Policy on the processing of users personal data

of the Website www.bucci-srl.com

Le seguenti informazioni (“l’Informativa”) sono rese, ai sensi dell’art. 13 del Reg. UE 2016/679 (“RGPD“), al fine di illustrare le finalità e le modalità dei trattamenti di dati personali riferibili agli utenti che accedono al sito web www.bucci-srl.com ed effettuati da Bucci S.r.l..

DATA CONTROLLER

Titolare del trattamento dei dati personali degli utenti che accedono al Sito è Bucci S.r.l (C.F. 13016941000 – P.I. 13016941000), con sede legale in Piazzale delle Belle Arti, 2 – 00196 Roma (RM).

 La presente Informativa riguarda esclusivamente il trattamento dei dati personali riferibili agli utenti del Sito, e non concerne le operazioni di trattamento di dati personali effettuate in occasione della visita di pagine e di siti web accessibili mediante i collegamenti eventualmente presenti nel Sito.

The Website is NOT intended for navigation or use by persons under 18 years of age.

In addition to this Privacy Policy, the Data Controller provides more specific information regarding certain processing operations that are carried out through forms provided in the Website.

Ai fini della presente Informativa, i recapiti cui contattare il Titolare:

e-mail: comunicazione@bucci-srl.com                         p.e.c.: buccisrlroma@legalmail.it

TYPE OF DATA PROCESSED AND PURPOSE OF PROCESSING

When the user visits the Website, the following information may be subject to processing::

1. A) Data related to the navigation of the Website, detected and collected by the Data Controller through the use of software applications necessary to ensure the ordinary functionality of the Website. software necessari per garantire l’ordinaria funzionalità del Sito.

The processing of these information (such as the Internet Protocol address, the domain names of the computers and devices used by users, the Uniform Resource Identifier and other data that, by providing information on the device and connection used to visit the Website, may indirectly allow the identification of the Data Subject), is essential to allow the proper functioning of the Website and is therefore necessary to allow users to enjoy the services offered.

Failure to provide these data by the Data Subjet will impede the navigation of the Website and the use of the services offered.

The technical parameters of the Website have been designed in order to minimize the collection and use of users’ personal data.

1. B) Personal Data provided voluntarily by the Data Subject through the submission of personal information in the form available on the Website (including when submitting job applications and CVs) and the sending of e-mails or communications to the addresses of the Data Controller provided on the Website.

These personal data are processed:

• - in order to provide the services offered to the Data Subject through the Website, i.e. to respond to requests for information sent to the e-mail addresses in the "Contacts" section, to evaluate your CV and job applications or whatever material you have submitted in order to pitch your company.

Such processing operations are carried out as necessary to provide the services requested and to take steps at the request of the Data Subject prior to entering into a contract.

The conferral of such data is optional, but necessary in order for the Data Controller to be able to respond to the requests sent and to offer the required services.

Personal Data will be processed mainly by automated means (e.g. management software) and residually by non-automated means (e.g. paper filing systems) chosen in order to ensure the security of the Data, by persons who operate under the direct authority of the Data Controller and who have been properly authorized and instructed in this regard.

DATA RETENTION PERIOD

- to providers of information technology (IT) services, such as Website management and maintenance support;

Personal Data processed for the purposes referred to point B) will be stored for the time strictly necessary to achieve the purposes for which they were collected; specifically, CVs and other personal data relating to job applications will be stored for 12 months subsequent to their collection.

RECIPIENTS OF PERSONAL DATA

Data Subject Personal Data may be disclosed:

• a fornitori di servizi di information technology (IT), quali supporto alla gestione e manutenzione dei Siti;
• - to the Data Controller's staff tasked with dealing with the Website and providing feedback to requests made through the Website;
• - to public authorities, such as police forces and judicial offices, when required by law or by a legitimate provision.

If the conditions established by the GDPR occur, the Data Controller will stipulate with those recipients, among those indicated above, who receive disclosure of your personal data so that they may process them on behalf of the Data Controller ("Data Processors") specific contracts aimed at ensuring that the operations carried out are performed in compliance with the instructions given by the Data Controller and that appropriate technical and organisational measures are implemented to safeguard the security of the personal data processed.

RIGHTS OF DATA SUBJECTS

At any time, the Data Subject may exert the rights indicated in articles 15 et seq. of the GDPR by contacting the Data Controller. In particular, the user, as Data Subject, can exercise the following rights:

• the right of access, i.e. the right to obtain confirmation as to whether or not your data are being processed, as well as the right to receive any information related to the same processing and a copy of the personal data processed;
• the right to rectification, i.e. the right to obtain the rectification or integration of your personal data subject to processing, if they are inaccurate or incomplete with respect to the purposes of processing;
• the right to erasure (the so-called "right to be forgotten"), i.e. the right to obtain the erasure of the personal data subject to processing when not relevant to the continuation of the contractual relationship or necessary for legal obligations, or in other cases provided for by art. 17 of the GDPR;
• · the right to the restrict processing, i.e. the right to obtain the restriction of the processing of personal data, when the conditions provided for by art. 18 of the GDPR occur;
• the right for data portability, i.e. the right to receive personal data concerning the Data Subject, which he/she has provided in a structured format, in common use and readable by automatic device, and to obtain direct transmission of the same in favour of a different data controller, where technically possible;
• the right to object to processing, i.e. the right to oppose, at any time for reasons related to his/her particular situation, the processing of data concerning the Data Subject based on the condition of the lawfulness of the legitimate interest or the performance of a task in the public interest or the exercise of public authority, unless there are legitimate reasons for the Data Controller to continue processing which prevail over the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of a right in court;
• the right not to be subject to exclusively automated decision-making processes, i.e. not to be subject to decisions, which produce legal effects on the Data Subject or which in any case significantly affect the Data Subject in a similar way, which are based entirely on fully automated decision-making processes (including profiling). The Data Controller does not rely on any fully automated decision-making process;
• the right to withdraw consent, i.e. to revoke consent to the processing of your data at any time, without prejudice to the lawfulness of the processing based on consent before withdrawal;
• the right to lodge a complaint with a Supervisory Authority, such as the Garante per la Protezione dei Dati Personali, with offices in Piazza Venezia 11 - 00187, Rome (RM), Italy (IT), mail: garante@gpdp.it, P.E.C.: protocollo@pec.gpdp.it.

These rights may be exercised free of charge by sending a written notice to the Data Controller, at the Contact Point.

However, in case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Data Controller may charge you a reasonable expense contribution, in light of the administrative costs incurred to handle your request, or reject the satisfaction of your request.

POLICY CHANGE

Over time, the Data Controller may make changes to this Policy, in order to ensure its updating or to improve its clarity; in this case, the Data Controller will promptly inform users of the Website using the most effective and appropriate tools for this purpose.

COOKIE POLICY

Cookies are small files recorded on your hard drive. This process allows an easier navigation and greater ease of use of the Website itself.

Cookies generally allow you to obtain access to information already stored on your computer for purposes that may be of a commercial nature (profiling for example) or technical (to ensure the proper functioning of the Website visited).

In compliance with Directive 2009/136/EC, no explicit consent to the use of cookies will be required because only session cookies, i.e. cookies instrumental to the correct functioning of the website, will be processed.

No use will therefore be made of cookies for the transmission of information of a personal nature, nor are persistent cookies of any kind used, i.e. systems for tracing users.

The use of so-called session cookies (which are not permanently stored on the user's computer but disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the Website.

The so-called session cookies used in this Website avoid the use of other computer techniques potentially prejudicial to the confidentiality of users' navigation and do not allow the acquisition of personal identification data of the user.