WHY THIS INFORMATION
Pursuant to Legislative Decree no. 196/2003 and Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation”), this page describes the methods for processing the personal data of users consulting the Giacovelli Srl website, which can be accessed electronically at the following address: https://www.giacovelli.it
We inform the user that data relating to identified or identifiable persons may be processed following consultation of this site.
This information does not concern other sites, pages or online services that can be reached via hypertext links that may be published on the site.
Identity of Data Controller
The data controller is Giacovelli Srl with registered office in Locorotondo (BA), Via Carlo III di Borbone n. 13 – c.a.p.70010, (Email: firstname.lastname@example.org, PEC: email@example.com, Tel.: +39 080435150).
Data source and type of data collected
1) Data provided by the User
The Controller collects personal data provided by users:
a) when sending a message using the addresses and/or contact forms on the site. The optional and voluntary sending of messages to the contact addresses, as well as the completion and forwarding of the forms present on the site, entail the acquisition of the sender’s contact data necessary to provide feedback, as well as all the personal data included in the communications.
b) When sending your application through the form in the specific section. In this case, the personal data requested may include the email address, first and last name, city of residence or domicile, description of professional skills and training as well as photographic files and all the information contained in the curriculum vitae should the user attach it in the specific section.
The data provided will be used with computer and telematic tools for the sole purpose of providing the requested service.
2) Navigation data
The Data Controller collects data relating to the use of the website by the user. This information is acquired by the computer systems and software procedures used to operate the online portal, in the course of their normal operation; moreover, its transmission is connected and inherent to the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and terminals used by the users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the user’s operating system and computer environment.
These data, necessary for the use of web services, are also processed for the purpose of:
∙ obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.);
∙ check the proper functioning of the services offered.
Browsing data do not persist for more than seven days and are deleted immediately after their aggregation (except in the event of the need to ascertain criminal offences by the judicial authorities).
3) Cookies and other tracking systems
Therefore, when you visit the Site, a small amount of information is placed on your device as small text files called “cookies”, which are saved in the User’s web browser directory. There are different types of cookies, but basically the main purpose of a cookie is to make the Site work more efficiently and to enable certain functionalities.
Purpose of processing
Depending on the type of processing to be carried out, the Data Controller uses the data collected and/or provided by the User for the following purposes:
1) to respond to any communications, requests for information and/or services from users by sending a message using the addresses and/or contact forms on the site;
2) provide feedback to applications received through the application form;
3) managing and controlling risks, preventing possible fraud, insolvency or default; preventing and managing possible litigation, taking legal action if necessary.
Legal basis for processing
With reference to the purposes set out in the preceding paragraph, the legal basis for these is:
1) the need to execute a contract to which the data subject is party or pre-contractual measures taken at the data subject’s request;
2) execution of pre-contractual measures taken at the request of the data subject, as far as common data are concerned. Activities carried out by persons who, in accordance with the law, carry out, in their own interest or in the interest of third parties, intermediation, research and selection of personnel for the purposes of establishing employment relationships (cf. gen. aut. no. 1/2016) with regard to particular categories of data (e.g. data relating to health status)
3) the need to pursue the legitimate interest of the data controller (in particular with regard to the prevention of fraud and insolvency).
The personal data processed by the Controller are not disclosed, i.e. they are not made known to unspecified persons, in any possible form, including making them available or simply consulting them. They may, on the other hand, be communicated to workers employed by the Data Controller, or to persons authorised to process them because they work under the authority of the Data Controller. On the basis of the roles and work duties performed, these workers have been authorised to process personal data, taking into account their respective competences and in accordance with the instructions given to them by the Controller.
The Controller has appointed third-party service providers in connection with the operation of the website, such as hosting service providers, Siro Web service providers, IT maintenance service providers, as well as service providers that enable the integration of other functions into the website that the user may use at his or her discretion. These service providers, designated as data processors, are only provided with the personal data required to provide the respective services and are not permitted to use or disclose the personal data of data subjects for other purposes without the prior consent of the data subject.
The data may also be disclosed, to the extent strictly necessary, to persons who, for the purpose of fulfilling orders or other requests or providing services relating to the transaction or contractual relationship with the Controller, must supply goods and/or perform services on behalf of the Controller.
Lastly, the data may be communicated to the subjects entitled to access them by virtue of provisions of the law, regulations, EU rules.
Under no circumstances does the data controller transfer personal data to third countries or international organisations.
However, the possibility of using cloud services is reserved. In which case, the service providers will be selected from among those who provide adequate guarantees, as stipulated in Article 46 of EU Regulation 2016/679.
The Data Controller stores and processes personal data for the time necessary to fulfill the stated purposes. Thereafter, personal data will be stored and not further processed, for the time stipulated by current civil and tax law provisions.
It should also be added that in the event that a user provides the Data Controller with personal data that is not requested or not necessary for the performance of the service requested or for the provision of a service that is strictly connected to it, Giacovelli Srl cannot be considered the owner of this data, and will provide for its deletion as soon as possible.
Rights of the interested party
With regard to the data processed under this notice, the data subject is entitled at any time to:
∙ to request from the Controller access to your personal data and information relating to them (Art. 15 of the GDPR); rectification of inaccurate data or integration of incomplete data (Art. 16 of the GDPR); deletion of personal data relating to you (upon the occurrence of one of the conditions indicated in Art. 17, par. 1 of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article); the restriction of the processing of your personal data (upon the occurrence of one of the cases indicated in Article 18, par. 1 of the GDPR);
∙ to request and obtain from the Controller – in cases where the legal basis of the processing is a contract or consent, and the processing is carried out by automated means – your personal data in a structured, machine-readable format, also for the purpose of communicating such data to another data controller (so-called right to personal data portability – Article 20 of the GDPR);
∙ object at any time to the processing of your personal data in the event of special situations concerning you (Art. 21 GDPR);
The appropriate petition is submitted by contacting the Data Controller via PEC at firstname.lastname@example.org, e-mail at email@example.com or registered letter with return receipt to Locorotondo (BA), Via Carlo III di Borbone n. 13 – c.a.p. 70010If you consider that your data is being processed in breach of the provisions of the Regulation, you may lodge a complaint with a supervisory authority (the Italian Data Protection Authority – www.garanteprivacy.it), as provided for by Art. 77 of the GDPR, or take legal action (Art. 79 of the GDPR).
Refusal to provide data
In the event that the Data Subject does not provide the data identified as necessary for the performance of the service requested, the Data Controller will not be able to carry out the processing linked to the management of the aforesaid service, nor the fulfillments that depend on it.
Automated decision-making processes
The Controller does not carry out processing operations consisting of automated decision-making processes on the data of natural persons.
Last modified: 06 July 2022