Mpartners S.r.l. - Corso Re Umberto, 8 - 10121 Torino is owner of the processing (from now referred as the: “Data owner”).
Definition of “personal data”
www.mpartners.it (hereinafter, Site”).
Data voluntarily provided by the user
The Data Controller collects some personal data (name, surname, email address, telephone number, postal address, etc.) voluntarily provided by users of the Site through special registration forms or received directly from the user by email.
The IT systems and software procedures responsible for the operation of the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified subjects, but by their very nature could, through processing and associations with data held by third parties, allow users to be identified. This data category includes the IP addresses of the computers used by users connecting to the Site, the uniform resource identifier (URI) notation addresses of the requested resources, the time of the request, the method used to submit the request to the SERVER, the size of the file obtained in response, the numerical regulation indicating the status of the response given by the SERVER (successful, error, etc..) and other parameters related to the user’s operating system. This data is used for the purpose of obtaining anonymous statistical information on the use of the Site and to check its proper functioning, and is deleted immediately after processing. The data could be used for the assessment of liability in case of any computer crimes against the Site (See point 7, lit.b).
Purposes and methods of processing and legal basis of processing
The above personal data will be processed exclusively in relation to the following:
a) the registration of the user for access to the content and information materials on the Site;
b) responses to requests for information or contact;
c) job or cooperation offers;
d) sending of newsletters, invitations to events, seminars, etc.;
e) in compliance with regulatory obligation;
f) in accordance to a legitimate interest of the Data Controller (e.g. for the cybersecurity of the Site).
In both of the aforementioned cases provided for in (c) and (f), the processing of data must be considered mandatory. The Data Controller protects the personal data of users by adopting the security measures provided for by the Regulation.
Optional provision of personal data
Except as specified for navigation data, as well as in relation to what is indicated in point 7 (c) and (f), the user has the right to provide their personal data in the forms for registration to the Site or by email. Failure to provide data has the following consequences:
In case (a) of the preceding paragraph, failure to provide personal data may make it impossible for the user to access the contents and information materials on the Site;
In case of (b) and (c) of the preceding paragraph, failure to provide personal data will make it impossible to send the requested information to the user and to consider any offers of employment or collaboration or their assigment;
In case (d), failure to provide data will make it impossible to receive newsletters, invitations to events, seminars, etc from the Site.
Communication and dissemination of personal data
Users’ personal data will be accessible to employees and consultants of the Processing Owner formally designated as external or authorized data controller. In particular, it should be specified that the data will be communicated, among others, to the subjects already appointed as data controller, who is:
Corso Re Umberto, 8
Data retention period
The processing of data is carried out through automated tools (e.g. using electronic procedures and media) and/or manually (e.g. on paper) for the time strictly necessary to achieve the purposes for which the data was collected and, in any case, in accordance with the regulatory provisions in force on the subject.
Personal data in the cases referred to in point 7 (a) and (d) will be processed by the Data Controller for a period of twenty-four months. Personal data in the cases referred to in point 7 (b) and (c) will be processed for a maximum period of twelve months, unless a relationship of employment or collaboration is established, or a task is given to the Data Controller, in the latter case having to apply a ten-year retention period. In the case referred to in point 7(c) the user’s personal data will be kept for as long as required by the applicable regulations, while in the case provided for in the following lit. (f) for the duration of six months starting from the collection of the data, except for any extensions deriving from investigations by the judicial authority or ongoing investigation.
Rights of users with regards to their personal data
Rights granted to the user by GDPR include:
Ask the professional for access to your personal data and any information relating to this; the rectification of inaccurate data or the integration of incomplete data; the deletion of personal data concerning you (at the occurrence of one of the conditions indicated in Article 17 (1) of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article); the limitation of the processing of your personal data (to the use of one of the hypotheses indicated in Article 18(1) of the GDPR);
request and obtain from the professional – in cases where the legal basis of the processing is the contract or consent, and the same is carried out by automated means – your personal data in a structured format that can be read by automatic device, also in order to communicate such data to another data controller (so-called right to portability of personal data);
object at any time to the processing of your personal data to the use of specific situations that concern you;
withdraw consent at any time, limited to cases where the processing is based on your consent for one or more specific purposes and concerns common personal data (e.g. date and place or birth or place of residence), or particular categories of data (e.g. data revealing your ethnic origin, political opinions, religious beliefs, state of health, or sex life). The processing based on consent and carried out before the withdrawal of the same, however, retains its lawfulness;
lodge a complaint with the supervisory authority (Guarantor Authority for the Protection of Personal Data – www.garanteprivacy.it).
13 – Exercise of rights and request for information
To exercise their rights and for any questions or requests relating to the processing of
Personal data by the Data Controller, users can contact us at the following email address: email@example.com.