Disclosure relating to the processing of personal data

Articles 13 – 14 Reg. (EU) 2016/679 – GDPR

DATA CONTROLLER

The data controller or your data is FARO S.p.A. (Tax Code 00768940157 / VAT number: 00692500960), represented by its legal representative pro tempore, located in Via Faro, 15 20876 – ORNAGO (MB). For any request regarding the processing of your personal data, you can contact: Privacy.Management@faro.it, by sending the special request form prepared for this purpose.

PURPOSE AND LEGAL BASIS OF THE DATA PROCESSING

1. The data of the Data Subjects is collected for the following purposes:
2. To respond to the requests for information
3. To get in contact with the Data Subjects
4. To provide our services and fulfil the contractual obligations
5. To fulfil the legal obligations imposed on the Data Controller
6. To evaluate CVs, for both a spontaneous application and following a request for collaboration through third parties who carry out personnel searches
7. To adopt safety measures

The legal basis for the processing referred to in nos. 1 and 2 involves the pre-contractual measures adopted at the request of the Data Subject.

The legal basis for the processing referred to in nos. 3 and 6 involves the contract.

The legal basis for the processing referred to in no. 4 involves the law.

The legal basis for the processing referred to in no. 5 is consent.

In all these cases, the provision of data is required in order to benefit from the aforementioned services and any refusal will make it impossible for the Data Controller to provide the requested service or product.

1. The personal data provided may also be processed for:

• Navigation statistics
• promotional activities by the Data Controller;
• Sending newsletters and promotional messages relating to the products and services offered by the Data Controller.

For these particular activities, specific consent must be given, which can be withdrawn at any time.

TYPES OF DATA COLLECTED

1. Personal Data may be collected automatically during the use of this website or through third parties, as a result of contractual or pre-contractual relationships.
2. The Personal Data collected by the Data Controller are: general information, contact details, tax data, email, CV, IP address, Usage data, Cookies.
3. Unless specified otherwise, the purpose of the use of Cookies – or other tracking tools – by this website or by the Data Controllers of third-party services used by this website, is to identify the User and record the relative preferences that are strictly related to the provision of the service requested by the Data Subject.

PROCESSING METHOD

1. The Data Controller processes the Personal Data of the Data Subjects by adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, loss, modification or destruction of Personal Data.
2. The data processing is carried out using IT and/or telematic instruments, with organizational methods and with logic strictly related to the indicated purposes.

CATEGORIES OF DATA RECIPIENTS

1. The Data Controller may communicate the Personal Data to third parties:

• in fulfilment of legal and contractual obligations;
• for the internal organization of the Data Controller (administrative, commercial and marketing personnel, system administrators)
• for the external organization of the Data Controller (third party technical service providers, hosting providers, IT companies, communication agencies). In this case, where the conditions exist, the third party service providers can be appointed as Data Processors by the Data Controller. The updated list of Data Processors can always be requested from the Data Controller.

1. Personal data will not be disseminated, except in the case of publication, subject to explicit consent, of material on the website or in the social profiles of the Data Controller. In this regard, reference should be made to the disclosures of:

• You Tube: https://policies.google.com/privacy?hl=it
• LinkedIn: https://it.linkedin.com/legal/privacy-policy?
• Instagram: https://help.instagram.com/519522125107875
• Facebook: https://www.facebook.com/privacy/explanation
• Tik Tok: https://www.tiktok.com/legal/page/eea/new-privacy-policy/en

1. With regard to the performing of any videoconferencing sessions, the following platforms can be used, to which reference should be made for the respective disclosures:

• Zoom: https://zoom.us/privacy
• GoToMeeting: https://www.logmeininc.com/it/legal/privacy
• Google Meet: https://policies.google.com/privacy?hl=it
• Skype: https://privacy.microsoft.com/it-it
• Whereby: https://whereby.com/information/tos/privacy-policy/
• Whatsapp: https://www.whatsapp.com/privacy/?lang=it

For the use of Cookies, please refer to the specific document.

TRANSFER OF DATA ABROAD

Our company does not transfer your personal data abroad, except if videoconferencing platforms are used.

PRESENCE OF AUTOMATED DECISION-MAKING PROCESSES

Automated decision-making processes are not used in the processing of the data.

DATA RETENTION PERIOD

The data retention period varies based on the purposes and methods of data processing, namely:

1. Customer Management
2. Requests for information: the data is kept for the period of time needed to respond to the requests from data subjects;
3. Curriculum Vitae: the resumes of candidates are deleted at the end of the selection process
4. Provision of the Service: The data will be kept for the entire duration of the contractual relationship.
5. Tax data: invoices, accounting documents and data relating to transactions are kept for 11 years pursuant to the law (including tax obligations).
6. Defence before the courts: the data will be kept for the time necessary to ensure the Data Controller’s defence before the courts (statute of limitations and expiration; warranty terms constituted by the law).
7. Analysis aimed at the development and improvement of the service: the user’s personal data are kept for the period of time necessary to carry out the analyses.

III. Direct marketing and profiling: the data is kept for the maximum period established by the applicable legislation (equal to 24 and 12 months, respectively).

1. Exercising of the right to expressly request the cancellation of the personal data processed by the data controller: the data will only be stored, in a protected form and with limited access, for the purpose of ascertaining and suppressing crimes, for a period not exceeding 12 months from the date of the request and will subsequently be irreversibly deleted in a secure or anonymous manner.
2. Computerized traffic, excluding the contents of the communications: the data will be kept for a period not exceeding 72 months from the date of communication, pursuant to art. 24 of Law no. 167/2017, transposed from EU Directive 2017/541 on combating terrorism.

RIGHTS OF THE DATA SUBJECT

1. Pursuant to EU Reg. 2016/679 (GDPR) and the national legislation in force, the data subject can exercise the following rights, according to the methods and within the limits established by the current legislation:

• request confirmation of the existence of personal data concerning him or her (Right of access by the data subject – art. 15 of Regulation 679/2016);
• to know their source;
• to receive intelligible communication;
• to receive information about the logic, methods and purposes of the processing;
• request the updating, rectification, integration and erasure of the data, the transformation of the data into anonymous form, to blocking of data processed in violation of the law, including those no longer necessary for the purposes for which they were collected (right to rectification and erasure – articles 16 and 17 of Regulation 679/2016);
• right to the restriction and/or opposition to the processing of data concerning him or her (art. 18 of Regulation 679/2016);
• the right to withdraw;
• the right to data portability (art. 20 of Regulation 679/2016);
• where processing is based on consent, to the personal data concerning him or her in a structured, commonly used and machine-readable format;
• the right to lodge a complaint with the supervisory authority (Right of access by the data subject – art. 15 of Regulation 679/2016);

MANAGEMENT OF COOKIES:

Use of cookies

The “website” (faro.it) uses cookies to make its services simple and effective for the user who is viewing the pages on faro.it. For the users viewing the website, a minimal amount of information from the device being used, whether it’s a computer or a mobile peripheral device, will be inserted into small text files called “cookies” saved in the user’s web browser directories. There are various types of cookies, some which help users browse the website efficiently and others which perform certain functions.

What are cookies?
Cookies are small text files that the websites visited by the users send to their servers, where they are saved in order to be retransmitted when users return to the same website. Cookies are used for different purposes, they have different characteristics and can be used by both the owner of the website being visited and by third parties. All the information on the cookies installed through this website and the instructions needed to manage your preferences regarding cookies is reported below.

For more information about cookies and their overall functions, visit an informational website such as allaboutcookies.org.

Performing a detailed analysis of our cookies allows us to:

• save the entered preferences;
• avoid repeatedly entering the same information when visiting the website, as for example one’s user name and password;
• analyse the use of the services and content provided by faro.it in order to optimise the browsing experience and the services offered.

 Types of cookies:

Technical cookies

This type of cookie allows certain sections of the website to function correctly. They are divided into two categories: persistent and session:

• persistent cookies: once the browser is closed, they are not destroyed and remain until the predetermined expiration date
• session cookies: they are destroyed every time the browser is closed

These cookies, which are always sent from our domain, are required to correctly view the website and to fulfil the technical services offered. Therefore, they will always be used and sent, unless the user modified the settings in his/her browser (thus compromising some of the website page display functions).

Analytical cookies

This category of cookie is used to collect information on the use of the website. Faro.it will use this information for anonymous statistical analysis in order to improve the use of the website and to make its contents more interesting and pertinent to the wishes of its users. This type of cookie collects data in an anonymous manner concerning the users’ activities and how they reached the website. Analytical cookies are sent by the website itself or by third-party domains.

Third-party analysis cookies

These cookies are used to collect anonymous information on the use of the website by the users such as: pages visited, time spent, origins of traffic, geographical origin, age, gender and interests for marketing campaign purposes. These cookies are sent from third-party domains external to the website.

Cookies to integrate products and functions of third-party software

This type of cookie integrates functions developed by third parties within the pages of the website, such as icons and preferences expressed on social networks, in order to share the contents of the website or for the use of third-party software services (such as software for generating maps and other software that offers additional services). These cookies are sent from third-party domains and partner websites that offer their functions throughout the pages of the website.

Profiling cookies

These are cookies that are needed to create user profiles in order to send advertising messages in line with the preferences that the user expressed in the pages of the website.

According to the current regulation, faro.it is not required to ask for consent for technical and analytical cookies, as they are needed to provide the requested services.

For all the other types of cookies, consent can be expressed by users in one or more of the following ways:

• • Through specific configurations of the browser being used or through relative computer programs used to browse the pages of the website.
  • Through changes in the settings regarding the use of third-party services

 Both of these solutions could prevent the user from seeing or utilizing parts of the website.

Websites and third-party services

This website could contain links to other websites which have their own privacy policy that may be different from that adopted by faro.it and therefore it is not responsible for these websites.

Information on cookies:

How to disable cookies through browser configuration

If your browser is not on this list, you can ask for further information by sending an e-mail to the address Privacy.Management@faro.it and we will provide you with the information needed to browse in a secure and anonymous manner.

If you would like more information on how your browser saves cookies while you are navigating, please follow these links to the websites of the respective suppliers.

The below list details the cookies used in our website: