In this information statement, we describe the procedures related to the processing of personal data in compliance with Article 13 of Legislative Decree nr. 679/2016 concerning the Personal Data Protection Code, of customers, individuals, individuals operating in the name and on behalf of legal entities and users who use ITReview S.r.l. Web Services, accessible online at the address www.itreview.it, which opens the initial page of official ITReview Website.
According to Italian and European Legislation, the purpose of this document is to determine the requirements for collecting personal data and, in particular, the methods, times and nature of information that the Data Controllers must supply to customers, individuals, individuals operating in the name and on behalf of legal entities and users who visit this Website, regardless of their reasons of connection.
This statement is subject to updates in compliance with legislative or regulatory provisions. We therefore invite customers, individuals, individuals operating in the name and on behalf of legal entities and users to periodically consult this page.
If the user is under 14 years, in accordance with Art.8, c.1 Regulation UE 2016/679, and Art. 2 – Quinquies of D.Lgs 196/2003, as modified by D.Lgs 101/18 will have to legitimize its consent through the authorization of the parents or whoever takes their place.
The Data Controller is the legal entity who decides on the purpose and means of collecting and using personal data.
The Data Controller is the legal representative pro tempore of ITReview S.r.l., located in Viale della Navigazione Interna, 82 – 35027 Noventa Padovana (PD) Italia, C.F. e P.IVA 04197530282, mail: firstname.lastname@example.org.
The “Data Processor” is the natural or legal person, public authority, service, or other organization that processes personal data on behalf of the data controller. In accordance with article 28 of EU regulation no. 2016/679, the Data Controller appoints the Data Processors of the Site, when necessary. Contact the Data Controller to obtain information about the Data Processor.
DATA PROCESSING LOCATION
The data processing takes place in Viale della Navigazione Interna, 82 – 35027 Noventa Padovana (PD) Italy.
TYPES OF DATA
The personal data processed are those provided by interested party during:
- Visits or phone calls;
- Requests for information, via email and/or via the Contact page and/or other contact forms on the website www.itreview.it;
- Requests for offers;
- Transactions preceding the signing of the contract;
- Transactions following the signing of the contract.
Furthermore, it is specified that: this Website makes use of log files in which information collected automatically is stored during user visits.
The information collected could be:
- Internet protocol (IP) address or domain names of the computers used by the User who connects with this Website;
- The address in URI (Uniform Resource Identifier) notation;
- Request time;
- Method used in forwarding the request to the server;
- The size of the file obtained in response;
- The numeric code indicating the server response (successful, error, etc…);
- The country of origin;
- Type of browser and device used to connect to the site;
- Name of the internet service provider (ISP);
- Web page of origin (referral) and exit;
- Number of clicks;
- Visit date and time.
Statistical information and information relating to behavior, habits and preferences (some examples are presented below: information relating to the pages visited, the information requested, and the time spent on the Website. The above list must be considered as an example).
These information (mentioned above) are processed in an automated form and collected in an exclusively aggregated form to verify the correct functioning of the site, and for security reasons. This information will be processed based on the legitimate interest of the owner.
For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may possibly include personal data such as IP address, which could be used, in accordance with law, in order to block attempts to damage the site itself or to cause damage to other users, or any case harmful activities or constituting a crime. These data are never used for the identification or profiling of the user, but only for the purpose of protecting the site and its users, such information will be processed based on the legitimate interests of the owner.
The Website allows users to send their candidacy to open positions available on the following page: https://www.itreview.it/lavora-con-noi/. The user is asked to enter personal data such as: Name, Surname and Curriculum Vitae.
The information, that users will deem to make public, are provided by them knowingly and voluntarily, exempting this site from any responsibility for any violation of laws. It is up to the user to verify that they have permission to enter personal data of third parties or content protected by national and international standards.
DATA PROVIDED BY THE USERS
As indicated above, the optional explicit and voluntary sending of e-mails to the addresses indicated on this Website entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the missive. Specific summary information or references to this policy page, will be progressively reported or displayed on the web pages prepared for particular services on request.
LEGAL BASIS OF THE TREATMENT
The lawfulness of the treatment consists of:
– contractual obligation, as a necessary requirement for the execution of the contract or for pre-contractual activities between ITREVIEW s.r.l. and the interested party (art.6, paragraph 1, letter b, GDPR).
– and subsequent legal obligations to which the data controller is subject (art.6, paragraph 1, letter c, GDPR).
– optional consent by users for the sole processing of personal data for specific Marketing, promotional and information purposes (art.6, paragraph 1, letter a).
– mandatory consent for the processing of personal and curricular data for specific purposes relating to the management of applications sent spontaneously for hiring and job opportunities (art.6, paragraph 1, letter a, GDPR).
– mandatory consent to manage the storage of data, the sending of information and communications (including electronic), requests sent by users through the Company’s Website or received through the use of other suitable means of communication, which can be directly associated to the Company, sending documents relating to the relationship with the Company. (Art. 6, paragraph 1, letter f, GDPR).
PROVISION OF DATA AND REFUSE
The provision of data is necessary for legal obligations and contractual execution and therefore any refusal to provide them in whole or in part may give rise to the impossibility for the company to execute the contract or to carry out correctly all legal obligations.
Refuse to consent to the processing of personal and/or curricular data during the sending of requests and/or spontaneous application invalidate the possibility for the company to follow up on the request and/or correctly fulfill the candidate selection procedure. The lack of consent, however, to the processing for specific Marketing, promotional and information purposes does not affect the execution of the contract or of the requests made. It also does not affect the execution of the candidate selection procedures.
The collection of personal data is carried directly or indirectly, using (one or more) of the following channels:
- visits or phone calls;
- requests for information, via email and/or via the Contact page on the www.itreview.it website;
- visits to the website;
- transactions preceding the signing of the contract (contact requests, requests for offers, ..);
- transactions resulting from the signing of the contract;
- communications with company staff;
- voluntary presentation of your business card, during meetings or participation in exhibition, sector meetings or events;
- online searches;
- during registration in the reserved area of the website and in accessing the downloadable contents (Case Study, White paper, Various insights etc ..) , at the link: https://www.itreview .com/case-studies/
- filling in the information request forms on the website pages, including those of the articles published within the blog section of the website;
- voluntary subscription to the newsletter;
- voluntary filling in of the application form for open positions;
- data collected from public sources;
- lead Generation activities carried out by third party companies such as MD Operations Italia Srl;
- direct contacts from QlikTech Italy S.r.l
PURPOSE OF DATA COLLECTING
The processed data are managed for the following functions:
- acquire pre-contractual data and information;
- carry out the operations necessary for the fulfillment of orders and other requests;
- forwarding communications of various kinds and with different means of communication (telephone, mobile phone, sms, email, fax, paper mail);
- making requests or processing requests received;
- manage Customer Relationship Management activities;
- exchange information for the execution of the contractual relationship, including pre and post contractual activities;
- manage the administrative, accounting, civil and fiscal obligations, prepare and present civil and fiscal declarations in compliance with EU and non-EU regulations and directives;
- prevent and manage controversy, take legal action in case of need;
- monitor activities (measurement and statistical processing of turnover, purchases, payments, number of customers, etc.);
- manage IT, including infrastructure management and business continuity;
- improvement of the quality of services;
- manage storage systems;
- manage and improve this website (for example by diagnosing server problems, optimizing data traffic, integrating and optimizing web pages);
- measure the use of this website (e.g. by compiling statistics on data traffic or by collecting information on the behavior of visitors and on the pages they visit);
- monitor and prevent fraud and other improper use of our website.
The Data Controller stores and processes personal data for the time necessary to fulfill the indicated purposes. Personal data will be stored for the time established by the current civil and fiscal provision, but they will be not further processed.
The data used for security purposes (blocking attempts to damage the site) are kept for the time strictly necessary to achieve the previously indicated end.
RECIPIENT OF DATA
The personal data processed by the Data Controller will not be disclosed, in any possible form. They may be communicated to workers and to external subjects who collaborate with them.They may also be communicated, within the strictly necessary limits, to subjects who must supply goods and/or perform on behalf of the Data Controller services. They may be communicated to subjects entitled to access them by virtue of legal provisions, regulations, community regulations. In particular, on the basis of the roles and job duties performed, some workers have been legitimated to process personal data, within the limits of their competences and in accordance with the instructions given to them by the Data Controller. By virtue of the need for data management, the workers entitled to their treatment could make use of third-party tools, specifically: “Active Campaign” and “Zoho” to fulfill these purposes.
TRANSFER OF DATA
The Data Controller does not transfer personal data to third countries or to international organizations, except for the “Active Campaign” and “Zoho” cloud services, already mentioned. However, it reserves the right to use other cloud services: the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 GDPR 679/16.
RIGHTS OF INTERESTED PARTY
The interested party may enjoy the rights referred to in articles 15 and following of EU Regulation 2016/679, including the right to request access, correction or cancellation of personal data or the limitation of the processing that concern them or to oppose their treatment. It is also possible to object to the processing carried out for Marketing, promotional and information purposes. You can exercise your rights by writing to the Data Controller at the address: email@example.com with the subject “GDPR” or by writing to the Data Controller of ITREVIEW s.r.l. at the following address: Viale della Navigazione Interna, 82 35027 Noventa Padovana (PD) – Italy.
The interested party can revoke any consent given at any time, however, the treatment covered by this information, in compliance with art. 6 of EU Regulation 2016/679, is lawful and allowed, even in the absence of consent, in all cases in which it is necessary for the execution of a contract or for the fulfillment of its requests. Likewise, in case of violation of the law, the user has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, as the authority responsible for monitoring the processing in the Italian State.