Search

Privacy Notice pursuant to the legislation on the protection of personal data – accessibility reports

Pursuant to art. 13 of Regulation 2016/679/EU (General Data Protection Regulation – hereinafter GDPR), TI Sparkle S.p.A., hereinafter referred to as TI Sparkle, hereby provides the Information regarding the processing of personal data provided by the data subject in the reports relating to accessibility (hereinafter referred to as "accessibility reports") of its digital products and services (e.g. mobile applications and websites), in accordance with the provisions of Law 4/2004, by Legislative Decree 82/2022 and by the AgID (Agency for Digital Italy) Guidelines on digital accessibility.

In particular, Legislative Decree 82/2022 implemented EU Directive 2019/882 on accessibility (known as the European Accessibility Act), integrating and updating Law 4/2004 (the so-called Stanca Law), which already imposed certain obligations on public administrations and private entities offering services to the public through websites or mobile applications. The European Accessibility Act imposes a more detailed set of rules and requirements for numerous digital products and services from different sectors (including e-commerce, electronic communications services, transport, banking and culture), with the aim of improving their accessibility for persons with disabilities, thus ensuring their full social and professional participation.

1) Categories of personal data

TI Sparkle will process the personal data provided by the data subject in accessibility reports, sent to the following dedicated e-mail address: accessibility@tisparkle.com.

The data strictly necessary for the management of reports belong to the category of common data referred to in art. 4, point 1, GDPR: personal data (name, surname and, possibly, date of birth), contact data (e-mail address and, possibly, landline and/or mobile telephone number).

2) Purpose of the processing and related legal basis

The personal data provided by the data subject will be processed by TI Sparkle to manage and respond to reports relating to any problems relating to the accessibility of its digital products and services (including websites and mobile applications) or to improvements to be made to them. The response to the report will take place within 30 days of receipt of the same. In addition, the data, after aggregation and anonymization, may be processed for statistical purposes and to improve accessibility to its digital products and services.

The legal basis for the processing is the need to comply with the legal obligations (referred to in the introduction) to which the Data Controller is subject (Article 6, paragraph 1, letter c) GDPR).

The provision of personal data is necessary for the achievement of the purposes referred to in this point 2); failure to provide them, partial or incorrect provision could result in the impossibility of managing accessibility reports.

3) Retention of personal data

TI Sparkle will retain personal data for a period of time not exceeding the achievement of the purposes for which they are collected or subsequently processed, i.e. for the time necessary to manage and respond to the report received and, in any case, no longer than 1 year from the date of the final response to the report.

4) Methods and logic of processing

The processing of data will be carried out manually and/or through IT and telematic tools, with the logic of organization and processing of data related to the purposes indicated above and, in any case, in such a way as to guarantee their security and confidentiality.

5) Data Controller, Data Protection Officer and categories of persons authorised to process data in TI Sparkle

The Data Controller of personal data is TI Sparkle S.p.A., with registered office in Via di Macchia Palocco, n. 223 - 00125 Rome.

TI Sparkle has appointed a Data Protection Officer, who can be contacted by writing to the following address: via Gaetano Negri, n. 1 - 20123 Milan.

Personal data will be processed by employees of the competent Functions of TI Sparkle, who have been appointed as persons authorised to process personal data and have received appropriate operating instructions in this regard.

6) Categories of third parties to whom the data may be communicated or who may become aware of it

Some processing of personal data may also be carried out by third parties, including TIM Group Companies, to whom TI Sparkle entrusts certain activities (or part of them) to pursue the purposes referred to in point 2). These third parties may also be established abroad, in EU or non-EU countries; in the latter case, the transfer of data is carried out by virtue of the existence of a decision of the European Commission on the adequacy of the level of data protection of the non-EU country or on the basis of the appropriate and appropriate guarantees provided for by art. 46 or 47 of the GDPR (e.g. signing of the "standard clauses" of data protection adopted by the European Commission) or of the additional conditions of legitimacy of the transfer provided for by art. 49 of the GDPR.

These subjects will operate as independent Data Controllers or will be designated as Data Processors and are essentially included in the following categories:

  • a) Providers of technical-IT services;
  • b) Consultants and law firms;
  • c) Authorities (e.g. AgID, Italian Data Protection Authority), Judicial Authorities and any other public entity entitled to request the data.

7) Rights of the data subjects

The data subject may exercise at any time the rights provided for in articles 15 to 22 of the GDPR, as far as applicable (e.g. access the data relating to the accessibility report, request their deletion, object to their use for legitimate reasons), by writing to the following address: accessibility@tisparkle.com.

Further information on accessibility can be found on the dedicated web page accessible via link/web welcome page.

In addition, the data subject has the right to lodge a complaint with the Italian Data Protection Authority (Article 77 of the GDPR) or, alternatively, to appeal to the competent judicial authority (Article 79 of the GDPR), if he/she considers that the processing of personal data concerning him/her violates the legislation in force.

TI Sparkle S.p.A.

Edition: November 2025 – Sparkle information on accessibility reports for external users