1. Data Controller
The Data Controller is ShiELD Services Srl, based in Milan (20128), Via Rovereto, 10.
Email address: firstname.lastname@example.org
2. Modalities of data processing
Personal data are processed mainly with electronic, computerized and automated means, for the period of time which is strictly necessary to seek the purposes for which it was collected.
ShiELD Services processes personal data in compliance with the law, adopting adequate security measures able to prevent non-authorized accesses, dissemination, non-authorized alteration or destruction of the data.
3. Purposes of data processing
Users’ personal data will be processed by ShiELD Services exclusively for the following purposes:
a. Response to communications or requests received from the Users. The User may send to ShiELD Services and its subsidiaries any communications or requests (e.g. in relation to services and products of the Company). In this regard, the User’s personal data, such as first and last name, email and other personal data voluntarily provided in the communications will be processed by the Company to take charge, manage correctly and respond to the User’s request or communication. The legal basis of processing is the legitimate interest of ShiELD Services in pursuing its business activities in order to comply with Users’ requests. This legitimate interest has been duly balanced against the reasonable expectations of the data subjects and, since it does not affect the rights of the data subjects concerned and the processing of the data is carried out at the request of the User, it has been deemed to prevail. The refusal to provide the same data will cause the impossibility to obtain the service requested.
b. Collection of online job application. By completing the relevant form in the section “Work with us” of the Site with personal data concerning him/her, such as first and last name, email address, preferred job position, alternative job position (optional), preferred place of work, alternative place of work (optional), message (optional), curriculum vitae, the User may send application for working in ShiELD Services. In this regard, the Company invites the User to insert in his/her CV only sensitive data strictly necessary for the purpose of selection and evaluation of CVs (e.g. minority group membership). The legal basis of the processing, in this case, is the legitimate interest of ShiELD Services in taking over and handling of the job application sent by the User as well as its evaluation and any refusal to provide personal data will cause the impossibility to proceed with the processing of the job application.
c. Legitimate interests pursued by the Company and/or by third parties. User’s personal data may also be used for the exercise of the rights and legitimate interests of ShiELD Services and/or third parties, for example the right to take legal proceedings for enforcing its rights, the handling of complaints and litigation, the recovery of debts, the prevention of fraud and/or illegal activities. In these cases, even if the provision of User’s personal data is not mandatory, it is however necessary as such data are strictly connected and instrumental to the pursuit of such legitimate interests, deserving of protection and not prevailing over the User’s rights and freedoms, and any refusal to provide them will cause the impossibility to provide the requested services (e.g. contacting the Company or sending online job application).
d. Fulfilment of legal obligations and/or applicable provisions. ShiELD Services may also process personal data provided by the User or otherwise collected during the interaction of the latter with the Site, for the fulfilment of legal obligations, regulations, national and European regulations as well as any order given by competent authorities, which represent the legal basis of processing, therefore the prior consent of the User is not necessary.
4. Personal data undergoing processing
ShiELD Services receives and collects, through the Site, information related to the User visiting its pages and using the services offered by the Site. In particular, ShiELD Services will collect and process the following information.
4.1 Web-browsing data
When the User browses through the Site, the latter collects certain information, such as the pages visited, the links and/or buttons clicked by the User, the date and hour of the access, the User’s IP address, the browser used the operative system used (so called “web-browsing data”). Said data, for their nature, in certain cases could allow to identify the User, also by means of elaborations and connections with third party data. However, ShiELD Services uses said data exclusively to obtain statistical and anonymous information about the use of the Site, for purposes strictly related to the control of its correct running. The data may also be used for the ascertainment of liabilities in case of IT crimes in damage of the Site.
4.2 Data voluntarily provided by the User
ShiELD Services will only collect information voluntarily provided by the User in relation to the purposes as for paragraph 3 above as well as for the services expressly required by the latter. Furthermore, the Company may collect and process additional personal data, where such data are provided voluntarily by the User within the scope of the services offered by the Site, for example in the case where the User contact the Company for notifying any bad services or malfunctions, for exercising data subject’s rights in relation to the processing of personal data, etc. These personal data will be processed by ShiELD Services only for purposes strictly related to the User’s request. The refusal to provide the same data will cause the impossibility to obtain the service requested.
A cookie is a little file which a website sends to the browser and saves on the User’s computer when visiting a website. Cookies are used in order to allow or enhance the running of the website, but also to gain information on the Site or on the User’s web-browsing activities.
a. Technical cookies
These cookies are essential to allow the User to browse on the Site and use its functionalities and are necessary to the correct working of the Site and to record the choices expressed by the User (e.g. username, language, etc.), to distribute requests on different servers, to record when the User gives his/her authorization or expresses the consent to specific options (e.g. newsletters), to allow the User to visualize contents and video through Adobe Flash Player. These cookies do not require the User’s consent.
b. First Party performance and Analytics Cookies
These cookies may be session or persistent cookies, and their use is limited to the performance and enhancement of the Site. They collect information concerning how a User uses the Site, such as the pages visited. In addition, analytics cookies may recognize, measure and track the visitors of the Site, allowing us to improve and enhance the Site, by way of an example by ascertaining if the User easily finds the searched information, or by identifying the aspects of the Site are more interesting. Said cookies are used by ShiELD Services to elaborate statistical analysis on the ways Users browse through the Site, on the number of pages visited or of clicks made on a page during the browsing.
c. Third Party performance and analytics Cookies
The Company may use on its website also third party performance and analytics cookies for the abovementioned purposes, and in particular Google Analytics
The User can activate these cookies by giving his/her consent (that, therefore, is the legal basis of processing) through the mechanism illustrated in the informative banner on cookies of the Company.
How to disable cookies on the browser
The majority of web browsers are set to accept cookies. However, if so wished, the User may set his/her browser to limit the number of cookies accepted or to block all cookies, by changing the browser’s settings with the following procedures:
- Microsoft Internet Explorer: Click “Tools” in the top right corner and select “Internet settings”. In the pop-up select “Privacy”: here the User may change the cookies settings.
- Google Chrome: Click the “wrench” in the top right corner and select “Settings”. Then select “Show advanced settings” and change the “Privacy” settings.
- Mozilla Firefox: In the top left menu select “Settings”. In the pop-up window select “Privacy”: here the User may change the cookies settings.
- Safari: In the top right menu select “Preferences”. Then select “Security” and change the cookies settings.
Please be aware that by disabling all the cookies on the Site, certain functionalities of the latter may not be available.
Further information on cookies
The website www.allaboutcookies.org contains the instructions for the management of cookies of the most used browsers; alternatively, it is possible to consult the documentation related to the software used on the device.
6. Communication and transfer of data to third parties
Personal data provided by the User and those collected by the Site in the providing of the services (e.g. IP address) will not be disseminated and may be communicated, within EU countries exclusively for the purposes and with the modalities above, to the following categories of entities:
- collaborators, consultants, professionals, providing to ShiELD Services technical or organizational services (e.g. IT service providers), or collaborating with ShiELD Services, for the correct providing and execution of its services;
- persons, companies, professionals providing assistance and advice to ShiELD Services, with particular but not exclusive reference to accounting, administrative, legal, tax and financial matters;
- subjects and entities legitimated to access the data by law provisions or authorities’ order.
The subjects and entities indicated above will process the data in their quality as autonomous data controllers pursuant to applicable law or as data processors, in this case regularly appointed by the Company.
In the case of transfers of personal data outside the European Union to countries in respect of which no adequacy decision has been adopted by the European Commission, ShiELD Services will adopt the appropriate safeguards set out in Article 46 of the GDPR, and specifically the Standard Clauses prepared by the European Commission.
7. Data retention
Personal data are processed for the time necessary to provide the services requested by the User and for the performance of related and instrumental activities and will be retained according to the limitation periods provided for by applicable provisions or for enforcing Company’s rights, both in judicial proceeding and in the pre-litigation stage.
In particular, the Company will delete the personal data of the User that has asked for information or sent communications to the Society through the Site, immediately after the conferment of the same data and in any event based on the nature of the data, based on Company’s privacy policies.
At the end of this period, data will be stored anonymously for analysis and statistical purposes.
Furthermore, the Company will delete the personal data of the User that has sent later his/her own candidacy to positions of job of the Society 2 years from the conferment of the same data, in the case in which the applicant does not establish an employment relationship/collaboration with the Company.
8. Contacts and Users’ rights
The User, as data subject (i.e. the natural person whose data is processed), can exercise the specific rights as for Articles 15 to 21 of the GDPR.
In particular, the User has the right to:
- Obtain the confirmation as to whether or not personal data concerning him/her are being processed and, where that is the case, access to the information concerning the personal data processing (e.g. purposes, categories of personal data processed, recipients or categories of recipient, the data retention period, etc.);
- Obtain the rectification of inaccurate or incomplete personal data concerning him/her;
- Obtain the restriction of processing (e.g. in case of the accuracy of personal data is contested; the processing is unlawful and the User opposes the erasure of the personal data; personal data are required by the User for the establishment, exercise or defence of legal claims, even if the Company no longer needs the same data; the User has objected to processing, pending the verification by the Company on the legitimate grounds).
- Receive personal data concerning him/her in a structured, commonly used and machine-readable (e.g. pdf) format and to transmit those data to another data controller or to have personal data transmitted directly from one controller to another where technically feasible (i.e. data portability).
Furthermore, the User has the right to object, in whole or in part and on legitimate grounds, to the processing of personal data concerning him/her.
Lastly, the User has the right to lodge a complaint to the Data Protection Authority in relation to processing of data referred to in this Policy.
The rights listed above may be exercised by writing an email to email@example.com
In case the amendments are particularly meaningful, the Company may communicate them to the User by means of a different channel (e.g. by sending an email).
ShiELD Services SrlSede legale: Via Rovereto 10, – 20128 Milano
tel. +39 02 8362 3450