(document updated 25/05/2018)
Fida G. SRL, located in Via Tavollo n. 372/F, San Giovanni in M. (RN), VAT code IT 01988410401 (hereinafter referred to, for the sake of simplicity, as “Fida G.”), is committed to safeguarding your personal data to the greatest possible extent. Fida G. is thus in the process of implementing the new European General Data Protection Regulation – GDPR 2016/679 (hereinafter referred to as “the New Regulation”).
Who is involved in processing your personal data
The Controller of your personal data is Fida G. SRL, located in Via Tavollo n. 372/F, San Giovanni in M. (RN), VAT code IT 01988410401.
Fida G. is not, in accordance with art. 37 and subsequent articles of the New Regulation, obliged to nominate a DPO (Data Protection Officer).
An updated list of the processors and of the other persons responsible for processing, including nominated professionals, is held at the legal premises of the Controller.
What personal data do we process and how do we collect it
The term “personal data” refers to any information by means of which it is possible to identify, or to render identifiable with reasonable ease, a physical person. The processing includes those operations indicated in art. 4 n°. 2) GDPR, more precisely: collection, registration, organisation, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.
The optional, explicit and voluntary sending of email to the addresses specified on the Website, will result in the acquisition of the address of the sender, which is required in order to reply to requests, as well as in the acquisition of any other personal data included in the communication.
At the same time, any requests made via the Website “form” involve the acquisition of the email address of the user, which is necessary in order to fulfil the requests made by the same, as well as the acquisition of the data and information contained in the form and in the messages.
In the case of curricula vitae sent by free choice to the email addresses specified on the Website, the personal data therein contained will be collected and processed for the purposes set out in the following paragraph.
In addition, your personal data is collected by cookies. For further information refer to our Cookies Policy.
Your personal data may be processed in both printed and electronic form for the period of time strictly required to carry out the activities for which it was collected. In all cases, the logistic and physical security of the data and, in general, the confidentiality of the personal data processed, will be guaranteed by taking all necessary technical and organisational measures designed to ensure the safeguarding of the same.
The Controller does not intentionally collect or hold personal data of individuals of less than 16 (sixteen) years of age: those aged below 16 (sixteen) are requested not to provide personal data.
Why do we process your personal data
Your personal data is collected and processed to the extent strictly necessary in order to fulfil your requests and in relation to contracts stipulated in connection with our products and/or services, and in particular:
To complete necessary precontractual activities (e.g. sending of quotations, precontractual agreements, verification of credit rating and solvency);
To carry out contractual and taxation obligations towards yourself;
To protect our assets and/or defend our rights on the basis of our legitimate interests (e.g. right of legal defence);
To fulfil legal requirements and comply with requests of authorities, as well as to comply with fraud and money laundering prevention provisions, etc.;
To reply to requests sent via email or via the Website form;
To evaluate the profile of candidates and select the same, where these have sent curricula of their own free choice;
To send you information relating to services that you previously purchased;
Should the above-listed purposes be modified then this document will be amended accordingly.
Is it necessary to provide my personal data or consent
The provision of data for the purposes set out in clause 4 letters a) – d) is obligatory. Should it not be provided then contract execution cannot be guaranteed.
The provision of data for the purposes set out in clause 4 letters e) – g) is instead optional. Therefore, you may decide not to provide data or to successively deny the possibility to process previously-supplied data: in such case, failure to provide data may mean that it is not possible to fulfil your requests or evaluate potential job applications.
In relation to the purposes for which explicit consent is requested from yourself, failure to provide consent does not constitute a valid reason for the Controller to withdraw from a contract or to not fulfil your requests in relation to other purposes.
Who is your data communicated to
Without having to obtain your express consent, FIDA G. may communicate your data, for the above referred to purposes, to prefectures, insurance supervision institutes (such as IVASS), judicial authorities, insurance companies (for the provision of insurance-related services), as well as to parties to which such communication is required by law for the fulfilment of the afore-mentioned purposes. Said parties will process the data as autonomous controllers. Your data will not be disclosed without previous and explicit consent.
Who can access your data
Your data may be made accessible for the above-stated purposes:
To employees and collaborators of the Controller, in their role as nominated professionals and/or responsible internal parties involved in processing and/or system administrators;
To third parties or other parties (such as, for example, credit institutes, professional offices, consultants, insurance companies for the provision of insurance services, etc.) that carry out activities which have been outsourced by FIDA G., in their role as external parties responsible for processing.
Where is your data stored and where is it transferred to
The data is processed at the operative premises of the Controller as well as in any other place where the parties involved in the processing are located. For further information, you many contact the Controller.
The personal data is held on servers located within the European Union.
In all cases, it should be understood that FIDA G., should it prove necessary, will have the faculty to move the server to non-EU countries. In such case, FIDA G. guarantees from hereon in that the transfer of data outside of the EU will take place in accordance with applicable legal provisions following on from the stipulation of standard contractual clauses provided for by the European Commission or in conformity with the Privacy Shield, in relation to those countries that do not, according to the European Commission, offer adequate provisions.
How long do we hold your data for
Your personal data will be held in accordance with the principles of proportionality and necessity, and until the purposes for which it was collected have been fulfilled.
Your personal data will normally be held for as long as there is a negotiated relationship with FIDA G., with the exception of exigencies relating to the collection of residual credit and/or the management of data in the hypothesis of any contestations or claims, such as, for example, those relating to invoices issued.
In all cases, your personal data will be cancelled automatically 11 (eleven) years after the end of the contractual relationship, except where it is kept due to ongoing legal proceedings and the fulfilment of specific legal obligations. At the end of said period, the personal data will be cancelled or rendered anonymous.
The data contained within curricula sent by free choice, will be cancelled after 6 (six) months from the date on which it was received, in cases where the candidate is not successful.
What are your rights
As the interested party, you have the right to:
Know if the Controller holds and/or processes your data, obtaining information relative to the: origin, category, purposes and method of processing, the destinees to whom such data can be communicated, the logic applied in the case of processing carried out by electronic means, the period for which data is held; as well as the right to access the same in its entirety and obtain a copy (art. 15 Right of access);
Have rectified personal data that relates to yourself and to complete data which is incomplete (Art. 16 Right to rectification);
Obtain the cancellation of personal data in possession of the Controller where such cancellation is provided for by the New Regulation (art. 17 Right to Cancellation);
Request the Controller to limit the processing to only certain personal data, where this is provided for by the New Regulation (Art. 18 Right to restrict processing);
Be informed as to who the destinees to whom any rectifications, cancellations or processing restrictions have been communicated are (art. 19 Obligation of notification);
Request and receive all your personal data, in a format that is structured, commonly used and readable on an automatic device or to request its transmission to another controller without impediment (Art. 20 Right to portability);
Oppose entirely or in part, the processing of data for the purposes of marketing (sending of advertising material, direct sales, market research and commercial communications) and for the purposes of proliferation connected to such marketing (art. 21 Right of opposition). Finally, you have the right to present a claim/petition directly to the Personal Data Protection Authority, located at Piazza di Montecitorio n°. 121 – 00186 ROME, Italy tel. (+39) 06.696771 and Fax: (+39) 06.69677.3785.
The exercise of the rights set forth in this paragraph is completely free of charge.
How can you exercise your rights
At any time, you may exercise your rights by sending a registered letter with return receipt addressed to Fida G. SRL, located in Via Tavollo n. 372/F, San Giovanni in M. (RN) Italy; or an e-mail to: [email protected]