The data provided are processed by Saipem S.p.A., Via Luigi Russolo, 5, 20138, Milano - Italy. E-mail address: privacy@saipem.com ("Company" or "Controller")

The DPO can be contacted at: dpo@saipem.com

Please note that all personal data collected by browsing the website www.saipem.com (hereafter, il “Website”), will be processed in accordance with current legislation on privacy. Therefore, the Company undertakes to process said data in accordance with the principles of fairness, lawfulness and transparency, in compliance with the purposes set out below, collecting said data only for specified and necessary purposes. Only authorised and properly trained personnel will be allowed to use said data in order to guarantee the necessary confidentiality of the information provided.

Computer systems and software procedures used to operate this website collect, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet. This information is not collected in order to be associated with identified interested parties but, by its very nature, could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of computers used by users who connect to the Site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment.

For more information, please see our Cookie Policy.

Personal data provided on a voluntary basis by data subjects and collected by Saipem S.p.A. are processed for purposes related to the activities of the site www.saipem.com and the Services offered. Where within the site the user is asked to provide personal data, the notice ex Art. 13 GDPR on the processing of data in relation to the purposes pursued as they occur, shall be simultaneously given.

In particular, personal data may be processed for the following purposes:

Browsing data are necessary in order to carry out computer and telematic protocols. Therefore, their absence would not allow the functioning of this Website.

Instead, with regard the provision of personal data for the purpose referred to in paragraph 3, please refer to the specific information notice available on the website www.saipem.com.

The Company - without needing specific consent - may communicate personal data to other subjects, the categories of which are described in detail below, for example:

• Saipem Group companies, even if not located in the EU (based on the adequacy decisions by the European Commission or on the basis of standard contractual clauses), in order to carry out contract management activities;
• Third parties (by way of indication, companies providing IT services etc.), including those not located within the EU, who carry out outsourcing activities on behalf of the Controller, in their capacity as data processors. The transfer of data to countries outside the EU is guaranteed by the adequacy decisions of the European Commission or on the basis of standard contractual clauses;
• Judicial authorities, as well as those subjects to whom communication is required by law. These subjects will process the data in their capacity as independent Data Controllers.

Your data will not be subject to disclosure.

Data Subjects have the right to ask the Controller for access to their personal data, rectification, deletion or portability of their personal data, integration of incomplete personal data, limitation of processing in the cases provided for by art. 18 GDPR. In addition, where applicable, Data Subjects may revoke their consent at any time. These rights can be exercised at any time, against the Controller, by sending a specific request in writing to the e-mail addresses privacy@saipem.com or dpo@saipem.com.

Data Subjects have also the right to lodge a complaint to the competent Supervisory Authority and to use other means of protection provided by applicable law.

Pursuant to Article 2 undecies of Legislative Decree no. 196/2003, as amended by Legislative Decree no. 101/2018 (hereinafter, the "Code"), the rights referred to in GDPR Articles 15 to 22 may not be exercised if the exercise of such rights may result in actual and concrete prejudice to the confidentiality of the identity of the whistleblower who reports unlawful conduct, pursuant to Law no. 179/2017, of which he/she has become aware.

In such a case, the rights in question may be exercised through the Supervisory Authority (as set out in Article 160 of the Code), who shall inform the data subject that he/she has carried out all the necessary verifications or has carried out a review, as well as of the data subject's right to seek judicial redress.