In general, any information and data which you provide to Data Controllers over the Website, or which is otherwise gathered via the Website in the context of the use of Ventifive’s services as better defined in Section 3 below, will be processed by Data Controllers in a lawful, fair and transparent manner. To this end, and as further described below, Data Controllers take into consideration internationally recognised principles governing the processing of personal data, such as purpose limitation, storage limitation, data minimisation, data quality and confidentiality.
To get in touch with Ventifive’s Data Protection Officer, please contact: firstname.lastname@example.org
When you use the Website, Data Controllers will collect and process information regarding you (as an individual) which will identity you – according to your choices on how to use the Services- in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, mental, economic, cultural or social an identified or identifiable natural person (“Personal Data”).
This information may be collected both when you choose to provide it (e.g., when you subscribe to our newsletter or when you create a personal account for receiving Services provided by Data Controllers) or simply by analysing your behaviour on the Website.
I Dati Personali trattati attraverso il Sito sono i seguenti:
In various sections of the Website – including, in particular, if you decide to create an account on the Website – you will be asked to submit information about yourself, such as your name, phone / mobile numbers, e-mail address, date of birth, country of residence and address. Additionally, when subscribing or signing up to receive Services, you might be asked to provide information as to your preferred mode of payment – PayPal, or credit card.
In addition, whenever you participate in surveys and other promotions which may be available on the Website, as well as whenever you communicate with Data Controllers through the contact details provided in the Website or with Customer Care, Data Controllers may collect additional information which you choose to provide.
When registering to apply for a position within Ventifive on the Website at https://www.ventifive.com/it/tutto-su-ventifive#job (“Work with us”), you will also be asked to provide your e-mail address and your job application (“Application”) when you will provide us information such as resume, cover letter, professional qualifications and your professional profile links on social networks.
When receiving your Application, Ventifive, even you may have not indicated in your Application, may assess your professional social media accounts (e.g. LinkedIn) or professional websites, where publicly available, to gain insight as to your suitability for position applied for.
Under your previous and explicit consent, your navigation programme on Internet (“Browser”) may share with the Website an approximation of your geographic location through information on wireless access points close to you and on your IP address of your device.
In both cases, it is an optional use of a Personal Data processing but extremely useful to Data Controllers for proving you even more useful Services. If you think that sharing your approximate location through your Browser is invasive, you may revoke at any time your consent changing the settings of your Browser (or settings of you operating system). To have more information we invite you to read specific privacy notice of your Browser.
Certain areas of the Website (e.g., “Work with us”) may include free text fields, where you can provide Data Controllers some information, which may contain Personal Data.
Where these fields are completely free, you may use them to disclose (inadvertently or not) more sensitive categories of Personal Data, such as data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. The content you upload in these fields may also (inadvertently or not) include other types of sensitive information relating to you, such as your genetic data, biometric data or data concerning your health, sex life or sexual orientation.
Data Controllers ask that you do not disclose any sensitive Personal Data on the Website, unless you consider this to be strictly necessary. As it is totally optional to provide this information, if you nonetheless choose to do so, please mind that Data Controllers, complying with the applicable law, require your explicit consent to process this sort of Personal Data (which can be provided, e.g., by the flag in your Application).
As mentioned in the previous section, certain areas of the Website (such as Work with us, or when you insert your e-mail to subscribe to the newsletter, or when you purchase products on the Website and write a “happy birthday” message annexed to the order) allow you to insert text messages or information, which Data Controllers may have access. These messages and information may include Personal Data related to other persons.
In those situations, you will be considered as an independent data controller regarding that Personal Data and must assume all inherent legal obligations and responsibilities. This means, among other things, that you must fully indemnify Data Controllers against any complaints, claims or demands for compensation for damages which may arise from the processing of this Personal Data, brought by the third parties whose information you provide through the Website.
As Data Controllers do not collect this information directly from these third parties (but rather collects them, indirectly, from you), you must make sure that you have these third parties’ consent before providing any information regarding them to Data Controllers; if not, then you must make sure there is some other appropriate grounds on which you can rely to lawfully give Data Controllers this information.
The Website’s operation, as it is standard with any websites on the Internet, involves the use of computer systems and software procedures, which collect information about the Website’s users as part of their routine operation. While Data Controllers do not collect this information in order to link it to specific users, it is still possible to identify those users either directly via that information, or by using other information collected – as such, this information must also be considered Personal Data.
This information includes several parameters related to your operating system and IT environment, including your IP address, location (country), the domain names of your computer, the URI (Uniform Resource Identifier) addresses of resources you request on the Website, the time of requests made, the method used to submit requests to the server, the dimensions of the file obtained in response to a request, the numerical code indicating the status of the response sent by the server (successful, error, etc.), and so on. These data are used to compile statistical information on the use of the Website, as well as to ensure its correct operation and identify any faults and/or abuse of the Website. Save for this last purpose, these data are not kept for more than 50 business days.
Definitions, characteristics, and application of standards
Cookies are small text files that may be sent to and registered on your computer by the websites you visit, to then be re-sent to those same sites when you visit them again. It is thanks to these cookies that those websites can “remember” your actions and preferences (e.g., login data, language, font size, other display settings, etc.), so that you do not need to configure them again when you next visit the website, or when you change pages within a website.
When browsing a website, you may also receive cookies from websites or web servers other than the website being visited (i.e., “third-party cookies”).
There are various types of cookies, depending on their characteristics and functions, which may be stored on your computer for different periods of time: “session cookies”, which are automatically deleted when you close your browser, and “persistent cookies”, which will remain on your device until their pre-set expiration period passes.
According to the law which may be applicable to you, your consent may not always be necessary for cookies to be used on a website. In particular, “technical cookies” – i.e. cookies which are only used to send messages through an electronic communications network, or which are needed to provide services you request – typically do not require this consent. This includes browsing or session cookies (used to allow users to login) and function cookies (used to remember choices made by a user when accessing the website, such as language or products selected for purchase).
On the other hand, “profiling cookies” – i.e., cookies used to create profiles on users and to send advertising messages in line with the preferences revealed by users while browsing websites – typically require specific consent from users, although this may vary according to the applicable law.
Types of cookies used by the Website
Data Controllers intends to use your Personal Data, collected through the Website, for the following purposes:
Data Controller’s legal bases to process your Personal Data, according to the purposes identified in Section 3, are as follows:
We share your Data with the following parties (hereinafter referred to as the “Recipients”):
Considering Ventifive’s worldwide presence and business operations, your Personal Data may be transferred to Recipients located in several different countries.
Data Controllers implement appropriate safeguards to ensure the lawfulness and security of these Personal Data transfers, such as by relying on adequacy decisions from the European Commission, standard data protection clauses adopted by the European Commission, or other safeguards or conditions considered adequate to the transfer at hand.
More information on these transfers is available upon written request to Ventifive at the following address: email@example.com
Personal Data processed for Service Provision will be kept by Data Controllers for the period deemed strictly necessary to fulfill such purposes – in any case, as these Personal Data are processed for the provision of the Services, Data Controllers may continue to store this Personal Data for a longer period, as may be necessary to protect Data Controllers’ interests related to potential liability related to the provision of the Services.
Personal Data processed for Recruitment will be kept by Data Controllers for as long as the vacancy for which the CV was submitted is still available or, in case of open positions, for up to 1 year. Data Controllers may contact applicants before the expiration of this period, in order to request an extension of the retention period or an update of the application. In case of no response from the applicants, Data Controllers delete Personal Data collected.
Personal Data processed for Marketing and Profiling will be kept by Data Controllers from the moment you give consent until it is withdrawn. We will remind consent you have given every 24 months. Once consent is withdrawn (or not given, following a renewal), Personal Data will no longer be used for these purposes, although it may still be kept by Data Cotrollers, in particular as may be necessary to protect Data Controllers’ interests related to potential liability related to this processing.
Personal Data processed for Soft Spam will be kept by Data Controllers until you object to this processing through the link you find at the bottom of every Soft Spam e-mail.
Personal Data processed for Compliance will be kept by Data Controllers for the period required by the specific legal obligation or by the applicable law.
Personal Data processed for preventing Misuse/Fraud will be kept by Data Controllers for as long as deemed strictly necessary to fulfill the purposes for which it was collected and until Data Controllers have to keep the data in order to defend themselves in subsequent legal proceedings that may arise, or communicate this data to Supervisory authorities, as may be requested.
As a data subject, are entitled to exercise the following rights before Data Controllers, at any time: