a. Browsing data

Computer systems and software procedures used for the functioning of the Website may acquire, during their normal operation, some personal data, the transmission of which is an integral part of Internet communication protocols. This information is not collected to be associated with identified data subjects, but, by its very nature, might allow data subjects to be identified by processing and associating it with data held by third parties. Among the Personal Data of this category there are IP addresses or the domain names of the devices used by users to connect to the Website, the URI (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received as a reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters regarding your operating system and device environment.

These data are processed for the sole purpose of obtaining statistical information on the use of the Website and to check its proper functioning, to allow the proper provision of the various features you requested, to ascertain any liability in case of hypothetical computer crimes against the Website or third parties; except in this case, these data are deleted after 7 days.

With reference to personal data collected through cookies, please see our Cookie Policy.

b. Personal data provided by you

We collect your personal data and contact details that you voluntarily provide to us, such as your name, surname and e-mail address, to respond to your requests for information submitted through the form "Contact" of the Website, and the data included in your CV.

I
Allow you to navigate the Website and check its proper functioning. The legal basis of the processing is the performance of a contract or of pre-contractual measures in response to your request.
The provision of personal data for this purpose is necessary to allow you to navigate on the Website and to check its proper functioning.

II
Manage and respond to your requests for information received through the "Contact" form of the Website. The legal basis of the processing is the performance of a contract or pre-contractual measures in respond your requests.
You are not obliged to communicate your data for the above-mentioned purpose, however, failing this, the consequence is the impossibility to follow up on your requests.

III
Manage your application received through the e-mail address on the Website. The legal basis of the processing is the performance of pre-contractual measures in respond your application.
You are not obliged to communicate your data for the above-mentioned purpose, however, failing this, the consequence is the impossibility to follow up on your application.

IV
To exercise or defend a right before the judicial authorities or in legal proceedings. The legal basis of the processing is the legitimate interest of the Controller to exercise or defend its rights; the Controller has considered that this legitimate interest does not prejudice your rights and freedoms.

The browsing data are deleted after 7 days except for any possible detection of crimes by the judicial authority.

Personal data processed to manage and respond to your requests are stored for the entire period of time necessary to manage your request and then they are erased.

Personal data processed to manage your applications are stored for the entire period necessary to manage your application and then erased within 6 months.

Where the data processing is necessary for the purposes of judicial protection, these data are stored for the period for which any claims may be pursued by law.

In particular, your data may be communicated solely for the purposes specified above to the following recipients:

— employees as persons authorised to process personal data under the direct authority of the Controller;

— contractors, consultants and third-party service providers, as well as other companies in the SEDA Group which will process your personal data as Data Processors or as autonomous Data Controllers in the event that your application or C.V. is sent for recruitment or for entering into of a work relationship with one of the companies in the SEDA Group

— other data controllers, public or private, to which the communication of data is instrumental or compulsory;

— companies that provide us with IT support services for our systems;

— companies that provide us with cloud services;

— authorities to which the right of access is granted by law or regulations (e.g. law enforcement)

The Data Controller does not transfer personal data outside the European Union, in any case, where the Data Controller, due to any requirements related to the location of service providers, needs to transfer data outside the European Union to Countries for which the European Commission has not issued an Adequacy Decision, the Data Controller undertakes to ensure adequate levels of protection and safeguards, including contractual ones, compliant with the applicable laws, including the adoption of standard contractual clauses pursuant to art. 46, par. 2, letter c) of the GDPR, supplemented if necessary by additional technical, legal and organisational measures necessary to ensure that the level of protection of personal data is equivalent to the one of the European Union.

For any further information on the transfer of your personal data, you can send an e-mail to the following address: privacy@sedagroup.com.