enit
Contact us

Notice regarding the processing of resumes and documentation submitted for spontaneous applications and/or for job search purposes in accordance with GDPR 679/2016

In compliance with the provisions of GDPR 679/2016, we hereby inform you, as the “Data Subject,” of the purposes of the collection and the methods of processing by which our Company processes the resumes and/or other documentation it receives for the purposes of unsolicited
applications and/or job searches.

We therefore provide you with the relevant information regarding the processing of personal data, as specifically indicated below.

1. Identity and contact details of the data controller (if applicable: of the representative/internal data processor/DPO)

The Data Controller is Rise Technology S.r.l., with headquarters in Rome, at Via Lungomare Paolo Toscanelli No. 170, Tax ID/VAT No. 0888212100, email: [email protected], certified email: [email protected].

Pursuant to Article 37 of the GDPR 679/2016, the Data Controller has appointed a Data Protection Officer, who can be contacted via email at the following address: [email protected].

2. Purpose of the processing

Subject to compliance with the obligations set forth by laws, regulations, and EU legislation, the data collected through the voluntary submission of your resume and/or other related documentation to our Company will be processed by us for the following purposes:

a. recruitment purposes.

3. Legal basis for processing

The legal basis for the processing is the specific consent you have provided.

4. Recipients or categories of recipients of personal data

The personal data collected will not be disclosed and/or transferred to third parties nor will it be disseminated.

Personal data may be accessed by personnel expressly appointed by the Data Controller, who may carry out data processing operations.

5. Intention of the data controller to transfer personal data to a third country or an international organization

It is not the Data Controller’s intention to transfer the collected data to a third country or to an international organization.

6. Retention period for collected personal data

The collected data will be retained for a maximum period of 18 months, subject to any longer retention periods required by law.

Once the retention period described above has expired, the data you have provided will be completely deleted.

7. Rights of the data subject

The GDPR 679/2016 grants the Data Subject certain rights:

  • a. right of access to the data collected and processed – Art. 15;
  • b. the right to obtain rectification of the data – Art. 16;
  • c. the right to erasure and the right to be forgotten – Art. 17;
  • d. the right to obtain restriction of processing – Art. 18;
  • e. the right to data portability to another controller – Art. 20;
  • f. right to object to processing – Art. 21;
  • g. right not to be subject to automated processing – Art. 22;
  • h. right to withdraw consent at any time, without affecting the lawfulness of processing based on consent given prior to withdrawal – Art. 7;
  • i. the right to lodge a complaint with the Supervisory Authority – Art. 77;
  • j. right to seek judicial remedy against the supervisory authority (Art. 78) and against the Data Controller or Data Processor (Art. 79).

To exercise the rights referred to in points (a) through (h), you must contact the Data Controller.

8. Nature of the provision

While the provision of personal data by the Data Subject is not mandatory, it is necessary to achieve the purposes indicated above.

Should you withdraw your consent to the processing of your data, please note that it will no longer be possible to proceed with the evaluation processes related to your profile.

It is the Data Subject’s responsibility to promptly notify the Data Controller of any changes regarding the personal data provided.

9. Automated decision-making processes, including profiling

The data provided will not be subject to processing through automated decision-making processes, including profiling.

10. Methods of processing

The data provided will be processed by us in accordance with the provisions of GDPR 679/2016 and in the following manner:

  • a. access to data and archives is permitted only to Data Processors or Authorized Persons;
  • b. data and areas are protected through appropriate measures that are systematically monitored;
  • c. data collection through direct contact with the data subject;
  • d. recording and processing both via electronic media and through files and paper documents;
  • e. organization of records primarily in digital form, but also on paper;
  • f. verification and modification of data following any request by the Data Subject.

11. Complaint to the supervisory authority

The Data Subject has the right to lodge a complaint with the Supervisory Authority if they believe that the processing concerning them violates GDPR 679/2016 by contacting the following link:

http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524