=

PRIVACY POLICY

The information on the site www.jurop.it is provided pursuant to Art. 13 of EU Regulation No. 2016/679 (hereinafter Regulation or GDPR), on the protection of individuals with regard to the processing of personal data, and Art. 13 of Legislative Decree 196/2003 and subsequent amendments.

Jurop S.p.A. informs that the use of this site therefore entails the processing of the personal data of the interested party only for the purposes and through the methods indicated below.

 

a) Data controller 

1. The data controller is Jurop S.p.A. with registered office in via Crosera, 50 - 33082 Azzano Decimo (PN) (T.N. and VAT No: 00334130937. 

2. Contact details of the data controller are as follows: info@jurop.it. 

b) Purpose of processing and legal basis of processing:

1. personal data (hereinafter also referred to as "Data") provided by you when navigating on the website are collected and processed for the provision of web interface-based services for the publication and consultation of web pages of an informative nature and in an anonymous and aggregate form, and for statistical and monitoring purposes of the proper functioning of the site.

2. Furthermore, your personal data may also be used in different processing operations (storage, archiving, processing) in any case in terms compatible with this purpose. In particular, your personal data may be processed for the following purposes

i. responding to requests for information

ii. formulating estimates

iii. enabling the provision of the requested services

iv. fulfilling legal obligations

v. responding to unsolicited submission of your curriculum vitae

vi. (marketing) for sending, also on a periodical basis e.g. by means of newsletters, advertising material, for carrying out market research and/or commercial and promotional communication, including invitations to trade fairs, meetings, training courses, competitions and/or other private/public events organised for the promotion of the company's business. This may be done either through traditional means of contact, such as sending paper mail and telephone calls with an operator, or through automated means of contact, such as e-mail, MMS or SMS messages or other means.

The legal basis for the processing of personal data under b) point 2, i), ii), iii) and iv) is Art. 6. paragraph 1(b) and (c) of the Regulation, insofar as the processing is necessary for the provision of services, the performance of the contract to which the data subject is party or for the execution of pre-contractual measures or for the response to requests made by the data subject, also representing processing necessary to comply with a legal obligation incumbent on the Controller. The provision of personal data for these purposes is optional, but failure to provide it would make it impossible to activate services provided by the Site and to respond to requests.

The legal basis for the processing of data included in the curriculum vitae under b), point 2 v) spontaneously sent is Art. 6. paragraph 1(b) of the Regulation as the processing is necessary for the provision of pre-contractual measures requested by the data subject. Providing personal data for these purposes is optional, but failure to do so would make it impossible for us to respond to your request.

The legal basis for the processing of data under (b)(2)(vi) is Art. 6(2)(a) of the Regulation. Data for these purposes may be processed with explicit and specific consent. Providing consent for these purposes is therefore free and optional and, failing this, the Data Controller shall merely process the data for the purposes set out in the further points without affecting in any way the possibility of using the services. Even if processing for such purposes is provided, it may be revoked at any time by making a simple request to the Data Controller.

c) Processed Data

1. data provided voluntarily by the user

The site only processes common data (such as name, surname, email, telephone number, etc.). 

2. navigation data

This category of data includes the IP addresses or domain names of the computers used by the persons concerned who connect to the site, the addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server's response (successful, error, etc.) and other parameters relating to the operating system and the computer environment of the person concerned. 

d) Processing modalities 

Your personal data will be processed using instruments and procedures that guarantee security and confidentiality, whether using analogue/paper media or computer and/or telematic media and tools.

e) Persons to whom personal data may be disclosed 

Your personal data will be processed exclusively by the Data Controller, by the Data Processors appointed by him and by strictly authorised processors. An up-to-date list of the persons in charge and appointed can always be requested from the Controller for consultation.

Your personal data may be communicated, following inspections or audits, to all inspection bodies in charge of audits and controls relating to the regularity of legal compliance. 

Your personal data may be communicated, by way of example but not limited to, to companies/professional firms that provide assistance, or consultancy or collaboration to the data controller, in accounting, administrative, tax, legal, fiscal, financial, social security matters, in relation to the establishment and management of the contractual and/or pre-contractual relationship with you to public administrations for the performance of institutional functions within the limits established by the law or regulations or to third party service providers to whom the communication is necessary for the performance of services inherent to and connected with the contractual and/or pre-contractual relationship with you, to other employees and/or collaborators of the data controller for the time strictly necessary for the performance of their duties instrumental and/or ancillary to the performance of the relationship with you and always under the control and supervision of the data controller, data processors and persons in charge of the processing who are strictly authorised. Your personal data may be disclosed to public or private entities that may have access to your personal data by virtue of provisions of law or regulation or by virtue of court orders. 

Your personal data will not be disclosed unless you have given your express and explicit consent. In the latter case, dissemination will in any case be limited and governed by what you have expressly consented to in a deed signed by you. 

f) Data retention period 

Your personal data shall be kept for the time necessary to fulfil your requests and, in any case, for no longer than 10 (ten) years, limited and functional to the need to guarantee the Company the possible exercise and protection, in and/or out of court, of its rights and interests deriving from, connected or related to the relationship with you and/or its object. 

Candidate data collected in paper and non-paper form are catalogued and stored for 12 months. After this retention period has elapsed without recruitment, the data are destroyed.

Personal data processed for further optional purposes (marketing and profiling purposes) will be deleted after a period of 5 years, which is deemed reasonable given that the data is related to the sale of the contractual goods, and in any case no later than the revocation of consent, without prejudice to the lawfulness of the processing based on consent before revocation.

The data collected through cookies will be stored for the period set by the individual cookie. For more information, please refer to the cookie policy on the site.  

g) Existence of an automated decision-making process 

There is no automated decision-making process.

h) Intention of the data controller 

If the data controller transfers your personal data to countries outside the EU or the European Economic Area (consisting of Switzerland, Iceland, Liechtenstein and Norway) will proceed as follows.

In the event of data being transferred to such third countries, the data controller shall ensure an adequate level of protection within the meaning of Art. 45 European Regulation No. 679/2016 and Art. 29 Working Party (the Commission has the power to establish this adequacy by means of a specific decision and on this point, please refer to the list of decisions on the website of the Data Protection Authority www.garanteprivacy.it).

In the absence of an adequacy decision under Art. 45 of the European Regulation, the data controller shall provide adequate safeguards within the meaning of Art. 46 - 47 of European Regulation No. 679/2016.

Finally, in the event that there is no adequacy decision under Art. 45 of European Regulation No. 679/2016 or appropriate guarantees within the meaning of Art. 46 of the aforementioned Regulation, including binding corporate rules, the transfer of personal data to a country will only be permissible if there are exceptions in specific situations as set out in Art. 49 of European Regulation No. 679/2016.

Any information relating to the appropriate guarantees referred to in the preceding paragraph will in any case always be available at the Data Controller's head office and can be requested at info@jurop.it.

i) Rights of the data subject 

In relation to the personal data processed under this notice, you have the right at any time to: 

- Access (Art. 15 EU Reg. no. 2016/679): the Controller guarantees the right of access to personal data concerning the data subject; 

- Rectification (Art. 16 EU Reg. no. 2016/679): the Controller shall, at the request of the data subject, rectify inaccurate personal data without undue delay.

- Erasure (Art. 17 EU Reg. no. 2016/679): the Data Controller shall erase the personal data of the data subject without undue delay if: the personal data are no longer necessary in relation to the purposes for which they were collected or processed; the data subject withdraws consent; the data subject objects to the processing and there is no overriding legitimate ground for the processing; the personal data have been processed unlawfully.

- Limitation (Art. 18 EU Reg. no. 2016/679): the Data Controller shall restrict the processing at the request of the data subject when: the data subject disputes the accuracy of the data; the processing is unlawful and the data subject objects to the deletion of the data but requests the restriction of the processing; the data are no longer necessary for the purposes of the processing, but are necessary for the establishment, exercise or defence of a legal claim; the data subject has objected to the processing and is awaiting the prevalence of the Data Controller's legitimate reasons over those of the data subject.

 - Portability (Art. 20 EU Reg. no. 2016/679): understood as the right to obtain from the data controller the data in a structured, commonly used, machine-readable format for transmission to another data controller without hindrance. 

- Opposition to processing (Art. 21 EU Reg. no. 2016/679): the data subject has the right to object at any time to the processing of personal data concerning him or her. 

- Exercise the right to withdraw consent, if given for one or more specific purposes, at any time without prejudice to the lawfulness of the processing until such consent is withdrawn.

- Complain to the Data Protection Authority (Art. 51 EU Reg. no. 2016/679): for details on how to exercise this right, see the website of the Data Protection Authority (www.garanteprivacy.it). 

The aforementioned rights may be exercised by written notice to be sent by email to info@jurop.it.

Or by registered letter with return receipt to the following address: Jurop S.p.A. with registered office in via Crosera, 50 - 33082 Azzano Decimo (PN) - certified email address: jurop@pec.it.

 

The Data Controller shall take care to keep this policy updated.

Top