Privacy and personal data protection
Compliance with privacy regulations is a priority for TIM, which since 2003 has adopted an organizational model capable of overseeing their correct application at the Group level. In carrying out the company's activities, the relevant functions are committed to ensuring the proper handling of the personal data of those concerned, including customers and employees.
At the Group level, a Data Protection Officer has been appointed, with control, advisory, training and information functions with regard to the application of personal data protection regulations, in accordance with the specific provisions of EU Regulation n.2016/679, concerning the protection of individuals with regard to the processing of personal data (so-called "General Data Protection Regulation" or GDPR), applicable in Italy and in the other countries of the European Union. In order to ensure - in TIM and within the Group Companies - the compliance of personal data processing with the GDPR and the Code on the Protection of Personal Data (Legislative Decree No. 196 of June 30, 2003), TIM adopts all necessary initiatives aimed at making itself compliant with the aforementioned provisions
The policy "System of rules for the application of the regulations on the protection of personal data in the Telecom Italia Group," which is the set of standards and operating rules governing the processing of personal data in accordance with the applicable legal and regulatory provisions on the subject, defined specifically for the TIM Group, is kept constantly updated and can be found on the corporate intranet.
During 2022, we adjusted the Group Organizational Model that oversees the protection of personal data to the privacy-by-design principle that requires the data controller to implement effective technical and organizational measures to protect personal data. In particular, the revision of TIM's privacy model, with the introduction of new IT tools, led to the updating of the processing register and the texts of all personal data processing notices provided by TIM and other Group Companies to different types of data subjects (e.g., customers, employees, visitors).