Data Protection Notice for website www.archivagroup.com

Version 30.11.2020

Archiva S.r.l., as the Data Controller of Personal Data, hereby informs you about the processing of personal data collected, the methods of management of the site www.archivagroup.it (hereinafter, “Site”) and visitor information, as well as about the processing of personal data of data subjects who request commercial information from the company Archiva S.r.l. or otherwise provide the aforementioned company with their personal data, for the purposes and under the further terms and conditions of this statement.

This information is provided pursuant to Article 13 of Regulation (EU) No. 2016/679 (hereinafter the “GDPR”).

1. Processing of personal data

 

Archiva S.r.l. declares that access to the site and/or registration to the various sections of it and/or any requests for information or services and/or interest in staying up to date on events and services offered require the provision of personal data that will be processed in full compliance with the GDPR and applicable Italian regulations. Through this information users will be able to know, in advance, the methods of treatment.

According to these laws, these treatments will be based on principles of correctness, lawfulness and transparency, protecting your privacy, your rights and freedoms.

With regards to this web page, it is specified that the information is effective only in relation to the site and does not extend to other web sites, possibly consulted by the user through external links.

2. The Data Controller

 

The data controller is Archiva S.r.l., P.IVA 03237470236, with headquarters in Via Spagna 24, Villafranca, 37069, (VR).

3. The Purposes of the treatment and the legal bases

 

According to the needs expressed from time to time by the user, who accesses the different sections of this website (and except for specific rules and information for individual operations involving the provision of specific personal data, published from time to time on it), below are indicated the purposes of the processing of personal data, e.g. those provided directly by users, by filling out the information request forms and / or those acquired automatically through navigation:

  • a. within the limits and for the sole purpose of providing the services accessible through the site (e.g. response to requests received, requests to participate in events or similar, …). Legal basis: execution of pre-contractual measures Art. 6.1.b GDPR.
  • b. to allow users, upon consent and until revocation of the same, to know and learn more about the activities, events and other commercial initiatives organized or carried out by the Owner. Legal basis: consent Art. 6.1.a GDPR.
  • c. within the limits and for the sole purpose of recruitment, management and contact of the application for the job position selected in the appropriate field. Legal basis: the execution of pre-contractual measures (Art. 6.1.b GDPR) and the legitimate interest of the Owner to verify the suitability of the candidate to fill the specific job position sought Art.6.1.f GDPR.
  • d. to store and to be contacted by the HR area for future and possible job positions, offered by the Owner (spontaneous application). Legal basis: the execution of pre-contractual measures Art. 6.1.b GDPR
  • e. to allow the Data Controller to transfer personal data for marketing purposes to companies directly or indirectly related to Archiva Srl, affiliated Legal basis: consent Art. 6.1.a. GDPR

4. Modalities of data processing

 

Data processing means “any operation or set of operations, carried out with or without the help of electronic or automated means, concerning the collection, recording, organisation, storage, processing, modification, extraction, comparison, use, communication, dissemination, interconnection, blocking, erasure, destruction and selection of data”.

The Personal Data will be processed mainly in an automated way, with logic strictly related to the above-mentioned purposes, through Data Bases, electronic platforms, managed by Archiva S.r.l. or by third parties appointed as data processors ex art 28 GDPR and/or integrated IT systems and/or websites owned by or used by Archiva S.r.l..

The Data Controller has adopted appropriate security measures to protect users against the risk of loss, misuse or alteration of the data collected. In particular: it has adopted security measures in compliance with the regulations in force, it uses protected protocols for the transmission of Data known as HTTPS. Moreover, it stores the data of the users on servers located in the territory. Servers are subject to an advanced and daily back up and disaster recovery system.

5. Duration of Processing

 

The data communicated are kept for a period of time not exceeding that necessary to achieve the purposes, referred to in paragraph 3 above, for which they are processed, or for a longer period, for purposes permitted by law, and, however, without undue delay will be deleted at the end of those purposes. For the purposes referred to in paragraph:

  • 3a: in relation to the specific type of request. For generic requests maximum 12 months from receipt of the request.
  • 3b: maximum 24 months from the formalisation of consent or from the last documented interaction. Provision of the Guarantor for the processing of personal data February 24, 2005.
  • 3c: maximum 12 months from the date of the first meeting with the data controller.
  • 3d: maximum 12 months after sending the spontaneous application.
  • 3e: maximum 12 months from the formalisation of consent.

6. Place of processing

 

The Personal Data are processed mainly at the headquarters of the Data Controller, of the companies associated with it (in the case of an authorised transfer), and/or at the locations of the Processor, specifically appointed ex. Art. 28 of the GDPR. For further information, users may contact the Data Controller by email by writing to the regiustered email address privacy@pec.archivagroup.it (which can also be reached by ordinary email).

7. Nature and modalitied of provision of users’ Personal Data

 

The provision of personal data is optional, but failure to provide such data will make it impossible for Archiva to process your request. Personal data may be provided by filling in the appropriate fields in the relevant sections of the Site or, if you prefer, by sending your request by e-mail.

8. Categories of Personal Data subject to processing

 

In addition to the Personal Data provided directly by users (such as identification and contact data), when browsing the Site, the computer systems and software procedures, used to operate the Site, automatically and/or indirectly acquire certain information that may constitute personal data, the transmission of which is implicit in the use of Internet communication protocols, known as “cookies” (as better specified below), “IP” addresses, domain names of the computers used by users who connect to the Site, the “URL” addresses of the resources requested, the time of the request to the server, navigation on the Site.

9. Categories and subjects that may acquire knowledge of users’ Personal Data

 

The Personal Data may be brought to the attention of employees or trainees of the Data Controller who, working under the direct authority and control of the latter, in compliance with specific security and confidentiality measures given to them, process the Personal Data in accordance with European and Italian data protection principles.

Personal data may be disclosed to third parties, such as companies or other subjects that carry out activities in outsourcing on behalf of Archiva S.r.l. (including, but not limited to subjects entrusted with the management and/or development of websites, assistance, communication, organisation and management of events, producers of video-conference software solutions, managers of electronic platforms for sending marketing campaigns, newsletters…). The complete and up-to-date list of Data Processors, to whom personal data may be communicated, is available upon request at privacy@archivagroup.it.

In relation to activities provided/organised by Archiva Srl in partnership, personal data and contact details may be disclosed the specific partner.

10. Transfer of users’ Personal Data outside of the EU

 

Personal Data will not be transferred to countries outside the EU.

11. Minors

 

The Site does not contain any information intended directly for minors, therefore, the aforementioned category shall not transmit any personal data to the Archiva S.r.l. company through the data request forms present on the site.

12. Users’ rights

 

Data subjects are granted the rights of withdrawal of consent, access, rectification and erasure, restriction of processing, data portability and objection under Articles 7.3 and 15 to 21 GDPR:

  1. request whether personal data concerning him are being processed.
  2. where processing is taking place, obtain access to personal data and information relating to the processing, and request a copy of the personal data stored.
  3. obtain the rectification of inaccurate personal data and the integration of incomplete personal data.
  4. obtain, if one of the conditions set out in Article 17 GDPR is met, the erasure of personal data concerning him/her.
  5. obtain, in the cases provided for in Article 18 GDPR, the restriction of processing.
  6. receive the personal data concerning him/her in a structured, commonly used and machine-readable format and/or, proportionate to the effort required, request the transmission of the data to another data controller.
  7. to object at any time to the processing of personal data. In the event of an objection, your personal data will no longer be processed, unless there are legitimate reasons, which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
  8. to withdraw, at any time, the consent given in relation to the purposes referred to in point 3(b) and (d).

 

In addition, any data subject may lodge a complaint with the competent supervisory authority if he/she considers that his/her fundamental rights and freedoms have been infringed, in accordance with the procedures set out, for example, at www.garanteprivacy.it.

The aforementioned rights may be exercised by sending a specific communication to the registered e-mail address privacy@pec.archivagroup.it (which may also be reached by ordinary e-mail).

13. Data Protection Officer

Archiva S.r.l., on a voluntary basis, has appointed a Data Protection Officer (DPO) who can be contacted by e-mail at dpo.privacy@archivagroup.it.

14. Amendments to this notice

Archiva Srl reserves the right to modify this notice at any time, informing visitors directly on this web page. We kindly ask visitors to consult this page, taking the date indicated in the header as the time reference for any changes.

Unless otherwise specified, the above notice will continue to apply to Personal Data processed up to that point.