PRIVACY POLICY

Legislative Decree No. 196 of 30 June 2003, Italian Personal Data Protection Code

A.S. Roma S.p.A – headquarters in Piazzale Dino Viola 1, Rome, 00128 – intends to use this document to inform visitors to the site www.asroma.it (hereinafter referred to as the “Site”) of the adopted policy regarding personal data protection, underlining the effort and attention that the club pays to protecting the privacy of visitors to the Site.

The Site is open for browsing and does not require any registration, except for some areas where the user can freely and explicitly supply personal data in order to access specifically highlighted services. Consequently, where the visitor intends on supplying personal data to access further services, this shall be expressly governed in accordance with Article 13 of Legislative Decree No. 196 of 30 June 2003, Italian Personal Data Protection Code. There shall be an indication (by way of example) of the purposes and methods of processing the data by A.S. Roma S.p.A., as well as of the right to cancel or update this data at any time. 

Information on personal data protection

Pursuant to and in accordance with Legislative Decree No. 196 of 30 June 2003, Italian Personal Data Protection Code (hereinafter referred to as the “Code”), A.S. Roma S.p.A. provides the following information. 

1. Data Controller and Processor

The Personal Data Controller is A.S. Roma S.p.A. – headquarters in Piazzale Dino Viola 1, Rome, Tax Code and Rome Companies Register Number 03294210582, VAT Number 01180281006 (hereinafter referred to “A.S. Roma”).

2. Types of processed data

Registration is not necessary to access the Site. However, it is necessary to provide personal data to use certain services within the Site (for example, your data may be requested to access the Newsletter services, to be sent advertising or informative material, to register for the Site, to contact us, or to ask for information etc.).

Whenever A.S. Roma acquires personal data or information, the club shall inform users in advance of the purposes for which the data has been requested and the methods with which it shall be used – in accordance with Article 13 of the Code. Wherever necessary, A.S. Roma shall acquire the specific consent of the user concerning the use of the data. By way of example, personal data such as first name, surname, address, telephone number, email address, and other information may be requested, which the user can agree to supply by filling out a specific registration form in order to use the Site's services. A.S. Roma shall only use the data that has been gathered online for the purposes specified during registration.     

Data connected with accessing and browsing the Site (such as Uniform Resource Identifier addresses of requested resources; the time of the request; the method used to submit the request to the server; the size of the file obtained in reply; the numerical code indicating the state of the response from the server – successful, error, etc.; and other parameters relating to the user's operating system and IT set-up) shall only be gathered with the aim of obtaining anonymous statistical information on the Site's usage and ensuring it functions correctly. The data shall be cancelled immediately after they are processed. This data could be used to establish liability in hypothetical computer crimes against the Site. With the exception of this eventuality, the data shall be cancelled once the time needed to supply the service illustrated on the Site has elapsed.

With reference to data needed for browsing the Site, see point 6 below concerning the profiling tools used by the Site.   

3. Optional supply of personal data

In general, supplying personal data is optional (e.g. to receive advertising or informative communications). Only in specific cases shall the non-supply of data result in users being unable to access certain services or obtain the fulfillment of the original request.

The user is required to only supply their own personal data. If supplying personal data from third parties, the user shall declare this and explicitly acknowledges that they have obtained consent from these third parties in order for A.S. Roma or other data processors (as is sometimes requested in the advisory notices given when gathering the data) to process the relevant personal data.

4. Methods of processing data and scope of communication

The data can be processed both electronically and on paper. A.S. Roma guarantees lawful and accurate processing of the data supplied via the Site, in full respect of the legal framework and with the strictest confidentiality of the data provided during registration. 

All the gathered information shall be transmitted through a protected connection in order to prevent third parties from intercepting it. The security of the Site is guaranteed and certified by a leading internet security provider.

The data shall not be shared or communicated to third parties, excepted within the limits and conditions expressly set out in advisory notices that are occasionally passed onto the user and require their authorization.

5. Links to other sites

This advisory notice is intended only for www.asroma.it and not for other sites that the user may access via links. A.S. Roma cannot be held responsible for personal data supplied by users to third parties and possible sites linked to this Site.

6. Profiling and personalization tools

A.S. Roma shall not carry out any promotional and/or advertising activity without the explicit prior consent of the user.

The Site uses automatic data gathering systems, such as “Cookies”, flash cookies and browser cookies. These are systems that are sent by the Site's server to the user's browser (Internet Explorer, Mozilla Firefox, Google Chrome etc.) and stored on the hard drive of the user's PC when they visit the Site.

The cookies allow the Site to identify the user's PC – via the information saved on it – every time the user accesses the Site from the same PC.

The use of cookies can facilitate the user's browsing of the Site. The cookies do not gather information that specifically refers to the user. In fact, A.S. Roma cannot access any personal information regarding the user (e.g. first name or surname) through the cookies, unless this was directly supplied by the user.

In general, cookies differ according to their duration, the domain that installed them and their function. 

Based on their duration they are divided into:

  • Session cookies: Temporary files that are saved until the user leaves the site (or the web browser is closed).
  • Persistent cookies: Files that are stored and maintained even after the user leaves the site and/or closes the browser. They are deleted only after the expiration data specified in the cookie itself or if the user deletes them personally.

Based on the domain (site) that installed them, they are divided into:

  • First-party cookies: Files that are installed onto the user's system directly from the site that they are visiting.
  • Third-party cookies: Files that are installed by external sites, through a built-in code on the site that is being visited. Examples of third-party cookies come from social media plug-ins (Facebook or Twitter in order to share content) or cookies that track visits to the site.

Based on their function, they are divided into:

  • Technical cookies, which are used in the site's functioning and can be grouped into:
    1. Essential technical cookies: Necessary to ensure the pages on the site function correctly. Without these cookies, some functions might be compromised and access to content could be limited. For example, they permit the site to keep track of the user's authentication. 
    2. Functional technical cookies: Cookies used to memorize the choices made by the user to improve their browsing (for example, language choice or automatic form fillers). These types of cookies may include personal information (for example, the user's name or email that has previously been indicated). Without these cookies, some functions and the browsing could be compromised or slowed down. 
    3. Performance technical cookies: Cookies used to understand (i) if the users accessing the site are new or  have visited before; (ii) how they used the site; (iii) how they move about the pages; (iv) how long they spend on the pages and the site; and (v) which geographical region they access the site from. The data gathered by these cookies does not identify the user as a person, but is instead aggregated anonymously by the analysis tools. Deactivating these cookies will not compromise the functionalities offered by the Site in any way.   
    4. Technical cookies connected with social widgets: Some widgets made available by social media platforms (e.g. Facebook, Twitter, YouTube, Google+, Pinterest, Google Maps etc.) may use their own cookies to ensure links to the social networks function properly. Deactivating these cookies will not compromise use of the site, except in the sections where the widgets may be installed (for example, where a video or map is integrated). In some cases, the possibility to quickly share content or comment on some areas of the site may be also compromised.   
  • Profiling and advertising cookies: These cookies are installed in order to show site visitors content based on their preferences. Therefore they may be used to show advertising content aimed at the person's interests. These types of cookies function in collaboration with third-party sites and can keep track of how the user browses the pages in different domains. These types of cookies keep track of the user's IP address, as well as other information, some of which may be personal.

The cookies are issued by the Site's server and nobody can access the information that is contained in them. Once saved on the computer, the cookie can be read only by the site that created it (in our case, www.asroma.it or, in the case of third-party cookies, by the servers of the third parties that installed the cookies).

6.1 Types of cookies used by www.asroma.it

Technical cookies

The Site uses technical cookies. These cookies are used in order to guarantee a better site-browsing experience or may be integral to the services supplied by the Site itself. The following specific cookies are used:

  • First-party technical cookies (created by the Site) that allow us to memorize users' choices in order to improve browsing.
  • Third-party analytic cookies (created by external sites not owned by A.S. Roma) that allow us to verify and memorize how visitors browse the Site, in an aggregated and anonymous fashion. Thanks to these cookies, it is possible to improve the service that we offer, ensuring that our users can easily find the information they are looking for.
  • Third-party social media cookies (created by external sites not owned by A.S. Roma) necessary for social networks (Facebook, Google and Twitter) to control interaction with social media widgets on the site and to allow the Site to interact with social networks and external platforms.

These cookies do not require the acquisition of the prior and expressed consent of the user since they are strictly necessary to providing the Site's service (Article 122, Paragraph 1 of the Code).

Profiling cookies

The Site also uses profiling cookies from other sites (Google Analytics and Gigya in particular). These cookies understand the user’s preferences and are aimed at creating profiles that are relevant to that user, with the aim of improving content on the Site as well.

Using these cookies requires the explicit and conscious consent of the user (Article 122, Paragraph 1 of the Code). When accessing the Home Page (or any other page) of the Site, reading the banner relating to the cookies present therein and seeing the advisory notice supplied, if the user then continues to browse (clicking on a web page of the Site or a link present therein for example) they are supplying their own explicit consent to the use of cookies. It is also considered as valid consent from the user if they have configured their Internet browser (e.g. Explorer, Firefox, Chrome) to automatically accept cookies (Article 122, Paragraph 2 of the Code). 

Consent shall only be requested when the user accesses the Site for the first time. Subsequently, thanks to the use of a technical cookie, the prior consent will be memorized in order to allow direct access to the Site's pages when next browsing. The right to activate, deactivate or cancel the cookies remains throughout (see point 6.5 below). In this case, should the user return to the Site, consent will requested again. 

6.2 Information on cookies issued by the Site:

The following information is provided on the cookies used by the Site:

1) The name of the domain from which the Site issues the cookies is: www.asroma.it. This concerns cookies issued by this Site. For cookies issued by third parties, see paragraph 6.3.  

2) Purposes of data collection: The cookies are used in order to ensure faster and easier browsing of the Site and to improve the user's experience of the Site and interaction with social networks (technical cookies).

3) Data gathered: The following information is saved: URI (Uniform Resource Identifier) addresses of requested resources; the time of the request; the method used to submit the request to the server; the size of the file obtained in reply; the numerical code indicating the state of the response from the server (successful, error, etc.); and other parameters relating to the user's operating system and IT set-up.

4) Validity of the cookies: The Site uses both session cookies (that are automatically deleted when the browser is closed) and persistent cookies (that are kept until cancellation by the user), which have a duration of no longer than six months in any case.

5) Accepting the cookies: It is not necessary for the user to give consent for the use of technical cookies and accepting these cookies is optional. Nevertheless, if the technical cookies are not accepted, browsing will still be possible, but some of the content and functionality of the Site may not be released.

6) Communicating data: The information gathered via the cookies is confidential and shall not be shared with third parties.

The Site issues the following cookies:

The Website uses technical cookies. These cookies are used to provide a better browsing experience on the Website or are strictly necessary in order to provide the Website’s services.

These cookies do not require the prior express consent of the user as they are strictly necessary in order to provide the Website’s service (Article 122, paragraph 1, of the Code).

Profiling Cookies:

The Website only uses profiling cookies from other sites (particularly Google Analytics). The cookies are intended to create profiles about the user and understand their preferences, also so as to improve the content on the Website.

The use of these cookies requires the express and informed consent of the user (Article 122, paragraph 1, of the Code). By accessing the Home Page (or another page) of the Website, viewing the information banner about cookies on that page, acknowledging the information notice provided, and continuing to browse (for example, by clicking on the Website page or a link on that page), the user gives his/her consent to use cookies. It is also deemed valid consent by the user if s/he has configured his/her web browser (e.g. Explorer, Firefox or Chrome) to accept the use of cookies (Article 122, paragraph 2, of the Code).

Please be aware that your consent will only be requested the first time you access the Website: thereafter, a technical cookie will be used to store your consent so that you can access the Website pages when you come back (you still have the right to disable/enable cookies at any time, or to delete them (see point 6.5): in this case, when you come back, the site will ask you for your consent again).

No other user profiling tools are used on this site (e.g. spyware)

6.3 Third-party cookies

The Site uses third-party cookies, which are issued and managed by parties different to A.S. Roma for their own purposes, including profiling. Below are the third-party cookies used by the Site with links to the privacy document supplied by the third parties that manage the cookies.

 

PROFILING COOKIES

Issued by third parties

 

Name

Expiration

Description

__gads

1 year

Sometimes an advertising cookie may be set on the domain of the site you are visiting. In the case of our DoubleClick product, a cookie called ‘__gads’ may be set on the domain of the site you are visiting. Unlike cookies that are set on Google's own domains, this cookie can't be read by Google when you're on other sites. It serves purposes such as measuring interactions with the ads on that domain and preventing the same ads from being shown to you too many times.

__ga

1 year

From the same link above: Google Analytics is Google’s analytics tool that helps website and app owners to understand how their visitors engage with their properties. It may use a set of cookies to collect information and report website usage statistics without personally identifying individual visitors to Google. The main cookie used by Google Analytics is the ‘__ga’ cookie.

_gig_llp

Indefinite

Gigya cookie, related to user login

_gig_llu

Indefinite

Gigya cookie, related to user login

cookieDisclaimer

1 year

Tells the site if user clicked on Close in cookie disclaimer

last-language

session

As user navigates the site we track which language is the last page that was viewed in

userPreferredLanguage

1 year

User can change between En and It and site will remember for future visits

__utma

2 years

Tracking data for Google Analytics.  Helps work out unique visitor numbers.

__utmb

1 day

Tracking data for Google Analytics.  Helps work out visitor session length.

__utmc

1 year

Tracking data for Google Analytics.  Helps work out visitor session length and whether a session has expired.

__utmz

6 months

Tracking data for Google Analytics.  Used to work out referrals from other domains

 

6.4 Deactivating/canceling cookies through web browser

It is possible to deactivate/activate or delete the cookies at any moment using the settings on your web browser. In particular, if you do not wish to receive cookies, it is possible to set your browser to receive alerts when cookies are in use in order to decide whether to accept them or not. It is also possible to automatically refuse all cookies by activating the appropriate setting in the browser.

In order to do this, you can consult the information in the browser's user manual (Help Page) or follow these instructions:

Google Chrome

1. Click on “Tools” in the top part of the browser window and select “Settings”.


2. Click on “Show advanced settings”, find the “Privacy” section and choose “Content settings”.

3. Now select “Allow local data to be set”.

Microsoft Internet Explorer 6.0, 7.0, 8.0, 9.0


1. Click on the “Tools” icon in the top part of the browser window and choose “Internet Options”, then enter the “Privacy” tab.

2. To activate cookies in your browser, make sure the privacy setting is placed as “Medium” or below.


3. Increasing the privacy setting to above Medium will deactivate the use of cookies.

Mozilla Firefox

1. Click on the “Tools” icon in the top part of the browser window and choose “Options”. 


2. Then enter the Privacy tab, select “Use custom settings for history” in the drop-down menu under “History” and choose “Accept cookies from sites”.

Safari on OSX

1. Click on “Safari” in the top part of the browser window and select “Preferences”.

2. Choose “Security” and select “Only from sites I visit” under “Accept cookies”.

Mozilla and Netscape on OSX

1. Click on “Mozilla” or “Netscape” in the top part of the browser window and choose the “Preferences” option.

2. Scroll down until you see the Cookies tab under “Privacy & Security”. Choose “Allow cookies for the originating web site only”.

Opera

1. Click on the “Tools” icon in the top part of the browser window and select “Preferences”.


2. Then choose the “Advanced” tab  and select the “Accept cookies” option.

It is also possible to manage your own cookie preferences on http://www.youronlinechoices.com.

7. Location of data processing and data communication

Data processing relating to services provided by the Site shall take place at A.S. Roma's headquarters – indicated in point 1 above – and shall be carried out by A.S. Roma's data processing employees.

Some processing shall also take place with external service providers of A.S. Roma that have been tasked with managing and maintaining the Site. These service providers have been nominated by A.S. Roma as Data Controllers in accordance with Article 29 of the Code.

For these purposes, may be temporarily transferred abroad, while respecting and upholding the contractual guarantees provided in Articles 43 and 45 of the Code.

Users are invited to carefully read the information provided in the sections of the Site dedicated to registration and gathering personal data in order to access certain services. The parties who may collect the personal data are specifically indicated in these documents, as well as other parties who may process the personal data as independent data controllers. 

8. Rights of data subjects

In accordance with Article 7 of the Code, data subjects have the right to obtain information on the processing of their data, including, 1) obtain, without delay, confirmation as to whether personal data of yours exists [...]; 2) obtain: a) details as to the origin of your personal data, how it is used and for what purpose, how it is processed with the help of technology, the personal details of the holders or those responsible for it, individuals or groups of individuals to whom the data may be communicated or who – as per their direct or delegated responsibility – may handle it; the update, amendment or, should it concern you, the addition of data; b) data that is deleted, made anonymous or blocked from being processed because it contravenes legislation; 3) refuse, entirely or in part, to have your personal data processed for commercial information or the sending of advertising or sales material or for the means of market research or commercial communication.

You can exercise your rights at any time by informing A.S. Roma via email info@asroma.it  

9. Applicable law

This Privacy Policy is regulated by Italian law and in particular by the Code, which regulates processing of personal data – even when the data comes from abroad – by anyone who is in Italy or through structures situated in Italy. The Code guarantees that personal data is processed in respect of the rights and fundamental freedoms, as well as the dignity of the data subject, with particular reference to confidentiality, personal identity and the right to protect personal data.   

10. Review clause

A.S. Roma reserves the right to review, modify or simply update this Privacy Policy, in all or in part, at its own discretion, in any way and/or at any time, without warning. This also takes into consideration modifications in laws and regulations concerning personal data protection. Users shall be notified of modifications and updates to the Privacy Policy on the Home Page of the Site as soon as they are adopted. Modifications and updates shall come into force as soon as they are published on the Site in this section.

Users are asked to regularly visit this section to check the publication of the latest and updated Privacy Policy. 

The full text of Legislative Decree No. 196 of 30 June 2003 can be consulted on the site of the Authority for the Protection of Personal Data www.garanteprivacy.it/.