Privacy Policy

PRIVACY AND COOKIE POLICY

Through this “Privacy and Cookie Policy,” NI.VAL. GROUP SERVICE Srl, as the Data Controller of personal data (hereinafter “Controller”), intends to describe the management of the personal data of users of this website in accordance with the EU Regulation 2016/679 on Data Protection (General Data Protection Regulation or GDPR).

The following guidelines should be understood as information provided under Article 13 of the GDPR to those interacting with the Site and comply with Recommendation No. 2/2001 concerning the minimum requirements for online data collection in the European Union adopted on May 17, 2001, by the Article 29 Working Party. This notice is not valid for other websites that may be consulted through links present on this site, for which the Controller assumes no responsibility.

Controller’s Contact Details The Data Controller is NI.VAL. GROUP SERVICE Srl, located at Via F. Garofoli 233 – 37057 S. Giovanni Lupatoto (VR).

Data Protection Officer The Data Protection Officer is APTA Servizi Professionali Srl, located at Via F. Brindisi 32 – 65017 Penne (PE), represented by Dr. Eng. Massimo Forestiero, who can be contacted via email at dpo@nivalgroup.com.

Liability Limits The Controller cannot be held responsible in any way for damages of any kind caused directly or indirectly by accessing the site, inability or impossibility to access it, and the use of the information contained therein. Links to external sites are provided as a simple service to users, excluding any responsibility for the correctness and completeness of the linked content. The Controller also reserves the right to modify or simply update the content of the site, in part or in whole, due to changes in applicable regulations. The date of the last update is indicated at the bottom.

Data Processing Methods Personal data collected through this website are processed using automated tools solely for the purposes explicitly and legitimately indicated, in a correct and transparent manner to the data subject, and do not exceed the purposes for which they are collected. Their minimization (adequacy, relevance, and limitation concerning the purposes for which they are processed), accuracy, and confidentiality are ensured.

To guarantee adequate security and protection of the personal data provided by the user and to prevent their loss, theft, even accidental, as well as illicit use, the Controller has adopted technical and organizational measures that are monitored and updated as necessary.

Types of Data Processed Data Provided by the User The site aims to provide users with various types of information about the activities carried out by the Controller. The user also has the possibility to contact the Controller: Through the “WORK WITH US” link, it is possible to send your Curriculum Vitae by entering your name, surname, email address, and the job position of interest (mandatory data) and optionally a cover letter in a free text field. Regarding third-party data entered by the user in the “cover letter” field and within the attached documents, it is assumed that the user has been expressly authorized to provide them, thus acting as an autonomous data controller, assuming all legal obligations and responsibilities, releasing the Controller from any claim, demand, or compensation that may arise. Any responsibility for providing false, untruthful information, or information not given in good faith lies solely with the provider.

Navigation Data The IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified data subjects but could, by its nature, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of computers used by users who connect to the site, addresses in URL (Uniform Resource Locator) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters related to the user’s operating system and IT environment. These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning. Since it is not possible to identify the data subject, such activity does not constitute personal data processing.

Cookies Whenever the user accesses this website, they accept the use of cookies as described below. Cookies are short pieces of text (letters and/or numbers) that allow the web server to store on the client (the browser, e.g., Internet Explorer, Chrome, Firefox, Opera…) information to reuse during the same visit to the site (session cookies) or later, even days later (persistent cookies). They are an essential part of the operation of our website: their main objective is to improve the user’s browsing experience. For example, system cookies help remember user preferences (language, country, etc.) during navigation and future visits. Other cookies allow us to collect information to improve our website by adapting it to the individual interests of users or speeding up searches.

Cookies are stored based on user preferences by the individual browser on the specific device used (computer, tablet, smartphone).

Types of Cookies Depending on the characteristics and use of cookies, we can distinguish different categories:

• Strictly necessary cookies: These are indispensable for the correct functioning of the website and are used to manage various services related to websites (such as login or access to reserved functions). The duration of these cookies is strictly limited to the work session, or they can have a longer duration to remember visitor choices. Disabling strictly necessary cookies may compromise the user experience and site navigation.
• Analytical cookies: These are used to collect and analyze website traffic and usage anonymously. These cookies, without identifying the user, allow, for example, the detection of whether the same user connects at different times. They also allow monitoring the system and improving its performance and usability. Disabling these cookies can be done without any loss of functionality and will be detailed later.
• Profiling cookies: These are permanent cookies used to identify (anonymously and not) user preferences and improve the browsing experience. For more information on these cookies, which are not used by the Website, we invite you to visit the specific section on www.garanteprivacy.it/cookie

This site uses the following cookies necessary for the correct functioning of the website:

• Type: Technical Cookies

• Technical Name: CookieLawInfoConsent

• Expiry: 365 days

• Purpose: Stores consent to the use of cookies

• Technical Name: viewed_cookie_policy

• Expiry: 365 days

• Purpose: Stores the acknowledgment of the cookie policy

• Technical Name: cookielawinfo-checkbox-necessary

• Expiry: 365 days

• Purpose: Used to track the acceptance of necessary cookies

• Technical Name: cookielawinfo-checkbox-non-necessary

• Expiry: 365 days

• Purpose: Used to track the acceptance of non-necessary cookies

Most browsers accept cookies automatically, but you can change the settings to delete cookies or prevent automatic acceptance. The following links explain how to control cookies with different types of browsers. This choice will apply to all websites visited:

• Internet Explorer: support.microsoft.com
• Chrome: support.google.com
• Firefox: support.mozilla.org
• Safari: support.apple.com
• Android: support.google.com

Legal Basis for Processing The legal basis for processing the data acquired through this site lies:

• In the legitimate interest of the controller regarding navigation data
• In the execution of pre-contractual measures adopted at the request of the data subject (Art 6.1.b of the GDPR) regarding the data entered in the “WORK WITH US” section.

Subjects or Categories of Subjects to Whom Data May Be Communicated Personal data may be shared with:

• Persons authorized by the Controller to process personal data who have committed to confidentiality;
• Companies belonging to the Controller’s group;
• Consultants as external data processors to the extent necessary to perform their tasks, who are bound by confidentiality and security obligations;
• Judicial authorities in the exercise of their functions when required by applicable law.

Data Retention Period The Controller will process personal data for the time strictly necessary to achieve the purposes indicated in this privacy policy and for as long as permitted by Italian law to protect its interests (Art. 2947 Civil Code). More information regarding the personal data retention period and the criteria used to determine this period can be requested by writing to the Controller.

Transfer of Data Outside the European Economic Area Personal data will not be transferred to entities outside the European Economic Area and will not be disseminated.

Data Subject Rights Pursuant to Articles 15-22 of the GDPR, the data subject has the right to contact the Controller at any time to request access to their personal data and to:

• Obtain the deletion, transformation into anonymous form, or blocking of data processed in violation of the law;
• Obtain the updating, rectification, and integration of data;
• Obtain certification that such changes have been brought to the attention of those to whom the data have been communicated;
• Object for legitimate reasons to the processing of data or to any automated decision-making process (including profiling);
• Obtain the restriction of processing or data portability to another controller;
• Withdraw consent to the processing given for the above purposes without prejudice to the lawfulness of the processing based on consent before its withdrawal;
• Receive the data concerning them in a structured, commonly used, and machine-readable format.

As a data subject, you have the right to file a complaint with the competent supervisory authority (Garante per la Protezione dei Dati Personali) if you believe that the processing of your personal data does not comply with current regulations.

Last Revision: 22/05/2024

DP_Info_002.0-Rev.3_2024