Report on personal data processing, according to article 13, D.Lgs. June 30, 2003, No.196
In compliance with D.Lgs. June 30, 2003, No. 196 (Privacy Consolidation Act) and subsequent changes, we hereby supply you all due information concerning the purposes and methods for your personal and sensitive data processing in our possession.
This information is not valid for other web sites which might be visited through links contained on all the web sites of data controller’s domain name. The data controller shall not be considered responsible for third parties’ web sites. When accessing the Site it is also possible to distinguish the data deriving from the user’s navigation only, from those provided voluntarily by the user in relation to certain purposes.
Data deriving from the user’s navigation
During their normal operation, the computer systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of internet communication protocols. These pieces of information are not collected to be associated with identified interested parties, but by their very nature could allow to identify users through elaborations and associations with data held by third parties. These processing activities and data binding are never carried out by the data controller. This data category shall cover: IP addresses or domain names of computers used by users who connect to the Site, the URI-mapped addresses (URI stands for Uniform Resource Identifier) of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, and so on) and other parameters relating to the operating system and to the computing environment of the user.
These data are exclusively used in anonymous form and for statistical purposes related to the use of the site and its correct functioning. The data could be used and stored in case of suspected cyber-crimes against the Site, for which the data controller reserves the right to place the matter before the competent authorities to ascertain any liability.
Data provided voluntarily by the user
The personal data provided by the users who voluntarily interact with the Site and give their personal information to obtain certain services (such as requests for information, e-mail messages and so on) are only used to perform the requested service or provision and are communicated to third parties just in case this is strictly necessary for the execution of the service (shipment of material, provision of assistance and so on).
Specific summaries of information are reported or displayed in the pages of the Site dedicated to on-demand services, so that they can draw the data subject’s attention on the processing of his/her own personal data.
With the exception of what above specified concerning navigation data, the provision of personal data is optional and discretionary, although it might be necessary for some specific services, where the non-submittal of one’s personal data could jeopardize or even make it impossible to get the required service.
The software applications used may contain “cookie” technology. Cookies are primarily used to facilitate the navigation. Cookies may provide pieces of information regarding the navigation within the Site as well as enable the functioning of some services which require the identification of the user’s path through different pages of the Site.
The Cookies of the software applications are anonymous and not linked to the user’s personal data. Regardless of cookies, any portal access records the type of browser (e.g. Internet Explorer, Netscape), the operating system (e.g. Macintosh, Windows) the host and the visitor’s URL (Uniform Resource Locator), in addition to the data on the requested page. The user can set the browser to notify him/her when a cookie is received and then he/she can decide to delete it.
More information on cookies can be found on the websites of the browser providers.
Different types of cookies
“Cookies are divided into “session cookies” and “persistent cookies”. Session cookies are temporarily stored in the computer memory only during a user’s browsing session and are automatically deleted from the user’s computer when the browser is closed. On the contrary, persistent cookies are stored on the computer hard drive of the visiting user until they expire. Persistent cookies are used primarily to facilitate the navigation of the site, to understand which site sections have created a number of pages and users and to supply advertising formats. Session cookies make the interaction between users and web sites faster and easier. They do not collect any information from the user’s computer and/or user’s personal data, neither keep they track of the user’s session habits. Session cookies are primarily used during authentication, authorization and surfing when it is necessary to register before browsing”.
First-party cookies are only associated with the domain that has created them;
Third-party cookies are created by a Web site other than the one you are currently visiting, such as, for example, by Google Analytics.
The software used for site and platform creates a user cookie for statistical purposes related to the user’s surfing habits. These data are then stored in Google Inc.
For more information about Google Analytics cookies please refer to Google’s official documentation by visiting following url: http://code.google.com/apis/analytics/docs/concepts/gaConceptsCookies.html
Purposes of data processing
Your personal data, which you voluntarily provided when filling in the registration form as a formal sending of your CV or as an application for employment at the Company or another company in the same Group, may be processed via electronic retrieval devices and telecommunications systems and saved to a database for the following purposes:
- staff recruiting, concluding contracts, training courses, or work experience at our Company or another company in our Group;
- Data processing may also involve so-called “sensitive” and legal data;
Methods of data processing – Data Retention
The data processing will be carried out automatically and / or manually, by authorized personnel, with means and methods that will guarantee maximum security and confidentiality. The data will be kept for a period not exceeding the purposes for which the data were collected and subsequently processed.
Ambit of communication and diffusion
Your processed data will not be diffused. It could instead be conveyed to societies related and / or associated to Costruzioni elettrotecniche CEAR srl and other persons appointed by our Company in the personnel departments, abroad up to the limits enshrined in current enacted law, to comply with contractual obligations or other purposes relative to third parties belonging to the following categories:
- studios or companies providing assistance or advisory services;
- persons providing control, review, and certification services for activities brought about by Costruzioni elettrotecniche CEAR srl, including those set up in our customers’ interests;
The person or persons belonging to the aforementioned categories are either to carry out the function of external data processing managers, or to work completely independently as data processing officers in their own right.
To this end, specification is hereby made that the data processing officer in our case is the Company, in the person of our legal representative, who may be consulted for the exercise of statutory rights pursuant to Section 7 of the Italian Data Protection Act, Legislative Decree n° 196/2003, by contacting us at our head office in +39 02 9292901 or sending an e-mail to firstname.lastname@example.org. Any other communications will only be made with your explicit, prior consent.
Nature of underwriting
The transfer of personal data is discretionary; however, if you do not give your consent, it will be impossible for us to possess your application. The data processing officer furthermore wishes to state that any failure to make notification of the notification of false data (where notification is required) shall have the following effects:
- the impossibility on the officer’s part to guarantee consistency in processing under the terms and conditions of the contract for which it is performed;
- a possible lack of correspondence between the results of processing and the requirements of current enacted fiscal or administrative law, or of the employment for which purposes it would otherwise be required.
You are entitled to exercise your statutory rights as specified in Sections 7, 8, 9, and 10 of Legislative Decree n° 196, dated 30 June 2003 by contacting the data processing officer (or manager if one has been appointed).
Section 7 (Right to Access Personal Data and Other Rights)
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form. 2. A data subject shall have the right to be informed a) of the source of the personal data; b) of the purposes and methods of the processing; c) of the logic applied to the processing, if the latter is carried out with the help of electronic means; d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing. 3. A data subject shall have the right to obtain a) updating, rectification or, where interested therein, integration of the data; b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected. 4. A data subject shall have the right to object, in whole or in part, a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.
For any further information and/or explanations, please contact:
Data Controller is Costruzioni elettrotecniche CEAR srl in Via Monza,102 – 20060 Gessate (MI)