Privacy Notice pursuant to Article 13 of EU Regulation 2016/679 regarding the Processing of Personal Data – Website
We inform you that, pursuant to EU Regulation 2016/679 (hereinafter the “Regulation”) and Legislative Decree 196/2003 (Personal Data Protection Code) as amended by Legislative Decree 101/2018, as well as any subsequent European or national legislative measures and/or decisions of the Supervisory Authorities after the date hereof, your Personal Data, as defined below, collected by Villa and Partners Executive Search S.r.l. for the purposes of using the website and its functionalities—whether provided by you, including any subsequent changes—will be processed by the same company, both in paper and electronic form, for the purposes indicated below, as data controller (the “Controller”).
Data Controller
The data controller is Villa and Partners Executive Search S.r.l., with registered office at Corso di Porta Romana no. 6, 20122 Milan, VAT and Tax Code: 07737080965, Email: info@vpex.it, PEC: VPEX@LEGALMAIL.IT (a company authorised to carry out recruitment and selection activities by the Ministry of Labour and Social Security under Protocol no. 8005/25-06-2014, authorised to provide outplacement services by the Ministry of Labour and Social Policies under Protocol no. 8005/25-06-2014), which is committed to protecting the personal data entrusted to it. Accordingly, their management and security are ensured with the utmost care, in compliance with the applicable privacy legislation and in particular the GDPR – EU Regulation 2016/679.
In this capacity, the Controller is responsible for ensuring the implementation of the organisational and technical measures that are necessary and appropriate for the protection of data.
Types of data processed
The data processed are personal data (cookies) provided/to be provided by you and collected through the website, relating to you or to third parties, or otherwise processed in the course of the relationship with the Controller.
In any case, all personal data provided to the Controller will be processed in full compliance with the confidentiality and security rules provided for by the Regulation.
The Personal Data processed through the Website and not yet expressly indicated are as follows:
a. Browsing data
The computer systems and software procedures used to operate the Website acquire, during their normal operation, certain Personal Data the transmission of which is implicit in the use of Internet communication protocols. This is information that is not collected in order to be associated with identified data subjects but which, by its very nature, could, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses or domain names of the computers used by users connecting to the Website, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response provided by the server (successful outcome, error, etc.) and other parameters relating to the user’s operating system and IT environment. These data are used solely to obtain anonymous statistical information on the use of the Website and to check its correct operation, to identify anomalies and/or abuses, and are deleted immediately after processing. The data may be used to ascertain liability in the event of hypothetical cybercrimes to the detriment of the Website or third parties: except for this possibility, at present web contact data are not retained for more than seven days.
b. Cookies
Definitions, characteristics and application of the legislation
Cookies are small text files that websites visited by the user send and store on the user’s computer or mobile device, to be transmitted back to the same websites at the next visit. Thanks to cookies, a website remembers the user’s actions and preferences (such as login details, chosen language, font size, other display settings, etc.) so that they do not have to be indicated again when the user returns to the website or browses from one page to another. Cookies are therefore used to perform computer authentication, session monitoring and storage of information relating to the activities of users accessing a website and may also contain a unique identification code that makes it possible to track the user’s browsing within the website itself for statistical or advertising purposes. While browsing a website, the user may also receive on their computer cookies from websites or web servers other than the one being visited (so-called “third-party” cookies).
Some operations could not be performed without the use of cookies, which in some cases are therefore technically necessary for the operation of the website itself.
There are various types of cookies, depending on their characteristics and functions, and these may remain on the user’s computer for different periods of time: so-called session cookies, which are automatically deleted when the browser is closed; so-called persistent cookies, which remain on the user’s device until a preset expiry date.
Under applicable legislation, the use of cookies does not always require the user’s express consent. In particular, “technical cookies”, i.e. those used solely for the purpose of transmitting a communication over an electronic communications network, or strictly necessary to provide a service explicitly requested by the user, generally do not require consent. In other words, these are cookies indispensable for the operation of the website or necessary to perform activities requested by the user.
For “profiling cookies”, on the other hand—i.e. those aimed at creating user profiles and used to send advertising messages in line with the preferences expressed by the user while browsing—prior consent is usually required, depending on the applicable legislation.
Types of cookies used by the Website and options for (de-)selection
The Website uses the following cookies, which may be de-selected, except for third-party cookies, for which you must refer directly to the relevant selection and de-selection methods of the respective cookies, indicated via links:
- Technical browsing or session cookies, strictly necessary for the operation of the Website or to allow you to use the requested content and services.
- Functionality cookies, i.e. cookies used to enable specific Website functions and a series of selected criteria (for example, the language) in order to improve the service provided.
Cookies present on the Website
Specifically, the cookies sent through the Website are only technical and functionality cookies used to ensure the correct operation of the website itself.
Cookie settings
Cookie-related settings
You can block or delete (in whole or in part) technical and functionality cookies through the specific functions of your browser. Please note, however, that not authorising technical cookies may result in the inability to use the Website, view its contents and access the related services. Disabling functionality cookies may result in certain services or functions of the Website not being available or not working properly, and you may be forced to change or manually enter certain information or preferences each time you visit the Website.
The choices made in relation to the Website’s cookies will in turn be recorded in a specific cookie. However, this cookie may, in some circumstances, not work properly: in such cases, we recommend deleting unwanted cookies and disabling their use also through your browser settings. Your cookie preferences will need to be reset if you use different devices or browsers to access the Website.
How to view and change cookies through your browser
You can authorize, block or delete (in whole or in part) cookies through the specific functions of your browser. For more information on how to set cookie preferences through your browser, you may consult the relevant instructions:
- Internet Explorer
- Firefox
- Chrome
- Safari
WARNING: by disabling technical and/or functionality cookies, the Website may not be accessible or some services or functions of the Website may not be available or may not work properly, and you may be forced to change or manually enter certain information or preferences each time you visit the Website.
Purposes, legal basis and optional nature of processing
Personal data are processed for the following purposes:
- providing users with information regarding the Controller in order to enable awareness of and contact between users and the Controller, on the basis of the Controller’s legitimate interest (Art. 6(1)(f) GDPR).
Personal data will be processed mainly through the use of IT and telematic tools, directly by our staff and by our consultants, duly instructed and appointed for this purpose. The scope and adequacy of the data provided will be constantly assessed in order to determine the consequent decisions and avoid the processing of data that are excessive in relation to the purposes pursued.
Processing will be carried out in automated and/or manual form, with methods and tools in compliance with the technical and organisational measures to ensure the security of processing (Art. 32 of the Regulation).
Recipients and transfer of personal data
Personal data provided, for the purposes described in Article 3 above, may be disclosed to or communicated to the following subjects:
- the Controller’s shareholders, employees, collaborators and consultants;
- any external data processors.
The data will not be subject to uncontrolled dissemination; they will be processed lawfully and transparently and may be communicated to the recipients, as indicated below, for the same purposes stated above.
The Controller does not transfer your Personal Data outside the European Economic Area.
Retention of personal data
In compliance with the principles of lawfulness, purpose limitation and data minimisation pursuant to Art. 5 of the Regulation, the retention period of personal data is established as the duration of the website access session.
Your rights
You have the right to request from the Controller, at any time, access to your Personal Data, rectification or erasure thereof, or to object to their processing; you have the right to request restriction of processing in the cases provided for by Art. 18 of the Regulation, as well as to obtain, in a structured, commonly used and machine-readable format, the data concerning you, in the cases provided for by Art. 20 of the Regulation.
Requests must be submitted in writing to the Controller at the following address: info@vpex.it.
In any case, you always have the right to lodge a complaint with the competent supervisory authority (Italian Data Protection Authority – Garante per la Protezione dei Dati Personali), pursuant to Art. 77 of the Regulation, if you believe that the processing of your Personal Data is contrary to the legislation in force.
10. Different purposes
If the Controller intends to further process the data for a purpose other than that for which they were collected, it will provide the data subject, prior to such further processing, with information regarding that different purpose and any other relevant information.