Privacy Policy di ART SpA
Privacy Policy
Information notices pursuant to art. 13 of the REGULATION (EU) 2016/679
In compliance with the provisions of Regulation (EU) 2016/679 (European Regulation for the protection of personal data; hereinafter “GDPR”) we provide you with the necessary information regarding the processing of personal data provided. The information is provided under art. 13 GDPR and is not to be considered valid for other websites that may be consulted through links on this website in the domain of the Data Controller, which is not to be considered in any way responsible for the websites of third parties.
1. DATA CONTROLLER
According to articles 4 and 24 GDPR, is ART S.P.A., with legal headquarter in 06065 Voc. Pischiello, 20 – Passignano sul Trasimeno (Perugia), Italy, e-mail: info@artgroup-spa.com
2. PROCESSABLE PERSONAL DATA
– Personal Data: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (C26, C27, C30 GDPR).
– Navigation data: Computer systems and software procedures used to the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the internet communication protocols. This information is not collected to be associated with identified data subject, but by their nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
– Personal data provided by data subjects: The information collected by the Site through the “Careers” contact form is mainly used for the selection of applications with respect to open and available job positions in the company. The data collected therein, including files attached at the discretion of the candidate are kept, in case of non-selection, for a maximum period of two years then deleted. ART is not responsible for the personal information that is sent through the Site.
– Information on the processing of personal data carried out through Social Media platforms:
In addition, this Site may also use some “social-plugins” (LinkedIn, Facebook, Instagram) for sharing and communicating content: their use is optional. When you use one of the plugins, the site will get in touch, through your browser, with the servers where the social sharing services called up are managed, communicating to them the data you intend to publish and share through your social profile (for which you remain solely responsible) and informing them (the servers) of the pages you have visited. Remember that to exclude this possibility, you can only avoid sharing content with the use of social share buttons. For further details regarding the use and collection of data through the following plugins and to know how the data collected and transmitted are processed (and for what purposes), please consult the privacy policy issued by the owners of the services in question.
The Controller processes personal data provided by users through the pages of the dedicated Social Media platforms to manage interactions with users (comments, public posts, etc.) and in compliance with the current law
3. PURPOSES AND LEGAL BASIS OF THE PROCESSING
The term “purposes of processing” means the reasons for which ART processes personal data through the Site. The purposes of processing personal data is carried out with legal basis of treatment
a. For the operational management of Site
Personal data, especially data collected automatically, allow Site to function and serve to improve its performance. This processing is necessary for the fulfilment of the requested service and, therefore, does not require a specific consent from the interested party.
b. To examine statistic elements.
ART carries out, also through the use of the services provided by third parties, statistical analysis regarding the use of Site. These are analyses, carried out at an aggregate and anonymous level, which allow us to understand fundamental aspects related to the use of Site, without which it would not be possible to improve or update the services offered. This information is collected in order to identify the most viewed content, to measure the interest of users with respect to the proposed content, to evaluate what is the trend of views, etc. This processing is necessary for the fulfilment of the requested service and therefore does not require a specific consent from the interested party, if there is an agreement with the third-party provider of non-sharing of anonymous data (Google). Where there is no such agreement with third parties, consent is requested in the banner that appears in the homepage.
c. To evaluate job position.
All personal data collect in page “Careers” open positions, will be examine by ART team dedicated to choose candidate. The legal basis for this collection is art. 6 lett.b) of GDPR “the processing is necessary for the execution of a contract of which the interested party is a part or for the execution of pre-contractual measures adopted for its request.”
4. DATA RETENTION
The Data Controller keeps personal data relating to users or subscribers of jobs form in order to comply with the obligations imposed by laws or regulations, to protect rights, to prevent fraud or to apply this Privacy Policy. For cookies data retention, please refer to paragraph n.8.
5. RECIPIENTS OR CATEGORIES OF RECIPIENTS
Your personal data will be communicated to subjects who will process the data as Data Processor (art. 28 GDPR) and/or as individuals acting under the authority of the Data Controller and Data Processor (art. 29 GDPR), for the purposes listed above. In particular, the data may be communicated to recipients belonging to the following categories:
- Subjects that provide services for the website and communication networks, including e-mail, host and website management (including Group companies, associates, subsidiaries);
- Subjects that provide services for the management of the information system used by ART GROUP SPA and telecommunication networks;
- Subjects based in Italy, with whom the Data Controller has signed agreements and subject to prior consent, where applicable;
- Competent authorities for compliance with legal obligations and/or provisions of public bodies, upon request.
The list of Data Processors is available by writing to info@artgroup-spa.com
6. DATA TRANSFER TO THIRD COUNTRIES AND/OR INTERNATIONAL ORGANIZATION
Personal data will not be transferred to countries outside the E.E.A.
7. EXISTENCE OF AUTOMATED PROCESS.
We do not use decision-making processes based on automatic elaboration, including profiling.
8 . COOKIES
Cookies are small files sent by websites visited by users and stored on the device used to access those sites. When users visit the same site again, the browser reads the cookies stored on the device and retransmits the information to the site that originally created the cookies. Our Site also uses different types of cookies and other technologies for reading and storing information on the user’s device in order, for example, to perform statistical analysis, personalize and facilitate the browsing experience of users. We do not use cookies that have the ability to start programs on your devices or send viruses on them, or that still allow you to establish control over your devices. In accordance with the provisions of 8 May 2014 of the Authority for the protection of personal data, we inform you that this information also represents the extension of the short banner already displayed when connecting to the Site. In particular, our Site adopts:
- TECHNICAL COOKIES: These cookies are essential in order to allow you to move around the site and make full use of its features, such as accessing protected areas. Without these cookies some necessary services, such as filling out a form, cannot be used. By using our site, you agree that these cookies may be installed on your device.
- STATISTICAL COOKIES: These cookies are necessary to acquire or have our partners acquire statistical information in anonymous and aggregate form relating to navigation on the pages of Site. These cookies, although aggregated and anonymized, can be processed by third parties with other information for activities not requested and used by ART. In the presence of this possibility, the Data Controller submits to consent the implementation of these mechanisms through the banner that appears when opening the Site.
The retention is for session or for maximum six months.
9 . DATA SUBJECT’S RIGHTS | COMPLAINT WITH THE DATA PROTECTION AUTHORITY
You may exercise your rights as expressed in Articles from 15 to 22 of the GDPR, by contacting the Data Controller at the email address info@artgroup-spa.com. You have the right, at any time, to request the data Controller to access, rectify, cancel your personal data or limit their processing and the right to the portability of your data. In addition, you have the right to object, at any time, to the processing of your data based on legitimate interest and, in the cases provided, you have the right to revoke the consent given without affecting the lawfulness of the processing based on the consent before revocation.
Without prejudice to any other administrative and judicial remedy, if you believe that the processing of data concerning you violates the provisions of the GDPR, you have the right to lodge a complaint with the Italian Data Protection Authority (https://www.garanteprivacy.it/web/guest/home_en). In the case of a request for data portability, the Data Controller will provide you with the personal data concerning you in a structured, commonly used and machine- readable format, without prejudice to paragraphs 3 and 4 of Article 20 of Regulation (EU) 2016/679
10. CHANGES OF THE PRIVACY POLICY
The Data Controller reserves the right to modify, update, add or remove portions of the current Privacy Policy at his discretion and at any time. For this reason, this privacy policy contains an indication of the last update.