This page will provide information about the processing of personal data of site users.
In compliance with the provisions of art. 13 of Leg. Decree no. 196/2003 (Italian Personal Data Protection Code), information is provided to any entity using web-based services made available by Valentina Giorgi via electronic networks as from the following address www,valentinagiorgi.com
The information provided is also based on the guidelines contained in Recommendation no. 2/2001, which was adopted on 17 May 2001 by the European data protection authorities within the Working Party set up under art. 29 of European Directive 95/46/EC, in order to lay down minimum requirements for the collection of personal data online – especially with regard to arrangements, timing and contents of the information to be provided by data controllers to users visiting web pages for whatever purpose. This shall enable the information to be used – in compliance with art. 13 of Leg. Decree 196/2003 – for different data processing related to web browsing (e.g. curriculum personal data processing).
In pursuance of art. 29 of Leg. Decree 196/2003, the data supervisor is the company owner. Email: firstname.lastname@example.org
DATA CONTROLLER SUPERVISOR
In pursuance of art. 28 of Leg. Decree 196/2003, the data controller is è Valentina Giorgi, Via Andrea Costa , 63 47841 Cattolica (RN)
PLACE OF DATA PROCESSING
The processing operations related to the web-based services which are made available via this website are carried out at the aforementioned office of the company owner and of the external data processing supervisor.
PURPOSES OF DATA PROCESSING
Any personal data that is voluntarily and optionally provided by users requesting to be sent information about web-related services (itinerary uploading, accommodation facilities availability, …) or job applications through electronic CVs, is only used to provide the service requested and is disclosed to third parties only if this is necessary for the said purposes or to fulfil legal obligations. In any case each user is requested to confirm the publication of his/her CV on the website section “Partner”. In particular, the personal data voluntarily provided by data subjects will be collected online and processed – with the support of electronic devices directly and/or through third companies (email providers, web hosting companies) for the following purposes: examining any received curricula within company requirements; anonymous statistical purposes (to examine the number of access, …);
CURRICULUM MANAGEMENT POLICY
The company has the right to examine any curricula concerning potential vacancies or future applications. The storage time of curricula deemed to be “interesting” is two years and they will be treated in full compliance with the minimum security measures laid down in Art. 33, 34 and 35 provided for in Legislative Decree no. 196/2003. Candidates are requested to respect the following rules when transmitting their curricula in European format and in electronic form:
transmitting the curriculum in pdf format;
avoiding to include sensitive personal data in the curriculum (in particular, health-related data, religious, philosophical and political beliefs) which are not relevant to the job offer;
giving consent to treatment.
The company shall provide information pursuant to art. 13 of Leg. Decree no. 196/2003 during job interviews with the candidates. The purposes of the data processing related to curriculum management shall be strictly limited to the evaluation, recruitment or selection of the personnel, with the aim of collaboration, recruitment on a fixed-term or open-ended contract, of internship, or to enable the holder/successful applicant/candidate to write the thesis in our premises. Itineraries may be requested to promote candidates to a tour guide position, in order to have facilities in job search, from associations or partner sites.
COMMUNICATION OF DATA DIFFUSION
Personal data can be exclusively processed by officially appointed staff, specialised in personal data security and confidentiality.
TYPES OF PROCESSED DATA
The software procedures relied upon to operate this website acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet Communication Protocols.
Such information is not collected in order to relate it to identified data subjects; however it might allow user identification per se after being processed and matched with data held by third parties (providers).
This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time and date of such requests, the returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.
These data are only used to extract anonymous statistical information on website use as well as to check its functioning; they are immediately erased after being processed. These data might be used to establish liability in case computer crimes are committed against the website; except for this circumstance, any data on web contacts is currently retained for no longer than seven days.
Data Provided Voluntarily by Users
Sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender’s address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s).
Sending messages from Valentina Giorgi website entails the diffusion of personal data (email and name) to the company itself.
Personal data is processed with paper and automated means for no longer than is necessary to achieve the purposes for which it has been collected. Specific security measures are implemented to prevent data from being lost, used unlawfully and/or inappropriately, and accessed without authorisation.
DATA SUBJECTS’ RIGHTS
Data subjects are entitled at any time to obtain confirmation of the existence of personal data concerning them and be informed of their contents and origin, verify their accuracy, or else request that such data be supplemented, updated or rectified (Section 7 of Leg. Decree no. 196/2003).
The above Section also provides for the right to request erasure, anonymization or blocking of any data that is processed in breach of the law as well as to object in all cases, on legitimate grounds, to processing of the data.
Listed below in full are the rights of the concerned party.
Art. 7 – Right to Access Personal Data and Other Rights
A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
A data subject shall have the right to be informed
of the source of the personal data;
of the purposes and methods of the processing;
of the logic applied to the processing, if the latter is carried out with the help of electronic means;
of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
A data subject shall have the right to obtain:
updating, rectification or, where interested therein, integration of the data;
erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
A data subject shall have the right to object, in whole or in part,
on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.