(Information on personal data processing in accordance with Article 13 of the Regulation EU 2016/679)
• is specifically intended for the website www.diennea.com (hereinafter “the Site”);
• forms an integral part of the Site and the services we offer;
• is also be intended as Information pursuant to art. 13 of the GDPR for those who interact with the web services of this Site.
The processing of your personal data shall follow principles of correctness, lawfulness, transparency, purpose and retention limitation, data minimization, accuracy, integrity, confidentiality and accountability pursuant to article 5 of the GDPR. Your personal data will therefore be processed in accordance with the legislation governing Privacy and confidentiality obligations.
Processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
5. Transfer of Personal Data
1. Data Controller and Data Protection Officer (DPO)
The Controller of the processing is Diennea as specified above. The Data Controller’s organization comprises a Data Protection Officer (DPO). The DPO is available for any information regarding the processing of the personal data of Diennea, including the list of data processors. It is possible to contact the DPO by writing to firstname.lastname@example.org.
2. Personal Data subject to processing
When you use the Site, Diennea may collect and process information related to you as an individual such as your name, an identification number, an online ID or one or more characteristic elements of your physical, physiological, mental, economic, cultural or social identity which allows you to be identified, either directly, or together with additional information (“Personal Data”).
Personal Data which may be processed by Diennea through the Site are as follows:
a. Browsing Data
During their normal operation, the computer systems and software procedures used to operate the Site acquire some personal data whose transmission is implicit in the communication protocols of the Internet. This information is not collected to be associated with identified subjects, but by their very nature could identify users through processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers used by users that connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and computer of the user’s IT environment. These data are used in order to obtain statistical information in anonymous and/or aggregate form about the Site and to allow it to operate correctly. It permits the proper delivery of services and is used for security reasons as well as to establish liability in case of computer crimes against the Site or third parties. Diennea normally deletes navigation after sixty days.
b. Special categories of Personal Data
In the “Work with Us” section of the Site, you are allowed to submit Personal Data which may fall under the category of Personal Data referred to in Article 9 of the GDPR – i.e. “[…] data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”. The processing of such Personal Data may be permitted as it is based on the release of your consent pursuant to Article 9(2)(a) of the GDPR and according to the applicable rules on personal data protection. Diennea asks that you do not disclose any such types of Personal Data, unless you consider this to be strictly necessary. In any case, Diennea would stress the importance of providing your explicit consent to process this sort of Personal Data, if you decide, nonetheless, to share it.
c. Data provided voluntarily by the user
d. Third party personal data provided voluntarily by the user
When using some of the services of the Site, you are allowed to submit Personal Data related to other persons. In any situation where you decide to share Personal Data related to other persons through the Site, you will be considered as an independent data controller regarding that Personal Data and must assume all inherent legal obligations and responsibilities. To this end, you must fully indemnify Diennea against any complaints, claims or demands for compensation for damages which may arise from the processing of this Personal Data, initiated by the third parties whose Personal Data have been processed through the use of the Site in violation of the applicable rules on personal data protection.
In any case, if you provide or in other way process Personal Data of third parties in using the Site, you henceforth guarantee – assuming all related responsibilities – that this specific processing is grounded on an appropriate legal basis in accordance with art. 6 of the GDPR, which legitimizes the processing of the information in question.
Definitions, characteristics and application of the legislation
Cookies are small text files that are sent and registered on your computer or mobile device when you visit a website. When you visit the same site again, the files are then transmitted back to the relative website. Thanks to cookies, the website remembers your actions and preferences (such as, for example, login data, default language, font sizes, additional display settings, etc.) so that you don’t need to specify them again when you visit the site at a later date.
There are various types of cookies and depending on their features and functions, they may remain on your computer or mobile device for different periods of time. Cookies we use include both so-called session cookies, which are automatically deleted when you close your browser, and so-called persistent cookies, which remain on your device for a pre-established period of time.
Among the technical cookies, which do not require prior explicit consent for their use, the Italian Data Protection Authority (see General Measure “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies – May 8, 2014”) also includes:
- analytic cookies used directly by the site operator to collect information, concerning the number of users and how they visit the site, provided information is only processed in aggregate form,
- browsing or session cookies used for authentication purposes,
- function cookies which allow your navigation on the basis of a set of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided to the same.
Your prior consent of the user is instead required for “profiling cookies”, i.e. those aimed at creating profiles related to the user in order to send him/her advertising messages in line with the preferences expressed by the same while surfing the web.
Types of cookies used by the Site and the possibility of (de-)selection
The Site uses the following cookies offering the possibility to (de-)select the same (and therefore to disable them), except for third-party cookies, for which you must directly refer to the relevant procedures for selecting and de-selecting the cookies mentioned below indicated by way of links:
- Technical cookies – session or navigation – are strictly necessary for the operation of the Site or to allow you to make use of the content and services you have requested.
- Technical-analytics cookies, which allow for an understanding of how the Site is used by you. These cookies do not collect information about your identity or any personal data. The data is processed in an aggregate and anonymous form.
- Technical-functional cookies, i.e. used to activate specific functionalities of the Site and a number of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided.
WARNING: disabling the technical and/or functional cookies of the Site may lead to certain services or features of the Site being unavailable or the Site may not function properly, and you may be forced to change or manually enter some information or preferences each time you visit the Site.
- Third-party cookies, i.e. cookies from web sites or servers other than that of Diennea, used for specific purposes of the said third parties, including profiling cookies. Note that these subjects, listed below with the relative links to their privacy policies, are independent Controllers of the data collection and handling processes via cookies; you must therefore refer to their personal data handling policies, information policies and consent forms (selection and deselection of respective cookies) as specified in the aforementioned Provision. To complete this it must be noted that Diennea makes the utmost effort to track cookies on its own Site. These are updated regularly on the table below, where we ensure transparency of the cookies sent directly by Diennea and the purposes of these procedures. As concerns these cookies, we provide the links to the information policies of the third parties that send them via our Site: we assign these third parties, as noted above, with the responsibility of supplying the information policy and collecting consent from the users, as envisaged in the Provision. This responsibility refers not only to the cookies sent directly by the third parties but also any additional cookies sent via our Site based on the use of the services used by the third parties themselves. In fact, with regard to these cookies, sent by the suppliers of services of the aforementioned third parties, Diennea cannot exercise any right of control and cannot be aware of either the characteristics or purposes of these.
The following section lists the links to the information on third party cookies:
Specifically, the cookies present on the Site are indicated at the following link: cookie
How to view and modify the cookies through your navigation program (so-called browser)
3. Purpose of the processing, legal basis and mandatory or optional nature of the processing
Your Personal Data will be processed by electronic or automated means. The purposes and the legal basis of the processing of your Personal Data that we intend to carry out are the following:
a. to provide the services requested (e.g., a contact request, a “Demo” or a quote, a request for information or enrolment in training courses, a request for documentation or permission to download from the Site, reporting abuse), to answer specific requests addressed to Diennea andto allow you to browse and explore the Site (“Service Provision”).
b. to allow you to subscribe to the Newsletter of Diennea (“Newsletter”).
The legal basis of the processing of Personal Data for the purposes of Service Provision and Newsletter is Article 6(1)(b) of the GDPR. This processing operations are required in order for us to provide the services, to respond to requests and/or to subscribe the newsletter. The provision of Personal Data for these purposes is optional, however, if you do not provide your data, we will not be able to provide you with the services, to respond to requests and/or to send the newsletter. You can always subscribe/unsubscribe the Newsletter by changing and/or updating your privacy preferences at “Edit profile” page accessible via the link at the foot of the newsletter or by writing to email@example.com.
c. to carry out marketing activities, conduct studies, research, market analysis and send you advertising and information material related to the activities, the products and the services of Diennea. In accordance with the “Guidelines on Marketing and Against Spam – 4 July 2013 [Web doc 2542348]” issued by the Italian Data Protection Authority, if you decide to give your consent to receive information related to promotional activities of the Data Controller including market research, we inform you that said activity can be performed, as provided for in the applicable regulations, by way of “traditional methods” such as postal mail, a telephone operator, or “automated methods” such as e-mail, SMS and through the use social networks (“Marketing”).
Processing operations carried out for the Marketing purpose are based on the granting of your consent pursuant to Article 6(1)(a) of the GDPR. It is not mandatory to give your consent to Diennea for this purpose and you can, at any time, withdraw your consent that you have previously granted to traditional or automated methods by giving notice to the Data Controller without any formality, simply by changing and/or updating your privacy preferences at “Edit profile” page accessible via the link at the foot of the newsletter or by writing to firstname.lastname@example.org. You can always object to such processing activities for Marketing purpose by writing to email@example.com, without prejudice to the lawfulness of the processing founded on your previous consent.
d. to create user profiles by analysing preferences, habits, interests and consumption choices expressed through the use of the Site and the services offered, and, where appropriate, by using profiling cookies, in order to send you material and commercial communications and personalized promotions on the services offered by Diennea (“Profiling“).
The processing carried out for the Profiling purpose is based on your consent pursuant to Article 6(1)(a) of the GDPR, which may be collected through specific check-boxes or the cookie banner, or on legitimate interest of Diennea pursuant to Article 6(1)(f) of the GDPR. The provision of your Personal Data for this purpose is therefore entirely optional and does not affect your use of the services. You may oppose the processing of your Personal Data for Profiling purpose at any time by writing to firstname.lastname@example.org.
e. to fulfill the obligations provided for by law, regulations or EU legislation or request from competent Authorities (“Compliance”).
The processing of your Personal Data for the purpose of Compliance represents a legitimate processing of personal data pursuant to Article 6 (1)(c) of the GDPR.
f. to analyse your CV, as well as to assess your profile with regards to the open positions in Diennea, to manage the selection procedures and to contact the candidates who submit their applications through the “Work with Us” section of the Site (“Recruiting”).
The legal basis of the processing of your Personal Data for the purpose of Recruiting is Article 6(1)(b) of the GDPR. The provision of your Personal Data is optional, but any failure to provide it would make it impossible for Diennea to evaluate your profile or to schedule interviews. The processing of special categories of Personal Data may be permitted as it is based on the release of your consent pursuant to art. 9(2)(a) of the GDPR and according to the applicable rules on personal data protection. Diennea asks that you do not disclose any such types of Personal Data, unless you consider this to be strictly necessary. In any case, Diennea would stress the importance of providing your explicit consent to process this sort of Personal Data, if you decide, nonetheless, to share it. In the absence of your consent to the processing of special categories of Personal Data referred to you, if you provide such data, your application cannot be taken into consideration.
g. to carry out statistical analysis without the possibility to identify the user (“Statistics”).
Please note that the processing of your Personal Data for the purpose of Statistics is not performed on Personal Data and therefore it can be freely performed by Diennea.
h. to carry out direct marketing activities via e-mail for services similar to those you have subscribed to (e.g. a demo, documentation or materials available to download from the Site), unless you objected to such processing initially or in subsequent communications, by writing to email@example.com (“Soft spam”).
The processing of your Personal Data for the Soft spam purpose represents a legitimate processing under the applicable law on personal data protection, which does not require your consent. You can object to the processing of your Personal Data for this purpose both when requesting the products and services available on the Site and on subsequent communications by the Data Controller by writing to firstname.lastname@example.org.
4. Recipients of Personal Data
For the purposes referred to in Section 3 above, your Personal Data may be shared with the following people and entities (“Recipients“):
- subjects typically acting as data processors, namely: i) persons, companies or professional firms providing Diennea with advice and consulting in accounting, administrative, legal, tax, financial and debt collection matters related to the provision of the services; ii) subjects to engage with in order to provide the services (for instance, hosting providers) iii) persons authorised to perform technical maintenance (including maintenance of network equipment and electronic communications networks);
- public entities, bodies or authorities to whom Diennea discloses your Personal Data when legally required to do so or under the orders of competent authorities or in case of abuse reports to investigate complaints and identify the source of messages received from users;
- persons authorised by Diennea to process the Personal Data required for carrying out activities strictly related to the provision of the services, who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality (for example Diennea’s employees);
- business partners for their own autonomous and separate purposes, only if you have given your specific consent.
5. Transfers of Personal Data
Your Personal Data may be shared with Recipients located outside the European Economic Area, and specifically in the Republic of San Marino. The Data Controller ensures that your Personal Data are processed by these Recipients in accordance with the applicable rules on data protection. Indeed, transfers can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission. Further information is available from Diennea by writing to the following email address: email@example.com.
6. Retention of Personal Data
The Personal Data processed for the purposes of Service Provision and Newsletter will be retained for the period deemed strictly necessary to fulfill such purposes. In any case, since the Personal Data are processed for the provision of the services, Diennea will retain the Personal Data for the period allowed by Italian law to protect its interests (art. 2946 and ensuing articles of the Italian Civil Code).
For the Marketing and Profiling purposes, your Personal Data may be processed until you withdraw your consent.
The Personal Data processed for the purpose of Compliance will be retained for the period required by the specific obligations or by applicable law.
Personal Data processed for the purpose of Recruiting will be kept for 18 months from your application and they may be used for contacts and future interviews. At the end of this period, you will receive a request to update your Personal Data: in the absence of a reply, after 15 days from sending the request, your Personal Data will be deleted; in case of feedback they will be kept for an additional 12 months and subsequently deleted.
For the Soft spam purpose, Personal Data will be processed until you object to the processing.
Further information on the data retention period and the criteria adopted in determining this period may be requested in writing from the DPO of Diennea at the following address: firstname.lastname@example.org.
Diennea has, in any case, the possibility of retaining your Personal Data for the period allowed by Italian law to protect its interests (art. 2947 (1) (3) of the Italian Civil Code).
7. Data subject rights
Under Articles 15 and following of the GDPR, you, as a data subject, are entitled to request from Diennea, at any time, access to your Personal Data, the correction and erasure of your Personal Data, as well as to object to its processing according to Article 21 of the GDPR. You are also entitled to request the restriction of the processing of your Personal Data in the cases set out in Article 18 of the GDPR, as well as to obtain the Personal Data you have provided to Diennea in a structured, commonly used and machine-readable format, in the cases set out in Article 20 of the GDPR.
Requests should be made in writing to email@example.com.
You may interrupt the reception of soft spam by using the appropriate link at the bottom of each e-mail received.
Consent to the installation and reading of profiling cookies can be revoked by the methods indicated in section 2.e.
In any case, you will always be entitled to file a complaint with the competent supervisory authority (the Italian Data Protection Authority), pursuant to Article 77 of the GDPR, if you believe that the processing of your data violates applicable law.