PRIVACY POLICY
This privacy notice has been drawn up pursuant to article 13 of the General Data Protection Regulation No 2016/679 (hereinafter the “GPDR”), and provides details regarding the processing of your information collected from the website hrit.it (the “Site”).
WHO PROCESSES YOUR DATA?
Controller
The Data Controller for the Site is HRIT S.r.l., with registered office at Via Francesco Carrara 24 – Roma.
Other persons to whom your data may be disclosed
Your data may be shared with:
- HRIT’s designated staff and, if necessary, consultants who have agreed to maintain confidentiality or are subject to adequate confidentiality obligations;
- persons delegated and/or appointed by the Controller to carry out activities strictly related to the above purposes (including system maintenance services), appointed as data processors;
- persons, companies or firms who provide advice and assistance to the Controller, appointed as data processors;
- companies, entities or authorities to whom your personal data must be provided pursuant to the law or by order of the competent authorities;
Your personal data shall not be transferred outside the European Economic Area.
WHAT TYPE OF DATA DO WE COLLECT?
Data volunteered by the user
The Site offers users the possibility to volunteer personal information, for instance by sending emails to request information and/or enter into relationships with the HRIT’s consultants, to request monthly Newsletters, to participate in events and meetings.
Third party data
If you decide to provide third party data to us, we would please ask you to ensure that such third parties have been previously and adequately informed of the manner and purposes of the processing hereunder. In these cases, you will be deemed to be the controller, with the relevant legal obligations and responsibilities.
Surfing data
We collect the following information from the services used by you:
- technical data: these include IP addresses or domain names of your computers, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the manner in which the request has been submitted to the server, the size of the response file, the numerical code identifying the status of the server’s response (successful, error etc.) and other parameters regarding your Operating system and IT environment. These data are used for statistical information purposes only (and therefore are anonymous), in order to check proper operation of the site, and are deleted immediately after processing. Data may be used to ascertain responsibility in the event of purported IT crimes against the site: except in the latter case, surfing information is deleted within 7 days;
- data collected using cookies or similar technologies: see our Cookies section for more information.
WHAT ARE THE PURPOSES OF PERSONAL DATA PROCESSING?
Personal data are processed:
For the purposes of providing the services requested
We use your data to ensure an efficient response to your requests. You are not compelled to provide your personal data for these purposes but if you do not, we may not be able to provide the services requested. Furthermore, we will process your data to ensure compliance with the law, regulations and EU rules.
To provide tax and legal updates
If you have expressly provided your consent – after registering with the reserved area – we will use your data to inform you about the latest tax and legal updates and the educational events promoted by HRIT.
HOW LONG DO WE KEEP YOUR INFORMATION FOR?
We shall keep your personal data in hard copy and/or electronic format for the time strictly necessary to achieve the purposes stated at point above.
We will process your data for the time strictly necessary to provide the service requested.
The data and documents sent to individual consultants, for participation in events and meetings or provided in the registration form to receive Newsletters, will be kept by the Controller for the period of time necessary to achieve the purposes stated in this Privacy notice and, in any case, for a maximum of 24 months.
Finally, in order to comply with the terrorist prevention regulations introduced by article 24 of law 167/2017, transposing Directive EU 2017/541, we shall keep Internet traffic data, not including the content of any communications, for a period not exceeding 72 months.
HOW CAN YOU EXERCISE YOUR RIGHTS?
Pursuant to the GPDR, you are entitled at all times to request access to your personal data, to object to their processing, and ask the Controller to amend or delete them; you shall also be entitled to ask for restriction of processing in the cases set out in article 18 of the GDPR, or receive the personal data concerning you in a structured, commonly used and machine-readable format in the cases set out in article 20 of the GDPR.
Please send your requests to the following address: hrit@legalmail.it
Finally, if you believe that processing of your data infringes the applicable law, you may file a complaint with the Italian Personal Data Protection Authority (Garante per la Protezione dei Dati Personali) pursuant to article 77 of the GDPR.
HOW DO WE PROTECT YOUR DATA?
Your personal data shall be processed in accordance with the applicable legislation. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk.