PRIVACY POLICY
INFORMATION ON THE PROCESSING OF PERSONAL DATA
REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
(GENERAL DATA PROTECTION REGULATION - GDPR)

As required by the General Regulation on the Protection of Personal Data of the European Union (GDPR 2016/679, art.13), before proceeding with the processing, the interested party (user of the
website www.cersal.it) is informed that the Personal Data collected through the site are processed by the Company using IT and / or telematic tools, for the purposes indicated in this statement.
To this end, the Data Subject is submitted to the Privacy Notice prepared by Cersal (hereinafter also "Cersal" or "the Company" or "the Data Controller"), creator and promoter of the activities available on the website www.cersal.it. (hereinafter also "the site").

1. Data Controller and Data Protection Officer
The Data Controller of Personal Data Cersal srl, with registered office at Viale Ancona 26, 30172 Venice, Italy, VAT number 00161530274.
The Company has appointed the Data Protection Officer (RPD or Data Protection Officer or DPO) pursuant to article 37 of the GDPR, who can be contacted for clarifications and issues concerning the processing of personal data at the following addresses info@Cersal.it .
For further information relating to the rights of the interested party, please consider the paragraph entitled "Rights of the interested parties" of this information.

2. Legal basis and purpose of the processing
The personal data provided by the user when browsing the website www.cersal.it are processed by the Data Controller in accordance with the current regulations on the protection of personal data.
The processing of your personal data by Cersal is aimed at pursuing the following purposes:
a) Processing of information requests: in the event that you decide to contact us using the appropriate form made available on the site in the "Contacts" section, the Data you provide may be processed by the Data Controller to process your request and provide you with the necessary information. In this context, the legal basis of the processing is identified in the Company's interest in fulfilling the information requests made by the interested party;
b) Sending a spontaneous application: in the event that you decide to send your spontaneous application through the "Contacts" section of the site, the data you provide may be processed by the data controller to analyze your curriculum. In this context, the legal basis of the processing is identified in the execution of pre-contractual measures adopted at the request of the same.
c) Subscription to the newsletter service: in the event that you decide to subscribe to the Newsletter service through the Section of the site specifically dedicated to this activity, the Data you provide may be processed by the Data Controller for sending commercial communications and promotional. In this case, the legal basis of the processing is identified in the obligation of the Data Controller to provide you with the newsletter service requested by you. In the event that you decide to deactivate the newsletter service, you can unsubscribe from the service by clicking the appropriate link at the bottom of the e-mails received or by writing to the e-mail address: info@cersal.it.

3. Nature of the treatment
In relation to the purpose lett. a) of the previous paragraph "Legal basis and purpose of the processing", the provision of your personal data is mandatory. Your refusal implies the impossibility of proceeding with the acceptance of the request and the fulfillment of any requests for information.
With reference to the purpose lett. b) of the previous paragraph "Legal basis and purpose of the processing", the provision of your personal data is mandatory. Your refusal makes it impossible to proceed with the analysis of your curriculum and evaluate your spontaneous application.
With reference to the purpose lett. c) of the previous paragraph "Legal basis and purpose of the processing" of this document ", the provision of your personal data is mandatory. Your refusal will make it impossible for Cersal to subscribe to the requested newsletter service and to provide you with the related service requested.

4. Personal data processed
The Data processed by the Data Controller are those provided by the user when browsing the website www.Cersal.it.
In particular, the personal data processed are:
• In relation to the purpose lett. a) of paragraph 1 of this document "Legal basis and purpose of the processing", name, surname, e-mail address;
• With reference to the purpose lett. b) of paragraph 1 of this document “Legal basis e
purpose of the processing ", name, surname, e-mail address, gender, date of birth, address of
home, data relating to education and vocational training, work experience
past;
• In relation to the purpose lett. c) of paragraph 1 of this document "Legal basis and purpose of the processing", e - mail address.

5. Methods of Data Processing and Storage
The processing of personal data is carried out by the Data Controller in compliance with the provisions of current legislation on privacy. The Data Controller processes personal data using IT and / or telematic tools and with organizational and logical methods strictly related to the pursuit of the purposes indicated in this information, as well as adopting the appropriate security measures in order to prevent access, disclosure, unauthorized modification or destruction of Personal Data, their loss and their illicit and incorrect use. However, the Company cannot guarantee its users that the measures adopted for the security of the site and the transmission of data and information on the site are able to limit or exclude any risk of unauthorized access or loss of data by devices. pertaining to the user. For this reason, users of the site are advised to ensure that their computer is equipped with adequate software for the protection of data transmission over the network (for example updated antivirus) and that their Internet Provider has adopted suitable measures for the security of the data transmission over the network.
The Company also undertakes to process the Data according to the principles of correctness, lawfulness and transparency, to collect them to the extent necessary and exact for the processing and to allow their use only by authorized personnel. The management and storage of the personal data acquired will take place in archives or on servers located within the European Union owned by the Data Controller and / or by third-party companies appointed as External Data Processors and, in any case, currently located in Italy.
In relation to the different purposes for which they are collected, the Personal Data will be kept for the time strictly necessary to obtain them and, in any case, in compliance with the regulations in force on the subject.
In any case, the Company will take care to avoid the use of the Data indefinitely by proceeding, on a periodic basis, to suitably verify the effective persistence of the interest of the subject to which they refer.

6. Recipients and data processors
The data collected will not be disseminated in any way, but will be processed within the limits and for the purposes described by the employees of the Company on the basis of adequate operating instructions (for example, administrative, commercial, marketing, legal, system administrators, etc. .). Some data processing may also be carried out by third parties, appointed as External Data Processors, which the Data Controller uses or could use in the context of the management of the contractual relationship, the provision of the services offered and for organizational needs of its business. In particular, the Data could be communicated to:
1. subjects, public and private, who can access the Data by virtue of the provision of law, regulation or community legislation, within the limits established by these rules;
2. subjects who need to access the Data for purposes related to the contractual relationship between the parties, within the limits strictly necessary for the performance of auxiliary tasks (such as, for example, banks and credit institutions, technical service providers, hosting providers, IT companies, communication agencies, postal couriers and shipping companies);
3. consultants, within the limits necessary for the performance of their professional duties.
The updated list of External Managers and persons authorized to process the processing is kept at the headquarters of the Data Controller and is available to the interested party, upon request to be made by e-mail at info@Cersal.it.

7. Transfer of data abroad
The Data will not be transferred outside the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the location of the servers to non-EU countries. In this case, the Data Controller ensures from now on that the transfer of non-EU data will take place in compliance with articles. 44 ff. of the GDPR and the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection.

8. Rights of the interested parties
As an interested party in the processing of data, we inform you that you have the possibility to exercise the rights provided for by the GDPR, and precisely:
1. the right, pursuant to art. 15, to obtain confirmation as to whether or not data concerning you are being processed and, in this case, to obtain access to the data and the following information: i) the purposes of the processing ii) the categories of data in question; iii) the recipients or categories of recipients to whom the Data have been or will be communicated, in particular if third countries or international organizations; iv) when possible, the retention period of the Data envisaged or, if not possible, the criteria used to determine this period; v) the existence of the right of the interested party to ask the Data Controller to correct or delete the Data or limit the processing or to oppose their processing; vi) the right to lodge a complaint with a supervisory authority, pursuant to art. 77 ff. of the GDPR; vii) if the Data are not collected from the Data Subject, all available information on their origin; viii) the existence of an automated decision-making process, including profiling referred to in Article 22, paragraphs 1 and 4 of the GDPR, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of this treatment for the interested party; ix) the right to be informed of the existence of adequate guarantees pursuant to Article 46 of the GDPR relating to the transfer, if the Data are transferred to a third country or to an international organization;
2. the interested party will also have (where applicable) the possibility to exercise the rights referred to in art. 16-21 of the GDPR (right of rectification, right to be forgotten, right to limitation of treatment, right to data portability, right to object).
The interested party may at any time exercise the aforementioned rights and request an updated list of data processors by sending a request to the following e-mail address
info@Cersal.it.
The Company undertakes to respond to the requests of the interested party within one month from the receipt of the request, except in particularly complex cases for which it could take a maximum of three months. In any case, the Data Controller will provide the interested party with evidence of the reason for waiting within one month of the request. The outcome of the request will be provided in writing or electronically. In the event of a request for rectification, cancellation and limitation of the processing, the Data Controller undertakes to communicate the results of the requests received by the Data Subject to each of the recipients of your Data, unless this proves impossible or involves a disproportionate effort.
The Company specifies that a possible contribution may be requested from the interested party if the questions are manifestly unfounded, excessive or repetitive.
The Company has appointed the DPO - Data Protection Officer (DPO - Data Protection Officer) pursuant to Article 37 of the Regulation who can be contacted for questions concerning the processing of your data, at the following address: info@Cersal.it.

9. Changes to this information
The Data Controller reserves the right to make changes to this Privacy policy at any time by giving notice to users on the website www.Cersal.it. Therefore, please consult this page often, referring to the date of the last modification indicated at the end of the document. In case of non-acceptance of the changes made to this Privacy Policy, the interested party may request the Data Controller to delete their personal data. Unless otherwise specified, the previous Privacy policy will continue to apply to the Personal Data collected up to that time.

Cookies

In compliance with legal obligations, Users of the cersal.it Website, hereinafter referred to as "Website", managed by Cersal Srl, (hereinafter also simply "Cersal"), Data Controller, the following information, which refer exclusively to the Website itself and not to other websites that may be visited via links from this one, for which it is suggested to read the relevant information provided respectively by the individual Holders.

This Website uses both its own and third-party analytical cookies and profiling cookies, i.e. text files that are automatically exchanged with the User's device in order to perform automatic authentication, track sessions and store specific information. regarding Users who access this Website, also in order to offer personalized content. Profiling cookies are sent from this Website and from Third Party sites, through the User's navigation on sites that host them, such as this Website, or the use of Third Party services hosted on this Website through interface (API and the like).

The cookies that this Website reserves the right to use are therefore of two types:

Technical cookies, as such:

navigation or session cookies, guarantee the normal navigation and use of the website (allowing, for example, authentication for access to restricted areas);
analytics cookies, are similar to technical cookies where they are used directly by the site manager to collect information, in aggregate form, on the number of users and how they visit the site, as well as, in general, to improve its usability;
functionality cookies, allow the user to browse according to a series of selected criteria (for example, the language, the searches carried out) in order to improve the service provided.

These cookies are ordinarily used by this Website and for their use please refer to this Information. The Website uses these cookies individually and / or in aggregate, to process analyzes and statistics, as well as improve the services offered to Users. In any case, the navigation data (IP address) are anonymized.

Profiling cookies: they are aimed at creating profiles relating to the User and are used in order to send communications of a commercial nature in line with the preferences expressed by the same during navigation, or by providing for the publication and display of personalized content in relation to the User. specific who accesses this Website.

Any profiling takes place through the installation of:

profiling cookies belonging to the Owner;
third-party profiling cookies while browsing this Website. Since they are third-party cookies, the Owner of this Website does not manage them directly but only acts as a technical intermediary: therefore, please read the relevant information prepared by such third parties, which for simplicity and by way of example are linked in this Notice.

For more information on Cookies, read this article by the Italian Privacy Guarantor http://www.garanteprivacy.it/cookie

Consent to use
Also in accordance with the instructions given by the Guarantor for the protection of personal data with provision of 8 May 2014 (published in the Official Gazette no.126 of 3 June 2014), it is understood that the User has given his consent to the use of cookies by simply continuing to browse the Website after having read the brief information ("banner") that can be viewed upon access and having "overcome" it by means of an active intervention on another part of the video / monitor / display of the device with which it performs navigation.

Verify and manage cookies with extensions or other tools
We inform Users that it is possible to check, in real time, which cookies are used on the Site through simple and free extensions of their browser.

For example, we point out Edit Cookie, a Google Chrome extension that allows you to check, analyze, manage, enable, disable the cookies used on the Website: it can be installed at the following link https://chrome.google.com/webstore/detail/editthiscookie/ fngmhnnpilhplaeedifhccceomclgfbg? hl = it

Other tools (tools) also provide for the analysis of individual parts of the Site, to verify which of them use cookies and which cookies in particular. For example, we point out this tool https://www.attacat.co.uk/resources/cookies

Using the Chrome browser, it is also possible to inspect the presence of cookies by selecting the appropriate item that appears by clicking with the right mouse button on the portion of the site that interests you ("inspect element").

However, the User is requested to check if their browser includes other extensions or other tools for managing cookies (cookie manager or similar).

Management of cookies from the browser
The User can always disable the use of cookies through the settings of the browser used for navigation. However, please keep in mind that, in case of deactivation of cookies, some functions on the Website could be limited or prevented and in any case the experience in general could be compromised.

You can disable cookies by setting your browser preferences. For more information on how to disable cookies on your computer, please visit our full cookie policy. Activating cookies may result in a loss of functionality when using our website.

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing this vary from browser to browser and from version to version. However, it is possible to obtain up-to-date information on blocking and deleting cookies through these links:

https://support.google.com/chrome/answer/95647?hl=it (Chrome);
https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
http://www.opera.com/help/tutorials/security/cookies/ (Opera);
https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
https://support.apple.com/en-gb/guide/safari/sfri11471/mac (Safari); is
https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

For mobile versions of browsers, please consult the respective provider instructions. If the User uses any other browser other than those described above, please search in the settings of the browser in question how to manage cookies, possibly looking for the specific instruction page on any search engine with the keyword "block / cookie management ... (search engine name) ".

Other third party profiling cookies
This Website reserves the right to make use of commercial partners, such as suppliers and web providers in general, who can install their own cookies in relation to the functioning of the services they offer. An example is the presence of "social plugins" for Facebook, Twitter and Instagram. These are parts of the visited page generated directly by the aforementioned sites and integrated into the page of the host site. The most common use of social plugins is aimed at sharing content on social networks.

On the Your Online Choices website, at the page http://www.youronlinechoices.com/it it is generally possible to receive information on the use of cookies and their blocking, especially in the case of third party cookies.

We reserve the right to host the following third parties who may use their own cookies:

Google: https://policies.google.com/technologies/cookies?hl=it

Shopify: https://www.shopify.com/legal/cookies

Wix: https://support.wix.com/it/article/i-cookie-e-il-tuo-sito-wix

Linkedin: https://www.linkedin.com/legal/cookie-policy

If the User uses any other service of another external party connected to this Website (both media sharing and other types), he is requested to search for the relative privacy management method in the settings of the provider in question, possibly searching the specific explanation page on any search engine with the keyword "privacy ... (provider name)".

Duration of cookies
Some cookies (session cookies) remain active only until the browser is closed or the logout command is executed, while other cookies "survive" when the browser is closed and are also available in subsequent visits by the user.

Owner, rights of the interested party and other information
For the information required by art. 13 and 14 of Regulation (EU) 2016/679 (GDPR), such as for example the details of the Data Controller and the Data Protection Officer where appointed, the purposes of the processing and the mandatory or optional nature of providing personal data with the resulting consequences of any refusal, the duration of data retention, the rights of the interested party and the methods of complaint, as well as other information on the privacy policy implemented in general by the Data Controller, please refer to the Privacy Policy of this Website.

Date, 09.02.2021