In compliance with the provisions of Regulation (EU) 2016/679 (European Regulation for the protection of personal data; hereinafter "GDPR") we provide you with the necessary information regarding the processing of personal data provided. The information is provided pursuant to art. 13 GDPR and is not to be considered valid for other websites that may be consulted through links on this website in the domain of the Data Controller, which is not to be considered in any way responsible for the websites of third parties.
Processable personal data
«Personal Data»: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (C26, C27, C30 GDPR).
Computer systems and software procedures used to the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the internet communication protocols. This information is not collected to be associated with identified data subject, but by their nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Personal data provided by data subjects
The optional, explicit and voluntary sending of messages to the contact addresses indicated on this site and/or the filling in of data collection forms entails the subsequent acquisition of the sender's address, necessary to reply to requests, as well as any other personal data entered.
Specific information notices
Specific information notices will be present on the pages of the Site in relation to particular services or processing of personal data provided.
Data Controller and Owner
pursuant to articles 4 and 24 GDPR, is The Digital Project S.r.l.s., with legal basis in Via Bianca Maria, 22, 20121 Milano (MI), in person of its legal representative. E-mail firstname.lastname@example.org
The Data Controller has appointed a DATA PROTECTION OFFICER (DPO)
pursuant to articles 37 – 39 Reg. EU 2016/679. Contacts: email@example.com
PURPOSES OF THE PROCESSING | LEGAL BASIS OF THE PROCESSING | DATA RETENTION | NATURE OF UNDERWRITING OF PERSONAL DATA
|PURPOSES OF THE PROCESSING||LEGAL BASIS OF THE PROCESSING||DATA RETENTION||NATURE OF UNDERWRITING OF PERSONAL DATA|
|A) WEBSITE BROWSING
The data necessary for the use of web services are also processed for the purpose of:
• obtain statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
• check the correct functioning of the services offered.
The data will be used to ascertain responsibility in case of hypothetical computer crimes against the site.
(art. 6, paragraph no. 1, lett. f), Recital no. 47 GDPR)
data processing is necessary for the purposes of pursuing the legitimate interests of the data controller or a third party, provided that the interests or the fundamental rights and freedoms of the data subject which require the protection of personal data do not prevail, having regard to the reasonable expectations of the data subject based on his/her relationship with the data controller. Activities strictly necessary for the operation of the site and the provision of the navigation services.
|Until the duration of the browsing session.||The provision of data is necessary for the browsing on the website.|
|B) CONTACTS AND REQUESTS: through the contact details provided or by filling out the appropriate forms on our site, collect and fulfill any user requests and purposes related to the requests submitted.||Execution of pre-contractual measures (art. 6, par. 1 lett. b GDPR).||Maximum 12 months from receipt of personal data via the site form.||The provision of data is necessary. The non provision of personal data may result the impossibility to process your data for the present purpose, without prejudice for the other purposes.|
|C) SPONTANEOUS APPLICATION TO PERSONNEL SELECTION IN THE "WORK WITH US" AREA: research and selection of personnel with a view to the possible establishment of a working relationship, also for any positions other than those for which the data subject has spontaneously applied; conservation of personal data also for future selections; management of applications in response to job offers published on our website; interviews and any video interviews (data processing including image/audio).||Execution of pre contractual measures (art. 6, par. 1 lett. b GDPR).||Maximum 24 months||The provision of data is necessary. The non provision of personal data may result the impossibility to participate to the selection process.|
|D) MANAGEMENT OF YOUR REQUESTS AND REQUESTS FROM OTHER INTERESTED PARTIES, PURSUANT TO ART. 15 and following of the GDPR (exercise of the rights of the interested party).||The processing is necessary to fulfill a legal obligation to which the data controller is subject (C45)
Art. 6 par. 1 letter c) of the GDPR.
|5 years from the closing of the request, except for disputes.||The provision of personal data is necessary, as it is essential to be able to execute legal obligations.|
For more information on the cookies used by this website see the cookies policy at the following link.
RECIPIENTS OR CATEGORIES OF RECIPIENTS
Your personal data will be communicated to subjects who will process the data as Data Processor (art. 28 GDPR) and/or as individuals acting under the authority of the Data Controller and Data Processor (art. 29 GDPR), for the purposes listed above. In particular, the data may be communicated to recipients belonging to the following categories:
- Subjects that provide services for the management of the information system and communication networks, including e-mail, newsletters and website management;
- Freelancers, studies or companies within assistance and consulting relationships;
- Competent authorities for the fulfilment of legal obligations and/or provisions of public bodies, upon request.
The list of Data Processors is constantly updated and available by writing to firstname.lastname@example.org or at the registered office of the Data Controller.
DATA TRANSFER TO THIRD COUNTRIES AND/OR INTERNATIONAL ORGANIZATION
Personal data will not be transferred to countries outside the E.U..
EXISTENCE OF AUTOMATED PROCESS.
We do not use decision-making processes based on automatic elaboration, including profiling.
DATA SUBJECT’S RIGHTS | COMPLAINT WITH THE DATA PROTECTION AUTHORITY
You may exercise your rights as expressed in Articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR, by contacting the DPO at email@example.com or the Data Controller at the email address firstname.lastname@example.org. You have the right, at any time, to request the data Controller to access, rectify, cancel your personal data or limit their processing and the right to the portability of your data. In addition, you have the right to object, at any time, to the processing of your data based on legitimate interest and, in the cases provided, you have the right to revoke the consent given without affecting the lawfulness of the processing based on the consent before revocation.
Without prejudice to any other administrative and judicial remedy, if you believe that the processing of data concerning you violates the provisions of the GDPR, you have the right to lodge a complaint with the Italian Data Protection Authority (https://www.garanteprivacy.it/web/guest/home_en). In the case of a request for data portability, the Data Controller will provide you with the personal data concerning you in a structured, commonly used and machine-readable format, without prejudice to paragraphs 3 and 4 of Article 20 of Regulation (EU) 2016/679
Last update: 22.12.2021