Version 1.3 – dated: 12/02/2024
(Information on personal data processing in accordance with Article 13 of the Regulation EU 2016/679)
– is specifically intended for the website www.diennea.com (hereinafter “the Site”);
– forms an integral part of the Site and the services we offer; and
– is Information pursuant to Article 13 of the GDPR for those who interact with the services of this Site.
The processing of your personal data shall follow principles of correctness, lawfulness, transparency, purpose and retention limitation, data minimization, accuracy, integrity, confidentiality and accountability pursuant to Article 5 of the GDPR. Your personal data will therefore be processed in accordance with the legislation governing Privacy and confidentiality obligations.
Processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
5. Transfer of Personal Data
1. Data Controller and Data Protection Officer (DPO)
The Controller of the processing is Diennea as specified above. The Data Controller’s organization comprises a Data Protection Officer (DPO). The DPO is available for any information regarding the processing of the personal data of Diennea, including the list of data processors. It is possible to contact the DPO by writing to email@example.com.
2. Personal Data subject to processing
When you use the Site, Diennea may collect and process information related to you as an individual such as your name, an identification number, an online ID or one or more characteristic elements of your physical, physiological, mental, economic, cultural or social identity which allows you to be identified, either directly, or together with additional information (“Personal Data”).
Personal Data which may be processed by Diennea through the Site are as follows:
a. Browsing Data
During normal operation, the computer systems and software procedures used to operate the Site acquire some personal data whose transmission is implicit in the communication protocols of the Internet. This information is not collected to be associated with identified subjects, but by their very nature could identify users through processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers used by users that connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and computer of the user’s IT environment. These data are used in order to obtain statistical information in anonymous and/or aggregate form about the Site and to allow it to operate correctly. It permits the proper delivery of services and is used for security reasons as well as to establish liability in case of computer crimes against the Site or third parties. Diennea normally deletes navigation after sixty days.
b. Special categories of Personal Data
In the “Work with Us” section of the Site, you are allowed to submit Personal Data which may fall under the category of Personal Data referred to in Article 9 of the GDPR – i.e. “[…] data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”. The processing of such Personal Data may be permitted as it is based on the release of your consent pursuant to Article 9(2)(a) of the GDPR and according to the applicable rules on personal data protection. Diennea asks that you do not disclose any such types of Personal Data, unless you consider this to be strictly necessary. In any case, Diennea would stress the importance of providing your explicit consent to process this sort of Personal Data, if you decide, nonetheless, to share it.
c. Data provided voluntarily by the user
d. Third party personal data provided voluntarily by the user
When using some of the services of the Site, you are allowed to submit Personal Data related to other persons. In any situation where you decide to share Personal Data related to other persons through the Site, you will be considered as an independent data controller regarding that Personal Data and must assume all inherent legal obligations and responsibilities. To this end, you must fully indemnify Diennea against any complaints, claims or demands for compensation for damages which may arise from the processing of this Personal Data, initiated by the third parties whose Personal Data have been processed through the use of the Site in violation of the applicable rules on personal data protection.
In any case, if you provide or in other way process Personal Data of third parties while using the Site, you guarantee to assume all related responsibilities that will ensure this specific processing is grounded on an appropriate legal basis in accordance with Article 6 of the GDPR, which legitimizes the processing of the information in question.
Definitions, characteristics and application of the legislation
Cookies are small text files that are sent and registered on your computer or mobile device when you visit a website. When you visit the same site again, the files are then transmitted back to the relative website. Thanks to cookies, the website remembers your actions and preferences (such as, for example, login data, default language, font sizes, additional display settings, etc.) so that you don’t need to specify them again when you visit the site at a later date.
There are various types of cookies and depending on their features and functions, they may remain on your computer or mobile device for different periods of time. Cookies we use include both so-called session cookies, which are automatically deleted when you close your browser, and so-called persistent cookies, which remain on your device for a pre-established period of time.
1) They are only used to produce aggregated statistics concerning a single site or a single mobile app;
2) At least the fourth component of each IP address is masked out as for third-party cookies; and
3) The third parties do not match the analytics cookies data with any other information (such as customer records or statistics concerning visits to other websites) and do not forward such data to other third parties. However, statistical analyses concerning several domains, websites or apps that can be traced back to the same publisher or group of undertakings are allowed, and where a controller produces, through its own resources, statistics on data relating to several domains, websites or apps that can be traced back to that controller, non-encrypted data may also be used providing purpose limitation constraints are complied with
The prior consent of the user is however required for “profiling cookies”, i.e. those aimed at creating profiles related to the user in order to send him/her advertising messages in line with the preferences expressed by the same while surfing the web.
Types of cookies used by the Site and the possibility of (de-)selection
The Site uses the following cookies offering the possibility to (de-)select the same (and therefore to disable them), except for third-party cookies, for which you must directly refer to the relevant procedures for selecting and de-selecting the cookies mentioned below indicated by way of links:
– Technical cookies for navigation or session browsing are strictly necessary for the operation of the Site or to allow you to make use of the content and services you have requested.
– Technical cookie analytics are used to carry out the mere statistical processing of the data relating to multiple domains, websites or apps attributable to the Data Controller. These data can also be unencrypted data, in compliance with the statistical purpose.
– Technical-functional cookies, i.e. used to activate specific functionalities of the Site and a number of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided.
WARNING: disabling the technical and/or functional cookies of the Site may lead to certain services or features of the Site being unavailable or the Site may not function properly, and you may be forced to change or manually enter some information or preferences each time you visit the Site.
– Third-party cookies, i.e. cookies from web sites or servers other than that of Diennea, used for specific purposes of the said third parties, including profiling cookies. Note that these subjects, listed below with the relative links to their privacy policies, are independent Controllers of the data collection and handling processes via cookies; you must therefore refer to their personal data handling policies, information policies and consent forms (selection and deselection of respective cookies) as specified in the aforementioned Provision. To complete this it must be noted that Diennea makes the utmost effort to track cookies on its own Site. These are updated regularly on the table below, where we ensure transparency of the cookies sent directly by Diennea and the purposes of these procedures. As concerns these cookies, we provide the links to the information policies of the third parties that send them via our Site: we assign these third parties, as noted above, with the responsibility of supplying the information policy and collecting consent from the users, as envisaged in the Provision. This responsibility refers not only to the cookies sent directly by the third parties but also any additional cookies sent via our Site based on the use of the services used by the third parties themselves. In fact, with regard to these cookies, sent by the suppliers of services of the aforementioned third parties, Diennea cannot exercise any right of control and cannot be aware of either the characteristics or purposes of these.
Specifically, the cookies present on the Site are indicated at the following link: cookie
How to view and modify the cookies through your navigation program (so-called browser)
You may also manage your choice related to third party cookies by using online platforms such as AdChoices.
3. Purpose of the processing, legal basis and mandatory or optional nature of the processing
Your Personal Data will be processed by electronic or automated means. The purposes and the legal basis of the processing of your Personal Data that we intend to carry out are the following:
a. to provide the services requested (e.g., a contact request, a “Demo” or a quote, a request for information or enrolment in training courses, a request for documentation or permission to download from the Site, reporting abuse), to answer specific requests addressed to Diennea andto allow you to browse and explore the Site (“Service Provision”).
b. to allow you to subscribe to the Newsletter of Diennea (“Newsletter”).
The legal basis of the processing of Personal Data for the purposes of Service Provision and Newsletter is Article 6(1)(b) of the GDPR. This processing operations are required in order for us to provide the services, to respond to requests and/or to subscribe the newsletter. The provision of Personal Data for these purposes is optional, however, if you do not provide your data, we will not be able to provide you with the services, to respond to requests and/or to send the newsletter. You can always subscribe/unsubscribe the Newsletter by changing and/or updating your privacy preferences at “Edit profile” page accessible via the link at the foot of the newsletter or by writing to firstname.lastname@example.org.
c. to carry out marketing activities, conduct studies, research, market analysis also by sending you a request for reviews, and send you advertising and information material related to the activities, the products and the services of Diennea by way of “traditional methods” such as postal mail, a telephone operator, or “automated methods” such as e-mail, SMS and through the use social networks (“Marketing”).
Processing operations carried out for the Marketing purpose are generally based on the granting of your consent pursuant to Article 6(1)(a) of the GDPR and Article 130, paragraphs 1 and 2 of the Privacy Code (Legislative Decree no. 196/2003). By way of exception, Diennea may carry out Marketing activities on the alternative legal basis of legitimate interest (referred to in Article 6(1)(f) of the GDPR and pursuant to Article 130, paragraphs 3 and 3-bis of the Privacy Code) towards those who (i) download documents from this Site and/or (ii) enroll in a course offered by Diennea may be contacted by phone. In such cases, Diennea assumes that there may be a genuine interest in it as well as in its products/services, therefore Diennea reserves the right to promote them by telephone as well. It is understood that operator calls will be carried out after verifying that the called person has not objected to such processing by registering in Do-not-call lists (in Italy, the Public Register of Oppositions), or directly addressing the Controller or by other means.
It is not mandatory to give your consent to Diennea for this purpose and you can, at any time, withdraw your consent that you have previously granted to traditional or automated methods by giving notice to the Data Controller without any formality, simply by changing and/or updating your privacy preferences at “Edit profile” page accessible via the link at the foot of marketing emails or by writing to email@example.com, without prejudice to the lawfulness of the processing founded on your previous consent. Objection to telemarketing may also be exercised by registering in Do-not-call lists (in Italy, the Public Register of Oppositions). With regard to the request for reviews, we would like to specify that Diennea may ask you to publish them on third-party sites; in this case, these third parties will treat the personal data you provide as autonomous data controllers: we therefore invite you to consult the personal data processing policies of these third parties before publishing any type of review and personal data.
d. to create user profiles by analyzing preferences, habits, interests (e.g., interest in Diennea and its products and services through verification of opening (or not opening) follow-up emails sent after events as well as opening (or not opening) our newsletter and verification of any clicks being made within those communications) and consumption choices expressed through the use of the Site and the services offered, and, where appropriate, by using profiling cookies (“Profiling“), in order to share material and commercial communications and personalized promotions with you (see section 3.c. above ).
The processing carried out for the Profiling purpose is based on your consent pursuant to Article 6(1)(a) of the GDPR, which may be collected through specific check-boxes or the cookie banner, or on legitimate interest of Diennea pursuant to Article 6(1)(f) of the GDPR (e.g., in order to verify the opening (or not opening) of our follow-up emails and newsletter and any clicks being made within those communications). The provision of your Personal Data for this purpose is therefore entirely optional and does not affect your use of the services. You may oppose the processing of your Personal Data for Profiling purpose at any time by writing to firstname.lastname@example.org.
e. to fulfill the obligations provided for by law, regulations or EU legislation or request from competent Authorities (“Compliance”).
The processing of your Personal Data for the purpose of Compliance represents a legitimate processing of personal data pursuant to Article 6 (1)(c) of the GDPR.
f. to analyse your CV, as well as to assess your profile with regards to the open positions in Diennea, to manage the selection procedures and to contact the candidates who submit their applications through the “Work with Us” section of the Site (“Recruiting”). Your CV may be retained and further processed by Diennea to improve its recruitment processes and organizational efficiency so that, in the future, it can recontact applicants who have not been interviewed as well as applicants who have been interviewed with a positive assessment but have not been ultimately hired and thus evaluate their CV in the future as well (“Optimizing the Selection Process“).
The legal basis of the processing of your Personal Data for the purpose of Recruiting is Article 6(1)(b) of the GDPR insofar as it is necessary to evaluate your CV and start the selection process, as well as Article 111-bis of the Privacy Code, according to which in cases of reception of spontaneously transmitted CVs by the data subjects, consent is not required. The provision of your Personal Data is optional, but any failure to provide it would make it impossible for Diennea to evaluate your profile or to schedule interviews. The processing of special categories of Personal Data (e.g., data concerning your health and political opinions) may be permitted as it is based on the release of your consent pursuant to Article 9(2)(a) of the GDPR and according to the applicable rules on personal data protection. Diennea asks that you do not disclose any such types of Personal Data, unless you consider this to be strictly necessary. In any case, Diennea would stress the importance of providing your explicit consent to process this sort of Personal Data, if you decide, nonetheless, to share it. In the absence of your consent to the processing of special categories of Personal Data referred to you, your Personal Data will be processed within the limits allowed by the pro tempore authorization in force of the Italian Data Protection Authority. The processing of your Personal Data after the end of the recruitment process, and in any case no longer than 12 months after receipt of your application for the purpose of Optimizing the selection process, has its legal basis in the legitimate interest of the Controller (Article 6(1)(f) of the GDPR) to consider your profile for further open job positions suitable with your CV, in order to ensure the organisational efficiency of the Data Controller and the optimisation of the activity carried out by the human resources management office. Providing your Personal Data for this purpose is optional, but if you fail to do so, the Data Controller may be unable to assess your CV, contact you for an interview, or evaluate your CV for future job positions.
g. to carry out statistical analysis without the possibility to identify the user (“Statistics”).
Please note that the processing of your Personal Data for the purpose of Statistics is not performed on Personal Data and therefore it can be freely performed by Diennea.
h. Share your Personal Data with Diennea’s partners active in the field of communication and marketing, such as web agencies, digital agencies and communication agencies so that they can send you information and promotional material for autonomous direct marketing purposes (“Communication to third parties“).
Such processing will be carried out upon the provision of your specific consent pursuant to Article 6(1)(a) GDPR; the failure to provide such consent will not affect the access to the services of the Site. You may revoke your consent at any time by contacting the Controller at email@example.com.
4. Recipients of Personal Data
For the purposes referred to in Section 3 above, your Personal Data may be shared with the following people and entities (“Recipients“):
a. subjects typically acting as data processors, namely: i) persons, companies or professional firms providing Diennea with advice and consulting in accounting, administrative, legal, tax, financial and debt collection matters related to the provision of the services; ii) Subjects we engage with in order to provide the services (for instance, hosting providers) iii) persons authorised to perform technical maintenance (including maintenance of network equipment and electronic communications networks);
b. public entities, bodies or authorities to whom Diennea discloses your Personal Data when legally required to do so or under the orders of competent authorities or in case of abuse reports to investigate complaints and identify the source of messages received from users;
c. persons authorised by Diennea to process the Personal Data required for carrying out activities strictly related to the provision of the services, who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality (for example Diennea’s employees); and
d. business partners for their own autonomous and separate marketing purposes, only if you have given your specific consent.
We remind you that when you publish a review, your Personal Data may be disclosed by the administrators of the platforms/sites used to publish the review; please consult the privacy policies of these third parties before publishing your Personal Data.
5. Transfers of Personal Data
Your Personal Data may be shared with Recipients located outside the European Economic Area, and specifically in the Republic of San Marino and New Zealand. The Data Controller ensures that your Personal Data are processed by these Recipients in accordance with the applicable rules on data protection. Indeed, transfers can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission. Further information is available from Diennea by writing to the following email address: firstname.lastname@example.org.
6. Retention of Personal Data
The Personal Data processed for the purposes of Service Provision and Newsletter will be retained for the period deemed strictly necessary to fulfill such purposes. In any case, since the Personal Data are processed for the provision of the services, Diennea will retain the Personal Data for the period allowed by Italian law to protect its interests (Article 2946 and ensuing articles of the Italian Civil Code).
The Personal Data processed for the purpose of Compliance will be retained for the period required by the specific obligations or by applicable law.
Personal Data will be processed, as a general rule, for the purpose of Communication to third parties until you revoke your consent.
Further information on the data retention period and the criteria adopted in determining this period may be requested in writing from the DPO of Diennea at the following address: email@example.com.
Diennea has, in any case, the possibility of retaining your Personal Data for the period allowed by Italian law to protect its interests (Article 2947 (1) (3) of the Italian Civil Code).
7. Data subject rights
Under Articles 15 and following of the GDPR, you, as a data subject, are entitled to request from Diennea, at any time, access to your Personal Data, the correction and erasure of your Personal Data, as well as to object to its processing according to Article 21 of the GDPR. You are also entitled to request the restriction of the processing of your Personal Data in the cases set out in Article 18 of the GDPR, as well as to obtain the Personal Data you have provided to Diennea in a structured, commonly used and machine-readable format, in the cases set out in Article 20 of the GDPR.
Requests should be made in writing to firstname.lastname@example.org.
Consent to the installation and reading of Profiling cookies can be revoked by the methods indicated here. You can always revoke your consent by changing and/or updating your privacy preferences on the “Edit profile” page accessible via the link at the foot of marketing emails or by writing to email@example.com.
Objection to telemarketing may also be exercised by registering in Do-not-call lists (in Italy, the Public Register of Oppositions).
In any case, you will always be entitled to file a complaint with the competent supervisory authority (the Italian Data Protection Authority), pursuant to Article 77 of the GDPR, if you believe that the processing of your data violates applicable law.