interact with the websites.

The table below details the cookies currently present on the website.

Cookie name	DEFAULT EXPIRY PERIOD	TYPE	DESCRIPTION
_ga	2 years	Third party analytical	Used to distinguish users.
_ga_<container-id>	2 years	Third-party analytical	Used to maintain session state.

For the most up-to-date information, please refer to the official documentation provided by the relevant providers:

Google Analytics 4

Information on the use of cookies is available in the official Google Analytics documentation.

Google Ads and Google Tag Manager

Details are available in Google's official documentation on Ad Cookies.

In addition to the cookies listed in the table above, this website also makes use of so-called session cookies (e.g. the PHPSESSID cookie, which relates to the browsing session), i.e. those cookies that are not stored persistently on the user's computer and disappear when the browser is closed. Their use is strictly limited.

Third-party cookies for marketing and analytics purposes

The website also uses third-party cookies for analytics and marketing purposes. Specifically:

LinkedIn Ads

Used for conversion tracking, remarketing and advertisement personalisation on the LinkedIn platform.

For more information, you can consult LinkedIn's official cookie table.

Microsoft Clarity

A behavioural analysis tool that enables the Data Controller to understand how users interact with the website (e.g., heatmaps, session recordings) in order to improve the user experience.

For further details, a list of the cookies used by Microsoft Clarity is available.

Other technologies used

The website also incorporates third-party services that may place technical and/or profiling cookies:

YouTube (video player)

Some pages of the website includes embedded videos from YouTube. Viewing such content may result in the placement of cookies by YouTube, including for profiling purposes.

For further information, please refer to YouTube's Privacy Policy.

Google Maps

The website uses the Google Maps service to display interactive maps. This service may set cookies to collect information about the user’s usage and their preferences.

More information can be found in Google's Privacy Policy.

Managing Cookies
Normally, browsers allow control of most cookies via the browser settings. Please note, however, that the total or partial disabling of so-called technical cookies may compromise the use of the website's functionalities. However, if you do not wish to receive any kind of cookies on your computer, either from this website or from others, you can increase the level of privacy protection by changing the security settings of your browser:

Mozilla Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
Internet Explorer: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies"
Safari 6/7 Mavericks: https://support.apple.com/kb/PH17191?viewlocale=it_IT&locale=it_IT
Safari 8 Yosemite: https://support.apple.com/kb/PH19214?viewlocale=it_IT&locale=it_IT
Safari on iPhone, iPad, o iPod touch: https://support.apple.com/it-it/HT201265

Some of the services listed below collect statistics in aggregate form and may not require the user's consent or may be operated directly by the owner - as described - without the help of third parties.

Hosting and backend infrastructure

These services have the function of hosting data and files that allow Rai Way sites and applications to function, allow them to be distributed and provide a ready-to-use infrastructure to deliver specific functionalities. Some of these services operate through geographically distributed servers, which makes it difficult to determine the actual location where Personal Data are stored.

Hetzner Online GmbH. The relevant legal information is available at the following addresses:

https://www.hetzner.com/legal/legal-notice/

https://www.hetzner.com/legal/privacy-policy/

The hosting and infrastructure are managed entirely in data centres located within the European Union.

Registration and authentication

By registering or authenticating, the user allows the application to identify him/her and give him/her access to dedicated services. Depending on what is stated below, registration and authentication services may be provided with the help of third parties. If this occurs, this application may access some Data stored by the third-party service used for registration or identification.

Display of content from external platforms

These services allow content hosted on external platforms to be displayed directly from the pages of this online space and to interact with them. If such a service is installed, it is possible that, even if Users do not use the service, it will collect traffic data relating to the pages where it is installed.

BBS Chat

The BBS chat is an automated information service to provide technical support to radio and television users. Personal data collected: Cookie, Usage data. Place of processing: ITA – Privacy Policy.
OPTIONAL PROVISION OF DATA
Except as specified with regard to browsing data, users are free to provide their personal data. However, failure to provide such data may make it impossible to fulfil the user’s request.

PROCESSING METHODS AND STORAGE TIME Personal data are processed, including by means of automated tools, for no longer than is strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent loss of data, unlawful or incorrect use and unauthorised access. The Data Controller has taken all the minimum security measures required by law and, taking into account the main international standards, has also adopted additional security measures to minimise the risks concerning the confidentiality, availability and integrity of the personal data collected and processed.

DISCLOSURE AND COMMUNICATION OF DATA
The data collected may be transferred or communicated to other companies for activities strictly related and instrumental to the operation of the service, such as the management of the computer system. The personal data provided by users who request sending of informative material (brochures, informational material, etc.) are used solely for the purpose of performing the service or provision requested and are communicated to third parties only if necessary for that purpose (companies that provide enveloping, labelling, mailing services). Outside of these cases, personal data will not be disclosed unless provided for by contract or law, or unless specific consent is requested from the data subject. In this sense, personal data may be passed on to third parties, but only and exclusively in the event that:

there is explicit consent to share the data with third parties;
there is a need to share information with third parties in order to provide the requested service;
this is necessary to comply with requests from the Judicial or Public Security Authorities.

No data from the web service is disseminated.

RIGHTS OF DATA SUBJECTS
The legislation on the protection of personal data expressly provides for certain rights of the person to whom the data refer (so-called data subject). In particular, pursuant to articles 15 et seq. of Regulation (EU) 2016/679, each data subject shall have the right to obtain confirmation as to whether or not data relating to him or her exist, to be informed of the source of the data and the purposes and methods of the processing, to obtain the updating, rectification, restriction, integration of the data as well as their erasure if they are processed unlawfully or if one of the reasons specified in article 17 of Regulation (EU) 2016/679 applies.

CHANGES TO THIS PRIVACY POLICY

The Data Controller periodically reviews its privacy and security policy and, if necessary, revises it in relation to regulatory, organisational or technological changes. If the policies change, the updated version will be published on this page of the website.

QUESTIONS, COMPLAINTS, SUGGESTIONS AND EXERCISE OF RIGHTS

Any person wishing to obtain further information, submit suggestions, lodge complaints or objections regarding this privacy policy or the manner in which the Company processes personal data, or exercise their rights under personal data protection legislation, may contact the Data Controller by writing to RAI WAY S.p.A, Tax Code and VAT no. 05820021003, with registered office at Viale Castrense, 9, 00182 - Rome or by sending an e-mail to tutelaprivacy@raiway.it or by writing to the DPO using the email address provided above.

Finally, we would like to remind you that if you believe that the processing of personal data carried out through this website is in breach of the provisions of the GDPR, you have the right to lodge a complaint with the Italian Data Protection Authority or to take legal action through the appropriate channels.

LAW AND JURISDICTION

The interpretation and execution of these conditions shall be governed by Italian law. The Court of Rome (Italy) shall have exclusive jurisdiction for any dispute in any way connected with these conditions. The Data Controller reserves the right to obtain urgent remedies in any court, including abroad, to protect its interests and enforce its rights.

RIGHTS OF DATA SUBJECTS The legislation on the protection of personal data expressly provides for certain rights of the person to whom the data refer (so-called data subject). In particular, pursuant to article 7 of Legislative Decree 196/2003, as well as articles 15 et seq. of Regulation (EU) 2016/679, each data subject shall have the right to obtain confirmation as to whether or not data relating to him or her exist, to be informed of the source of the data and the purposes and methods of the processing, to obtain the updating, rectification, restriction, integration of the data as well as their erasure if they are processed unlawfully or if one of the reasons specified in article 17 of Regulation (EU) 2016/679 applies. The data subject also has the right to complain mo with a supervisory authority if he/she considers that the rights set out herein have not been granted to him/her.

CHANGES TO THIS PRIVACY POLICY
The Controller periodically checks its privacy and security policy and, if necessary, revises it in relation to regulatory, organisational or technological changes. If the policies change, the new version will be published on this page of the site.

QUESTIONS, COMPLAINTS, SUGGESTIONS AND EXERCISE OF RIGHTS
Anyone interested in more information, to contribute their own suggestions or to make complaints or objections regarding the privacy policies,how our Company processes personal data, as well as to assert their rights under the legislation on the protection of personal data, may contact the Data Controller by writing to RAI WAY S.p.A, Tax Code and VAT no. 05820021003, with registered office in Via Teulada, 66, 00195 - Rome or by sending an e-mail to raiway@postacertificata.rai.it.

LAW AND JURISDICTION
The interpretation and execution of these conditions shall be governed by Italian law. The Court of Rome (Italy) shall have exclusive jurisdiction for any dispute in any way connected with these conditions. The Holder reserves the right to obtain urgent remedies in any court, including abroad, to protect its interests and enforce its rights.