The Italian Garante has issued new guidelines to
clarify privacy requirements by which data controllers should abide
in creating user profiles. These new guidelines have been effective
since 6 May 2015, when they were published on the Official Gazette,
and are addressed to private entities operating in Italy providing
online services, such as search engines, electronic mail services,
video streaming services, social networks and electronic payment
In particular, if they use personal data to profile users'
habits on the web, such entities shall:
provide an information notice set out in progressive levels,
the first of which should be accessible on the home page;
ask for and obtain the free and informed consent of data
subjects before collecting and processing their data to make direct
marketing more effective; and
provide a storage timeframe, which is proportional to the scope
for which the data has been collected.
Even if such guidelines do not introduce ground-breaking
principles and are mainly addressed to professional service
providers, it is worth noting that the Garante is issuing
a number of guidelines providing practical instructions on how to
organize websites to make them compliant with Italian data
In case of infringement of such guidelines, the Garante
may fine the infringer with monetary sanctions, together with
blocking data which is unlawfully collected and processed and, in
certain cases, will pursue criminal sanctions.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In this article Filippo Noseda examines the impact of the Common Reporting Standards (CRS), based on practical examples of data transfer and data breaches and analysed in the light of general tax law principles.
Four years after the overhaul of European data protection laws began, the final text of the new General Data Protection Regulation (GDPR) was approved in Spring 2016 and the new rules will come into effect on 25 May 2018.
This update is dedicated to covering the latest legislative developments affecting the way data is managed and protected, as well as reporting on the most recent news governing data breaches and industry developments.
The market of the so-called "connected vehicles" has been considerably growing since 2015. According to a recent study by AlixPartners, 78 million of connected vehicles will be commercialized in 2018, generating a EUR40 billion turnover.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).