To the Data Subject, we would like to inform you that the “European Regulation 2016/679 related to the protection of physical individuals with regard to the Processing of Personal Data, as well as the free circulation of said data” (from now on “GDPR”) establishes the protection of individuals and other subjects in terms of personal data processing. ICT Consulting S.p.A, as “Data Controller”, according to article 13 of the GDPR therefore may provide you with the following information:
In accordance with Article 13 of the “European Regulation 2016/679 related to the protection of physical individuals with regard to the Processing of Personal Data, as well as the free circulation of said data” (from now the GDPR), ICT Consulting S.p.A. informs the User that it commits itself to process users’ personal data according to the principles of lawfulness, fairness, transparency, integrity and confidentiality.
Therefore, the User is informed that:
A. DATA CATEGORIES: data to be processed will be your personal data including your identification information, biographical data, contact data and other data provided in this form by the User.
B. DATA CONTROLLER: Data Controller is ICT Consulting S.p.A., Piazzale L. Cadorna 4 – 20123 Milano, Partita IVA 12472460158. The processor may be contacted by telephone on 02. 6764221 or by email at firstname.lastname@example.org
C. SOURCE OF PERSONAL DATA: The Controller can obtain personal data directly from the User.
D. PURPOSE OF DATA PROCESSING AND THE LEGAL BASIS: Processing of your personal data, collected and archived through this form, has your consent as legal basis and has the purposes to respond to requests for information arising from the form.
E. THE RECIPIENTS OF THE DATA: within the purpose limitations, your personal data may be disclosed to third parties, including but not limited to our partners, consulting firms, consultants, private companies, appointed as Processor by the Controller.
F. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES: Your personal data will be not transfer to Third countries outside the European Union.
G. THE STORAGE PERIOD OF PERSONAL DATA: the data provided will be kept for a period of time that is no longer than the attainment of the purpose for which it is processed (“principle of conservation limits”, art.5, GDPR) or on the basis of the expiry dates as laid down by law. Verification of the obsolescence of the data conserved in relation to the objectives for which it has been gathered is carried out upon a periodical basis. At the end of the storage period, the data will be deleted from electronical and magnetic devices.
H. THE RIGHTS OF THE INTERESTED PARTY: the interested party always has the right to request the Holder to give access to his data as well as the amendment or cancellation of the data, the limitation of the data processing or the ability to oppose the processing, to request the data portability and to revoke consent to data processing by affirming these and other rights as laid down by the GDPR by means of a simple communication to the Holder. The interested party may take out a complaint with a controlling authority.
I. THE RIGHTS OF THE DATA SUBJECT: the Data Subject shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access, rectification of inaccurate personal data concerning him or her or erasure of personal data concerning him or her without undue delay. The data subject shall also have the right to obtain from the Controller restriction of processing, to object at any time to processing of personal data concerning him or her to request data portability or to withdraw consent on which the processing is based. This may be done by simply notifying the Data Controller. In addition, the data subject shall have the right to lodge a complaint with a supervisory authority.
J. DATA PROCESSING PROCEDURE: personal data provided will undergo data processing according to the afore-mentioned legislation and the limits of confidentiality to which the Data Controller’s activities are inspired. Your data will be processed by means of information technology both on paper as well as by any other suitable means, in full compliance with the adequate security measures as laid down by the GDPR.