PRIVACY POLICY FOR APPLICANTS PURSUANT TO ARTICLE 13 OF EU REGULATION 2016/679

Corradi S.r.l. wishes to inform you, according to Art. 13 of EU Regulation 679/2016 on the protection of personal data (“GDPR”) and to the national legislation, including the individual provisions of the Data Protection Authority, where applicable, that the personal data you provide (“Data subject”) through the specific on-line form present on the Website https://www.corradi.eu/ (“Website”), will be processed in compliance with the laws and contractual provisions in force for the purposes and with the modalities indicated below.

1. Data controller

The Data Controller is Corradi S.r.l. (“Corradi” or “Data Controller”), with registered office in Via Marino Serenari, 20, 40013 Castel Maggiore (BO), Tax code and VAT no. 03464321201 in the person of the Legal Representative in charge
Tel.: +39 051 41884111, E-mail: hello@corradi.eu, PEC (certified email address):Corradi2015@legalmail.it .

2. Type of personal data processed

Within the scope of the purposes indicated below, personal data and contact data (such as, but not limited to: name, surname, e-mail address, address, telephone number, date of birth, qualifications obtained, desired job title), as well as any other personal data provided spontaneously in the curriculum vitae by natural persons in the context of their application, will be acquired and processed by Corradi to carry out the personnel recruitment and selection process.
We inform you that, if given voluntarily, data relating to the so-called special categories of data, such as membership in protected categories (“Personal Data” or just “Data”) may also be subject to processing according to Art. 9 GDPR.
 

3. Purposes of the processing

Your Personal Data will be processed by the Data Controller exclusively to evaluate the professional profiles of interest emerging in the curriculum vitae sent and, more generally, to manage all the steps connected to the selection of applicants, starting from the evaluation of the application itself, with a view to establishing a possible working relationship or collaboration with Corradi.

4. Legal basis of the processing

The legal basis of the processing for the evaluation of your application is the execution of pre-contractual measures (Article 6, par. 1, letter b) GDPR); in the case of special categories of data pursuant to Art. 9 GDPR voluntarily provided through your application, the legal basis for the processing is the fulfilment of obligations and the exercise of specific rights in the field of labour law, social security and social protection (Article 9, par. 2, letter b) GDPR). Consequently, your specific consent is not required for the processing of the data provided.

5. Nature of data provision and consequences of a refusal

The provision of the Personal Data marked with an asterisk (*) in the “Work with us” form is mandatory in order to allow us to evaluate your application and the failure to provide them will have no other consequence except the impossibility to carry out the above evaluation.

6. Processing methods and nature of the provision

The data processing for the purposes set out is carried out both on automated (electronic or magnetic) and non-automate (paper) supports, in compliance with the requirements of confidentiality and security provided for by law, regulations and internal provisions, by adopting appropriate technical and organisational measures to ensure a level of security appropriate to the risk, pursuant to and in compliance with the provisions of Art. 32 GDPR.

7. Data retention

Your data will be kept for the period strictly necessary for the attainment of the aims indicated in point 3 and in any case for a period not exceeding 12 months from the receipt of your curriculum vitae.

8. Recipients/Categories of recipients of the Personal Data

Your Personal Data are processed according to Art. 29 GDPR by Corradi’s authorised personnel, instructed by the Data Controller exclusively in relation to the tasks involved and to the purposes indicated in point 3.
Your Personal Data may be also disclosed to external Data Processors pursuant to Art. 28 GDPR, namely to the subjects whose services are used by Corradi to carry out its activities and which offer a suitable guarantee of compliance with the regulations on the processing of Personal Data.  A specific and up-to-date list of such subjects is available at the headquarters of the Data Controller and can be consulted on request by the Data Subject.
Personal Data may also be communicated to Public Entities in compliance with the obligations set forth by law or regulations; subjects whose right to access your Persona Data is granted by legal or regulatory provisions (e.g. Italian Financial Police, local public security authorities, etc.) for the investigation and prosecution of illegal conduct, prevention and protection from threats to public security.
In accordance with the above mentioned processing purposes, your Personal Data may also be communicated to other companies of the Renson Group of which Corradi is a member; such companies, established within the European Union, will process your Personal Data in accordance with the same Regulation.
Your data will not be transferred to non-EU countries and, in any event, any transfer of Personal Data to a third country outside the European Union or to an international organisation will take place in accordance with the provisions of Chapter V of the Regulation.
Finally, your Data may be transmitted to the judicial or administrative Authorities to enable Corradi to exercise or protect its own right or the right of third parties or, in any case, for reasons connected with the protection of the rights and freedoms of others.
Your Personal Data will not be circulated in any case.

9. Data subject’s rights

We inform you that you have the right to exercise the following rights in relation to the Personal Data under this information note, as provided for and guaranteed by the GDPR:

• Right of access and rectification (Articles 15 and 16 GDPR): You have the right to obtain the confirmation as to whether or not your Personal Data are being processed, and, where that is the case, access to them. You also have the right to obtain the rectification of inaccurate data and the completion of incomplete data. You can exercise these rights by directly writing to hello@corradi.eu. If you wish, we will provide you with a copy of your data in our possession.
• Right to erasure (Art. 17 GDPR): in the cases provided by the law in force (e.g. personal data are no longer necessary with respect to the purposes for which they have been collected or otherwise processed, withdrawal of consent, unlawful processing, etc.) you have the right to obtain the erasure of your Personal Data without undue delay by Corradi.
• Right to restriction of processing (Art. 18 GDPR): in the cases provided for by the law in force (inaccuracy of personal data, unlawful processing of data, etc.) you have the right to obtain a restriction on the processing of your Personal Data.
• Right to data portability (Art. 20 GDPR): You have the right to receive your Personal Data in a structured, commonly used and machine-readable format in order to transmit them to another controller or, if requested, we will directly transmit your Data to another controller.
• Right to object (Art. 21 GDPR): You have the right to object at any time, for reasons connected with your particular situation, to the processing of your Personal Data pursuant to Article 6, par. 1, letters e) or f) of the Regulation (legitimate interest of the Data Controller).

In general, to exercise these rights, it will be sufficient to contact the Data Controller by registered letter, fax or e-mail at the addresses indicated in point 1, using, if necessary, the form made available on the website of the Authority for the Protection of Personal Data (https://www.garanteprivacy.it). 
Corradi will take all the necessary actions within one month of receiving your request. During this period, despite the exercise of your rights, you may receive further automated communications that were scheduled to be sent before your request.
The period of one month can be extended by two months in the case of a complex request or numerous requests.

10.  Complaint with the Data Protection Authority

Should you believe that there has been a breach of your right to Personal Data protection, it is your right to complain to the Data Protection Authority in the manner and in compliance with the terms stated on the Website of the Data Protection Authority (http://www.garanteprivacy.it).

11. Updates and modifications

The Data Controller may modify, supplement or simply update, in whole or in part, this Privacy Policy also in view of legislative changes or the entry into force of new regulations in the sector.
Updates and changes will be communicated through publication on the Website. Please access this section regularly to verify that the latest and most current Privacy Policy is published.