”) is provided to the user (hereinafter, “User”) of the website and is electronically accessible at the following address: www.iotinsobs.com (hereinafter, “Website”), pursuant to the provisions of Articles 13 and 14 of the EU Regulation no. 2016/679 of 27 April 2016, concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data (General Data Protection Regulation, hereinafter, “GDPR”). This Statement has been provided only for this Website and not for other websites, if any, accessed by the User through links, banners, or other hypertextual links found on the Website.
I. Personal Data
The personal data of the User that will be collected through the Website are the following:
During their ordinary functioning, the electronic systems and the software procedures used for running the Website collect some personal data concerning the connection, such as: IP addresses or domain names of computers used by Users who connect to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server (such as “successful request”, “error”, etc.), and the other parameters about the operating system and the User’s IT environment (hereinafter, “Connection Data”).
The Users may also voluntarily disclose to the Data Controller their own personal data by sending an e-mail to the addresses indicated on the Website, through which Users can send messages for delivering contact requests and/or demanding informational material or advancing other requests or submitting their job application (hereinafter, “Data Provided Voluntarily”)
II. Data Controller and Processor
The Data Controller of the personal data provided by the User is DIGITAL TECH S.R.L., a company having its registered office at Galleria Pattari, 2, Milan, VAT and Tax no. 08363100960, registration number at the Register of Companies of Milan: 2020670, represented by its Sole Director, Mr. Andrea Silvello (hereinafter, “DT” or “Data Controller”).
Any communication for the Data Controller can be sent via e-mail to the following address: email@example.com or by regular mail to the registered office.
The individuals working in DT and/or the companies working on behalf of DT and providing services or performing activities related to, necessary for, or supporting the ones carried out by DT are appointed Data Processors of the Data on the Website.
The full and updated list of all the Data Processors can be requested by sending a written request to the following e-mail address: firstname.lastname@example.org
III. Data processing purposes
In compliance with the obligations set out by the regulations in force, the Data Controller may collect the Data and process them for the only purpose of meeting or responding to the requests received and/or sending informational material, and/or assessing the job applications received.
IV. Nature of data provision
The Data collected pursuant to this data processing policy are strictly functional to the aforementioned purposes.
In case the User is under 16 years old, the data processing is legally permitted only if and to the extent that the consent to such a processing is granted or authorized by the holder of parental responsibility.
Connection Data are transmitted automatically through the communication protocols of the Internet. Such information is not collected in order to be associated with specific individuals, but due to its nature, its processing and combination with data held by third party can allow the identification of the User. The User’s Connection Data are automatically collected upon the User’s connection to the Website.
The free, explicit, and voluntary delivery of e-mails by the User to the addresses indicated on this Website for sending CVs and/or contact requests and/or informational materials shall result in the collection of the User’s e-mail address necessary for replying to the requests, if any, and of the other personal data included in the message.
V. Personal data storage duration
Pursuant to the relevant regulations in force, the personal data shall not be kept for longer than is necessary for achieving the purposes for which they are processed, and in any case until the reception of the User’s request to deactivate and/or cancel the services provided by the Website.
The Connection Data are cancelled immediately after their processing, and in any case, may not be kept longer than seven days, without prejudice to the case of investigations on possible computer crimes. Such Connection Data may be used for ascertaining responsibility in case of hypothetical computer crimes against the Website.
VI. Data processing procedure
The Data shall be processed both manually and/or through electronic and/or telematic means, pursuant to organizational and processing procedures strictly related to the aforementioned purposes and guaranteeing the security, the integrity, and the confidentiality of the data in compliance with the organizational, physical, and procedural measures set out in the existing regulations.
The data processing shall be carried out pursuant to the correctness, lawfulness, and transparency, in order to protect the confidential nature of the data and the rights of the User at any time, in compliance with the existing regulations.
The Data Controller represents and guarantees that the Data provided by the User shall be processed pursuant to the highest standards of confidentiality and protection, guaranteeing that the suitable security measures (including both technical and management measures) aimed at preventing the unauthorized access, disclosure, improper or unintentional modification, loss, or destruction of personal data are implemented.
VII. Data Transfer
The Data Controller declares that the Data may be transferred to third parties assisting the Data Controller in pursuing the purposes of the processing, and more precisely:
Natural persons authorized by DT to process the Data upon execution of a Non-Disclosure Agreement (such as employees and directors of DT);
Persons acting as data processors, including but not limited to credit collection and insurance companies, factoring companies, companies performing activities related to archiving of documents – data entry, transmission, enveloping, shipping, and sorting of the communications with the User –, companies performing control activities, banks, commercial information companies, audit companies, legal, administrative, and tax consultants, subsidiaries and associated companies, customer service companies (help desk). These persons shall be appointed as Data Controllers or Data processors, and for this reason they shall process the data pursuant hereto.
Persons, bodies, or authorities to which it is mandatory to communicate the personal data based on legal provisions and compliance obligations set out by the authorities (such as Banks, Insurances, CONSAP – National insurance general agent – Tax Registry, Ordinary Courts, and the police).
The Data Controller also declares that the personal data may be transferred to third parties for marketing and/or promotional purposes, upon the prior explicit and informed consent thereto granted by the User.The Data Controller may not transfer personal data outside the European Economic Area.
VIII. User’s rights
The User has the following rights:To request confirmation that personal data are being processed, and in this case, to request the access thereto (right of access);
To request the correction of incorrect personal data or the integration of incomplete personal data (right of rectification);
To request the erasure of the personal data in the cases provided for in the Regulation (right of erasure);
To request the restriction of the data processing, in the cases provided for in the Regulation (right of restriction);
To receive the personal data in a structured and commonly used format, readable by automatic devices, and transfer such data to another data controller (right to data portability);
To withdraw the consent to the processing of personal data at any time, without affecting the lawfulness of the processing based on consent before the withdrawal (right of withdrawal of consent);
To object at any time to the processing of personal data for marketing purposes (right to object);
To lodge a complaint with a supervisory authority, in case it is believed that the processing is in breach of the GDPR (right of complaint);
(hereinafter jointly referred to as “Rights”).
To enforce his or her rights, the User may send a written request to the following e-mail address: email@example.com