Informative letter pursuant to art. 13-14 of “EU Reg. No. 2016/679 of the European Parliament and of the 27 April 2016 Council relating to protection of individuals with regard to personal data processing, as well as to free movement of such data”
This present information is given pursuant to art. 13-14 of UE Reg. no. 2016/679, in order to inform the Users as regards the processing of their personal data they provided directly or indirectly by using www.data3.it website. This website has global contents referring to activities performed by DATA3 S.r.L. Informatica e Organizzazione.
In compliance with this legislation, processing will be based on the principles of correctness, lawfulness, transparency, protection of Users’ privacy and rights.
The text below indicates how we operate respecting privacy of this website’s Users, describing how we collect, use and protect personal information, the rights recognized to Users and how they can contact us.
1. Data Controller and “Privacy Organization Chart”
Data Controller is DATA3 S.r.L. Informatica e Organizzazione (herinafter, DATA3), represented by CEO Domenico Pezzolla.
Data Controller’s Deputy (Internal Data Processor) is Natascia Riccio.
System Administrator is Simone Mascheroni.
2. Data Origin and Types
Data voluntarily provided by the User – These are data the User provided directly and knowingly, by filling our online form, sending e-mails or phoning in order to contact DATA3 and/or to ask for information. E.g. e-mail address, name, surname and phone numbers, company, and any other further data contained in the message sent to DATA3.
DATA3 does not deliberately collect sensitive personal data through this website
Web browsing data – During their normal processing, IT systems and software procedures used to operate this website acquire some personal data, whose transmission is implicit in the use of internet communication protocols. This information is not collected with the aim to be associated to any identified data subjects, but due to its very nature it could allow Users identification through processing and association with data held by third parties. This category of information includes IP addresses or domain names of computers used by Users who connect to the website, addresses in URI (Uniform Resource Identifier) notation of the requested resources, time of the request, method used in submitting the request to the server, size of the response file, numerical code indicating the status of the server’s response, and other parameters related to the User’s operating system and environment.
3. Purpose of Data Processing
Data voluntarily provided by the User – DATA3 acquires any data the User provides in an optional, explicit and voluntary mode by filling the online form or by e-mail or phone using the contact details indicated for this website, for the following purposes:
- Satisfying the specific request submitted by the User
- Sending of news, updates, publicizing events and other marketing and commercial activities
- Processing job applications either spontaneous or addressed to specific open positions.
This may involve the acquisition of the sender’s e-mail address, necessary to respond to requests, as well as any other personal data included in the message.
Web browsing data – These data are used to allow technical and functional access to the website, to obtain anonymous statistical information on the use of the website (for example through Google Analytics) and to check its operation.
4. Data Processing Methods
Data are processed mainly using digital tools with logics related to the purposes for which they were collected and for the time strictly necessary to achieve those purposes.
Data processing related to website services is performed by personnel specifically appointed. In order to prevent data loss, illicit or incorrect use and unauthorized access, adequate security measures are observed, as required by Regulation (EU) 2016/679 on Personal Data Protection. In some cases, in order to optimize the services provided, automated systems/processes are also used.
5. Legal Basis for Data Processing
Data voluntarily provided by the User – As stated by Regulation Art. 6, data processing is based on the principle, according to which personal data processing is lawful if necessary for the execution of the requested service, after explicit consent expressed by the concerned User, depending on the cases, by ticking the appropriate flag box before sending the filled online form on the website or by sending volunteer email or by phoning to ask for information.
Web browsing data – Their acquisition and processing are implicit in the use of internet communication protocols.
6. Data Retention Period
Users’ personal data will be kept for the time strictly necessary to achieve the purposes for which they were collected. In particular:
Data voluntarily provided by the User – These data are kept for the time necessary to perform the requested service, except for cases of compliance with legal obligations requiring Data Controller to keep data for a longer period.
Web browsing data – They are deleted immediately after processing. Data could be used to ascertain responsibility in case of hypothetical computer crimes against this website: except for this case, at present data on web contacts do not persist for more than seven days.
7. Data Communication
Personal data acquired through www.data3.it website may be communicated to third parties, which:
- operate as Data Controller’s Authorized people for the purposes indicated above (e.g. Commercial Office, Human Resources Office, ICT Area)
- operate as independent Data Controllers, if this complies with a legal obligation (e.g. public and/or private parties to whom data communication is mandatory or necessary or functional to fulfil legal obligations)
- operate as external Data Processors, i.e. parties contractually authorized to operate in the name and on behalf of the Data Controller, engaged in the correct and regular pursuit of the described purposes (e.g. companies, entities or consortia, professionals who provide processing services or who perform activities instrumental to our company, including website hosting)
The updated list of subjects to whom the data may be communicated is available at the Data Controller’s, by writing to email@example.com.
Data communication outside the European Union territory is limited to Google Analytics service for web browsing data, for which there are adequate guarantees related to data transfer outside the EU.
8. Data Dissemination
Any form of data dissemination (i.e. publication on websites and social media) is excluded.
9. Data Subjects’ Rights
The Data Controller recognizes and guarantees the rights referred to in GDPR Regulation art. 15 and followings, i.e. rights of information and access, rectification, updating, integration, cancellation, opposition, limitation and portability. In order to exercise the rights above, including refusal of a service and consent withdrawal, and for any information requests, please send an e-mail to firstname.lastname@example.org.
10. Complaint To The Guarantor
If you believe you have suffered a breach of your personal data, you can lodge a complaint with the Guarantor for personal data protection at the link http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524
11. Changes To This Policy
DATA3 reserves the right to modify this informative document as necessary, in line with the reference legislation. We invite Users to check this page periodically to be updated on changes. Last update: february 2022.
DATA3 S.r.L. Informatica e Organizzazione