Privacy & Cookie Policy

This privacy policy, provided in compliance with the provisions of art. 13 of EU Regulations 2017/679 (GDPR) and Legislative Decree No. 196/2003 as updated by Legislative Decree No. 101/2018, describes the operations carried out on the personal data of users collected when accessing, browsing and using this website (www.siriospa.it, hereinafter referred to as the Site) and not for other websites browsed by the user through links on the Site.

DATA CONTROLLER
Sirio S.p.A., with registered office in via Filippo Re, 43-45, 48124 Fornace Zarattini – Ravenna is the Data Controller of the personal data related to users and collected during the use of the services offered on this website. Sirio S.p.A. will process the personal data it gathers in compliance with the principles of lawfulness, fairness and transparency as well as the provisions of the law and regulations for the following purposes:
– Access to the website and browsing;
– Management of requests for information from users by filling out the contact form on the Site;
– Receiving applications for open job positions and/or spontaneous applications.

DATA PROTECTION OFFICER (RPD-DPO)
The Data Protection Officer (DPO) can be contacted at the following address:
Sirio S.p.A. – Data Protection Officer, via Filippo Re, 16 – 48124 Ravenna,
e-mail: dpo.privacy@siriobar.it

DATA PROCESSING LOCATION
Processing related to the web services of this Site takes place at the aforementioned registered office of the Data Controller and at the hosting company providing the service with servers located in the EU

TYPES OF DATA PROCESSED

Browsing data
The IT systems and software procedures used to operate this website detect, during the course of their normal operation, acquire data whose transmission is implicit in the use of Internet communication protocols.
These are data not collected to be associated to identified subjects but that by their own nature could, through processing and associations with data in the hands of third parties, allow users to be identified.
This category of data includes IP addresses or domain names of computers used by users which connect to the site, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply from the server (successful, error, etc.) and other parameters related to the operating system and IT environment of the user.
These data are used only to obtain anonymous statistical information on website use and to check its proper operations and they are deleted immediately after processing. The data could be used to ascertain responsibility in the event of IT offences against the Site or the Data Controller: except for this possibility, at present, the data on web contacts do not persist beyond the terms of the law.

DATA PROVIDED VOLUNTARILY BY THE USER
The optional, explicit and voluntary submission of e-mails to the addresses listed on this site involves the subsequent acquisition of the sender’s address by Sirio S.p.A., needed to meet the requests, and any other personal data included in the communication.

Specific summary privacy policies will be reported or displayed on the pages of the site set up for particular services on request.
The data that may be collected are: name, surname, email, area of residence, Curriculum Vitae (in the section Work with us), email subject and message.

COOKIES

Overview
This document is an integral and substantial part of the Privacy Policy and the information contained therein issued pursuant to Article 13 of EU Regulation 2016/679 on the protection of personal data. The Cookies Policy is provided to users of the Site in accordance with the provisions and recommendations issued by the Italian Data Protection Authority (https://www.garanteprivacy.it/garante/doc.jsp?ID=3118884).

What is a “cookie”?
Cookies are short text files that are downloaded and stored on user device when a user visits a website. After each subsequent visit, cookies are re-sent to the website that originated them (first-party cookies) or to another site that recognises them (third-party cookies).
Cookies are useful because they allow a website to recognise the user device.
They have different purposes such as, for example, allowing users to browse efficiently among web pages, remember a user’s favourite sites and, in general, improve user browsing experience.
They also help to ensure that the advertising contents displayed on-line are targeted to user personal needs and interests.

Type of Cookies
Cookies may be of the first or third party. “First party” means the type of cookie that reports the site as a domain, while “third party” means those cookies that are related to external domains.
Third party cookies are necessarily installed by an external party, always defined as “third party”, not managed by the site.

Nature of cookies

• Technical Cookies
These are cookies used to carry out the browsing or to provide a service requested by the user. They are not used for other purposes and are typically installed directly by the Data Controller of the website.
They can in turn be subdivided into:
– Browsing or session cookies that guarantee the normal navigation and operation of the website (allowing, for example, to authenticate a login to access restricted areas); these cookies are necessary for the correct operation of the website;

– Third-party analytics cookies, similar to technical cookies when used directly by the Data Controller of the website to collect information, in aggregate form, on the number of users and how they visit the website in order to improve website performance;

– Functional cookies that allow the user to navigate according to a series of selected criteria (for example, language, products selected for purchase) in order to improve the service provided. The installation of these cookies does not require the prior consent of users.

• Profiling Cookies
Profiling cookies are used to monitor the user’s browsing behaviour on the Internet and are designed to create qualitative profiles of the user. They are also used to send advertising messages in line with the preferences expressed by the user during navigation.

• Third Party Cookies
Third-party cookies are installed on the user’s device by a (third-party) site different from the one visited by the user.

The above-mentioned cookies may be:
– Temporary, when they are automatically deleted at the end of the connection by the user;
– Permanent, when they remain stored in the user’s device, unless the user deletes them voluntarily.

We inform the user that it is possible to manage and disable cookies directly from the settings of the browser used:
o MS Internet Explorer (https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies)
o Chrome (https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=it)
o Safari (https://support.apple.com/kb/ph19214?locale=it_IT)
o Firefox (https://support.mozilla.org/it/kb/Gestione%20dei%20cookie)
o MS Edge: (https://privacy.microsoft.com/it-it/windows-10-microsoft-edge-and-privacy)

Links verified and active at 07.12.2018.

COOKIES USED BY THE WEBSITE
Browsing or session technical cookies strictly necessary for the operation of the site or to allow the user to take advantage of the content and services requested by it.
The following are the technical browsing cookies used by this application:
– PHPSESSID – www.siriospa.it – Duration: deleted when browser is closed

Functional cookies that allow the user to navigate according to a series of selected criteria in order to improve the service provided.
The following are the proprietary functional cookies used by this App:
– displayCookieConsent – www.siriospa.it – expresses the user’s consent to the installation of cookies used by this App – Duration: 1 year. It is possible to delete these cookies directly from the browser.

Third party cookies:
• Google Fonts (Google Inc.). Google Fonts is a font display service operated by Google Inc. which allows this App to integrate such contents in its pages.
Personal data collected: Usage data and various types of data as specified in the privacy policy of the service.
Location of processing: United States – Privacy Policy. Party adhering to the Privacy Shield.

• Google Maps. The site uses the plug-in of Google Maps. It is a service provided by Google LLC (“Google”) to include interactive maps within the web pages. This service, depending on the account settings of the user, may process the personal data of the latter, including the user’s geographical location.
To browse the privacy policy of Google LLC and to disable the localization function of the browser, please refer to the following link: https://policies.google.com/technologies/location-data?hl=it.

• Google Analytics with Anonymous IP (Google Inc.). Google Analytics is a web analytic service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this App, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalise the advertisements of its advertising network.
This integration of Google Analytics makes the user’s IP address anonymous. Anonymisation works by shortening the IP address of users within the borders of member states of the European Union or in other countries joining the Agreement on the European Economic Area Only in exceptional cases, the IP address will be sent to Google servers and abbreviated within the United States.
Personal data collected: Cookies and usage data
Location of the processing: USA – Privacy Policy – Opt Out.
Cookies installed by Google Analytics:
_gat : is deleted when the browser is closed.
_ga : lasts 2 years
_gid : lasts one day

PRINCIPLES APPLICABLE TO THE PROCESSING OF DATA BY SIRIO S.P.A.
Sirio S.p.A. will process the personal data of users in a lawful, fair and transparent manner.
The Data Controller will collect the personal data of the users and will process them only for the purposes specified in this Privacy Policy and in such a way that they are not incompatible with the purposes themselves.
The data processed by Sirio S.p.A. will be adequate, pertinent and limited to what is necessary for the purposes for which they are processed.

PROCESSING OF DATA FOR PURPOSES OF MANAGING REQUESTS FOR INFORMATION
Sirio S.p.A. will process the personal data of users which fill out the on-line form to request information about the services offered by the Data Controller found at the following address: info#siriospa.it, in order to manage, monitor and provide the services requested by users.
The data will be recorded, stored and used exclusively to manage and reply to the requests of the users and for the time necessary to achieve the aforementioned purpose.
The legal basis for this processing is the consent of the user provided by ticking the tick-box at the bottom of the contact form.
The provision of data for this processing purpose is optional. However, failing to provide or providing partial or incorrect data may result in the impossibility for Sirio S.p.A. to manage and fulfil the user’s requests.

DATA PROCESSING FOR THE PURPOSE OF RECEIVING APPLICATIONS FOR OPEN JOB POSITIONS AND/OR SPONTANEOUS APPLICATIONS
Sirio S.p.A. will process the personal data of users contained in the CV sent spontaneously by the user or following a recruiting campaign promoted by the Data Controller to manage the selection of new personnel and for the assessment of the applicant.
The data will be processed for the period strictly necessary to achieve the purpose at hand and will be stored for a period of 2 years from the time of receipt of the CV.
The legal basis for this process is the performance of pre-contractual measures, pursuant to art. 111-bis of Legislative Decree No. 196/2003, as updated by Legislative Decree No. 101/2018, and within the limits of art. 6 letter b) of EU Regulations 2016/679; user consent is not required.
The provision of data for this processing purpose is discretionary. However, failure to provide the data or providing partial or incorrect data may result in the impossibility for the Data Controller to receive the application and to assess the correspondence with the requested job position.The provision of data for commercial and promotional purposes is discretionary.

SOCIAL PLUG-IN
This website may use the so-called “social plug-ins”.
“Social plug-ins are specific tools that make it possible to incorporate the features of the Social Networks directly into the website.
All “social plug-ins” on the website are marked with the respective logo owned by the social networking platform.
When the user visits a page of our website and interacts with the “plug-in” or decides to leave a comment via the social platform, the corresponding information is sent from the browser directly to the social platform of reference and stored by it. For information on the purposes, type and methods of collection, processing, use and storage of personal data by the Social Network platform, as well as how to exercise your rights, please browse the specific Privacy Policy of the Social Network.

– Facebook (https://it-it.facebook.com/policy.php)
– Twitter (https://twitter.com/it/privacy)
– Instagram (https://help.instagram.com/155833707900388)
– YouTube (https://www.youtube.com/intl/it/yt/about/policies/#community-guidelines)
– Linkedin (https://www.linkedin.com/legal/privacy-policy)

GOOGLE MAPS
The site uses the plug-in of Google Maps.
It is a service provided by Google LLC (“Google”) to include interactive maps within the web pages. This service, depending on the user’s account settings, may process the personal data of the latter, including the user’s geographical location.
To browse the privacy policy of Google LLC and to disable the localization function of browser, please refer to the following link: https://policies.google.com/technologies/location-data?hl=it.

GOOGLE ANALYTICS WITH ANONYMISED IP (Google Inc.).
Google Analytics is a web analytic service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this App, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalise the advertisements of its advertising network.
This integration of Google Analytics makes the user’s IP address anonymous. Anonymisation works by shortening the IP address of users within the borders of member states of the European Union or in other countries joining the Agreement on the European Economic Area Only in exceptional cases the IP address will be sent to Google servers and abbreviated within the United States.
Personal data collected: Cookies and usage data
Location of the processing: USA – Privacy Policy – Opt Out.

PROCESSING METHOD
All personal data are and will be processed using automated tools for the time strictly necessary to achieve the purposes for which they were collected. The data are processed by technical personnel authorized to the processing, duly trained by Sirio S.p.A.
Specific security measures are in place to prevent the loss of data, unlawful or incorrect use and unauthorized access.

CATEGORIES OF PARTIES TO WHICH THE DATA MAY BE DISCLOSED (RECIPIENTS)
The parties to which Sirio S.p.A. discloses the data act as Data Processors appointed by the Data Controller through a specific agreement or as persons authorized to process personal data under the direct authority of the Data Controller.
The data being processed will not be disseminated under any circumstances.
The user can request the complete list of recipients by writing an e-mail to dpo.privacy@siriobar.it.

THE DATA SUBJECT’S RIGHTS
The users of the Site have the right to:
• obtain from the data controller confirmation of whether or not the processing of their personal data is in progress and in this case, to obtain access to their personal data. Access can be about the following reasons:
o The purposes of processing;
o The categories of personal data in hand;
o The recipients or categories of recipients to which the personal data were or will be communicated, in particular if the recipients are third countries or international organisations;
o the period of storage of the personal data or the criteria used to determine it;
o The existence of the right to request the Data Controller to rectify or erase the data or to limit or object to the processing of the data;
o The existence of an automated decision-making process.
• Request for rectification of personal data: the user has the right to obtain rectification of inaccurate personal data as well as to obtain integration of incomplete personal data.
• Request for erasure of personal data: For the reasons specified in Art. 17 of the GDPR, the user has the right to request the Data Controller to erase the data without undue delay and the Data Controller has the obligation to erase the personal data of the concerned party.
• Request for limitation of data processing: In the event of one of the cases referred to in Art. 18 of the GDPR, the user has the right to request the limitation of the data processing regarding his/her data.
• Request for data portability: the user has the right to receive in a structured format, commonly used and legible, his/her personal data provided to a Data Controller and has the right to transfer such data to another Data Controller if the processing is based on consent and is carried out by automatic means.
• Request to oppose the processing: the user has the right to oppose the processing of his/her personal data at any time, for reasons related to his/her particular situation.
Furthermore, the user has the right to lodge a complaint with the Italian Data Protection Authority.
Requests for exercising these rights can be addressed to dpo.privacy@siriobar.it.