Legal Data

Privacy Policy

1. INTRODUCTION

1.1 This Privacy Policy explains how Cassa di Compensazione e Garanzia S.p.A., a company of the Euronext Group (as defined below) having its registered office in Via Tomacelli, 146 Rome ("CC&G" or “we”, “us” or “our”) acting in its capacity of data controller collects information from you when you or a company with which you are connected:

1.1.1 use our products or services;

1.1.2 subscribe for alerts or newsletters from CC&G;

1.1.3 apply for the participation to the services managed by CC&G;

1.1.4 provide us information by filling in forms.

1.2 As outlined below, the modalities of processing of your Personal Information (as defined below) will change depending on the applicable purpose of processing above.

1.3 Please read this Privacy Policy carefully and re-visit this page from time to time to review any changes that may have been made. This Privacy Policy shall not apply to information processed by this website. For more information, please read the relevant privacy statement available at www.euronext.com/privacy-statement

1.4 Your data controller will be CC&G that will process any Personal Information (as defined below) we collect about you in accordance with applicable data protection laws. CC&G is part of the Euronext Group (“Euronext Group”) which consist of Euronext N.V, a Dutch holding company, located at Beursplein 5, 1012 JW, Amsterdam, the Netherlands, and its affiliated companies.

1.5 In the event of any conflict between this Privacy Policy and the terms of a contract you have with us, the relevant provision of that contract shall prevail. Nothing in this Privacy Policy shall apply to the extent that it is incompatible with applicable data protection laws.

1.6 Effective Date: April 29, 2021

2. WHAT PERSONAL INFORMATION DO WE COLLECT

2.1 "Personal Information" refers to information which does or is capable of identifying you as an individual. CC&G will process the Personal Information provided in connection with the products, services and activities of paragraph 1.1 above, including the following data:

2.1.1 your name;

2.1.2 email address;

2.1.3 other personal contact details (including telephone number and postal address);

2.1.4 job title;

2.1.5 employer;

2.1.6 corporate contact details (including business "direct dial" or office address);

2.1.7 date of birth (for instance, where you hold a regulated position in respect of a listed company);

2.1.8 financial information (where necessary to conclude services contracts with you);

2.1.9 your photograph;

2.1.10 career history, professional background and other CV related information (for example, where you provide this to us in connection with an application to be a qualified advisor).

2.2 We will only collect information that is necessary for us to provide you with the product or service that you have requested. The type of information that we may collect will depend upon the nature of that service or product.

3. HOW WILL WE USE ANY PERSONAL INFORMATION THAT WE COLLECT AND ON WHICH LEGAL GROUND?

3.1 The following is an overview of CC&G's purposes for processing Personal Information. Please remember that additional information may be provided to you in a separate notice, or in our terms and conditions. In addition to 1.5, in the event of any conflict between any separate notice and our terms and conditions, our terms and conditions shall take precedence.

3.2 The purposes for which we process your Personal Information are to:

3.2.1 provide you with specific services in accordance with a contract you are entering, or have entered into with us;

3.2.2 register you for client services;

3.2.3 onboard you as a client and to carry out background and screening checks (for instance, where your firm applies for membership of a service provided by CC&G);

3.2.4 compile and maintain files on prospective and current directors and qualified advisors, and to carry out background and screening checks on the same, in order to comply with regulatory requirements;

3.2.5 carry out regulatory reporting when required by the type of service provided by CC&G;

(the purposes above are jointly defined as the "Mandatory Purposes");

3.2.6 provide you with newsletters or alerts where you have signed-up for these;

3.2.7 conduct market research surveys, where you choose to participate in these;

3.2.8 run competitions to which you registered;

(the purposes of 3.2.6 to 3.2.8 above and 3.3 below are jointly defined as the "Marketing Purposes").

3.3 Your Personal Information may be processed either electronically or in hard copy form, both inside and outside the EU and the EEA, in accordance with Section 5. We may send you direct marketing communications. Where these are electronic communications (email or telephone) we will have obtained your prior consent. In limited circumstances, where we have obtained your explicit prior consent, we may send you marketing communications in relation to carefully selected and relevant third party partners, whose products and services may be of interest to you. You may opt out of certain kinds of marketing, or all forms of marketing, by emailing us at the following address: CCG-privacy@euronext.com . Alternatively, you can click on the "opt-out" link provided in all our marketing emails.

3.4 The processing of your Personal Information for the Mandatory Purposes is necessary for the performance of the products and/or services offered by CC&G. If you do not want to have your Personal Information processed for such purposes, you shall not use the products/services provided by CC&G, but in such case you will not be able to use them. The processing of your Personal Information for the Marketing Purposes is discretionary and subject to your prior consent. In case of lack of consent from you, you will not be able to receive the communications and participate to the initiatives referred above.

4. DISCLOSURE OF YOUR PERSONAL INFORMATION

4.1 We may share your Personal Information within the Euronext Group, both inside and outside the European Economic Area as mentioned in Section 5, in order to provide you with our services. Access to your Personal Information is limited to those employees, agents and contractors of the Euronext Group who need access to it in order to provide you with our services; to communicate with you (including, with your prior consent, to send you marketing communications); and to carry out legal or regulatory obligations.

4.2 We may also employ the services of third party service providers located both inside and outside the European Economic Area as mentioned in Section 5 to help us in certain areas, such as physical security, marketing and market research. Where third party service providers receive your information we will remain responsible for the use of your Personal Information. We take appropriate steps to ensure that such third parties treat your Personal Information with the same consideration that we do.

4.3 We may from time to time be required to disclose your Personal Information to law enforcement bodies, regulators, agencies or third parties under a legal requirement or court order. We act responsibly and take account of your interests when responding to any such requests.

5. CROSS-BORDER TRANSFERS OF YOUR PERSONAL INFORMATION

5.1 We are an international organisation, with businesses both inside and outside of the European Economic Area ("EEA"). Third party service providers who handle data on our behalf may be based in locations around the world, and we may also be subject to scrutiny from courts or regulators in a number of different jurisdictions. For these reasons, your Personal Information may be transferred to other countries both inside and outside of the EU and the EEA. As privacy laws in other countries may not be equivalent to those in your home country, we only make arrangements to transfer data overseas where we are satisfied that adequate levels of protection are in place to protect any information held in that country or that the service provider acts at all times in compliance with applicable privacy laws. Where required under applicable laws we will take measures to ensure that Personal Information handled in other countries will receive at least the same level of protection as it is given in your home country, for instance by entering into contracts incorporating the European Commission approved model contract clauses.

6. MODALITIES OF PROCESSING OF YOUR PERSONAL INFORMATION

6.1 Your Personal Information are processed by electronic and non-electronic means for the time strictly necessary to achieve the objectives for which that information has been collected. CC&G implements appropriate technical and organizational measures so as to prevent losses and illegal or incorrect use of data, or non-authorized access.

7. RETENTION OF YOUR PERSONAL INFORMATION

7.1 We will retain your Personal Information for as long as is reasonably necessary for the purposes listed in Section 3 above. In particular:

• Personal Information collected for the Mandatory Purposes are retained for the period necessary to the provision of the required product or service, plus a maximum of 10 years from the termination of the services;

• Personal Information collected for the Marketing Purposes are retained for the period necessary to the provision of the required product or service and for the following 2 years;

At the end of the retention period your Personal Information will be either deleted or anonymized and aggregated.

7.2 However, in some circumstances we may retain Personal Information for longer periods of time, for instance where we are required to do so in accordance with legal, tax or accounting obligations. In specific circumstances also we may also retain your Personal Information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges.

8. PROTECTION OF YOUR PERSONAL INFORMATION

8.1 We will hold your Personal Information securely whilst it is under our control, including where it is processed by third party service providers on our behalf. We train our employees in respect of their obligations under data protection laws and we ensure that only relevant CC&G employees, contractors and agents have access to your Personal Information.

8.2 We take the security of our physical premises and our servers seriously and we will take all appropriate technical measures using recognized security procedures and tools in accordance with good industry practice to protect your Personal Information across all of these platforms.

9. YOUR RIGHTS

9.1 Subject to applicable law, you may have some or all of the following rights in respect of your Personal Information:

9.1.1 to obtain a copy of your Personal Information together with information about how and on what basis that Personal Information is processed;

9.1.2 to rectify inaccurate Personal Information (including the right to have incomplete Personal Information completed);

9.1.3 to erase your Personal Information (in limited circumstances, where it is no longer necessary in relation to the purposes for which it was collected or processed);

9.1.4 to restrict processing of your Personal Information where:

9.1.4.1 the accuracy of the Personal Information is contested;

9.1.4.2 the processing is unlawful but you object to the erasure of the Personal Information;

9.1.4.3 we no longer require the Personal Information but it is still required for the establishment, exercise or defense of a legal claim

9.1.5 to challenge processing which we have justified on the basis of a legitimate interest (as opposed to your consent, or to perform a contract with you);

9.1.6 to prevent us from sending you direct marketing;

9.1.7 to withdraw your consent to our processing of your Personal Information (where that processing is based on your consent);

9.1.8 to object to decisions which are based solely on automated processing or profiling.

9.1.9 In addition to the above, you have the right to lodge a complaint with the supervisory authority. In the Italy there is the “Garante per la protezione dei dati personali”.

9.1.10 If you wish to investigate the exercising of any of these rights, please contact us using the details set out below.

You can exercise the rights mentioned above through the modalities set out in Section 11 below.

10. CHANGES TO THIS PRIVACY POLICY

10.1 Any changes we make to this Privacy Policy will be notified in advance and detailed on this page in order to ensure that you are fully aware of what Personal Information is collected, how it is used and under what circumstances it will be disclosed.

11. INFORMATION ABOUT THE DATA CONTROLLER AND CONTACT DETAILS

11.1 Your data controller will be Cassa di Compensazione e Garanzia S.p.A. In all cases, if you have any complaints or queries relating to the processing of your Personal Information by any member of CC&G, or to exercise any rights in respect of your Personal Information, you should contact us in one of the following ways:

By post: Cassa di Compensazione e Garanzia S.p.A.

Legal Department - Piazza degli Affari, 6 – 20123, Milan

By email: CCG-privacy@euronext.com

Supplier Code of Conduct

A significant proportion of Borsa Italiana Group (BIG) cost base is procured via third party suppliers. These third parties provide a range of services to us, from the delivery of physical commodities such as stationery and IT hardware to the provision of critical market facing services, applications, data and consulting.

The relationship between BIG and our suppliers is an important component in maintaining our unique role at the heart of the world’s financial community.

We have a responsibility to ensure that the third parties we choose to do business with, and the manner in which they do business, are a positive reflection on both our brand and corporate values.
The Group plays a vital economic and social role in enabling companies to access funds for growth and development. As such, integrity and trust in our markets, and across the Group, are at the core of what we do. This code sets forth the standards and practices we expect our suppliers to uphold, wherever they are in the world.

We are committed to

  • Establishing mutually beneficial relations with our suppliers and business partners and we honour and enforce the terms of the contracts to which we commit.
  • Conducting our operations with integrity and in accordance with the principles of fair competition and will not tolerate the offer or acceptance of any gift, hospitality or other inducement designed to influence unduly a decision.
  • A zero-tolerance approach to the facilitation of corporate tax evasion.
  • A zero-tolerance approach to modern slavery.
  • Acting ethically and with integrity in all our business dealings and relationships and to implementing and enforcing appropriate, effective systems and controls to ensure modern slavery is not taking place anywhere in our own business or in any of our supply chains.
  • Complying, at a corporate level, with legal and ethical standards relating to fundamental human rights as described in the International Labour Organisation’s International Law on forced labour such as the Abolition of Forced Labour Convention, and the Worst Forms of Child Labour Convention.
  • Only doing business with organisations who uphold similar corporate and business principles.
  • Helping our suppliers to comply with this code. In turn, BIG expects its suppliers to apply this code to its own supply chain.

Download

  • PDF

Supplier Code of Conduct

English Version

English 22/04/2021 /sites/default/files/2021-04/Supplier%20Code%20of%20Conduct%20%20April%202021_0.pdf Supplier Code of Conduct