The Website is controlled and managed by the Firm, in its quality of data controller, with legal seat in Milano, via Manfredo Camperio n. 14 – 20123, phone no. 02 86995564, fax no. 02 89013224, email firstname.lastname@example.org.
PURPOSES AND LEGAL BASIS OF THE PROCESSING
The personal data processed through the Website might be aimed at satisfying a request of the user and/or to fulfill a contractual obligation with the Firm.
The data might also be used, and communicated to the competent authorities, for the fulfillment of legal obligations and the ascertainment of any liability in case of hypothetical cyber-crimes against the Firm through the Website, as well as for the purposes of the legitimate interests pursued by the data controller.
Pursuant to article 6 of the Regulation, the processing of the user’s data will be lawful, in particular, to the extent such processing:
- is carried out with the user’s prior consent, with reference to one or more specific purposes (for instance, for the processing of personal data contained in the user’s curriculum vitae or in an user’s request, submitted through the Website);
- is necessary for the performance of an agreement to which the user is party or in order to fulfill an user’s request prior of entering into an agreement;
- is necessary for the compliance with a legal obligation to which the Firm is subject.
PLACE OF DATA PROCESSING
The data processing for the web services of this Website is located at the legal seat of the Firm.
The computer systems and software procedures used for the proper functioning of this Website, during their normal operation, acquire some personal data whose transmission and elaboration are implicit in the Internet communication protocols.
It concerns information which is not collected to be associated with specific individuals, but, due to their own nature, might allow to identify certain users through the processing and the association with other kind of data.
This category of data includes the IP addresses or the domain names through which the users connect to the Website, the URI addresses (Uniform Resource Identifier) of the different requests, the time of the request, the method used to submit the request to the server, the size of the file obtained as feedback, the numerical code indicating the status of the feedback reported by the server (successful, error, etc.) and other parameters related to the operating system and to the computer environment of the user.
These data are used for the sole purpose to obtain anonymous statistical information on the use of the Website and to check its correct functioning. Therefore, they are deleted immediately after the relevant processing.
No personal data of the users is acquired by the Website.
The Website may use some types of cookies.
The use of the so-called session cookies, which are not stored in a persisting way on the personal computer of the user and expire once the browser is closed, is strictly limited to the transmission of the session usernames (consisting in random numbers generated by the server) required for a safe and efficient exploration of the Website.
The so-called session cookies, used by this Website, avoid the need to use other informatic techniques which may potentially compromise the confidentiality of the user’s navigation, and do not permit the acquisition of personal information of the user.
Should the user intend not to receive any type of cookie on their computer from the Website, he can increase the privacy protection level of their browser by using the specific function provided by the latter. For further information concerning the disabling of the cookies, the user may consult the informative sections of its browser.
VOLUNTARY PROVISION OF DATA
Except for the provision in connection with navigation data, the user is free to provide the Firm with its personal data, by means the proper forms on the Website, sending emails for informative purposes, submitting its curriculum vitae or other kind of communications.
In case of any refusal of the user to provide the data, it might not be possible for the Firm to fulfill the user’s request, to evaluate his curriculum vitae, to provide him with the information required and/or to perform the services offered by the Firm in favor of the user.
DATA SHARING, COMUNICATION AND RELEASE
The collected data might be transferred or communicated to the further offices of the Firm for the performance of activities strictly related or instrumental to the purposes for which the relevant data have been collected.
The personal data will be processed by the staff in charge of the Firm and by its professionals.
The personal data, provided by users submitting requests through the Website, will be communicated to third parties insofar it is necessary for the performance of the services and in compliance with the law.
The data collected might also be communicated to the competent authorities in the exercise of their functions and in compliance with the Applicable Law.
No data obtained from the web service will be object of release.
METHODS AND DURATION OF THE PROCESSING
The personal data are processed for the duration strictly necessary to the achievement of the purposes for which they have been collected and stored for a maximum period of 10 (ten) years, except for the curricula submitted, which will be eliminated at the expiration of the last day of the month in which such data have been collected, without prejudice to the further terms provided by law.
In case of personal data not collected directly from the user, the information will be provided within a reasonable period, in any case not exceeding one month from the relevant collection, or at the time of the communication of such data to the person concerned or to third parties.
Pursuant to article 32 of the Regulation, for the protection of user’s personal data, specific technical and organizational measures will be observed by the Firm in order to prevent destruction, loss and modification thereof, unauthorized disclosure, illicit or incorrect uses and accesses and to ensure a level of safety appropriate to the risk.
In accordance with article 33 of the Regulation, in the event the Firm becomes aware of any personal data breach, it might, taking into consideration the risk arising out of such personal data breach and to the extent there might derive risks for the user’s rights, notify the breach to the Data Protection Authority.
RIGHTS OF THE USERS
We inform the user that article 7 of the Privacy Code and articles from 15 to 22 of the Regulation grant to the same user specific rights.
In particular, at any time, the user may obtain:
- the confirmation of the existence of personal data concerning the user, even if not yet recorded, and the communication of such data in an intelligible form and the portability, also towards another data controller;
- indication of the source and the categories of the personal data concerned, the purposes and the methods of the processing;
- the details of the data controller and, if any, of its appointed representatives, as well as the recipients, or categories of recipients to whom personal data may be communicated or may become aware of them and, in the case of data collected by third parties, information about their source;
- the specific storage period provided;
- the update, rectification, integration, as well as the erasure of the user’s personal data and the restriction of their processing, processing in anonymous manner or blocking of data which are processed not in compliance with law, including those of which storage is no longer necessary in relation to the purposes for which such data have been collected, or subsequently processed.
The user also has the right to object, in full or in part:
- to the processing of his personal data, for legitimate reasons;
- to the processing of his personal data for the purposes of submission of advertising material or for the completion of market researches or communications.
All these rights can be exercised by writing to email@example.com or by registered letter addressed to the office of the Firm in Milan, Via Camperio no. 14.
The Firm shall provide a feedback to the user exercising its rights according to the terms and forms provided under article 12 of the Regulation. However, the Firm, taking into account the request and where such request results to be unfounded or excessive, could charge the user with an amount equal to the costs incurred by the Firm for the same feedback or refuse to provide such feedback.
In accordance with article 13 of the Regulation, should the user deem there has been a personal data breach, he will be entitled to submit a complaint to the Data Protection Authority.
AMENDMENTS TO THE PRIVACY POLICIES
The Firm periodically verifies its privacy and security policies and, if appropriate, revises them in relation to the regulatory, organizational or, in any case, the updates due to the technological evolution.