Information pursuant to EU Regulation 2016/679 (“GDPR”) on the protection of personal data
1. What types of data do we collect?
When you consult our site, you accept that our company collects some of your personal data. This page is intended to tell you what data we collect, why and how we use it.
We deal with two types of data:
- data provided voluntarily by the user
- data we collect automatically
Data provided by the user
For the consultation of the site it is not required that you provide us with any personal data. However, if you fill out the form on the site, or if you spontaneously send us messages, by e-mail or traditional mail, to the addresses indicated on the site, you are providing us with some of your information (e-mail address, telephone, etc …) which are necessary for to be able to contact you and answer your questions. These data will be used for the sole purpose of following up on your request and may be disclosed to third parties only if this is necessary for this purpose. The data will be processed by personnel in charge of procedures. , technical and IT tools suitable for protecting the confidentiality and security of data and consists of their collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, cancellation , destruction of the same including the combination of two or more of the aforementioned activities.
Data that we automatically collect
We collect the following data through the services you use:
- technical data: for example IP address, browser type, information on your computer, data relating to the current (approximate) position of the instrument you are using;
- data collected using cookies or similar technologies: for more information, please visit the “Cookies” section.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site: except for this possibility, the data on web contacts do not currently persist for more than seven days.
2. How do we use the collected data?
We use the data collected for the sole purpose of following up on your request and we may communicate them to third parties only if this is necessary for this purpose. These data are kept for the time strictly necessary to provide the user with the requested service and are deleted immediately thereafter, without prejudice to further conservation obligations required by law. The data will not be disclosed.
3. Is the provision of data mandatory?
Apart from what is specified for navigation data, the user is free to provide personal data contained in the application forms or otherwise indicated on the site to request the sending of informative material or other communications. Failure to provide them may make it impossible to obtain what is requested.
4. Who are the subjects of the treatment?
4.1. Holder of the treatment
The data controller is , in the person of its legal representative, with registered office located in – IT.
The data controller makes use of data processors to achieve the purposes specified in point 2.
We remind you that you can contact the data controller at any time and send any question or request regarding your personal data and respect for your privacy by writing to info@stocco.it.
4.2. Subjects to whom personal data may be disclosed
The data collected as part of the service provision may be disclosed to:
- companies that perform functions strictly connected and instrumental to operations, such as suppliers that provide archiving, disclosure (eg, Mailchimp for sending communications) administrative, payment and billing services
- administrative and judicial bodies and authorities by virtue of legal obligations
Your personal data may be transferred outside the European Union to be processed by some of our service providers. In this case, we make sure that this transfer takes place in compliance with current legislation and that an adequate level of protection of personal data is guaranteed based on an adequacy decision, on standard clauses defined by the European Commission.
Under no circumstances do we give or sell personal data to third parties.
5. How can you get information on the data, modify it, delete it or have a copy of it?
5.1. Access to personal data from your reserved area and withdrawal of consent (opt-out)
5.2. Export and cancellation of personal data processing
To export your personal data (takeout) or request its cancellation, you can send a request to the email address info@stocco.it. Your personal data will be exported within 30 days or, in the event that the export becomes particularly complex, within three months. The cancellation will be carried out within the expected technical times and in accordance with the retention period specified in point 6 below.
5.3. Exercise of your rights
Any natural person who uses our service can:
- obtain from the owner, at any time, information about the existence of their personal data, the origin of the same, the purposes and methods of treatment and, if present, to obtain access to personal data and information referred to in ‘article 15 of the GDPR
- request the updating, rectification, integration, cancellation, limitation of data processing in the event that one of the conditions provided for in Article 18 of the GDPR is met, the transformation into anonymous form or the blocking of personal data, processed in violation of law, including those that do not need to be kept for the purposes for which the data were collected and / or subsequently processed
- object, in whole or in part, for legitimate reasons, to the processing of data, even if pertinent to the purpose of the collection and processing of personal data provided for the purposes of commercial information or sending advertising or direct sales material or for the fulfillment of market research or commercial communication. Each user also has the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the withdrawal.
- receive their personal data, provided knowingly and actively or through the use of the service, in a structured format, commonly used and readable by an automatic device, and to transmit them to another data controller without impediments
- lodge a complaint with the Guarantor Authority for the protection of personal data in Italy
We remind you that for any questions or requests relating to your personal data and respect for your privacy, you can write to info@stocco.it.
6. How and for how long will your data be stored?
The storage of personal data will take place in paper and / or electronic / computer form and for the time strictly necessary to fulfill the purposes referred to in point 2, in compliance with your privacy and current regulations.
For analysis purposes aimed at developing and improving the service, the user’s personal data may be subject to the same retention period.
For direct marketing and profiling purposes, we keep your data for a maximum period equal to that provided for by the applicable legislation (respectively equal to 24 and 12 months).
Invoices, accounting documents and transaction data are kept for 11 years in accordance with the law (including tax obligations).
In the case of exercising the right to be forgotten through a request for express cancellation of the personal data processed by the owner, we remind you that such data will be kept, in a protected form and with limited access, only for the purpose of ascertaining and suppressing crimes, for a period not exceeding 12 months from the date of the request and subsequently they will be securely deleted or irreversibly anonymised.
Finally, we remind you that for the same purposes, data relating to electronic traffic, excluding the contents of communications, will be kept for a period not exceeding 6 years from the date of communication, pursuant to art. 24 of Law no. 167/2017, which implemented the EU Directive 2017/541 on counter-terrorism.
If you do not exercise any active action (for example navigation, searches and / or any other way of using the service) on our site for a period of 27 months, you will be classified as an inactive user and your personal data will be automatically deleted.
7. How do we ensure the protection of your data?
8. Additional information
8.1. Position
When you browse our site with active location tracking, we may collect and process information about your current (approximate) location. These data are processed anonymously, in a format that does not allow the user to be personally identified and used for the sole purpose of facilitating the use of some location-based features of the service. You can activate / deactivate the location services at any time by accessing the settings of your browser and / or your device as follows:
- Safari
- Desktop
- go to “Preferences” > “Websites” > “Location” and remove our site from the list
- Mobile
- go to “Preferences”> “Privacy” > “Location” and disable location for Safari
- Desktop
- Chrome
- Desktop
- open Chrome chrome: // settings / content / location and remove our site from the list
- Mobile
- open Chrome and select “Site Settings” > “Location” and remove our site from the list
- Desktop
- Firefox
- Desktop and mobile
- open Firefox and go to about: preferences # privacy, search for “Permission” > “Location” > “Settings” and remove our site from the list
- Desktop and mobile
- Internet Explorer
- Desktop
- open Internet Explorer, click on the “gear” icon and select “Internet Options” in the privacy panel, under Location, press the “Delete Sites” button
- Desktop
8.2. Applications
The CVs received for self-candidacy may be stored and re-evaluated for subsequent searches for professional positions compatible with the candidate’s profile, provided that they are implemented within a maximum of 2 years. The candidate may object to the processing of his personal data at any time by writing to the info@stocco.it box.
If you are applying, remember to include in your curriculum vitae the declaration with which you consent to the processing of personal data for the purpose of selection and avoid entering sensitive personal data (such as health status, religious, philosophical or political beliefs ) not relevant to the job offer.