Because, pursuant to D.P.R. nº 178, published on the Official Gazette nº 256 on the 2nd Nov 2010, any Operator who intends to perform the processing of data for the sending of advertising materials, or for direct sale, or for market research, or for commercial communication, performed by means of phone calls, is bound to register with the “Registro Pubblico delle Opposizioni”.
Home » FAQ
Operator FAQ
Why is the Operator who intends to contact the Subscribers listed in public telephone directories for sales and marketing purposes and for market research bound to register with the system of the “Registro Pubblico delle Opposizioni”?
If a company provides a telemarketing Operator with a call centre service, does the company need to be registered with the “Registro Pubblico delle Opposizioni”?
The company appointed as controller of the data to be processed is bound to register with the “Registro Pubblico delle Opposizioni”.
What is the procedure to be followed by a telemarketing Operator who entrusts the call centre service to a third party?
An Operator who entrusts the call centre service to a third party, transmitting to such third party a list of telephone numbers to be contacted, is bound to register with the “Registro Pubblico delle Opposizioni” and to record all of the companies that will manage the contacts.
What is the procedure to be followed by a company that provides a third party with a telemarketing service?
If the company that provides a third party with a telemarketing service - as established by Data Protection Code (Legislative Decree n. 196/2003) and the Italian Data Protection Authority opinions - is the Data Controller then it shall subscribe to the “Registro Pubblico delle Opposizioni” services; otherwise the telemarketing Operator, subscribed to the “Registro Pubblico delle Opposizioni” as Data Controller, that commissioned the marketing campaign shall inform the “Registro Pubblico delle Opposizioni” Administrator the company makes the promotional calls.
Does the digital signature of the legal representative in charge of executing the contract with the Administrator have to correspond to the digital signature used to sign the lists sent for verification?
Not necessarily. The contract with the Administrator of the “Registro Pubblico delle Opposizioni” must be signed by the legal representative of the Operator, or by the person in charge of such signature as declared on the web form; whereas the lists sent to the Administrator for verification can be signed by a technical representative (declared on the web form for the application submission). In the event that the Operator chooses to employ the Certified Email method, the verification request must also contain the digital signature of the technical representative. If, on the other hand, the Operator chooses to employ the web method, connection will be established using the digital certificate of the technical representative. Any modification regarding the technical representative must be promptly communicated to the Administrator through an application update.
Who should the Operator contact in the event of technical or procedural problems during registration?
In the event of technical problems concerning the application submission and/or the lists transmission, the Operator can contact the helpdesk using the email address listed in the “Contact Us” section.
Who should the Operator contact in order to receive more information about the service delivered by the “Registro Pubblico delle Opposizioni”?
In order to receive more information about the service, the Operator can write to info.rpo@fub.it.
How is the credit for the update of the telephone numbers lists obtained?
By the purchase of standard packages of subscribers’ telephone numbers. The Operator who is registered with the “Registro Pubblico delle Opposizioni” can choose the credit to top up – submitting the relevant request form, available on the Administrator’s system – and the package of subscribers’ telephone numbers to purchase, so that these numbers will then be available for verification.
Is it possible to register with the “Registro Pubblico delle Opposizioni” without purchasing a package of subscribers’ telephone numbers?
No. Upon execution of the contract between the “Registro Pubblico delle Opposizioni” and the Operator, the latter is bound to purchase at least one package of subscribers’ telephone numbers . For any further information please read carefully art. 2 of the General Terms and Conditions for the regulation of the access of the Operators to the “Registro Pubblico delle Opposizioni”.
Which files returned by the Manager are digitally signed? Which type of digital signature is used?
In the Webpage list file submitting method, notification messages sent to the email address of the technical representative submitting the lists are digitally signed. In the certified email list file submitting method, the compressed archive – containing the updated list file and the text file with the administrative details resulting from the verification operation – is digitally signed. The processing system uses the remote digital signature with automatic procedure by ArubaPEC. In exceptional cases, to keep the response time within the service standards guaranteed until now, it is possible to use the Fondazione Ugo Bordoni Deputy Director-General’s electronic signature, based on Trust Italia certifier (in this case the email address included in the sign certificate may be subject to change and is not available for any operator communication).
How should the Operator transmit the proof of payment for the credit top up (and during the application submission) to the Administrator?
Upon completion of the credit top up procedure, the Operator sends to the Administrator the details of payment, including transaction reference (CRO) and value date of the payment, by traditional email – to istanza.rpo@fub.it – or by certified email – to istanza.rpo@postecert.it.
File to request the lists update:
Which is the requested file format when sending the lists for verification?
The transmitted file must be an archive compressed through the deflate algorithm (IETF RFC1951), also known as zip format, formed by a single ASCII-only text file containing sequences of decimal numbers separated by “carriage return” and “line feed” characters.
Should the international dialing code be included in the telephone numbers contained in the request file?
No, the international dialing code should not be included.
In the telephone numbers contained in the request file, should the dialling code be separated by the following digits with a character (e.g. a dot, a space, etc.)?
No, the dialing code should be contiguous to the following digits.
Should the request file contain an initial and a closing record?
No, the list must be a single ASCII-only text file containing sequences of decimal numbers separated by “carriage return” (0x0D) and “line feed”(0x0A) characters. The presence of an additional “carriage return” (0x0D) and “line feed” (0x0A) characters sequence at the end of the file is allowed.
What’s the maximum size of the request file in terms of MB and lines?
The transmitted list cannot contain more than 1,000,000 (one million) telephone numbers and the compressed archive cannot be larger than 9 MB.
Is there a maximum number of request file that can be sent every day?
Yes, initially each Operator can send no more than 5 requests a day.
Returned file containing the updated lists:
For how long is the list valid after its update?
The updated list is valid for 15 days only, starting from:
a) the moment the updated list is delivered to the certified email of the Operator, in case of Certified Email transmission method;
b) the moment the updated list is published online or the moment declared (and digitally signed) by the Administrator in the reply, in case of web transmission method.
Does the returned file contain only the telephone numbers not listed in the “Registro Pubblico delle Opposizioni”?
Yes, the returned file is “cleansed” of the telephone numbers belonging to those Subscribers registered with the “Registro Pubblico delle Opposizioni”. The returned file follows the same requirements as the request file.
Which is the file format used to communicate the administrative details resulting from the verification operation (e.g. quantity of remaining telephone numbers, credit balance, etc.)?
Inside the compressed archive, together with the file containing the updated list, there is also a text file containing the administrative details resulting from the verification operation.
Certified Email Method:
Is it possible to use more than one Certified Email to send the lists to the Administrator?
No.
Is it possible to use more than one digital signature to undersign the lists to be sent to the Administrator?
No.
Is there any specific requirement for the digital signature kit and the standards supported for the files signed with digital signature with legal validity?
Yes. The files must be signed in PKCS7 format.
Is the Operator bound to use two different Certified Email providers?
No, the Operator can turn to one provider of his own choice.
Webpage method:
Is the digital certificate that the Operator needs to undersign the requests issued by the Administrator or is it necessary to purchase a client certificate by a specific provider?
The certificate must be issued by an external Certificate Authority, not the Administrator, and as for now the only certificates allowed are class-2 personal digital certificates issued by Trust Italia.
Does the digital certificate expire? Is it possible to renew it?
It depends on the third party issuing the certificate.
Is it possible to access the “Registro Pubblico delle Opposizioni” from more than one position using the same digital certificate?
Yes, but not at the same time.
What’s the procedure to be followed by the Operator in the event of loss of the login credentials?
The procedure to request a new password, as well as the one to change the login credentials, will be published on the relevant section, “Operating Handbook”, on the website of the “Registro Pubblico delle Opposizioni”.
In order to achieve a higher level of security, is it possible to use a hardware token?
As for now, the security of communications with the website of the “Registro Pubblico delle Opposizioni” is guaranteed by digital certificates for both the server and client, and by authentication credentials based on username and password.
Is the Operator allowed to request several login credentials to access the website of the “Registro Pubblico delle Opposizioni”?
As for now, each Operator is provided with one set of login credentials for the administrative representative (in charge of the application submission), and another one for the technical representative (in charge of the lists transmission).
