|
|
Privacy Policy:
Version 1.0
Sardegna.com S.r.l. ,with registered offices at Piazza Attilio Deffenu n.12, Cagliari (hereinafter, " Sardegna.com ") is committed to protecting the online privacy of the users of its websites. As such, this Privacy Policy has been written, under Article 13 of EU Regulation 2016/679 (hereinafter, the "Regulation"), in order to allow you to understand Sardegna.com’s policy regarding your privacy, and how your personal information will be handled when using our websites (www.sardegna.com , hereinafter, collectively, "Website"). This Privacy Policy will also provide you with information so that you are able to consent to the processing of your personal data in an explicit and informed manner, where appropriate. The information and data which you may provide, or which may otherwise be collected in the context of your use of Sardegna.com’s services – e.g., access to reserved areas in the Website, Sardegna.com, etc. (hereinafter, the "Services") - will be used by Sardegna.com in compliance with the Regulation. This means, in particular, that any personal data processing carried out by Sardegna.com will respect the principles of lawfulness, fairness, transparency, purpose limitation, storage limitation, data minimization, accuracy, integrity and confidentiality. CONTENTS
1. Data Controller The data controller regarding all personal data processing operations carried out through the Website is Sardegna.com, as identified at the start of this Privacy Policy. For any information regarding the processing of Personal Data by Sardegna.com, including a list of Sardegna.com’s data processors, please contact: privacy@sardegnacom. 2. Personal Data processed As you use the Website, we inform you that Sardegna.com may collect and process information related to you as an individual and which allows you to be identified (either directly, or together with additional information), or which is related to other individuals (“Personal Data”), such as your name, an identification number, an online ID or one or more characteristic elements of your physical, physiological, mental, economic, cultural or social identity. Personal Data which may be processed by Sardegna.com through the Website are as follows: a. Browsing Data The Website’s operation, as is standard with any website on the Internet, involves the use of computer systems and software procedures, which collect information about the Website’s users as part of their routine operation. While Sardegna.com does not collect this information in order to link it to specific users, it is still possible to identify those users either directly via that information, or by using other information collected – as such, this information is also considered Personal Data. This information includes several parameters related to your operating system and IT environment, including your IP address, location (country), the domain names of your computer, the URI (Uniform Resource Identifier) addresses of resources you request on the Website, the time of requests made, the method used to submit requests to the server, the dimensions of the file obtained in response to a request, the numerical code indicating the status of the response sent by the server (successful, error, etc.), and so on. These data are used exclusively to compile anonymous, statistical information on the use of the Website, as well as to ensure its correct operation and identify any faults and/or abuse of the Website – the data is deleted immediately after processing, unless it must be used to identify responsible parties in the event of cybercrime committed which harms the Website or third parties, in which case information on web contacts may be kept for a period of 7 (seven) days. b. Special categories of Personal Data In the "Work with Us" section of the Website, you are allowed to submit Personal Data which may fall under the category of Personal Data referred to in Art. 9 of the Regulation – i.e. “[...] data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation”. While this should not prevent you from submitting your CV for a job application through the Website, Sardegna.com asks that you do not disclose any such types of Personal Data, unless you consider this to be strictly necessary. Indeed Sardegna.com remind you that if you disclose such special categories of Personal Data in absence of an explicit consent to process them, Sardegna.com may not in any case be held liable and cannot receive complaints in this regard because in such case the processing is permitted as it is based on the fact that you have publicly disclosed this information, according to Art. 9(1)(e) of the Regulation. In any case, Sardegna.com would stress the importance of providing your explicit consent to process this sort of Personal Data, if you decide, nonetheless, to share it. Please note that, for purposes of selection of an applicant to a certain position, Sardegna.com may decide to analyse the professional social media profiles which you make freely available on the Internet (e.g. LinkedIn). c. Data provided voluntarily by the data subject When using some of the Website’s Services yu are allowed to submit Personal Data related to other persons. In any situation where you decide to share Personal Data related to other persons through the Website, you will be considered as an independent data controller regarding that Personal Data, and must assume all inherent legal obligations and responsibilities. This means that you must also must make sure that you have these third parties’ consent to their Personal Data being used in this manner before providing them to Sardegna.com or another appropriate legal basis which may allow for lawful processing of this information. To this end, you must fully indemnify Sardegna.com against any complaints, claims or demands for compensation for damages which may arise from the processing of this Personal Data, initiated by the third parties whose information is processed via the Website by your initiative. d. Cookies [Go to Cookies page] 3. Purpose of the processing Sardegna.com intends to use your Personal Data, collected through the Website, for the following purposes:
4. Legal basis and mandatory / discretionary nature of the processing Sardegna.com’s legal bases to process your personal data, according to the purposes identified in Section 3, are as follows:
5. Recipients of Personal Data Your Personal Data may be shared, for the purposes listed in Section 3, with different persons / entities (hereinafter and collectively, “Recipients”):
6. Transfers of Personal Data Some of your Personal Data are shared with Recipients who may be located outside the European Economic Area. The Company ensures that your Personal Data are processed by these Recipients in accordance with the Regulation. Under the Regulation, these transfers can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission. 7. Retention of Personal Data Personal Data processed for the purposes set out in Section 3(a) and 3(b) will be kept by Sardegna.com for the period deemed strictly necessary to fulfil such purposes – in any case, as these Personal Data are processed for the provision of the Services, Sardegna.com will keep them for as long as the statute of limitations on liability related to the provision of the Services (as determined by the applicable law) lasts, so as to protect its interests. Personal Data contained within CVs sent via the Website, as mentioned in Section 3(c), will be kept as long as the position for which the CV was sent remains open. As for spontaneous applications, this Personal Data may be kept for up to 1 (one) year. Sardegna.com may contact candidates before the mentioned periods end, in order to request an extension of this retention period. Personal Data processed for the purposes set out in Section 3(d) will be kept by Sardegna.com for the period required by the specific legal obligation or by the applicable law. For more information on Sardegna.com’s Personal Data retention periods and the criteria adopted in determining these periods, please contact: privacy@sardegna.com 8. Data subject rights Under Articles 15 and following of the Regulation, you, as a data subject, are entitled to request from Sardegna.com, at any time, access to your Personal Data, the correction and erasure of your Personal Data, as well as to object to its processing. You are also entitled to request the restriction of the processing of your Personal Data in the cases set out in Article 18 of the Regulation, as well as to obtain the Personal Data you have provided to Sardegna.com in a structured, commonly used and machine-readable format, in the cases set out in Article 20 of the Regulation. Requests should be made in writing to privacy@sardegna.com or at DPO (Data Protection Officer) to dpo@sardegna.com In any case, please note that, as a data subject, you are entitled to file a complaint with the competent supervisory authorities for the protection of Personal Data, if you believe that the processing of your Personal Data carried out through this Website violates applicable law. 9. Amendments This Privacy Policy entered into force on 25.05.2018 Sardegna.com reserves the right to partly or fully amend this Privacy Policy, or simply to update its content, e.g., as a result of changes in applicable law. Sardegna.com will inform you of such changes as soon as they are introduced, and they will be binding as soon as they are published on the Website. Sardegna.com therefore invites you to regularly visit this Privacy Policy in order to acquaint yourself with the latest, updated version of the Privacy Policy, so that you may remain constantly informed on how Sardegna.com collects and uses Personal Data. |