Skip to content Skip to footer
L10-CCS
L10-CCS

Privacy Policy

Close

Pursuant to Regulation (EU) No. 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), Eni Netherlands CCUS B.V. (the “Company” or the “Controller”) hereby provides the following information regarding the processing of personal data (“Data” or “Personal Data”) carried out in connection with the browsing of the website l10ccs-storage.com (the “Website”) and the use of the services offered therein (the “Services”).

1. Data Controller
The Data Controller is Eni Netherlands CCUS B.V., VAT no. NL862176487B01, with registered office at Prinses Beatrixlaan 5, 2595 AK The Hague, The Netherlands.
2. Personal Data processed
Personal Data processed are:
  • Browsing and technical Data: (e.g., IP address, information on devices used, etc.) collected during the use of the Website;
  • Data collected through the contact form: (e.g., first name, last name, company, contact details, message content, etc.).
3. Purposes and legal basis of processing
Personal Data are processed for the following purposes:
a. Legal purposes
Processing necessary for compliance with a legal obligation (Art. 6(1)(c) GDPR); Data may be processed where necessary to comply with obligations arising from laws and/or to handle requests from competent authorities. Due to the mandatory nature of providing Data for the above purpose, failure to provide such Data will make it impossible to access and receive the requested Website Services.
b. Contractual purposes
Processing necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6(1)(b) GDPR); Art. 5(3) Directive 2002/58/EC); Data will be processed, including through technical Cookies, to enable the use of the Website and the provision of the requested Services, including submission of the contact form and management of related requests, as well as enabling the Controller to manage the website for operational and technical reasons and to ensure its cybersecurity. Due to the mandatory nature of providing Data for the above purpose, failure to provide such Data will make it impossible to access and receive the requested Website Services.
c. Additional purposes
Processing necessary for the purposes of the legitimate interests pursued by the Controller or third parties (Art. 6(1)(f) GDPR). Data may also be processed:
  • In the context of extraordinary transactions such as mergers, transfers or sales of business units, in order to carry out due diligence activities, based on the Controller’s legitimate interest in the continuation of its business activities;
  • To establish, exercise or defend a right of the Controller or a third party in judicial and/or out-of-court proceedings, as well as for related preparatory activities, based on the legitimate interest of the Controller and/or third parties in protecting their rights.
Due to the mandatory nature of providing Data for the above purpose, failure to provide such Data will make it impossible to access and receive the requested Website Services.
4. Means of the processing
The processing of Personal Data may also be carried out by electronic or automated means, using tools suitable to ensure their security and confidentiality, and will include any operation or set of operations necessary for such processing.
5. Persons authorised to process and recipients of Personal Data
For the purposes indicated in paragraph 4 above, Personal Data are processed by personnel authorized by the Controller. In addition, the Controller may disclose Personal Data, where required or permitted by law, to competent authorities and to the following categories of recipients, solely for the purposes indicated in paragraph 4 above:
  • Companies providing IT services to the Controller, including development, management and technical support of the Website;
  • Web measurement service providers (web traffic analytics);
  • Professional and advisory firms engaged in connection with ordinary business and litigation.
Such recipients may act, depending on the case, as data processors (and in such case will receive appropriate instructions from the Controller) or as independent data controllers. In any case, Personal Data will not be disseminated, unless required by law.
6. Transfer of Personal Data outside the European Economic Area
Where this serves the purposes described in paragraph 4, Personal Data might also be transferred abroad to companies based outside the European Economic Area (“EEA”). Some of the jurisdictions outside the EEA might not guarantee the same level of Personal Data protection guaranteed within the EEA. In this case, the Data Controller undertakes to regulate the transfer and subsequent processing of the Personal Data through the Standard Contractual Clauses provided by the European Commission and to adopt every other safeguard required by Article 46 GDPR if it is not possible to use one of the derogations listed in Article 49 GDPR.
7. Data retention period
Personal Data will be stored in the Controller’s IT systems and protected by appropriate security measures for the time necessary to achieve the purposes set out in paragraph 4, after which they will be deleted. Personal Data may be retained for a longer period in the event of disputes, requests from competent authorities, or where required by applicable law.
8. Data subjects’ rights
Where applicable, and within the limits set by the GDPR, data subjects are entitled to:
  • Access: Obtain confirmation from the Data Controller as to whether or not their Personal Data are being processed, and, where that is the case, access to the information listed in article 15 GDPR;
  • Rectification: Obtain from the Data Controller the rectification of inaccurate Personal Data, or, taking into account the purposes of the processing, have incomplete Personal Data completed in accordance with article 16 GDPR;
  • Erasure: Obtain from the Data Controller the erasure of Personal Data, where one of the grounds listed in article 17 GDPR applies;
  • Restriction: Obtain from the Data Controller the restriction of processing of Personal Data in the cases listed in article 18 GDPR;
  • Data Portability: Receive – in a structured, commonly used and machine-readable format – the Personal Data provided to the Data Controller, so that the Data Subject may transmit those data to another data controller without hindrance, in accordance with article 20 GDPR;
  • Objection: Object to the processing of their Personal Data on the basis of their particular situation, unless there are compelling legitimate grounds for the processing that override their interests, rights and freedoms or compelling legitimate grounds for the establishment, exercise or defence of legal claims, in accordance with article 21 GDPR;
  • Withdraw Consent: Withdraw any consent given, without affecting the lawfulness of processing based on consent before its withdrawal.
These rights may be exercised by emailing the following address: [insert the corporate email address for users to contact regarding the exercise of their privacy rights]</a >. Without prejudice to their right to initiate other administrative or judicial proceedings, data subjects also have the right to lodge a complaint with the competent supervisory authority if they believe that there has been a breach of their rights with regard to the protection of their Personal Data.
1. Data Controller
The Data Controller is Eni Netherlands CCUS B.V., VAT no. NL862176487B01, with registered office at Prinses Beatrixlaan 5, 2595 AK The Hague, The Netherlands.
2. Personal Data processed
Personal Data processed are:
  • Browsing and technical Data: (e.g., IP address, information on devices used, etc.) collected during the use of the Website;
  • Data collected through the contact form: (e.g., first name, last name, company, contact details, message content, etc.).
3. Purposes and legal basis of processing
Personal Data are processed for the following purposes:
a. Legal purposes
Processing necessary for compliance with a legal obligation (Art. 6(1)(c) GDPR); Data may be processed where necessary to comply with obligations arising from laws and/or to handle requests from competent authorities. Due to the mandatory nature of providing Data for the above purpose, failure to provide such Data will make it impossible to access and receive the requested Website Services.
b. Contractual purposes
Processing necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6(1)(b) GDPR); Art. 5(3) Directive 2002/58/EC); Data will be processed, including through technical Cookies, to enable the use of the Website and the provision of the requested Services, including submission of the contact form and management of related requests, as well as enabling the Controller to manage the website for operational and technical reasons and to ensure its cybersecurity. Due to the mandatory nature of providing Data for the above purpose, failure to provide such Data will make it impossible to access and receive the requested Website Services.
c. Additional purposes
Processing necessary for the purposes of the legitimate interests pursued by the Controller or third parties (Art. 6(1)(f) GDPR). Data may also be processed:
  • In the context of extraordinary transactions such as mergers, transfers or sales of business units, in order to carry out due diligence activities, based on the Controller’s legitimate interest in the continuation of its business activities;
  • To establish, exercise or defend a right of the Controller or a third party in judicial and/or out-of-court proceedings, as well as for related preparatory activities, based on the legitimate interest of the Controller and/or third parties in protecting their rights.
Due to the mandatory nature of providing Data for the above purpose, failure to provide such Data will make it impossible to access and receive the requested Website Services.
4. Means of the processing
The processing of Personal Data may also be carried out by electronic or automated means, using tools suitable to ensure their security and confidentiality, and will include any operation or set of operations necessary for such processing.
5. Persons authorised to process and recipients of Personal Data
For the purposes indicated in paragraph 4 above, Personal Data are processed by personnel authorized by the Controller. In addition, the Controller may disclose Personal Data, where required or permitted by law, to competent authorities and to the following categories of recipients, solely for the purposes indicated in paragraph 4 above:
  • Companies providing IT services to the Controller, including development, management and technical support of the Website;
  • Web measurement service providers (web traffic analytics);
  • Professional and advisory firms engaged in connection with ordinary business and litigation.
Such recipients may act, depending on the case, as data processors (and in such case will receive appropriate instructions from the Controller) or as independent data controllers. In any case, Personal Data will not be disseminated, unless required by law.
6. Transfer of Personal Data outside the European Economic Area
Where this serves the purposes described in paragraph 4, Personal Data might also be transferred abroad to companies based outside the European Economic Area (“EEA”). Some of the jurisdictions outside the EEA might not guarantee the same level of Personal Data protection guaranteed within the EEA. In this case, the Data Controller undertakes to regulate the transfer and subsequent processing of the Personal Data through the Standard Contractual Clauses provided by the European Commission and to adopt every other safeguard required by Article 46 GDPR if it is not possible to use one of the derogations listed in Article 49 GDPR.
7. Data retention period
Personal Data will be stored in the Controller’s IT systems and protected by appropriate security measures for the time necessary to achieve the purposes set out in paragraph 4, after which they will be deleted. Personal Data may be retained for a longer period in the event of disputes, requests from competent authorities, or where required by applicable law.
8. Data subjects’ rights
Where applicable, and within the limits set by the GDPR, data subjects are entitled to:
  • Access: Obtain confirmation from the Data Controller as to whether or not their Personal Data are being processed, and, where that is the case, access to the information listed in article 15 GDPR;
  • Rectification: Obtain from the Data Controller the rectification of inaccurate Personal Data, or, taking into account the purposes of the processing, have incomplete Personal Data completed in accordance with article 16 GDPR;
  • Erasure: Obtain from the Data Controller the erasure of Personal Data, where one of the grounds listed in article 17 GDPR applies;
  • Restriction: Obtain from the Data Controller the restriction of processing of Personal Data in the cases listed in article 18 GDPR;
  • Data Portability: Receive – in a structured, commonly used and machine-readable format – the Personal Data provided to the Data Controller, so that the Data Subject may transmit those data to another data controller without hindrance, in accordance with article 20 GDPR;
  • Objection: Object to the processing of their Personal Data on the basis of their particular situation, unless there are compelling legitimate grounds for the processing that override their interests, rights and freedoms or compelling legitimate grounds for the establishment, exercise or defence of legal claims, in accordance with article 21 GDPR;
  • Withdraw Consent: Withdraw any consent given, without affecting the lawfulness of processing based on consent before its withdrawal.

These rights may be exercised by emailing the following address:

info@l10ccs-storage.com

Without prejudice to their right to initiate other administrative or judicial proceedings, data subjects also have the right to lodge a complaint with the competent supervisory authority if they believe that there has been a breach of their rights with regard to the protection of their Personal Data.

info@l10ccs-storage.com
press@l10ccs-storage.com