Privacy Policy

Privacy Policy in accordance with EU Regulation 2016/679 (GDPR)

ESG Portal Società Benefit a Responsabilità Limitata, registered office Via Ippodromo 7, 20151 Milano, V.A.T. IT11344330961 (hereinafter referred as Data Controller), acting as Data Controller, informs you that Your Personal Data will be processed in accordance with EU Regulation 2016/679 in the following ways and for the following purposes.

A. Data to be processed

The Data Controller will process Personally Identifiable Information, such as name and surname, phone number, payments information (excluding Credit Cards), and other data provided by You through e-mails and forms present on this website.

B. Purposes of data processing

Your data will be used for the following purposes:

  1. Without Your explicit consent, as indicated in art. 6 letter b), e) GDPR, for the following service purposes:
    1. Performance of contracts to which the Data Subject is party or take steps at the request of the Data Subject prior to entering into a contract;
    2. Compliance with legal obligations to which the Data Controller is subject;
    3. Excercise the legitimate interests pursued by the Data Controller;
  2. With your explicit consent, as indicated in art. 7 GDPR, for the following marketing purposes:
    1. Send You via e-mail or phone newsletters, commercial communications and promotional material about products and services provided by the Data Controller, as well as satisfacion surveys on the quality of the services provided;
    2. Send You commercial communications and promotional material provided by third parties.

C. Methods of data processing

The processing of Your Personal Data is carried out in ways indicated in art. 4 n. 2) GDPR, such as: collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. You Personal Data will be processed either digitally or in paper form.

The Data Controller will process Your data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for the Terms of Service.

D. Access to data

In order to carry out the purposes explained in letter C) of this policy, Your data may be accessed to by employees and collaborators of the Data Controller, in their role of Data Processors or Persons authorized to the processing of data.

E. Data disclosure

Without Your explicit consent, as indicated in art. 6 letter b), c) GDPR, the Data Controller may communicate Your data to perform the activities described in point B.1) to supervisory bodies, legal authorities, insurance companies, as well as to all subjects for which said communication is required by law for carrying out the aforementioned activities.

Your Personally Identifiable Information will not be disseminated.

F. Data transfer

Your data is stored and processed on servers located within the European Union. In any case, the Data Controller, where necessary, will have the right to move the server outside the EU. In this case, the Data Controller ensures, as of now, that the transfer of data outside of the EU will take place in accordance with the applicable legal provisions and subject to stipulation of the standard contractual clauses provided for by the European Union.

G. Nature of the data collection and consequences of refusal to respond

The provision of data for the purposes referred to in point B.1) is mandatory. Failure to provide the required information will result in the impossibility to fulfill the services guaranteed in point B.1).

The provision of data for the purposes referred to in point B.2) is optional. You can therefore decide not to provide any data or to deny, at a later time, the right to process data previously provided. In this case, You will not receive newsletters, commercial communications and promotional material relating to the services offered by the Data Controller. However You will continue to be entitled to the services referred to in point B.1).

H. Data subject rights

You, as Data Subject, have the rights indicated in articles 15-21 GDPR, such as right of access, right of rectification, right to erasure (i.e. right to be forgotten), right to limitation of treatment, right to data portability, right of opposition, as well as the right to contact the competent authority.

I. Exercising data subject rights

You can exercise Your rights at any time by sending:

  • a registered mail to ESG Portal Società Benefit a Responsabilità Limitata, Via Ippodromo 7, 20151 Milano;
  • an e-mail to info@esgportal.eu.

L. Data Controller, Data Processor and persons authorized to process personal data

The Data Controller is ESG Portal Società Benefit a Responsabilità Limitata, registered office Via Ippodromo 7, 20151 Milano.

ESG Portal

Create and publish your ESG Statement and receive a Sustainability Rating by answering surveys based on international standards

Contact Information

ESG Portal Benefit Corporation

Via Ippodromo, 7 - 20151 Milano, Italy

VAT IT11344330961

R.E.A. MI 2596349

Share Capital € 100.000

Copyright © 2021 - All rights reserved