Privacy Policy Information for curricula and job applications

Pursuant to art. 13 EU Regulation 2016/679 (GDPR)

Azcom Technology S.r.l. (fiscal code/VAT number 11723250152), a company that carries out research, design, consultancy for the production of IT procedures, communication and verification systems in general, with registered office in 20090 Assago (MI) – Centro Direzionale Milanofiori, Strada 2, Palazzo C3, as Data Controller pursuant to and for the purposes of EU Regulation 2016/679 (hereinafter also “GDPR” or “legislation”), recognizes the importance of the fundamental right to protection of individuals with regard to personal data processing. Therefore the data will be processed according to the principles of lawfulness, correctness, transparency, limitation of needs, minimization of data, accuracy, limitation of conservation, integrity, confidentiality, responsibility and, in any case, in accordance with the requirements of the GDPR.

1. HOLDER OF THE TREATMENT

The holder of the treatment is Azcom Technology S.r.l. (fiscal code/VAT number 11723250152), in the person of the legal representative pro tempore, with registered office in 20090 Assago (MI) – Centro Direzionale Milanofiori, Strada 2, Palazzo C3.

The Data Controller can be contacted at the following e-mail address: privacy@azcomtech.com.

2. PURPOSE AND LEGAL BASIS OF THE TREATMENT

The personal data of the interested parties will be processed according to the different juridical, contractual, consensual rules or rather for the pursuit of a legitimate interest, for the following purposes:

• for all ancillary activities to the correct evaluation and profitable selection of personnel;
• for the creation of a database – in compliance with the time limit referred to in point 4 – containing potential profiles useful for any future job recruitment.

If the treatment needs to be carried out for purposes other than those indicated above, the interested parties will be asked for a further specific consent.

3. RECIPIENTS OF PERSONAL DATA

No data will be disclosed or transferred to third parties without the prior consent of the interested parties. In case Azcom Technology S.r.l. communication to third parties is necessary for the organizational, administrative or support needs of the services provided, the Data Controller will provide, pursuant to the GDPR, the appointment of the latter, with appropriate legal guarantees, such as “Data Processors”. It is understood that the users’ personal data are accessible to third parties, such as law enforcement agencies, whenever this is required by law or required by an order or provision of a competent authority.

4. STORAGE PERIOD OF PERSONAL DATA

Personal data will be kept for the period necessary for the selection of profiles and, in any case, for a maximum period of five (5) years from their acquisition or for the period in which the Data Controller is subject to conservation obligations for tax purposes and / or accounting or for other purposes imposed by law and mandatory rules, both national and EU.

Personal data will be processed both on computer and on paper.

It is specified that specific security measures are observed to prevent the loss of personal data, their unlawful or incorrect use and unauthorized access, in accordance with the provisions of the GDPR.

Furthermore, in order to ensure that personal data is always accurate, up to date, complete and relevant, we invite you to report any changes made to the e-mail address privacy@azcomtech.com.

5. RIGHTS OF THE INTERESTED PARTY

If the legal requirements are met, interested parties may, at any time, exercise the following rights recognized by the GDPR, by contacting the Data Controller at the e-mail address privacy@azcomtech.com:

• request and obtain confirmation that personal data concerning them are being processed;
• if a treatment is in progress, request and obtain access to personal data;
• request and obtain, without unjustified delay, the correction of inaccurate personal data concerning them and the integration of incomplete personal data;
• ask and obtain without undue delay, upon occurrence of one of the conditions provided by the art. 17, paragraph 1, GDPR, the cancellation of personal data concerning them, except for the provisions of art. 17, paragraph 3, GDPR;
• to ask and obtain, in the cases provided for by art. 18, paragraph 1, GDPR, the limitation of the processing of personal data;
• oppose at any time the processing of own personal data, in the case of special situations that concern them. Specifically, in the event of opposition, personal data will no longer be processed, except for the existence of legitimate cogent reasons for processing that prevail over the interests, rights and freedoms of the data subjects or for the assessment, the exercise or defense of a right in court;
• obtain the portability of personal data concerning them, i.e. the right to receive them from the Data Controller in a structured format, commonly used and readable by an automatic device and request their transmission to another Data Controller, without impediments;
• in the event that consent is required for the processing of personal data, revoke the consent already given, limited to cases where the processing is based on the consent of the interested parties for one or more specific purposes or in the case of processing of particular categories of data (for example, data revealing racial origin, political opinions, religious beliefs, health status or sexual life, etc.). The treatment based on the consent and carried out prior to the revocation of the same does not affect and, therefore, retains its lawfulness.

Furthermore, interested parties may make a complaint with the Supervisory Authority (Authority for the protection of personal data), if they consider that their rights under the GDPR have been violated, according to the methods indicated on the Guarantor’s website, accessible at www.garanteprivacy.it.

6. CONSEQUENCES OF FAILURE TO COMMUNICATE PERSONAL DATA

The provision of personal data is optional with regard to the purposes referred to in point 2). Any refusal by the interested party to provide the above-mentioned data will make it impossible for the Data Controller to comply with the request for evaluation and selection of the data subject.