PRIVACY POLICY OF THE SITE

Pursuant to art. 13 of EU Reg. 2016/679

 

This information is intended for all subjects who visit and interact with this website of the company Analytics Arts srl (CF/P.IVA: 11352060963, in its capacity as Data Controller) so that, as data subjects, they are aware of the processing activities carried out on the data acquired through navigation.

Please note that this information is provided only for the site you are visiting and not for other websites that may be consulted through links contained therein.

 

Type of data processed:

  • Browsing data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols; This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (“Uniform Resource Identifier“) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, successful,  error, etc.) and other parameters related to the user’s operating system and computer environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing.

The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.

 

  • Cookie

Cookies are small text files that the website you visit sends to your device, where they are stored, and then sent back to the same website on your next visit.

Third-party cookies, on the other hand, are set by a third-party website with respect to the one you, as a user, are visiting.

It is specified, for your protection, that a cookie cannot retrieve any other data from the user’s hard drive, nor transmit viruses or acquire email addresses.

Cookies are divided into two types: so-called “technical” cookies and “profiling” cookies.

The former are used to carry out fast computer authentications while maintaining user identification within the session, as well as to allow secure browsing. For these purposes, this type of cookie is not stored permanently on the user’s PC, but rather disappears when the browser is closed. Based on the Guidelines of the Guarantor for the protection of personal data of 10 June 2021, these cookies can be used without the consent of the data subject.

For more information on the cookies applied, we recommend that you read the dedicated information by clicking here.

 

  • Data voluntarily provided by the data subject

If, by connecting to this site, you decide, where applicable, to send your personal data (for example: name, surname, e-mail address) to access certain services, or to make requests via e-mail, the Data Controller will process such data to respond to your request, or to provide you with the requested service in accordance with this information and the specific privacy policies provided when subscribing to the individual services. The data will be stored for the time necessary to provide the requested service and to manage any disputes.

Your personal data will be communicated to third parties only if the communication is necessary to comply with the requests of the users themselves, as specified in the specific information of the individual services, or to simplify – at your request – the registration operations on third-party sites/applications.

 

Purposes and legal bases

The Data Controller processes:

  1. your browsing data, referred to in Point 1) above, in order to monitor the technical functioning and performance of the site, to understand how to improve the services and how to make them evolve. To process these types of data, the legal basis is the legitimate interest of the Data Controller (Article 6 par. 1, letter f) of EU Regulation 2016/679);
  2. your browsing data, referred to in Point 2) above, for the sole purpose of checking the correct functioning of the site. To process these types of data, the legal basis is the legitimate interest of the Data Controller (Article 6 par. 1, letter f) of EU Regulation 2016/679);
  3. your data referred to in Point 3), on the other hand, by virtue of the specific provisions found in the specific information, which we invite you to check individually.

 

Processing methods

The processing will be carried out in computerized form, in compliance with the provisions of art. 32 of EU Regulation 2016/679, by the Data Controller or by subjects specifically appointed and appointed by him.

In particular, the Data Controller has adopted and adopts appropriate organisational (distribution of roles and responsibilities in the execution of the activity and controls), procedural and technical measures (firewalls, antivirus and other technologies) to protect your data against loss, theft, as well as unauthorised use, disclosure or modification.

Pursuant to art. 4 par. 2, it is specified that processing may consist of any operation or set of operations such as collection, recording, storage, adaptation and alteration, retrieval, consultation, communication, restriction, erasure or destruction.

 

Retention period

The Data Controller will keep your data for the time strictly necessary to fulfil the purposes described above, as can also be found in the specific information on the website.

 

Communication of data

For the pursuit of the purposes described, your data will be known by employees, similar personnel and collaborators of the Data Controller, who will operate as subjects authorized to process personal data.

The personal data collected may be simply communicated, as far as their specific competence is concerned, to public bodies in order to comply with justified requests from the Authorities, laws, regulations and/or EU legislation.

Transfer of personal data outside the EEA

The Data Controller does not intend to transfer your personal data outside the European Union.

Should this circumstance become necessary for technical-organizational needs, such transfer will in any case be preceded by the prior verification of the existence of the conditions of legitimacy and the adequate guarantees prescribed by art. 44 et seq. of the GDPR. In this circumstance, you may request information from the Data Controller on the transfer of your personal data outside the European Union and obtain a copy of the protection measures adopted by making a specific request to the Data Controller through the addresses identified below.

 

What are your rights and how to exercise them

As a data subject, in relation to the processing described in this Policy, you are entitled to the rights referred to in art. 15 to 22 of EU Regulation 2016/679, where applicable, which consist of:

  • right of access: the right to obtain confirmation as to whether or not personal data concerning you is being processed and, where that is the case, to obtain access to your personal data – including a copy of the same – and the communication, inter alia, of the information referred to in Article 15 of the GDPR;
  • right to rectification: the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you and/or the completion of incomplete personal data pursuant to Article 16 of the GDPR;
  • right to erasure (right to be forgotten): the right to obtain, without undue delay, the erasure of personal data concerning you, in the cases indicated in Article 17 of the GDPR;
  • right to restriction of processing: the right to obtain the restriction of processing, in the cases indicated in Article 18 of the GDPR;
  • the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal;
  • right to lodge a complaint with the Italian Data Protection Authority, Piazza Venezia n. 11, 00187, Rome (RM).

 

The above rights may be exercised against the Data Controller by contacting the references indicated at the bottom of this policy. The Data Controller will take charge of your request and provide you, without undue delay and, in any case, no later than one month after receipt of the request, with information relating to the action taken regarding your request.

The exercise of your rights as a data subject is free of charge pursuant to art. 12 of the GDPR, however, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Data Controller may charge you a reasonable fee, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request.

Finally, we inform you that the Data Controller may request further information necessary to confirm the identity of the data subject.

 

  • Registered office in Via Parini, 12 – 20121 – Milan (MI)
  • PEO: info@analyticsarts.it
  • PEC: analyticsarts@pec.it

The Data Protection Officer (DPO) appointed is Frareg s.r.l., who can be contacted at dpo@frareg.com

INFORMATION TO THE DATA SUBJECT REGARDING THE PROCESSING OF PERSONAL DATA

Pursuant to art. 13 of EU Reg. 2016/679

 

The company Analytics Arts srl – CF/P.IVA: 11352060963 is the Data Controller of the data provided by you and, through this document, wishes to make available to you detailed information regarding their use and protection.

Purposes and legal bases

The personal data you provide to the Data Controller by filling in the contact form on the existing site can be traced back to 2 different types of purposes:

  1. receive requests or questions from the data subject who intends to create a contact to receive information on the services offered by the Data Controller; or
  2. receive spontaneous applications aimed at establishing an employment relationship between the data subject and the Data Controller, and thus proceed with any selection process (also) by contacting us to start a possible cognitive interview.
  • Your data, for both purposes a) and b) above, will be processed pursuant to art. 6 par. 1, letter b) of EU Regulation 2016/679 (execution of a contract to which the data subject is a party or the execution of pre-contractual measures adopted at the request of the same).

For your protection, it should be noted that the data requested from you are only those strictly necessary for the performance of the aforementioned purposes, in compliance with the principle of minimization referred to in Article 5, paragraph 1, letter c): therefore, failure to provide them may prevent the execution of the activity to which the form itself is deputed.

Data subject to processing

The data that we have requested from you and that will be subject to processing activities for the purposes indicated above are the following:

  1. Identification data: (surname, first name); contact details: (e-mail address and any landline or mobile telephone number);
  2. Identification data (name, surname, address, place and date of birth, tax code, gender, identity card); contact data (landline telephone number, mobile phone number, e-mail address); data relating to school and academic skills; data relating to any previous work situations; photographic image; data relating to health status, if belonging to the protected categories pursuant to Law no. 68 of 12 March 1999.

Processing methods

The processing will be carried out in computerized form, in compliance with the provisions of art. 32 of EU Regulation 2016/679, by the Data Controller or by subjects specifically appointed and appointed by him.

Pursuant to art. 4 par. 2, it is specified that processing may consist of any operation or set of operations such as collection, recording, storage, adaptation and alteration, retrieval, consultation, communication, restriction, erasure or destruction.

Retention period

  1. The Data Controller will keep your data for the time necessary to process your request for information, after which it will delete your data, unless it detects any further need for the processing of personal data by virtue of further relationships in place or in the making, such as service relationships (for the management of which please refer to the specific information that will be provided by the Data Controller), or for requests from the Authorities;
  2. The Data Controller will keep your data for the period necessary for the evaluation of candidates, and in any case not for more than 12 months from receipt of your Curriculum Vitae (also in accordance with the principle of accuracy of data, provided for by Article 5, paragraph 1, letter d).

Communication of data

For the pursuit of the purposes described, your data will be known by employees, similar personnel and collaborators of the Data Controller, who will operate as subjects authorized to process personal data.

Transfer of personal data outside the EEA

The Data Controller does not intend to transfer your personal data outside the European Union.

Should this circumstance become necessary for technical-organizational needs, such transfer will in any case be preceded by the prior verification of the existence of the conditions of legitimacy and the adequate guarantees prescribed by art. 44 et seq. of the GDPR. In this circumstance, you may request information from the Data Controller on the transfer of your personal data outside the European Union and obtain a copy of the protection measures adopted by making a specific request to the Data Controller through the addresses identified below.

What are your rights and how to exercise them

As a data subject, in relation to the processing described in this Policy, you are entitled to the rights referred to in art. 15 to 22 of EU Regulation 2016/679, where applicable, which consist of:

  • right of access: the right to obtain confirmation as to whether or not personal data concerning you is being processed and, where that is the case, to obtain access to your personal data – including a copy of the same – and the communication, inter alia, of the information referred to in Article 15 of the GDPR;
  • right to rectification: the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you and/or the completion of incomplete personal data pursuant to Article 16 of the GDPR;
  • right to erasure (right to be forgotten): the right to obtain, without undue delay, the erasure of personal data concerning you, in the cases indicated in Article 17 of the GDPR;
  • right to restriction of processing: the right to obtain the restriction of processing, in the cases indicated in Article 18 of the GDPR;
  • the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal;
  • right to lodge a complaint with the Italian Data Protection Authority, Piazza Venezia n. 11, 00187, Rome (RM).

The above rights may be exercised against the Data Controller by contacting the references indicated at the bottom of this policy. The Data Controller will take charge of your request and provide you, without undue delay and, in any case, no later than one month after receipt of the request, with information relating to the action taken regarding your request.

The exercise of your rights as a data subject is free of charge pursuant to art. 12 of the GDPR, however, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Data Controller may charge you a reasonable fee, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request.

Finally, we inform you that the Data Controller may request further information necessary to confirm the identity of the data subject.

  • Registered office in Via Parini, 12 – 20121 – Milan (MI)
  • PEO: info@analyticsarts.it
  • PEC: analyticsarts@pec.it

The Data Protection Officer (DPO) appointed is Frareg s.r.l., who can be contacted at dpo@frareg.com