Privacy Policy

EuroGroup S.p.A., having its registered office in Via Dante, 16, VAT reg. no. 02116160306 (hereinafter “Data Controller”), owner of the Internet site https://gruppopaterno.it (hereinafter, the “Website”), as data controller over the processing of the personal data of users who navigate and are registered on the Website (hereinafter “Users”) provides below the privacy information required pursuant to Art. 13 of Italian Legislative Decree 196/2003 (hereinafter the “Privacy Code”) and Art. 13 of Regulation (EU) 2016/679 of 27 April 2016 (hereinafter “Regulation”; the Regulation and the Privacy Code are together defined as “Applicable Legislation”).

Access to this website, and any services offered through the website, is restricted to individuals who are at least 18 years old. Therefore, the Data Controller does not gather personal data regarding individuals under the age of 18. At the request of Users, the Data Controller will promptly delete all involuntarily collected personal data relating to minors under 18 years of age.

The Data Controller shall take utmost account of the right to privacy and protection of the personal data of Users. For information relating to the privacy policy, Users may contact the Data Controller at any time in following ways:

• By sending a registered letter with advice of receipt to the registered office of the Data Controller
• By sending an Email message to the web address info@gruppopaterno.it;

1. Purposes of the processing

The User’s personal data will be lawfully processed by the Data controller in accordance with Art. 6 of the Regulation for the following processing purposes:

1. Website navigation, in relation to the possibility of collecting the User data necessary at a technical level, such as, for example, the IP address, during navigation of the website.
2. Receipt of CVs used for the selection of personnel by means of the specific application form. Specific information will be provided on the relevant page.
3. Legal obligations, i.e. in order to fulfil the obligations established by law, by an authority, or by European legislation or regulations.

2. Legal basis of the processing

The provision of personal data for the purposes of the processing described above is optional but necessary, as failure to provide the data will result in the impossibility for the User to navigate the website, register on the website and benefit from the services offered by the Data Controller on the website.

With reference to the purposes as per point 1(a), the legal basis for the processing is in fact the performance of the services provided through the website and requested by you (pursuant to Article 6(1)(b) of the General Data Protection Regulation 2016/679); with reference to the purposes as per point 1(b) of the paragraph above, the legal basis for the processing is your freely expressed consent (pursuant to Article 6(1)(a) of the General Data Protection Regulation 2016/679); with reference to the purposes as per point 1(c) of the paragraph above, the legal basis for the processing is the fulfilment of a legal obligation to which the Data Controller is subject (pursuant to Article 6(1)(c) of the General Data Protection Regulation 2016/679).

3. Methods of processing and data retention period

The Data Controller will process the personal data of Users relying on manual and electronic means, according to logics strictly related to the stated purposes and in any case in such a way as to ensure the security and confidentiality of the data.

The personal data of Users of the website will be retained for the period of time that is strictly necessary in order to fulfil the purposes illustrated in paragraph 1 above, or in any case as is necessary to protect the interests both of Users and the Data Controller in accordance with the Italian Civil Code.

4. Scope of communication and dissemination of the data

The personal data of Users may come to the knowledge of employees and/or contractors appointed by the Data Controller to manage the Website. Such individuals, who are formally appointed by the Data Controller as “data processors”, will process the User’s data exclusively for the purposes specified in this notice and in observance of the applicable provisions of law.

The personal data of Users may also come to the knowledge of third parties who may process the data on behalf of the Data Controller as “External Data Processors”, such as, by way of example, providers of IT and logistical services necessary for the operation of the Website, providers of outsourcing or cloud computing services, professionals and consultants.

Users shall have the right to obtain a list of any data processors appointed by the Data Controller upon submitting a request to the Data Controller with the methods specified in paragraph 5 below.

5. Rights of the Data Subjects

Users may exercise the rights guaranteed to them by the applicable legislation, by contacting the Data Controller in the following ways:

• By sending a registered letter with advice of receipt to the registered office of the Data Controller
• By sending an Email message to the web address info@gruppopaterno.it;

In accordance with the applicable legislation, the Data Controller hereby informs Users that they shall have the right to obtain an indication (i) of the origin of the personal data; (ii) of the purposes and methods of processing; (iii) of the logic applied in the case of processing that takes place with the aid of electronic means; (iv) of the identification details of the Data Controller and the data processors; (v) of the individuals or entities or categories of individuals or entities to whom or which the personal data may be communicated, or who or which may gain knowledge thereof as data processors.

In addition, Users shall have the right to obtain:

1. a) access, updating, rectification or, where interested therein, supplementation of the data;
2. b) erasure, anonymisation or blocking of data that have been processed unlawfully, including data whose retention is not necessary for the purposes for which they have been collected or subsequently processed;
3. c) certification that the operations as per letters a) and b) have been notified, also as related to their contents, to the individuals or entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

Furthermore, Users shall have:

a) the right to revoke their consent at any time, where the processing is based on their consent;
b) the right to portability of the data (right to receive the personal data concerning them in a structured, commonly used and machine-readable format), the right to restriction of the processing of the personal data and the right to erasure thereof (“right to be forgotten”);
c) the right to object:

i. in whole or in part, on legitimate grounds, to the processing of the personal data concerning them, even where they are relevant to the purpose of the collection;
ii. in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising materials or for direct marketing purposes or for the purpose of market research or commercial communication;
iii. where personal data are processed for direct marketing purposes, to processing of personal data concerning them for such marketing, which includes profiling, to the extent that it is related to such direct marketing.

d) if they consider that the processing of data relating to them infringes the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State of their habitual residence, place of work or place of the alleged infringement). The Italian supervisory authority is the Garante per la protezione dei dati personali, with its offices in Piazza di Monte Citorio no. 121, 00186 – Rome (http://www.garanteprivacy.it/).

The Data Protection Officer (DPO) may be reached at the following address: via della Stazione 100, Castel Ivano (Tn) Postcode 38059, and at the Email address dpo@gruppopaterno.it