ultime news

Information on the processing of personal data

Information on the processing of personal data through the website

This page depicts the management of the website and provides the policy of the current legislation in the framework of the European Parliament Regulation nr. 679/2016 related to the protection of individual with regards the processing of personal data of the users that access the www.a2asmartcity.it (and sub-domains) website. The policy is not a reference for further websites visited by the user through link.



Purpose of the processing and type of data processed

Navigation data are collected by the information systems and by software procedures that manage the operation of this site. This information is not collected to allow a later user identification, their aim is to gather anonymous statistics on the usage of the website and to take under control its proper operation. This data relates to IP addresses or the domain names of the computers utilized by users connecting to the site, the time of the request, the methodology used to deliver the request to the server, the code number related to the status of the server response (error, success, etc.) and further parameters related to the operating system and the browser used by the user.

In case of hypothetical computer crimes against the site, these data could be used by the competent authorities to ascertain responsibility.

The processing of user data voluntarily provided by the use filling in the forms on the site is necessary to follow up the requested services (e.g., information requests, commercial offers, etc.).

In relation with specific services, and upon informed consent of the user, the entered data could be used by the Data Controller also to inform and update on the offered services, to conduct sale or placing of products and services and to elaborate studies and market researches.



When the user accesses or interacts with the website, services, applications, tools or messaging systems, the Data Controller could use cookie, web beacon and similar technologies to ensure the operation of the offered services, to enhance the performance, to offer additional features, and to send targeted advertising in line with the user preferences.




Cookies are small text strings (usually formed by letters and numbers) that allow a website to recognize a particular device or browser. Cookies are sent from the website to the used browser and are stored on your device (laptop, tablet, smartphone, etc.) and sent back to the website at future visits.

Hereinafter are reported the types and the features of the cookies sent to the user’s device while browsing on this website.

  • Proprietary cookies: cookies installed by the operator of this website.
  • Third-party cookies: cookies installed by the operator of a different website through the website that the user is visiting.
  • Technical cookies: used for the sole purpose of carrying out the transmission of a communication over an electronic communications network or to the extent strictly necessary for the provider of an information society service explicitly requested by the contractor or user to provide this service.

Technical cookies can be further distinguished in:

  • Navigation (or session) cookies, they allow the normal operation towards the website.
  • Analytics cookies, used to collect aggregated information on the number of users and on how the users visit the website.
  • Functionality cookie, essential to provide the services explicitly requested by the user (e.g., language settings).

To install and use technical cookies the explicit consent of the user is not needed.


  • Analytics cookies by third-party (Google Analytics provided by Google) used by the Data Controller to collect aggregated data as the number of users and the most visited pages of the website, etc. These cookies are not designed to identify users. Instruments have been adopted to reduce their ability to identify users, and crossing the information collected with other data the third party already possesses is not possible.


In relation with the aforementioned third-parties cookies installed on this website, the user can disable them through the browser settings, the links related to the policy and consent forms of the third parties are listed below:


Privacy Policy
These cookies can be disabled at the following .

Even without profiling cookies, the user will display advertising from the website Data Controller that will not be based on the interests and preferences expressed by the user during the navigation.

The user can block, delete or disable the individual cookie modifying the browser settings. Most of the browsers allows to set the rules to enable or disable all or part of the cookies sent. At the following links, the instruction to disable the cookies of the most popular browsers:

However, we would like to remind users that the restriction of cookies being sent by web sites can worsen the users overall browsing experience. Further information are  available on the following website:

Password and user security

 Some services available in the ‘Customer Area’ (where exists), for confidentiality and security reasons, include a registration procedure. The user has to create his/her own password that, along with the user-id, is essential to access the protected services. In every moment the user can change his/her password following the instructions provided by the system.

The user is the one and only responsible for maintaining the confidentiality of his/her user-id and password. The user accepts his/her sole responsibility for every activity made on this website, and undertakes to inform the Data Controller of the website for every breach of security – also by third-parties – of which the user might become aware. The user undertakes to keep the Data Controller harmless from any claim or threat related to or resulting from the navigation on this website.

Links to other websites

 On the web pages of this website links to other websites can be found, they are proposed to provide a better service to our customers. The Data Controller can not be held accountable for the content of these websites accessed from our website.

The existence of a link from our website to another site does not constitute any validation of the said site or its contents, also in relation with the policy adopted for processing and use personal data.


Processing methods and data retention periods

 Data processing is performed through the usage of electronic tools, and sometimes in hard copy, following the principles of fairness, legitimacy, transparency, and safeguard of your private rights in compliance with the provisions of current legislation. To protect data destruction or loss, also accidental, and from unauthorised access or disclosure, technical and organisational security measures have been adopted. The data will be stored in accordance with the provisions for a time not greater than the time necessary to reach the purposes for which the data are processed.

Consequently, in the absence of specific regulations that provide for different times of retention, the Data Controller shall undertake to use this data for the purposes indicated in this information note for a time consistent with the same purposes. In any case, the Data Controller will take every care to avoid the use of the data indefinitely.


Nature of data conferral and any consequences of refusal

 All browsing data collected within this processing procedure is strictly functional for the computerised management of this website. The registration procedure to access the ‘Customer Area’ (where existent) is mandatory to guarantee that unauthorized access to the offered services will never occur. The conferring of personal date provided voluntarily is optional, but the lack of collection makes it impossible to send to the site the information or requests.


Subjects responsible for data management and system Administrator – Data communication and dissemination

The processing related to the services provided within the website, takes place at the premises of A2A Group, and collected personal data are processed by the staff responsible for the processing who needs to know it in order to carry out its tasks. Your personal data may be communicated to external third-parties charged with the activities relating to and instrumental to the data handling itself, as explained in the specific policies of the contact form of this website and also to the competent Authorities to fulfil obligations of the law.

With the data subject’s express consent, and where indicated, any data voluntarily submitted may be disclosed to other companies in the A2A Group, or to third-party companies, for marketing and other related purposes. Every consent may be revoked at any time.

Data Controller and Manager

The Data Controller of the data processing are the A2A Smart City S.p.A. companies based in Brescia, Via Lamarmora, 230. Companies that need to process data to provide their services on behalf of the Data Controller have been designed as responsible of the data processing.

Any interested party may contact the Data Protection Officer by sending an email to dpo.privacy@a2a.eu.


Rights of the data subject
The data subject has the opportunity to exercise certain rights, among the others they can request to the Data Controller:

  • the confirmation that it is or is not undergoing treatment of personal data concerning him/her and in this case, to obtain access to personal data (right to access),
  • an immediate correction or integration ofinaccurate personal data (right to rectify),
  • the deletion of the personal data if at least one of the reasons provided by the regulation occurs (right to oblivion),
  • the restriction of processing if at least one of the reasons provided by the regulation occurs (right to limit),
  • a copy of the personal data provided to the Data Controller in a structured and commonly used and readable form by automatic device. The copy can be forwarded by the data subject to another Data Controller (right to portability).

The withdrawal of consent to process personal data can be provided at any time by the subject, without prejudice to the legality of the data processing carried out prior to the withdrawal. The same can be applied for the data processing for marketing or profiling related to marketing purposes (right to object).

To exercise your rights and request the list of the Responsible of data processing, you may contact the Data Controller at the following: email address info@a2asmartcity.it or mail to A2A Smartcity via A. Lamarmora 230, 25124 Brescia.

Without prejudice to any other administrative or judicial remedy, if you believe that the processing of your personal data violates what is provided by the Privacy and Policy you have the right to lodge a complaint with a supervisory authority.