Engraving Solutions S.r.l. with its registered offices in 55100, Lucca (LU), Via di Mugnano, 815, (hereinafter also the "Data Controller"), as Data Controller will see to the confidentiality of your personal data and guarantee its necessary protection from any event that could put it at a risk of violation.
The Data Controller applies policies and practices concerning the collection and use of personal data and the exercise of the rights recognized by the applicable legislation. The Data Controller is responsible for updating the policies and practices adopted for the protection of personal data whenever it becomes necessary and in any case whenever regulatory and organizational changes that may affect the processing of your personal data arise.
The Data Controller has appointed a Data Protection Officer (DPO) that you can contact if you have questions about the policies and practices adopted.
The contact details of the Data Protection Officer are as follows: DPO@engravingsolutions.it.
Il Titolare raccoglie e/o riceve le informazioni che ti riguardano, quali:
Your personal information will be processed for the following purposes:
Execution of pre-contractual activities
Your personal data is also collected from third parties such as, by way of example:
Where applicable, the right to rectify data processed or collected remains unaffected.
The data collected or otherwise obtained by the Data Controller as a result of the selection process for positions available within his organization, except for those relating to health, voluntarily submitted by you, is considered necessary and failure to provide it will make it impossible for the Data Controller to carry out activities relating to the main processing:
|Communication to third parties, such as
Execution of pre-contractual activities
The Data Controller does not transfer your personal data abroad (non-EU countries). Your personal data will not be in any way disseminated or disclosed to unspecified subjects not even identifiable as third parties.
The communication concerns the categories of data whose transmission is necessary for the performance of the activities and purposes pursued by the Data Controller in the management of personnel selection. The related processing does not require the consent of the interested party in the event that it takes place to fulfil the obligations deriving from the established relationship or if other exclusion hypothesis occurs (in particular the traceability of a legitimate interest by the Data Controller), expressly provided for or dependent on the legislation and regulations applied by the Data Controller, or even through third parties identified as data processors. Where the communication involves data
relating to the state of health, the processing operations will be carried out with all the necessary assurances including those that, if requested based on the risks identified, determine the application of pseudonymisation solutions, and / or aggregation and / or encryption of data.
Access to the selection procedure
The data processing is performed through paper supports or IT procedures by specially authorized internal subjects. Such internal subjects are allowed access to your personal data to the extent that it is necessary to carry out the processing activities that concern you.
The Data Controller periodically checks the tools by means of which your data is processed and its security measures, which it constantly updates; it makes sure, also through the subjects authorized to process the data, that personal data for which processing is not necessary or whose purposes are exhausted, is not collected, processed, stored or retained; it makes sure that the data is retained with the guarantee of integrity and authenticity of its use for the purposes of the processing actually carried out, also due to the particular nature of the data. The verification allows the Data Controller to evaluate
the strict relevance, non-excess and indispensability of data belonging to special categories with respect to the selection procedure and the relationship to be established, also with reference to the data you provide on your own initiative.
The Data Controller guarantees that the data, even after the verifications, are found to be excessive or irrelevant will not be used except for the possible retention, according to the law, of the deed or document that contains them.
The data is stored in paper, computerized and software files located within the European economic border, and adequate security measures are ensured.
For how long
Personal data is retained for the time necessary to carry out the activities that concern you.
Data revealing the state of health
even if spontaneously submitted
Duration of the contractual relationship
The duration of the storage depends on the presumed and / or detected risk and the prejudicial consequences that derive from it, without prejudice to the measures to make the data anonymous or to limit its treatment.
Once all the purposes that legitimize the retention of your personal data are exhausted, the Data Controller will take care of deleting it or making it anonymous.
The rights that are recognized to you allow you to always have control of your data. Your rights are the following:
In substance, at any time and as long as the processing continues, free of charge and without any special charges or formalities for your request, you can:
The Data Controller must do so without delay and, in any case, at the latest within one month of receipt of your request. The time limit can be extended by two months, if necessary, taking into account the complexity and the number of requests received by the Data Controller. In such cases, the Data Controller will have to inform you of the reasons for the extension within one month of receipt of your
For any further information and to send your request, write to the email address
Per For reasons relating to your specific situation, you may oppose at any time the processing of your personal data if this is based on legitimate interest, by sending your request at the email address email@example.com.
You have the right to have your personal data deleted if there is no legitimate reason overriding the one that gave rise to your request.
Without prejudice to any other administrative or judicial action, you may submit a complaint to the competent supervisory authority, unless you reside or work in another Member State. In the latter case, or where the breach of the data protection legislation occurs in another EU country, the authority to receive and hear the complaint will be the supervisory authority established therein.