Menu

Safeguarding privacy and personal data protection

05/23/2017 - 03:45 PM

- + Text size
Print
Customer promise

In order to ensure that personal data is protected in the performance of business activities, TIM has applied an organisational model, since 2003, which includes a Privacy Department supervising correct application of the relevant regulations throughout the Group (according to Legislative Decree 193/03, known as the known as the “Privacy Code”). In this context, when it establishes or acquires new companies, the Parent Company also provides the support required to identify and carry out the formalities required.

The adoption of legal measures and the instructions of the Privacy Guarantor for personal data protection is assured by constantly updating the Group regulations and policies. Among these, the “System of rules for the application of the privacy regulation in the TIM Group” is particularly important, which defines the provisions and operating instructions for each commitment concerned and which in 2015, was completely revised and updated, according to the regulatory evolution and the introduction of new customer services.

An important development in the regulatory framework of reference is the publication of the EU Regulation 2016/679, on 4 May 2016, on the protection of natural persons with regard to the processing of personal data (known as the “General Data Protection Regulation” or GDPR), which will come into force in Member States from 25 May 2018. This Regulation will introduce various innovations, including:

  • harmonisation of legislation, with common rules directly applicable across the EU;
  • applicability also to non-EU parties that process the data of people in the EU for specific
    purposes;
  • accountability of parties that treat the data (requirements regarding privacy impact assessment, privacy by design, documentation of activities, etc.);
  • introduction of the concept of pseudonymisation of the data and the respective rules;
  • introduction of the Data Protection Officer figure;
  • economic significance of the sanctions applicable in case of violation.

In the second half of 2016, TIM started planning adjustment measures in order to comply with the new requirements and ensure conformity in the processing of personal data by the established deadline of May 2018. In particular, there is a plan to set up an inter-department working team to determine the adaptation measures in detail, considering the technological and organisational context and business activities. Furthermore, TIM is actively involved in the dedicated GSMA and Confindustria task forces.

 

In respect of the provisions laid down by the Italian Data Protection Authority, TIM will also comply with the obligation prescribed by art. 96 of the Electronic Communications Code to provide the services to be provided for the purposes of justice to the Judicial Authority and the Judicial Police which it has delegated.

Over the course of 2016, 584,613 requests of this type were received and processed.