Privacy & Legal Notices

PRIVACY POLICY - Updated version (May 2018)

Information provided pursuant to Article 13 of the EU Reg. 2016/679 (hereafter GDPR)

Foreword

For SIET SPA personal data represent a heritage of great value and an asset to be protected, adopting procedures and behaviors aimed at guaranteeing its protection. Transparency towards the interested parties is therefore a primary objective, pursued through effective communication tools aimed at making the basic information on the processing of their data available to interlocutors.

In this regard, this information page, produced in accordance with the requirements set out in Reg. EU 2016/679 "General Data Protection Regulation", contains specific information referring to the following areas:

  1. processing of data related to the operation of this site;

  2. processing data related to relations with candidates to establish a working relationship;
  3. processing of data related to the contractual relationships established with customers and suppliers;

  4. processing of data related to relations with visitors of the SIET SpA company headquarters.

General information

We inform the interested parties (ex Art.4, c.1 of the GDPR) of the following general profiles, valid for all the areas of treatment:

  • all data are processed in a lawful, correct and transparent manner in relation to the data subject, in compliance with the general principles established by Art. 5 of the GDPR;

specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

References and rights of the interested parties

  • the Data Controller is the undersigned Company, in the person of the legal representative pro-tempore;

the Company has appointed a Data Protection Officer, to whom it is possible to apply to exercise all the rights provided for by art.15-21 of the GDPR (right of access, rectification, cancellation, limitation, portability, of opposition), as well as revoke a previously granted consent; in case of failure to reply to their requests, the interested parties can propose a complaint to the Supervisory Authority for the protection of personal data (GDPR - Art.13, paragraph 2, letter d).

Contact details

DPO: Galli Data Service Srl, in the person of Dr. Gregorio Galli - + 39-0523 / 010250 - [email protected]

SIET SPA: Tel. +39 0523 329011 Fax +39 0523 329010 - Email: [email protected]

DATA PROCESSING CONNECTED WITH THE OPERATION OF THIS SITE

The privacy policy that applies to the online activities of this site and is valid for visitors / users of the site is available on the following page:

COOKIES INFORMATION

It does not apply to information collected through channels other than this website. The purpose of the privacy statement is to provide maximum transparency regarding the information that the site collects and how it is used.

2) PROCESSING OF DATA CONNECTED WITH RELATIONSHIPS WITH CANDIDATES TO ESTABLISH A WORKING RELATIONSHIP

The page allows the interested party to propose a professional application for employment with the Company. Identification data and contact details are requested, as well as the candidate's curriculum vitae.

Purpose and legal basis of the processing

(GDPR-Art.13, paragraph 1, letter c)

Data are acquired for the correct management of personnel selection procedures. evaluation of requests as well as for the following responses. The submission of the request is subject to specific, free and informed consent (GDPR-Art.6, comma1, lett.a). At the time of any recruitment the candidate will receive regular information related to the established professional relationship.

Scope of communication

(GDPR-Art.13, paragraph 1, lett.e, f)

The data are processed exclusively by authorized and trained personnel (GDPR-Art.29). The data will not be disclosed or transferred to non-EU countries.

Data retention period

 (GDPR-Art.13, paragraph 2, letter a)

The data are kept for times compatible with the purpose of the collection

Contribution

(GDPR-Art.13, paragraph 2, letter f)

The provision of data relating to the mandatory fields is necessary in order to be able to propose an application.

1.2 Data provided voluntarily by the user

The optional, explicit and voluntary sending of e-mail and / or ordinary mail to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. If the sender sends his / her curriculum to submit his / her professional application, he / she remains solely responsible for the relevance and accuracy of the data sent. It should be noted that any curriculum without the authorization to process data will be immediately deleted.

3) TREATMENT OF DATA CONNECTED WITH THE RELATIONSHIPS ESTABLISHED WITH CUSTOMERS AND SUPPLIERS

3.1 Object of the treatment

The Company processes personal identifying data of customers / suppliers (for example, name, surname, company name, personal / fiscal data, address, telephone, e-mail, bank and payment details) and its operative contacts (name surname and data contact information) acquired and used in the provision of the services provided.

3.2 Purpose and legal basis of processing

Data are processed for:

  • conclude contractual / professional relationships;

  • fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships, as well as manage the necessary communications connected to them;

  • fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority

exercise a legitimate interest as well as a right of the Owner (for example: the right of defense in court, the protection of credit positions, the ordinary internal needs of an operational, managerial and accounting nature).

Failure to provide the aforementioned data will make it impossible to establish the relationship with the Owner. The aforementioned purposes represent, pursuant to Article 6, commi b, c, f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out treatments for different purposes, a specific consent will be required from the interested parties.

3.3 Methods of processing

The processing of personal data is carried out by means of the operations indicated in Art. 4 n. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are subjected to both paper and electronic and / or automated processing. The Data Controller will process personal data for the time necessary to fulfill the purposes for which it was collected and related legal obligations.

3.4 Scope of treatment

The data are processed by internal subjects regularly authorized and instructed pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external subjects operating as managers or independent data controllers (consultants, technicians, banks, transporters, etc.).

4) TREATMENT OF DATA CONNECTED WITH THE RELATIONSHIPS ESTABLISHED WITH VISITORS

4.1 Object, purpose and legal basis of processing

SIET informs you that the SIET area is video surveillance for which the images will be processed for the needs of personal safety and protection of the company assets.

4.2 Methods of treatment

Images are recorded and stored by continuous recording on fixed media.

Their preservation for a period longer than allowed will occur only in the event that the offenses have occurred and / or there are investigations by the judicial or police authorities. In the absence of signaling or complaint the recorded images will be deleted by overwriting.

The images will not be disseminated.

4.3 Scope of treatment

The processing of data is performed through computer procedures and the viewing of images takes place exclusively by the subjects specifically appointed by the Company.

The external company that offers the maintenance service of the video surveillance system will be able to access the images, while the registered images will be able to access the police and the competent authorities. The images taken will not be communicated to other subjects or disseminated.

The interested parties taken from the cameras can exercise the rights provided for by art.15-21 of the GDPR (right of access, rectification, cancellation, limitation, portability, opposition, at the headquarters of the owner.

In the same way, you will be able to learn about the complete list of persons appointed as Data Processors.

5) POLICY UPDATE

It should be noted that this information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence. In the event of significant changes, the site's home-page timeline will be given for a suitable time. Si invita comunque l'interessato a consultare periodicamente la presente policy. In any case, the interested party is invited to periodically consult the present policy.