PRIVACY POLICY – WEB GENERAL – Information notice pursuant to Art. 13 of the Regulation (EU) 2016/679 (“GDPR”)
According to Regulation (EU) 2016/679 (General Data Protection Regulation) we provide you the due information concerning the processing of
collected personal data. This notice is not to be considered valid for other websites attainable trough links and data processor shall not be held
responsible for third parties web pages.
This notice is provided pursuant to art. 13 of the Regulation (EU) 2016/679 (General Data Protection Regulation) and according to the provisions of
the Directive 2002/58/CE, as amended by Directive 2009/136/CE on Cookies, as well as according to the Provision of the Data Protection Authority
dated 08.05.2014 on cookies.
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can
directly or indirectly be identified, in particular by reference to an identifier such as a name, an identification number, a location data, an online
identifier or to one or more specific factors to the physical, physiological, genetic, mental, economic, cultural or social identity (C26, C27, C30).
DATA CONTROLLER
pursuant to art. 4 and 24 of the Reg. (EU) 2016/679, is APEN GROUP SPA– registered office in Via Isonzo 1, 20060 Pessano con Bornago (MI)
Italy, represented by the legal representative pro tempore.
PURPOSES AND LAWFULNESS OF THE PROCESSING
PURPOSE OF PROCESSING | LEGAL BASIS | DATA RETENTION | DATA CONFERRAL |
---|---|---|---|
A) Website browsing Activities strictly related to site operations and to |
Legitimate interest | Data subject rights Art. 6 lett. f) and recital 47 |
Single browsing session | Necessary for the legitimate interest of data controller with due regard to user’s rights and fundamental freedoms |
B) Contact or information request |
Legitimate interest | Data subject rights Art. 6 lett.f) and recital 47 |
1 year | Necessary for the legitimate interest of data controller with due regard to user’s rights and fundamental freedoms |
C) Participation in personnel selection processes sending an application aiming at establishing an employment relationship – including any position other than those ones for which the data Subject spontaneously applied for; retention of personal data for future selections; management of applications; interviews and any video- interviews. |
Contractual and pre- contractual measures upon data Subject’s request Art. 6 par. 1 lett. B) GDPR |
2 years | Necessary to refine the application. It’s lack will entail the impossibility to apply. |
D) Signing up and login to the reserved area of the platform |
Contract art. 6 lett. b) GDPR: processing is |
10 years starting from last login | Necessary to the execution of contractual obligations between parties. |
RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Personal data provided by you may be communicated to recipients who will act as Processors (art. 28 of the Reg. EU 2016/679) and/or persons
acting under the authority of the Controller and the Processor (art.29 of the Reg. UE 2016/679) for the purposes pointed ahead. Precisely, your
data may be communicated to recipients part of the following categories:
- subjects providing services for the management of the information system used by APEN GROUP SPA and telecommunications
networks: - Freelancers, studies or companies in the context of assistance and consultancy relationships;
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2009:337:0011:0036:it:PDF
- subjects providing services related to the management of the above mentioned purposes (communication, brochure printing, fliers,
websites, videos); - platform operators for the abovementioned services (websites hosting, etc);
- Competent authorities for compliance with legal obligations and / or provisions of public bodies, upon request;
DATA TRANSFER TO A THIRD COUNTRY AND/OR INTERNATIONAL ORGANISATION
Personal data provided will not be transferred to a third Country outside the European Union.
DATA SUBJECT’S RIGHTS
You may freely exercise your rights at any time under the EU Reg. 2016/679 –GDPR, Sections15, 16, 17, 18, 19, 20, 21 contacting the Data
Controller – APEN GROUP SPA in person of its legal representative by means of E-Mail: privacy@apengroup.it.
You have the right, at any time, to obtain confirmation from the Data Controller as to whether or not personal data concerning you are being
processed, request their rectification or erasure.
Moreover You have the right, at any time, to oppose to personal data processing (also to profiling) without prejudice to lawfulness of
processing.
Without prejudice to any other administrative or judicial remedy, in case you consider your data processing in contrast with Reg. UE 2016/679,
pursuant to article 15 lett. f) of Reg. UE 2016/679, you have the right to lodge a complaint with a supervisory authority (www.garanteprivacy.it)
and, pursuant to article 6 paragraph no. 1, lett. a) and article 9, paragraph no. 2, lett. a), you have the right to revoke your expressed consent at
any time.
Exercising your right to data portability, the Data Controller may provide your personal data in a structured, commonly used and machine-
readable format subject to the provisions set forth in paragraphs 3 and 4 of art. 20 of Regulation EU 2016/679.
Informative amendments: Data processor retains the right to modify, update, add or remove some parts of this informative at any time.
Date of review: 7/20/2020
DATA CONTROLLER
APEN GROUP SPA