Telephone Recording Information

Information according to Articles 13 and 14 of the GDPR 2016/679 and current national legislation regarding the registration of telephone calls by the Viasat Operations Centre.

Documentation drafted by the requirements of GDPR 2016/679 “General Data Protection Regulation” and current national legislation.

The Company hereby informs that a telephone switchboard system that allows the recording of corporate telephone calls has been set up.
The treatment of personal data by GDPR 2016/679 and the national laws in force resulting from the recording, storage and listening of recordings will be based on the principles of correctness, lawfulness, transparency and protection of your privacy and your rights.

Collection and processing of personal data.

The processing (including recordings of telephone conversations) of personal data, whether requested or collected, aims only at:

Ongoing contract relationships and support activities;
Protection of Viasat Group employees;
Setting up of a tool to improve the professional staff's skills;
Monitoring the quality of services to enable the Viasat Group to respond, on time, to the requests of the legal authorities;
Protect the company's assets and those of client companies from any damage that might arise in the event of telephone contact complaints.

It is not foreseen for automated decision-making processes, including the profiling referred to in Art. 22 of the GDPR.

Legal basis of the processing.

The legal basis for processing your personal data, for the purposes mentioned above, is based on the requirement to fulfil legal obligations to which the Controller is subject (Art. 6 para. 1 lit. a), b), c) and para. 4).

Mode of treatment.

Data are collected, processed and archived on magnetic, electronic and/or telematic media, and paper if the records are typed, using internal or external Viasat Group employees and in compliance with the confidentiality and security rules established by law, consequent regulations and internal instructions.
In all cases, processing takes place based on assignments formalized beforehand, and at the same time as appropriate information and instruction on the safety measures and procedures to be adopted to ensure an adequate level of security.

During the call, the customer will be informed in advance of the status of the recording using a short staff note or voice recording.
If he/she does not intend to interrupt the call, the principle of ‘continuation of the call/assent’ to the registration will be manifested.

Place of processing

The data are processed and stored at VIASAT SPA headquarters in Via Giulio Vincenzo Bona 133 – 00156 Rome (RM) – Italy. They are also processed, on behalf of the Company, by consultants and/or companies appointed to carry out technical and development activities as well as by third parties, including suppliers of technical and IT services, appointed as Data Processors, their list being available on request from the Data Controller.

Mandatory or optional nature of data transfer and consequences of a refusal to confer data.

The data conferral is optional, but necessary to manage the service provided and quality levels and, if necessary, to formalize, accept and manage requests and/or customer claims. Without the data conferral, it will not be possible to follow up on the caller’s requests.

Compulsory or optional nature of transfer data.

Some data are required for the contractual agreement or its execution, while others can be defined as optional, but are also necessary to manage, control the service provided and quality levels and, if necessary, to formalise, accept and manage requests and/or claims submitted by the customer. The transfer of data to the company is mandatory only for data for which there is a legal or contractual obligation.

Consequences transfer refuse.

Where there is a legal or contractual obligation to transfer data, a refusal will put the Supplier in the position of not being able to execute or continue the Contract, as this would constitute illegal processing. Where there is no legal obligation to transfer the data, refusal would not produce the above-mentioned consequences, but would in any case prevent the execution of secondary operations.

Data Communication.

For the purposes indicated, the transmitted data may be communicated or shared with the employees expressly designated or authorised to process them, with the Statutory Auditors and with third parties outside the Company designated as Data Processors according to art. 28 GDPR 2016/679 or in any case operating as Data Controllers, such as the Public Administration Bodies or Authorities that have by law, regulation or EU directive, the right or obligation to know them and the Judicial Authority, in case of notification of a complaint, claim or suit. The records will not be disseminated. A detailed list of the companies designated as data processors can be obtained from info@viasatonline.it.

Data transfer abroad.

The Data included in the registrations and the registrations themselves may be communicated and/or transmitted abroad, including to non-European third countries, to companies controlled by or belonging to the Viasat Group only for the fulfilment of contractual obligations deriving from the caller’s requests, or for exclusively technical reasons related to the structure of the Company’s Information System and/or the application of technical and organisational security measures deemed appropriate by the Data Controller (art. 32 GDPR 2016/679).

Data retention time.

Personal Data processed for the aforementioned purposes will be saved in compliance with the principles of proportionality and necessity and, in any case, until the data processing purposes have been pursued. Once the above retention periods have ended, the Data shall be destroyed or made anonymous, compatibly with the technical procedures of deletion and backup. And, in any case, according to the following parameters:
For records not relevant to the purposes set out: 90 days.

Data subject's rights.

Regarding the personal data, the interested subject may exercise the rights provided for, within the limits and under the conditions laid down by Articles 15 to 22 of GDPR 2016/679 and by the national legislation in force. In case of subscription to any consent to the processing requested by VIASAT SPA, please note that the data Subject may cancel it at any time, without precluding the mandatory requirements established by the legislation in force at the time of the cancellation request, by contacting the Data Controller at the address below.

Complaint rights.

Data subjects who consider that the processing of personal data referring to them occurs in violation of the GDPR 2016/679 have the right to complain to the Garante per la protezione dei dati personali, as established in Article 77 of the GDPR 2016/679 itself or to take appropriate legal action (Article 79 GDPR 2016/679).

Treatment Owner.

The Data Controller, who you can contact to claim the rights mentioned in Articles 15 to 22 of the GDPR 2016/679 and in the national legislation in force, is VIASAT SPA, with a registered office in Via Tiburtina, 1180 – 156 Rome (RM). The list of Data Processors is available, upon request, from the Data Controller. The above rights may also be exercised by sending communications to the following e-mail address: info@viasatonline.it.

Data Protection Officer (DPO o RPD).

The Data Controller has identified a Data Protection Officer (DPO/RPD) whom you may contact for all matters relating to the processing of your personal data and the exercise of your rights under GDPR 2016/679. The contact details of the DPO/RPD are as follows: privacy@viasatonline.it.