Dear User, welcome to www.solos.it Solos Srl, in the capacity of Data Controller, hereby informs you that, pursuant to art. 13 EU Regulation 2016/679 (General Data Protection Regulation, henceforth GDPR), the data acquired and/or provided shall be processed in accordance with the national and European legislation in force concerning the processing of personal data. Such processing shall always be carried out respecting the principles of transparency, lawfulness, fairness and protection of your privacy and rights.
The Data Controller is Solos Srl, with registered office at Via Ferrucci 57, Prato (PO) 59100 Italy – Email address: firstname.lastname@example.org.
Type of data collected
The Data Controller collects the following types of data:
- General personal data and contact details (name, company, email and phone), as well as any additional information that may appear in the “Request” area, which you provide by filling out the “Contact” form. These data are used exclusively to satisfy your requests;
- personal data you voluntarily and explicitly send to the email address indicated in the website for the purpose of requesting information or completing orders and purchases. In this case, the address of the sender will be acquired, as well as all other personal data included in the message. These data are used exclusively to satisfy your specific requests;
- any personal data and details contained in the CVs that may be received at the email address indicated in the website. In this case, the Data Controller, in accordance with the provisions and guidelines given by the “Garante” (Italian privacy authority), shall, upon the first contact with the candidate, provide the information concerning data processing of all information found in the CV;
- browsing data. During their normal operation, the computer systems and software procedures used to operate this website acquire personal data, which is transmitted according to the Internet communication protocols. This information is not associated with identified data subjects, however, because of its nature, it could, through processing and association with data held by third parties, allow the Users to be identified. This data category includes the IP addresses or the names of the computer domains used by the Users who connect to the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the browser, the time of the request, as well as other parameters about the operating system and the IT environment of the Users. This data is only used to obtain anonymous statistics about the use of the website and to check that it is functioning correctly, furthermore, it is deleted immediately after processing.
Purpose and legal basis of the processing
The data provided will be processed in compliance with the conditions set forth in art. 6 of the GDPR and for the following purposes:
- to satisfy your requests and answer the questions you made by filling out the “Contact Us” form, or those received at the email address listed on the site. The processing of the data collected and filed through completion of the above-mentioned form or received via e-mail is legally based on the legitimate interest of the Data Controller (art. 6, letter F of the GDPR) to be more efficient, give information on the services offered, as well as improve and develop new products and services;
- to give effect to all pre-contractual measures taken upon your request, as well as to all related operational and managerial needs. In this case, the legal basis is the need to enter into the contract of which you are part, or to implement pre-contractual measures (art. 6, point B, the GDPR);
- to comply with legal obligations which apply to the Data Controller. In the latter case, the legal basis is the Data Controller’s need to fulfill legal obligations, namely, the collection or further processing of certain types of personal data (Art. 6, point C, the GDPR).
- The processing of the data contained in the received CV is legal as it is necessary to give effect to the pre-contractual measures (Art. 6, point B of the GDPR) adopted upon request from the Data Subject. The processing of specific data is based on the authorization by the Italian Data Protection Authority (Garante della Privacy) Nr. 1/2016, whose validity has been extended by art. 21 Leg. 101/2018.
Method and place of processing
Your personal data is processed within the premises of the Data Controller, by specifically authorized personnel, with IT equipment or on paper.
In any case, we guarantee that the Data Controller shall take appropriate security and confidentiality measures in order to reduce the risk of destruction, loss, alteration, disclosure or unauthorized data access or any processing that does not comply with the purposes of the collection.
Nature of data provision
The provision of data required for filling out the “Contacts” form is mandatory in order to send the request; refusal to do so would make it wholly or partially impossible for the Data Controller to satisfy the actual request. The provision of further data is totally optional.
Data storage period
In accordance with the provisions of Art. 5 paragraph 1 letter e) of the GDPR, the Personal Data collected will be retained strictly for a period of time that is necessary for the execution of your requests. Once there is no further need to keep it, it will be erased or made permanently anonymous. The data will be processed for the whole duration of the contractual relationship, as well as subsequently, however, within the limits established for carrying out legal obligations and/or solely for administrative/sales and fiscal purposes. In any case, you are always free to ask for such processing to be stopped or for the data to be deleted.
Disclosure and dissemination of data
Your personal data are not subject to disclosure. The Data may be disclosed to third parties, however, only to comply with legal obligations, orders from public authorities or to allow the Company to execute requests coming from judicial authorities.
Transfer of data
Your personal data will not be transferred abroad. Should this be necessary, and strictly for the execution of these tasks, we assure you that the transfer of such information is performed only on the basis of standard contractual clauses and in an appropriate way, in accordance with the provisions of Articles. 44 et seq Reg. EU Nr. 679/2016.
Rights of the User
The Data Controller guarantees to exercise at any time the rights provided by articles 15 et seq. of the GDPR. In particular, the right to:
- know if the Data Controller holds and/or processes your personal data, and also to access it in its entirety by receiving a copy of it (art. 15, right of access);
- the correction of any inaccurate/wrong personal data, or the integration of your incomplete personal data (right of rectification);
- erasure of the personal data held by the Data Processor in the presence of one of the grounds set out by the GDPR (art. 17, the right to erasure);
- ask the Data Controller to limit the processing to some personal data, in the presence of one of the grounds set out by the GDPR (art. 18, right of restriction);
- to request and receive all your personal data processed by the Data Controller, in a structured and commonly-used format that is readable by automatic devices, or to freely request immediate transmission to another Data Controller (art. 20, right to data portability);
- to object to the processing (art. 21, right to object);
- to submit a complaint to the competent control Authority (for Italy, the Italian Data Protection Authority – “Garante della Privacy” – https://www.garanteprivacy.it/) should you believe that the processing of your personal data is contrary to the legislation in force.
You may, at any time, exercise your rights by sending an email to email@example.com
Updates and changes