This privacy policy aims to describe how the website www.magaldi.com (hereinafter, the "Website") is operated with regard to the processing of personal data of individuals who access, use, or interact with it (hereinafter, the "User" or "Users").
This is a privacy policy made in compliance with art. 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons about the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (hereinafter: the "GDPR") and provided to all users who use and, more generally, interact with the services through the website by Magaldi Power S.p.A., based in Rome, at Piazza di Pietra, 26 (hereinafter: the "Controller" or “Magaldi”).
This privacy policy explains the purposes and methods by which the Controller collects and processes your personal data, which categories of data are processed, which are the rights of data subjects and how they can be exercised.
The privacy policy is provided exclusively for this Website and therefore the Controller is not responsible for any other website to which the user may be redirected through the hyperlinks published on the website.
The processing that is the subject of the information will be carried out through suitable paper, electronic and/or telematic means in such a way as to guarantee the security and confidentiality of the data.
By using this Website, you accept this privacy policy and are therefore invited to review it before providing any personal information.
1. Categories of personal data
a. Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but for their nature they could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the devices used by users connecting to the website, the addresses in the Uniform Resource Identifier (URI) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code reporting the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and user's device system.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the website.
b. Data acquired in case of use of the services
The Controller may acquire the personal data provided by the User in the contact forms, in the “Contact Us” section (such as, for example, first name, last name, telephone number, email address, company of affiliation), and in the “Work with Us” section (such as, for example, those contained in the candidate's cv), to take advantage of the services offered by the Data Controller through the Site.
The Controller may also process the personal data contained in the documents that may be attached by the Users, but, in this case, it will process only those that are strictly necessary for the processing of the request received.
The submission of such data is facultative for browsing the Site, but refusal to provide it may result in the impossibility of taking advantage of the services offered.
c. Data provided voluntarily by the User
The Controller may acquire any personal data, including information of a personal nature, provided by the user through the contact form.
In this regard, it should be noted that the data provided by the User should concern only those strictly necessary for the purpose of using the services offered by the Site. The User is requested not to provide any other data, particularly those relating to health status, religious beliefs, and political opinions or data relating to criminal convictions or offenses. Such data will not, however, be used by the Controller.
The personal data listed above will be processed by the Controller exclusively for the purposes and within the limits indicated in the following paragraph.
2. Purposes and legal basis of processing: provision of services requested
The personal data listed above will be processed by the Controller exclusively for the purposes and within the limits indicated in the following ways:
- to enable the User to navigate the Site, based on the legitimate interest of the Owner in the operation of the Site [Art. 6(1)(f) GDPR];
- to follow up a contact request coming from the User, in the appropriate “Contact Us” section. In this case, the legal basis is identified in the execution of pre-contractual measures at the request of the data subject [Art. 6(1)(b) GDPR];
- to evaluate the User for a job position opened by the Owner in the “Work with us” section and/or as a result of his/her spontaneous application. In this case, please refer to the specific privacy policy for the processing of the candidate's data.
- Subject to your free and specific consent, the Controller may process your data for sending commercial communications through automated systems (e.g. e-mail, SMS, app notifications) and traditional communications systems (e.g. paper mail).
For this purpose, Magaldi shall process the data referred to in paragraph 1, lett. b) and c) [Article 6(1), a) GDPR].
The consent given is revocable at any time by writing to: privacy@magaldi.com. Consent may also be revoked concerning automated contact systems only.
3. Categories of subjects to whom personal data can be communicated and purposes of communication
The Controller may communicate, for the same purposes indicated in paragraph 2 above, to individuals within its organization, expressly designated for processing and, therefore, duly instructed by the Owner.
The Controller some of your personal data also to third parties, who will process your personal data as Processors pursuant to Article 28 of the Regulations.
The list of data processors may be requested from the Data Controller by writing to privacy@magaldi.com.
4. Period of data retention and duration of the processing
The Controller will retain the data for as long as necessary to pursue the purposes described in this policy in paragraph 2. In more detail, the Controller will retain your data as follows:
- For the purpose referred to in lett. (a) above, your data will be kept for 7 days, thereafter stored for up to 1 year in encrypted form.
- For the purpose referred to in lett. (b) above, your data will be kept for the strictly necessary period for the execution of requests that you made to the Controller and for an additional period equal to and not exceeding 6 months also for the needs of protection of the rights of the owner and for the fulfilment of legal obligations.
- For the purpose referred to in lett. (c) above, please refer to the relevant privacy policy for job applicants.
- For the purpose referred to in lett. (d) above, your data will retain your data for as long as your consent remains and, in any case, for a period not exceeding 5 years.
5. Cookie policy
Regarding the cookie policy, please refer to www.magaldi.com/it/cookie-policy.
6. Transfers outside the European Economic Area ("EEA”).
The User's personal data will not be processed by the Controller outside the EEA.
7. Rights of the data subject
The User is entitled to exercise the rights provided for in Articles 15 et seq. of the Regulations, in particular:
- the right of access and obtaining information about the existence of personal data in the availability of the Controller and access to such data;
- the right to rectification and, in particular, to request and obtain the amendment and/or correction of your personal data if you believe they are inaccurate or incomplete;
- the right to request, if the cases set forth in the Regulations occur, the deletion of personal data or the restriction of processing concerning them;
- the right to request, where appropriate, portability of personal data;
- if applicable, the right to revoke previously given consent.
These requests may be requested from the Data Controller by writing to the following e-mail address: privacy@magaldi.com or by paper mail.
Finally, in pursuance of the regulations in force, the User may propose any complaints regarding the processing of his/her personal data to the Guarantor Authority for the Protection of Personal Data.
8. Data Protection Officer
The Controller has appointed a Data Protection Officer, who can be contacted at (“Data Protection Officer” or “DPO”). The DPO can be contacted at the following address: dpo@magaldi.com.
