Information Job Opportunities
Pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016
Pursuant to Article 13 of the General Data Protection Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter ‘GDPR’), we would like to provide you with some information regarding the processing of your personal data provided in the context of the relationship with Italtower S.r.l.
Data controller
The Data Controller is Italtower S.r.l. with registered office in Piove di Sacco (PD) Via Meucci n. 5/11, tax code, VAT number and registration number in the Padua Companies Register: 04534630282 (hereinafter ‘Data Controller’ or ‘Company’).
Compulsory purposes for which the processing does not require your consent
Purpose
Management of spontaneous job applications and job opportunities.
Manage the storage and retention of data, the sending of information and communications, including electronic ones, requested by you through the Company website, the sending of documents related to the relationship with the Company.
Legal basis for processing
(Art. 6, para. 1, letter b), GDPR)
Performance of a contract and/or pre-contractual measures taken at the request of the data subject
(Art. 6, para. 1, letter f), GDPR)
Processing necessary for the pursuit of the legitimate interest of the Data Controller connected to the organisational and administrative management of its organisation.
Recipients of personal data
For the pursuit of the above-mentioned purposes, your personal data may be communicated to:
-
employees and/or collaborators of the Data Controller, duly appointed as authorised subjects and instructed on the methods of processing such data;
-
other companies of the group to which the Data Controller belongs for the execution of specific services and/or functions;
-
third parties other than the Data Controller, such as:
Third parties or categories
Computer companies
Purpose
Management, maintenance, updating of the systems and software used by the Owner
Third parties or categories
Network providers, electronic communication services and IT and telematic services for data storage, conservation and IT management
Purpose
Hosting, housing, Cloud, SaaS and other remote IT services essential for the provision of the Owner’s activities; archiving and storage services in compliance with electronic documents
Third parties or categories
Consulenti, professionisti, studi legali, arbitri, assicurazioni, periti, broker
Purpose
Judicial, extrajudicial and insurance activities in the event of accidents
Organisational, administrative, financial and accounting management
The third parties to whom your personal data may be communicated act as:
-
data controllers, i.e. entities that determine the purposes and means of the processing of personal data;
-
data processors, i.e. subjects that process personal data on behalf of the Data Controller;
The list and the updated information of the subjects identified as holders or managers are available at the Company.The processing of data by some third parties may involve the transfer of data to non-EU countries. In this case, we will ensure that the data is properly and adequately protected, in compliance with the GDPR.
Retention period of personal data
Below we explain the retention period for personal data or, if this is not possible, the criteria used to determine this period.
The third parties to whom your personal data may be communicated act as:
-
data controllers, i.e. entities that determine the purposes and means of the processing of personal data;
-
data processors, i.e. subjects that process personal data on behalf of the Data Controller;
The list and the updated information of the subjects identified as holders or managers are available at the Company.The processing of data by some third parties may involve the transfer of data to non-EU countries. In this case, we will ensure that the data is properly and adequately protected, in compliance with the GDPR.
Personal data and documents
Personal data and documents related to the relationship with the Company
Retention period or criteria for determining it
For the duration necessary to pursue the purposes of the processing and also subsequently, within the limits granted by the law, for administrative and accounting purposes, as well as to assert or protect the rights of the Data Controller, where necessary
Third parties or categories
Curriculum data
Purpose
For the duration of the selection procedure and in any case for a period not exceeding 24 months from the provision of the data
Rights of the data subject
We inform you of the existence of certain rights provided for by the GDPR regarding personal data and the related processing that you may request from the Data Controller.
The third parties to whom your personal data may be communicated act as:
-
data controllers, i.e. entities that determine the purposes and means of the processing of personal data;
-
data processors, i.e. subjects that process personal data on behalf of the Data Controller;
The list and the updated information of the subjects identified as holders or managers are available at the Company.The processing of data by some third parties may involve the transfer of data to non-EU countries. In this case, we will ensure that the data is properly and adequately protected, in compliance with the GDPR.
Law
Right to withdraw consent
(Art. 13, paragraph 2, point c)
Description
You have the right to withdraw consent for the processing for which it is required, without prejudice to the lawfulness of the processing based on consent before the withdrawal
Law
Right of access to data
(Art. 15)
Description
You may request: (a) the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; (d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; (e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing; (f) the right to lodge a complaint with a supervisory authority; (g) where the personal data are not collected from the data subject, any available information as to their source; (h) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request a copy of the personal data that is being processed
Law
Right to rectification
(Art. 16)
Description
You have the right to request the rectification of inaccurate personal data concerning you and to obtain the completion of incomplete personal data
You have the right to request a copy of the personal data being processed
Law
Right to be forgotten
(Art. 17)
Description
You have the right to obtain from the Controller the erasure of personal data concerning you where the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processedYou have the right to request a copy of the personal data undergoing processing
Law
Right to restriction of processing
(Art. 18)
Description
You have the right to obtain from the Data Controller the restriction of processing when you have contested the accuracy of the personal data (for the period necessary for the Data Controller to verify the accuracy of such personal data) or if the processing is unlawful, but you oppose the erasure of the personal data and request the restriction of their use instead or if they are necessary for the establishment, exercise or defence of legal claims, while the Data Controller no longer needs them.
Law
Right to portability
(Art. 20)
Description
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller if the processing is based on consent, on a contract and if the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority and the transmission does not adversely affect the rights and freedoms of third parties.
Law
Right to object
(Art. 21)
Description
You have the right at any time to object, in whole or in part, to the processing of your personal data if the processing is carried out for the pursuit of a legitimate interest of the Data Controller or if the processing is carried out for direct marketing purposes.
The rights may be exercised by sending an email to the address info@italtower.com and/or using the forms published on the website and available from the Data Controller.
If you believe that the processing of your personal data is in breach of the provisions of the GDPR, you have the right to lodge a complaint with the Supervisory Authority (Article 77 GDPR).
The exercise of the above rights is subject to the limits, rules and procedures provided for by the GDPR and by Legislative Decree 196/2003 (Privacy Code) which the Data Subject must know and implement. In accordance with Article 12, paragraph 3, of the GDPR, the Data Controller will also provide the Data Subject with information regarding the action taken without undue delay and, in any case, no later than one month from receipt of the request. This period may be extended by two months, if necessary, taking into account the complexity and the number of requests. The Data Controller will inform the Data Subject of any such extension, and of the reasons for the delay, within one month of receipt of the request.
Other information
The personal data provided may be processed by the Data Controller with or without the aid of computerised tools.
We also inform you that the communication of your personal data for the mandatory purposes indicated is a legal or contractual obligation or a necessary requirement for the execution of contractual obligations; therefore, you are obliged to provide personal data, as failure to do so will make it impossible to manage the relationship with the Company.
Changes and Updates
This information may be subject to changes and/or additions, also as a consequence of the applicability of the GDPR and any future regulatory changes and/or updates.
The updated information is constantly available on the website of the Data Controller or at its headquarters.