Information on the processing of personal data
Hereby ("Information"), the data controller provides you with the terms of the data collected and processing to the business services performed on the website www.advepa.it in relation to the Regulation (EU) 2016/679 (GDPR) in strict compliance with the general principles set forth in Articles 5 and 6 of the GDPR, namely according to correctness, accuracy, completeness and appropriateness with respect to the stated purposes.
The Data Controller is the company Advepa Communication S.r.l. in accordance with the laws in force is the administrator of the site (hereinafter the company) with registered office in Palermo at 360 Resuttana Street, 90146, can be contacted through the CONTACTS section or at the email address: firstname.lastname@example.org
1.2 Legal basis for processing
The provision of data and therefore consent to the collection and processing of data is optional, the User may deny consent, and may revoke at any time a consent already provided (via the banner located at the bottom of the page or the browser settings for cookies, or the Contact link). However, denying consent may result in the inability to provide certain services and the site browsing experience would be impaired.
Data for site security and prevention from misuse and SPAM, as well as data for site traffic analysis (statistics) in aggregate form, are processed based on the legitimate interest of the Data Controller in protecting the site and the users themselves. In such cases, the user always has the right to object to the processing of data (User Rights).
Data provided for consulting or professional assignments are processed based on the fulfillment of a contract and the fulfillment of a legal obligation. In such cases, appropriate information is provided.
2. What personal data we process
2.1 Navigation data
The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and is deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site, subject to this eventuality, the data collected through the Site are retained for 12 months.
2.2 Data provided by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this Site and the filling in of the "formats" (masks) entails the subsequent acquisition of the e-mail address, necessary to respond to requests, and any other personal data spontaneously communicated to the Data Controller.
Unless you provide additional personal data for the handling of your request, for the purposes stated in this Notice, the Controller processes the following personal data:
For the handling of your request, including the handling of your application, the Data Controller may also process special categories of personal data, such as data disclosing membership in trade unions (taking office, requesting deductions for trade union dues), membership in political parties, religious beliefs (should you request to join certain religious holidays), as well as health status should you voluntarily disclose them to the Data Controller. For the processing of these categories of personal data, the Controller requires your explicit consent to the processing.
Specific summary disclosures will be progressively reported or displayed on pages of the site set up for particular on-demand services.
3. What are the purposes of processing
The purposes for which data subjects' data may be processed are attributable to the commercial information activity expressly requested by users interested in the services offered by the Company through the contact form published on this site.
No marketing and/or profiling activities are carried out through this site.
In general, data is processed for the purposes indicated from time to time, subject to your consent. Your personal data are processed:
The processing of data collected from the site, in addition to the purposes related, instrumental and necessary to the provision of the service, is aimed at the following purposes:
- Statistics (analysis)
Collection of data and information in aggregate and anonymous form only in order to verify the proper functioning of the site. None of this information is related to the physical person-User of the site, and does not allow its identification in any way. Consent is not required.
Collection of data and information in order to protect the security of the website (spam filters, firewalls, virus detection) and Users and to prevent or unmask fraud or abuse to the detriment of the website. The data are automatically recorded and may possibly include personal data (Ip address) that could be used, in accordance with relevant laws, in order to block attempts to damage the website itself or to harm other users, or otherwise harmful or criminal activities. Such data are never used for User identification or profiling and are deleted periodically. No consent is required.
- Ancillary activities
Disclose data to third parties who perform functions necessary or instrumental to the operation of the service (e.g., comment box), and to enable third parties to perform technical, logistical, and other activities on our behalf. Providers have access only to personal data that are necessary to perform their tasks, and agree not to use the data for other purposes, and are required to process personal data in accordance with applicable regulations.
- Consultations and professional assignments
In case of spontaneous submission of data for the purpose of requesting professional advice or for a professional assignment, the data will be used only for the purpose of evaluating the assignment and for the eventual fulfillment of the assignment. In such cases, appropriate information will be provided.
- Curriculum Vitae Submission
Through the "Work with Us" section of the Site or by email You may provide your personal data and CV to the Owner to apply for open positions or for possible future positions. Your personal data are processed only for the purpose of handling your application and related activities. The lawfulness condition for the processing of your personal data to manage your application is the need to complete your application, in compliance with Article 6(1)(b) GDPR. Consequently, the acquisition of your prior consent to the processing is not necessary.
For the purpose of evaluating your application, the Controller may also process special categories of personal data you have entered in your CV (e.g., your health status, philosophical or religious beliefs). For the processing of such special categories of personal data, the Controller needs your explicit consent.
- Requests made through the Site
Your personal data may be processed by the Controller to fulfill your requests made by writing to one of the e-mail addresses available on the Site or by filling in the forms on the Site. Failure to provide the requested data will result in the inability of the Controller to complete your request. The condition of lawfulness of the processing is the need for the execution of your request, in compliance with Article 6(1)(b) GDPR. Therefore, the acquisition of your prior consent to the processing is not necessary.
For the handling of your request, the Controller may also process special categories of personal data that you have transmitted to the Controller. For the processing of such special categories of personal data, the Controller requires your explicit consent on the "Contact" page.
- Commercial communications and newsletters
If you want to be updated on the latest news of the products and services offered by the Controller you can join our marketing initiatives by allowing the Controller to send you the newsletter and further commercial communications having to do with the products and services. The condition of lawfulness for the sending of commercial communications and the newsletter is your express consent, which the Controller requests from you on all pages of the website where you can subscribe to this service,in compliance with Article 6, paragraph 1, letter a (GDPR)
Your personal data will be processed until you decide to revoke your consent or object to processing.
Right to object to direct marketing activities We inform you that, at any time, you have the right to object to direct marketing activities by contacting the Controller at one of the contacts listed in Section 1 of this Policy or by clicking on the appropriate link in any communication sent by the Controller.
4. Site Management
Your personal data described in points 2.1 - 2.3 above will, also, be processed by the Data Controller to manage the Site, to complete anonymous statistical analyses on the use of the Site to check its correct functioning and/or to ascertain responsibility in case of hypothetical computer crimes to the detriment of the Site. In any case, such data are processed anonymously and are deleted immediately after processing.
The condition of lawfulness of the processing is the legitimate interest of the Data Controller to ensure the proper use of the Site and to prevent any possible cybercrime, in compliance with Article 6(1)(f) GDPR. Therefore, the acquisition of your consent will not be necessary. Your personal data will be immediately anonymized and in any case deleted at the end of your browsing session. However, if informational offenses are established, your personal data will be retained for as long as necessary to manage the dispute.
5. Recipients of the data
The data provided by the data subject through the contact form will not be transferred to third-party companies for commercial or other purposes. Instead, they will be transmitted to those within the Company's commercial and administrative sphere of competence to fulfill the actions indicated in paragraph 3 (purpose).
Transfer of collected data to third parties
The data collected by the site are generally not provided to third parties, except in specific cases: legitimate request by the judicial authority and only in cases provided by law; if it is necessary for the provision of a specific service requested by the User; for the performance of security checks or optimization of the site.
Transfer of data to countries outside the EU
This site may share some of the data collected with services located outside the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) via social plugins and the Google Analytics service. The transfer is authorized under specific decisions of the European Union and the Italian Data Protection Authority, in particular Decision 1250/2016 (Privacy Shield- information page of the Italian Data Protection Authority), so no further consent is needed. The companies mentioned above guarantee their adherence to the Privacy Shield.
6. Methods of processing
Your data may be processed electronically.The data of which Advepa Communication S.r.l. is the owner, are only those necessary for the processing of data related to the services of the website, the Owner uses servers located within the European territory. We inform you that the data will be collected, processed and stored in full compliance with the provisions on security measures, as well as in compliance with the measures deemed appropriate under the new EU Regulation 2016/679. The data will also be processed in full compliance with the self-regulatory rules on the processing of personal data contained in the industry codes of ethics in force.
We process visitor/user data lawfully and fairly, taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of data. We are committed to protecting the security of your personal data during their submission, using Secure Sockets Layer (SSL) software, which encrypts information in transit. The processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the stated purposes. In addition to the Data Controller, in some cases, categories of appointees involved in the organization of the site or external parties (such as third-party technical service providers, hosting providers) may have access to the data.
7. Duration of treatment
The data will be processed for the time strictly necessary to achieve the purposes for which they were collected. In addition, they will remain available to the owner, the person in charge and the persons in charge for possible preservation due to legal obligation (art. 22, paragraph 5, of the Code), only for the necessary duration or, until the different date of the user's own request for deletion. The maximum duration, however, is that provided by law for contractual liability, i.e., 10 years.
8. User Rights
In connection with the processing operations described in this Notice, you may exercise your rights under the articles of the GDPR (15 to 21) in particular:
The data subject also has the right to file a complaint with the Data Protection Authority (www.garanteprivacy.it).
The exercise of rights is not subject to any formal constraints and is free of charge in accordance with Article 12 GDPR.. However, in the case of requests that are manifestly unfounded or excessive, including because they are repetitive, the Data Controller may charge you a reasonable fee in light of the administrative costs incurred in handling your request, or deny satisfaction of your request. To exercise your rights, you must fill out the data subject rights exercise form found on the Guarantor's website or downloadable by clicking the following link, click here to download the form, and send it to Advepa Communication S.r.l., by one of the following methods:
Certified mail addressed to the Office Advepa Communication S.r.l., Via Resuttana 360, 90146 Palermo;
PEC: (certified electronic mail): email@example.com;
Any rectification or deletion or restriction of processing made at your request, unless this proves impossible or involves a disproportionate effort, will be communicated by the Company to each of the recipients to whom the personal data were transmitted.