CHIMEC S.p.A. Via Delle Ande, 19 - 00144 Rome, ITALY
pursuant to EU Regulation no. 679/2016 (GDPR)
Type of data processed
The personal data of the users / visitors who connect to the Website at the address “www.chimec.com“ is:
a. Data that the users/visitors may enter optionally such as
- name and surname, e-mail address and telephone number, provided to obtain the technical services and information requested.
- data entered in the personal curriculum vitae (personal details; contact information; qualifications; work experience etc.).
b. Data deriving from the user/visitor browsing the Website.
This category of data includes the IP addresses or domain names of the computers used by the users/visitors who connect to the Website, the URI (Uniform Resource Identifier) of the resource requested, the time of the request, the method used to submit the request to the server, the size of the file obtained as a reply, the numeric code indicating the status of the reply given by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the user / visitor. The condition that makes the processing lawful is the data controller’s legitimate interest in the Website’s operation.
This Website is not intended for people under 18 years of age and the Data Controller does not intentionally collect personal information referring to minors. Should information on minors be unintentionally recorded, the Data Controller will promptly erase it, on the request of the users/visitors.
Purposes of the processing
The data acquired will be processed exclusively to:
- reply to the requests for technical information (e.g. product features) sent by the user/visitor to our Company;
- search for and hire personnel in order to establish a working relationship also possibly for positions different from those for which the curriculum vitae had been sent;
- only concerning browsing data, to obtain anonymous statistical information on the use of the Website, to check its correct operation and to ensure the protection of the information;
- fulfil the obligations imposed by law, a regulation, community legislation or the order of an Authority;
- prevent or discover fraudulent activities or abuse that is damaging for the Website;
- exercise the rights of the Data Controller, e.g. the right to exercise a right in court.
Place of the data processing
The processing connected to the web services of this Website takes place at the offices of the Data Controller.
The personal data expressly conferred by the users/visitors or the results of the statistical analyses above may be communicated to:
- subjects authorised within the Company by the Data Controller and who have received suitable instructions to fulfil the related activities to provide the services in this Website;
- people or companies that provide assistance and consultancy activities to the Data Controller (by way of example, Website provider, technical personnel for hardware assistance etc.) which outsource on behalf of the Data Controller, in their capacity of Data Processors.
- subjects with the right to access the data recognised by legal provisions or by orders from authorities;
No data deriving from the web service is distributed, except in the cases expressly provided for by law.
The data is not transferred outside the European Community. Any transfer of data outside the EU, will take place, in any case, in compliance with the applicable legal provisions while adopting any contractual measure that is suitable and necessary to ensure a suitable protection level of the personal data.
The personal data provided by users/visitors is used only to carry out the services provided by the Website and only for the purposes indicated in the purposes of the processing. The personal data will be processed for the following operations: collection, registration, organisation, retention, consultation, processing, amendment, selection, extraction, comparison, use, interconnection, blockage, communication, erasure and destruction of the data.
The processing will be performed with IT and/or automated and electronic instruments, with organisation and processing logics that are closely related to these purposes and in any case in order to ensure the security, integrity and confidentiality of the data itself in compliance with the organisational, physical and logical measures required by the provisions in force.
Personal data retention period
The Data Controller will process the personal data for the time needed to fulfil the purposes above.
Option of conferring data
Some personal data is strictly necessary for the Website to function or to check its correct operation. Other data is necessary to provide the services requested; in this case the users/visitors are not obliged to confer the data requested by the Website to the Data Controller. However, in case of refusing consent, it will not be possible to provide the services requested by the user / visitor.
Data Controller of the processing
The Data Controller of the data processing is CHIMEC S.p.A. with registered office in Rome, via delle Ande no. 19, e-mail address firstname.lastname@example.org
Rights of the data subjects
The users / visitors may exercise, at any time, the rights provided for by articles from 15 to 22 of EU Regulation 2016/679 with regard to the data itself.
In particular, among these are:
- the right to access (art. 15 GDPR, e.g. requests on the methods to use and process the Personal data),
- the right to rectification (art. 16 GDPR e.g. correcting any inaccuracies
- the right to erasure (art. 17 GDPR, erasure of Personal data in case where there is no longer a legal principle justifying the processing),
- the right to restriction of processing (art. 18 GDPR, e.g. the Data subject disputes the accuracy of the Personal data and the restriction of Personal data processing occurs for the time needed to examine the request of the data subject);
- the right to portability (i.e. reception and transmission to another data controller) of the retained Personal data (art. 20 GDPR),
- the right to object (art. 21, par. 1 and 2, GDPR, the data subject has the right to object to the processing of the personal data that concerns him/her unless there are legitimate reasons to proceed to the processing, which shall prevail over the interests, rights and freedom of the data subject or the ascertainment, exercise or defence of a right in court, lodge a complaint before the Supervisory Authority for the protection of personal data if the Company is unable to provide a suitable response to a request for explanation or a complaint.
These rights may be exercised towards the Data Controller by writing to the e-mail address email@example.com
Last update 16/01/2019