PRIVACY POLICY

Information provided pursuant to Article 13 of European Regulation 2016/679 (GDPR)

 

1. WHY ARE YOU RECEIVING THIS?

This page describes how the company which has issued this policy  (the “Company”) processes personal data concerning all kinds of data subjects (hereinafter referred to as the “Data subjects”, pursuant to Art. 4, paragraph 1, of the GDPR), and is intended to set out the policy adopted by the Company to ensure compliance with the provisions of the GDPR (EU Reg. 2016/679), Italian Legislative Decree 196/2003,  national measures concerning this matter, guidelines issued by the European Data Protection Board, and – finally – EU directives on the protection of data relating to natural persons (individuals).

This privacy policy is provided pursuant to Art. 13 of EU Regulation 2016/679 to all parties who establish any kind of relationship with the Company.

The Privacy Policy of this website does not refer to any other processing carried out or described after users have browsed websites through any links found in this website.

2. DATA CONTROLLER

• the Data Controller is the Company, namely:

Lindbergh S.p.A.

via Guarneri Zanetti, 22

26033 Pescarolo Ed Uniti (CR)

Telephone: +39 0372 836220

Email: info@lindbergh.eu

• You may contact the Data Controller to exercise all the rights provided for by Articles 15 to 21 of the GDPR, including: right of access, rectification, cancellation, limitation, portability, opposition, as well as to withdraw any consent you may have granted prior to this; if you, the data subject, do not receive any reply to your requests, you may file a complaint with the supervisory authority for the protection of personal data (pursuant to Art. Article 13, paragraph 2, section d of the GDPR);
• all the data is processed in a lawful, fair, and transparent manner in relation to the data subject and in compliance with the general principles set out in Article 5 of the GDPR;
• specific security measures are adopted in order to prevent data loss, unlawful or unfair data use, and unauthorised access to data.

3. TYPES OF DATA PROCESSED

 

• CONTACT DETAILS

Any personal data sent optionally, expressly, and voluntarily  as necessary when filling out contact request forms found in  this site, or sent directly to any email addresses stated in this site, will result in such data being acquired solely for the purposes of responding to the requests or answering the emails sent.

For further information, please write to the relevant email address.

Purposes  and legal basis of the processing (GDPR Art.13, para. 1, section c)	This data is used for the sole purpose of answering enquiries made by filling in forms or sent in other ways.
Scope of disclosure (GDPR Art.13, para. 1, section e, f)	The data is processed exclusively by duly authorised internal personnel who have received processing training (GDPR Art. 29) and will not be disclosed to external parties, disseminated, or transferred to non-EU countries. Only in the event of an investigation may the data be provided to competent authorities. If provided for otherwise, this will be specified in the relative form.
Processing methods (GDPR Chapter 39.	Personal data will be processed using automated tools for as long as is strictly necessary  in order to achieve the purposes for which it was collected. Specific security measures are adopted in order to prevent data loss, unlawful or unfair data use, and unauthorised access to data.
Data retention period (GDPR Art.13, para. 2, section a)	The data is usually kept for short periods of time, solely to meet the requests received.
Provision (GDPR, Article 13, para. 2, section f)	The data is provided optionally by the data subjects.
Lawfulness (GDPR, Art. 6, para. 1)	Processing is necessary to answer/respond to requests received, therefore consent is given upon filling in the forms.

 

 

• DATA FOR EMPLOYMENT APPLICATIONS

The personal data provided voluntarily by employment applicants when sending CVs via the email addresses stated, or as well as personal data acquired as a result of  specific forms filled in, is processed for purposes relating to the personnel recruitment and management of any future employment relationships.

For further information, please write to the email address stated in the relevant forms.

Purposes  and legal basis of the processing (GDPR Article 13, para. 1, section c)	The personal data is provided by data subjects when sending  CVs or filling in the appropriate fields.   The data is processed as a pre-contractual measure, for activities prior to entry into an employment agreement and related legal obligations.
Scope of disclosure (GDPR Article 13, para. 1, section e, f)	The data is processed exclusively by duly authorised members of the human resources department who have received processing training (GDPR Art. 29) and will not be disclosed to external parties, disseminated, or transferred to non-EU countries. If provided for otherwise, this will be specified in the relative form.
Data retention period (GDPR Article 13, para. 2, section a)	The data is retained for two years.
Provision (GDPR Article 13, para. 2, section f)	Personal data provision is optional, however failure to provide the data required and to consent to the processing may make it impossible to assess the candidate’s suitability for the position and consequently for the company to handle the employment application.

 

• COOKIES

For further general information on cookies and opting in and out, please see the Cookie Policy.

4. DATA SUBJECT’S RIGHTS (GDPR Articles 15-22)

At any time, the data subject is entitled to:

• seek confirmation of the existence or otherwise of their personal data;
• be informed about the processing purposes, the categories of personal data, the recipients or categories of recipients to whom/which the personal data have been or will be disclosed and, when possible, the retention period;
• have data rectified and erased;
• have processing limited;
• data portability, i.e. to receive the data from a data controller, in a structured, commonly used, machine-readable form, and send it to another data controller without impediments;
• object to processing at any time and, in particular, in the event of processing for direct marketing purposes;
• object to automated decision-making processes concerning natural persons, including profiling;
• file a complaint with the Italian data protection authority.

Requests to exercise these rights must be sent to the Data Controller via the dedicated email address provided for the processing described.

Every effort will be made to ensure this site functions as compatibly as possible with the automatic data protection  control mechanisms available in some products used by users.

Policy  updated on 3 March 2022.