Garante per la protezione dei dati personali (Italy): Difference between revisions
m ({{DataProtectionAuthorities}}) |
|||
(10 intermediate revisions by 5 users not shown) | |||
Line 12: | Line 12: | ||
[[Category: Italy]] | [[Category: Italy]] | ||
|- | |- | ||
|Head:|| | |Head:||Pasquale Stanzione | ||
|- | |- | ||
|Deputy:||n/a | |Deputy:||n/a | ||
Line 22: | Line 22: | ||
|Webpage:||[http://www.garanteprivacy.it/ www.garanteprivacy.it] | |Webpage:||[http://www.garanteprivacy.it/ www.garanteprivacy.it] | ||
|- | |- | ||
|Email:|| | |Email:||'''urp@gpdp.it''' (Public relations)<br /> '''protocollo@gpdp.it''' (official submissions) | ||
|- | |- | ||
|Phone:||+39 06 69677 1 | |Phone:||+39 06 69677 1 | ||
Line 44: | Line 44: | ||
The Garante is a collegiate body of four members who are elected by Parliament for a seven-year term. The authority has an office in Rome with a staff currently numbering about 125 people. | The Garante is a collegiate body of four members who are elected by Parliament for a seven-year term. The authority has an office in Rome with a staff currently numbering about 125 people. | ||
The Panel of the Italian DPA is currently composed of | The Panel of the Italian DPA is currently composed of Pasquale Stanzione (President), Ginevra Cerrina Feroni (Vice-President), Agostino Ghiglia (Member) and Guido Scorza (Member). Fabio Mattei is currently ''Secretary General'' to the DPA. | ||
The Italian Parliament | The current Panel had been elected by the Italian Parliament on the 14 July 2020. | ||
==Procedural Information== | ==Procedural Information== | ||
Line 78: | Line 78: | ||
The Garante's decisions are accessible on in its website (in Italian). Most important decisions are also available in English (https://www.garanteprivacy.it/web/guest/home_en/main-decisions). | The Garante's decisions are accessible on in its website (in Italian). Most important decisions are also available in English (https://www.garanteprivacy.it/web/guest/home_en/main-decisions). | ||
===Filing with the DPA=== | |||
Using the official links below data subjects can: | |||
* [https://gpdp.it/diritti/come-agire-per-tutelare-i-tuoi-dati-personali/reclamo submit a claim] (form to submit to DPA) | |||
* [https://gpdp.it/garante/document?ID=1089924 exercise their rights] (form to submit to Controller) | |||
* [https://www.garanteprivacy.it/web/garante-privacy-en/schengen access, correct, and request deletion] of data held in the '''Shengen Information System II''' (form to submit to Ministry of interior) | |||
* alert the DPA to a '''data breach''' by | |||
* [https://servizi.gpdp.it/comunicazionerpd/s/ submit details of a DPO] to the Authority | |||
===Known Problems=== | |||
''You can help us by filling in this section!'' | |||
===Filing an Appeal=== | |||
''You can help us by filling in this section!'' | |||
==Decision Database== | |||
''You can help us by filling in this section!'' | |||
==Statistics== | ==Statistics== | ||
== | ===Funding=== | ||
''You can help us by filling in this section!'' | |||
===Personal=== | |||
''You can help us by filling in this section!'' | |||
===Caseload=== | |||
''You can help us by filling in this section!'' | |||
===Fines=== | |||
''You can help us by filling in this section!'' | |||
===Annual Reports=== | |||
Official page with [https://gpdp.it/home/attivita-e-documenti/documenti/relazioni-annuali Annual DPA reports] in English and Italian (dating back to 2002 only) | |||
{{DataProtectionAuthorities}} | {{DataProtectionAuthorities}} | ||
<references /> |
Latest revision as of 08:17, 16 February 2023
Garante per la protezione dei dati personali | |
---|---|
Name: | Garante per la protezione dei dati personali |
Abbreviation : | Garante |
Jurisdiction: | Italy |
Head: | Pasquale Stanzione |
Deputy: | n/a |
Adress: | Piazza Venezia 11
00187 Rome, Italy |
Webpage: | www.garanteprivacy.it |
Email: | urp@gpdp.it (Public relations) protocollo@gpdp.it (official submissions) |
Phone: | +39 06 69677 1 |
Twitter: | n/a |
Procedural Law: | n/a |
Decision Database: | n/a |
Translated Decisions: | Category:Garante per la protezione dei dati personali (Italy) |
Head Count: | 170 (Jan 2019)[1] |
Budget: | € 39,362,273.00 (2019)[2] |
The Italian Data Protection Authority (Garante per la protezione dei dati personali) resides in Rome and is in charge of enforcing GDPR and Directive 2002/58/CE (e-Privacy Directive) in Italy.
Structure
The Garante is a collegiate body of four members who are elected by Parliament for a seven-year term. The authority has an office in Rome with a staff currently numbering about 125 people.
The Panel of the Italian DPA is currently composed of Pasquale Stanzione (President), Ginevra Cerrina Feroni (Vice-President), Agostino Ghiglia (Member) and Guido Scorza (Member). Fabio Mattei is currently Secretary General to the DPA.
The current Panel had been elected by the Italian Parliament on the 14 July 2020.
Procedural Information
Applicable Procedural Law
The Garante operates under the GDPR and the national Data Protection Act ("Codice per la protezione dei dati personali" or "Codice]").
For those aspects which are not regulated directly by the GDPR, or the Codice, the Garante adopts its own administrative regulations published in the Official Gazette of the Italian Republic (see, Articles 142 and 156(3)(a) of the Codice). On 4 April 2019 the DPA adopted two different administrative regulations.
The Regolamento n. 1/2019 ("Regolamento concernente le procedure interne aventi rilevanza esterna, finalizzate allo svolgimento dei compiti e all’esercizio dei poteri demandati al Garante per la protezione dei dati personali") regulates the procedure before the Garante. For example, Article 3 reiterates the general principles of fairness and transparency of the proceeding before the DPA. Article 12 ensures a right of the parties to access documents and file submissions.
The Regolamento n. 2/2019 ("Regolamento n. 2/2019, concernente l'individuazione dei termini e delle unità organizzative responsabili dei procedimenti amministrativi presso il Garante per la protezione dei dati personali") provides for specific time-limits with regard to the different types of proceedings the DPA is competent for. Particularly important are Tabella A and B attached to the Regolamento.
Complaints Procedure under Art 77 GDPR
Under Article 142 of the Code, all complaints shall provide an indication of the facts and circumstances on which it is based, the provisions that are assumed to have been violated and the corrective measures requested, as well as the identification of the data controller or data processor, where known. If possible, the complaint shall contain attached documents relevant to its assessment and shall indicate an address for sending communications, including by e-mail, fax or telephone.
The complaint shall be signed by the data subject or, on his or her behalf, by a third sector body which has been constituted in compliance with D.Lgs. 117/17.
In general terms, the Garante shall decide the matter within 9 months upon receipt of the complaint. During the proceeding, the DPA shall inform the data subject on the progress. If the investigation is particularly complex the term can be extended up to 12 months. However, in this case, the Garante must motivate the complexity and communicate it to the data subjects . In case of cooperation procedure, such terms are suspended until the procedure is completed (for reference, see Article 143 of the Code).
However, detailed time-limits can be found in Regolamento n. 2/2019 cited above.
Ex Officio Procedures under Art 57 GDPR
Under Article 154 of the Code, the Garante can run ex officio procedures out of its own motion.
Appeals
Appeals against decisions by the Italian Garante can be taken by the parties concerned before the civil court (Article 152 of the Code, which makes a reference to Article 10, D.lgs. 150/11).
Practical Information
For most data protection claims against a controller and for complaints to the Garante standard forms (in Italian) are provided at https://www.garanteprivacy.it/.
The Garante's decisions are accessible on in its website (in Italian). Most important decisions are also available in English (https://www.garanteprivacy.it/web/guest/home_en/main-decisions).
Filing with the DPA
Using the official links below data subjects can:
- submit a claim (form to submit to DPA)
- exercise their rights (form to submit to Controller)
- access, correct, and request deletion of data held in the Shengen Information System II (form to submit to Ministry of interior)
- alert the DPA to a data breach by
- submit details of a DPO to the Authority
Known Problems
You can help us by filling in this section!
Filing an Appeal
You can help us by filling in this section!
Decision Database
You can help us by filling in this section!
Statistics
Funding
You can help us by filling in this section!
Personal
You can help us by filling in this section!
Caseload
You can help us by filling in this section!
Fines
You can help us by filling in this section!
Annual Reports
Official page with Annual DPA reports in English and Italian (dating back to 2002 only)
EU/EEA/UK Data Protection Authorities | |
---|---|
Austria · Belgium · Bulgaria · Croatia · Cyprus · Czech Republic · Denmark · Estonia · Finland (Åland) · France · Germany (Baden-Württemberg · Bavaria, private sector · Bavaria, public sector · Berlin · Brandenburg · Bremen · Hamburg · Hesse · Lower Saxony · Mecklenburg-Vorpommern · North Rhine-Westphalia · Rhineland-Palatinate · Saarland · Saxony · Saxony-Anhalt · Schleswig-Holstein · Thuringia ) · Greece · Hungary · Ireland · Italy · Latvia · Lithuania · Luxembourg · Malta · Netherlands · Poland · Portugal · Romania · Slovakia · Slovenia · Spain (Basque Country · Catalonia · Andalusia)· Sweden | |
Iceland · Liechtenstein · Norway · United Kingdom | EDPS · EDPB |