INFORMATION ON THE PROCESSING OF USERS’ PERSONAL DATA
pursuant to EU Regulation 2016/679
This information, provided in accordance with the provisions of Article 13 of EU Regulation 2017/679 (GDPR) and Legislative Decree No. 196/2003, as updated by Legislative Decree No. 101/2018, describes the operations performed on users’ personal data collected when accessing, browsing, registering and using this website (hereinafter, the website) and not for other websites that may be consulted by the user through links on the website itself.
– INFORMATION ON THE PROCESSING OF USERS’ PERSONAL DATA
– PURSUANT TO EU REGULATION 2016/679
– DATA CONTROLLER, PURPOSE AND LEGAL BASIS OF DATA PROCESSING
– PLACE OF DATA PROCESSING
– CATEGORIES OF PERSONAL DATA PROCESSED
– COOKIES USED BY THE WEBSITE
– PRINCIPLES APPLICABLE TO DATA PROCESSING BY CL.A.N.
– HANDLING OF INFORMATION REQUESTS
– CL.A.N. MEMBERSHIP REGISTRATION
– RECEIPT OF APPLICATIONS FOR OPEN POSITIONS AND/OR SUBMITTED SPONTANEOUSLY
– PROCESSING METHODS
– TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE THE EUROPEAN UNION
– CATEGORIES OF SUBJECTS TO WHOM THE DATA MAY BE DISCLOSED (RECIPIENTS)
– RIGHTS OF DATA SUBJECTS
DATA CONTROLLER, PURPOSE and LEGAL BASIS OF DATA PROCESSING
CL.USTER A.GRIFOOD N.A. - CL.A.N. (hereinafter, CL.A.N. or Data Controller), in the person of its legal representative pro tempore, Viale Pasteur n. 10 - 00144 Roma, VAT reg. no. 97777000585, tel. 06.5903855, e-mail firstname.lastname@example.org, is the Data Controller for the processing of users’ personal data collected during the use of services on the website. CL.A.N. will process the personal data with which it comes into contact in accordance with the principles of
lawfulness, fairness and transparency and the provisions of the law and regulations for the following purposes:
– Access to the website and browsing;
– Handling information requests from users;
– Handling new CL.A.N. membership registrations;
- Propose your business innovation activity (Service dedicated to CL.A.N Members).
– Receipt of spontaneous applications or applications for open positions – Work with us.
In greater detail, the use of personal data for accessing the site and browsing involves the processing of data to implement measures adopted at the request of the person concerned, which is the legal basis that legitimises the processing. The use of personal data for further processing, with an indication of the specific legal basis of the treatment, is described in the section of this policy dedicated to the principles applicable to data processing by CL.A.N.
PLACE OF DATA PROCESSING
The processing operations connected to this website’s web services take place at the aforementioned registered office of the Data Controller and at the hosting company providing the service with servers located in the EU.
CATEGORIES OF PERSONAL DATA PROCESSED
In the course of normal operation, the computer systems and software procedures used to operate this website acquire certain personal data, the transmission of which is implicit in the use of internet communication protocols.
This information is not collected in order to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct operation, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of computer crimes against the site or the Data Controller. With the exception of this possibility, at present, the data on web contacts do not persist beyond the terms of the law.
Data provided voluntarily by the user
What is a cookie?
Cookies are short text files that are downloaded and stored on your device when you visit a website. On each subsequent visit, cookies are re-sent to the website that issued them (first-party cookies) or to another website that recognises them (third-party cookies). Cookies are useful because they allow a website to recognise the user’s device.
Cookies are useful because they allow a website to recognise the user’s device.
They serve various purposes such as, for example, allowing you to browse efficiently between web pages, remembering your favourite sites and, in general, improving your browsing experience.
They also help to ensure that the advertising content displayed online is targeted to the user’s personal needs and interests.
Cookies can be first-party or third-party. “First-party” refers to those cookies that have the website as their domain, while “third-party” refers to those cookies that are associated with external domains.
Third-party cookies are necessarily installed by an external party, always referred to as a “third party”, not managed by the website.
Nature of the cookies
Nature of the cookies
These are cookies that are used for browsing or to provide a service requested by the user. They are not used for any other purpose and are normally installed directly by the website owner.
In their turn, they can be subdivided into:
– Browsing or session cookies, which ensure normal browsing and use of the website (e.g. allowing authentication to access restricted areas); they are in fact necessary for the proper functioning of the website;
– Third-party analytics cookies , assimilated to technical cookies where used directly by the website Data Controller to collect information, in an anonymous and aggregate form, on the number of users and how they visit the site, in order to improve website performance;
– Functionality cookies, which allow the user to browse according to a number of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided to the user. Users are not required to give their prior consent for the installation of such cookies.
The above cookies may be:
– Temporary, when they are automatically deleted on termination of the connection by the user;
– Permanent, when they remain stored on the user’s device, unless the user deletes them voluntarily.
Users are hereby informed that they can manage and deactivate cookies directly from their browser settings:
COOKIES USED BY THE WEBSITE
The following table shows the cookies used by the website.
The website does not use first-party or third-party profiling cookies, but only technical session cookies.
COOKIES USED BY THE WEBSITE
CL.A.N. will process the personal data of users in a lawful, correct and transparent manner.
The Data Controller will collect users’ personal data and process them only for the purposes indicated in this statement and in a manner that is not incompatible with the purposes themselves.
The data processed by CL.A.N. are adequate, relevant and limited to what is necessary for the purposes for which they are processed.
HANDLING OF INFORMATION REQUESTS
CL.A.N. will process the personal data (name and e-mail address) of users who complete the specific online form to request information about the services offered by the Data Controller in order to manage, respond to and fulfil user requests. The data will be recorded, stored and used exclusively to manage and respond to the requests of the data subjects and for the time necessary to achieve the aforementioned purpose. The legal basis for this processing is the fulfilment of a contract to which the data subject is party or the performance of pre-contractual measures taken at the request of the data subject (Article 6, paragraph 1 letter b) EU Reg. 2016/679). The provision of data for this processing purpose is optional. However, the failure, partial or incorrect provision of data may make it impossible for CL.A.N. to manage and respond to user requests.
CL.A.N. MEMBERSHIP REGISTRATION
The Data Controller will process the personal data (personal and contact data) of users who complete the online form on the website in order to allow the person concerned to register as a member of CL.USTER A.GRIFOOD N.AZIONALE. The Data Controller will also use the user’s personal data (contact details) to send institutional communications. The legal basis for the processing is the execution of pre-contractual measures adopted by the Data Controller at the request of the data subject (Article 6, paragraph 1, letter b), EU Reg. 2016/679), as well as the fulfilment of legal obligations to which CL.A.N. is subject (Article 6, paragraph 1, letter c), EU Reg. 2016/679). The data will be processed for the time necessary to achieve the purposes for which they are processed and not beyond the term of 10 years after the lapse of membership.
PROPOSE YOUR INNOVATION ACTIVITY (SERVICE DEDICATED TO CL.A.N MEMBERS).
RECEIPT OF APPLICATIONS FOR OPEN POSITIONS AND/OR SUBMITTED SPONTANEOUSLY
CL.A.N. will process the personal data of users who completed the online form or the data contained in the CVs submitted spontaneously by the person concerned, including after a recruiting campaign promoted by the Data Controller, in order to manage the selection of new staff and to evaluate the candidate. The data will be processed for the period of time strictly necessary for the pursuit of the purpose in question and shall be kept for a period of 24 months from the time of receipt of the CV, without prejudice to the possibility for the Data Controller to extend the storage period after expressly requesting authorisation from the data subject to do so. The legal basis legitimising this processing is the execution of pre-contractual measures, pursuant to Article 111-bis of Legislative Decree no. 196/2003, as updated by Legislative Decree no. 101/2018, for which, within the limits of Article 6, letter b) of EU Regulation 2016/679, the consent of the data subject is not required. The provision of data for this processing purpose is optional. However, failure to provide the data, or providing partial or inaccurate data, may make it impossible for the Data Controller to receive the application and to assess whether it corresponds to the job profile in question and to proceed with the selection process.
Personal data are and will be processed, in paper and/or digital form, for the time strictly necessary to achieve the aims and purposes for which they were collected.
There is no automated processing of collected data, including user profiling.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.
TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE THE EUROPEAN UNION
The personal data collected by the Data Controller are processed and stored within the territory of the European Union and will not be transferred to third countries outside the European Economic Area.
CATEGORIES OF SUBJECTS TO WHOM THE DATA MAY BE DISCLOSED (RECIPIENTS)
The subjects to whom CL.A.N. may disclose data act in their capacity as Data Processors designated by the Data Controller through a specific contract or as persons authorised to process personal data under the direct authority of the Data Controller. The data may also be communicated to external companies and/or professionals in order to fulfil specific obligations imposed on the Data Controller by current legislation.
By requesting access to their personal data, the data subject may request the complete list of recipients of their personal data by writing an e-mail to email@example.com
RIGHTS OF DATA SUBJECTS
Data subjects who use the website have the right to:
– Request access to their personal data: the user has the right to obtain confirmation from the Data Controller as to whether or not personal data relating to them are being processed and, if so, access to such data. Access may relate to the following information:
– The purposes of the data processing;
– The categories of personal data in question;
– The recipients or categories of recipients to whom the data have been or will be disclosed, in particular if sent to third countries or international organisations;
– The period of personal data storage or the criteria used to determine that period;
– The existence of the right to ask the Data Controller to rectify or erase data or to restrict or object to the processing thereof;
– The existence of an automated decision-making process.
– Request for rectification of personal data: the data subject has the right to obtain the rectification of inaccurate personal data concerning them, as well as to obtain the completion of incomplete personal data.
– Request for erasure of personal data: for the reasons set out in Article 17 GDPR, the data subject has the right to ask the Data Controller to erase the data without undue delay and the Data Controller has the obligation to erase the data subject’s personal data.
– Request to restrict data processing: in the event of one of the cases referred to in Article 18 GDPR, the data subject has the right to request the restriction of data processing concerning them.
– Request for data portability: the data subject has the right to receive, in a structured, commonly used and readable format, personal data concerning them that has been provided to a Data Controller and has the right to transmit such data to another Data Controller where the processing has been based on consent and is carried out by automated means.
– Request to object to processing: the data subject has the right to object to the processing of personal data concerning them at any time, on grounds relating to their particular situation.
– Withdrawal of consent: the data subject has the right, at any time and as easily as they have given it, to withdraw consent to the processing of their personal data.
Data subjects using the website. Data subjects also have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).
Requests regarding the exercise of rights can be addressed to firstname.lastname@example.org
This information was last updated on 22/07/2021