Information pursuant to Art. 13 EU Reg. April 27, 2016 No. 679
Pursuant to Article 13 of the European Regulation, on the protection of individuals with regard to the processing of personal data, we inform you that the personal data of the candidate for the establishment of an employee relationship are processed in accordance with the following principles and rules.
General principles of processing
Processing will be carried out by means of collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction and will be carried out by the owner, managers and persons authorized for processing.
Personal data are: processed in a lawful, correct and transparent manner; collected for specified, explicit and legitimate purposes and thereafter will be processed in a manner not incompatible with those purposes; adequate, relevant, limited to what is necessary in relation to the purposes for which they are processed; accurate and up-to-date, committing the co-owner to take the necessary measures to delete or rectify the data in relation to the purposes for which they are processed; kept in a form that allows the identification of the interested party for the time strictly necessary to achieve the purposes for which they are processed; processed with the utmost confidentiality, both with computer and paper tools, in compliance with the principles dictated by the European Regulation on the protection of personal data, the prescriptions issued by the Control Authority and in any case in such a way as to ensure adequate security, including protection, with appropriate technical and organizational measures, from unauthorized or unlawful processing or from loss, even accidental.
(a) Identity and contact details of the co-owner of data processing
The co-owners of the data processing, in co-ownership, are Arithmos S.r.l., with registered office in Italy, Via Germania 2, 37136 Verona VAT N. IT03568990232, and Arithmostech Ltd., with its place of business at Booths Hall, Suite M3, Chelford Road, Knutsford, WA16 8GS, United Kingdom. The Co-Ownership Agreement is available here.
For the purposes of exercising the rights provided by the Regulations and for any request relating to personal data, the data subject may contact the co-owners of the data processing by sending a communication to the email address email@example.com.
(b) Purpose and legal basis of data processing
Personal data are processed by the co-owners for the following purposes:
- Handling of requests from users via special form;
- Marketing activities, including but not limited to direct sales, sending of advertising material, market research, commercial communication;
For the same purposes, data of individuals who are employees and/or self-employed workers of current or potential client companies of the co-owners are processed.
The processing of personal data for the purpose indicated in point 1 is lawful pursuant to Article 6, letter b) of European Regulation 679/2016 (“processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”).
The processing of personal data for the purpose indicated in point 2 is lawful if and insofar as the data subject has given consent to the processing of his or her personal data, pursuant to Article 6, letter a) of European Regulation 679/2016 (“the data subject has given consent to the processing of his or her personal data for one or more specific purposes”).
The data subject is also made aware that the personal data that the co-owners will come into possession of upon the conclusion of the contract with the customer, and in particular the e-mail address, may be used in the future for promotional activities relating to services similar to those covered by the contract. The data subject may always object to the processing, with a simple request to be sent to the Data Controller at the indicated email address. The processing in question is lawful insofar as it is necessary for the pursuit of the legitimate interest of the Data Controller Art. 6 (f) of European Regulation 679/2016).
(c) Possible recipients or categories of recipients of personal data
The personal data that the co-owners of the data processing will come into possession of are not subject to dissemination.
The data may be known by the persons in charge and those responsible for processing. In particular, the data may be known by other employees and/or collaborators, internal and external, of the co-owners.
(d) Data transfer to third countries
ArithmosTech Ltd. is a company with registered office and business place in United Kingdom, a country that offers – according to European Commission – an adequate protection in the data processing.
By conferring data, Data Subject acknowledges that the Data will be processed outside the European Union.
(e) Period of storage of personal data
The data shall be kept for a period not exceeding that necessary to pursue the purposes explained above and in any case for a period not exceeding two (2) years. In any case, until the data subject may to the co-owners his or her wish to delete his or her personal data from the archives and/or not to receive promotional communications.
(f) Right to withdraw consent
The data subject always has the right to revoke consent to the processing of personal data for the purpose indicated in point 2 of the paragraph “Purposes and legal basis of processing”; in any case, revocation of consent to processing does not affect the lawfulness of processing based on the consent given before revocation.
(g) Right to lodge a complaint
The data subject has the right to propose a complaint to the Supervisory Authority of the country where the co-owners of the data processing have their registered office.
(h) Mandatory or optional nature of providing data
The provision of personal data is not required by law or contract, but refusal to provide them may result in the objective impossibility for the co-owners to pursue the purposes indicated in point 1.
The provision of personal data for promotional purposes and for profiling is optional.
(i) Data subject’s rights
The Data Subject has the right to obtain access to personal data from the co-owner of the data processing.
In particular, the Data Subject has the right to obtain from the co-owner of the data processing confirmation as to whether or not personal data concerning him or her is being processed and, if so, access to the personal data and the following information:
(a) the origin of the personal data, if the data are not collected from the data subject;
(b) the purposes and methods of processing;
(c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if recipients in third countries or international organizations;
(d) the expected period of retention of personal data, or, if this is not possible, the criteria adopted to determine this period;
(e) the existence of the data subject’s right to request from the controller the rectification or erasure of personal data or the restriction of the processing of data concerning him or her or to object to their processing;
(f) the right to lodge a complaint with a supervisory authority;
(g) the existence of an automated decision-making process, including profiling, and, at least in such cases, meaningful information about the logic used, as well as the importance and the expected consequences of such processing for the data subject;
(h) where the data are transferred to a third country or international organization, the adequate safeguards under Article 46 of Regulation 679/2016 of such transfer.