Generally speaking, the information or Personal Data that you give to Lago though the Site, or that is collected in other ways through the Site, in the context of using the services it offers (the ‘Services’), as defined in Section 3 below, is processed in accordance with the internationally recognised principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimisation, accuracy, integrity and confidentiality.
Lago, as identified at the beginning of the Policy, is the Data Controller for all of the Personal Data processed through the Site and can be contacted at the following email address: [email protected]
Following your use of the Site, the company will process your Personal Data, which may include—in part depending on how you choose to use the Services—identifiers such as your name, surname, fiscal code, province of residence, telephone number, email address, identification number such as customer number, an online identifier or one or more pieces of information about your physical, physiological, psychic, economic, cultural or social identity that are identifiable or can be used to identify you (hereafter, ‘Personal Data’).
Your Personal Data can be collected either because you willingly provided it (for example, when you create an account in order to receive the Services offered) or by simply analysing your use of the Site.
The following types of Persona Data are processed through the Site:
In various sections of the Site, in particular those relative to creating an account, you will be asked to enter information such as your name, surname, telephone number, email address and etc.
Furthermore, if you participate in a survey or any promotions through the Site, as well as when you communicate with the company through the Site or Customer Service, the company will be able to collect the additional information that you decide to provide.
Registering on the section of the Site for job applicants, at the address http://jobs.lagodesign.eu (‘Jobs’), you can access a reserved area (hereafter, the ‘Application’) where you can provide the company with various types of Personal Data, such as work or professional information (for example, the university that you attended, foreign language skills, professional qualifications, expectations and desired place of work, links to your professional profiles on social networks and etc.) and attach your photo, CV and cover letter.
When the company receives an Application, it will be able, even if you have not indicated the information on your application, to view your professional profiles on social networks (for example, Linkedin) and relevant professional websites, if publicly accessible, in order to gather further information useful for determining your compatibility with the position of interest to you.
You might provide the company with information that might contain personal data through the Site (for example, through the Customer Service information request form or through the Application.
Since these fields are open, you might use them to communicate (voluntarily or not) certain sensitive categories of Personal Data, such as information that reveals racial origin or ethnicity, political opinions, religious or philosophical beliefs, union membership, genetic data, biometric data processed solely to identify a human being, data relative to health, sexual activity or sexual orientation.
The company asks that you refrain from sending such Personal Data unless strictly necessary. In fact, these special categories of Personal Data can only be subject to processing with your explicit consent and in accordance with current regulations. The company would therefore like to stress the importance of providing your explicit consent to the processing of these special categories of personal data, should you decide to share such information.
As noted above, you can communicate various kinds of information to the company through the Site, and this information might contain the Personal Data of other people.
In such a case, you become an independent data controller, assuming all of the relevant legal obligations and responsibilities. In this regard, you fully indemnify us against any complaint, claim, request for damages in consequence of the processing and etc. that the company might receive from the third party whose Personal Data was processed through your use of the Site in violation of applicable personal data protection laws. In any case, should you provide or in some other way process the Personal Data of third parties through your use of the Site, you guarantee from that point forward—assuming all relevant responsibility—that any processing is based on the consent of the third party in question or on other applicable legal grounds that legitimise the processing of the data in question.
The computer systems and software procedures responsible for making this Site function, during the normal course of business, collect some personal data which are transmitted implicitly when using Internet communication protocols. This information is not gathered for the purposes of its association with the identified data subjects, but by its very nature, it could enable the users to be identified when processed and associated with data held by third parties. This category of data includes the IP addresses or domain names of the computers used by visitors to the Site, the addresses of the requested resources in URI (Uniform Resource identifier) form, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code that indicates the status of the response provided by the server (successfully delivered, error and etc.) and other parameters relative to the user’s operating system and IT environment. This data is only used to process anonymous statistical information about the use of the Site, to check that it is functioning smoothly and to identify anomalies and/or abuse, and is erased immediately after processing. The data might be used to determine responsibility in the case of computer crimes that damage the site or third parties: apart from this eventuality, data on web contacts is not stored for more than seven days.
The company will use your Personal Data, collected through the Site, for the following purposes:
The legal grounds for processing your Data, in accordance with the purposes listed above in Section 3, are the following:
Your Personal Data can be shared with the following subjects (the ‘Recipients’):
Some Personal Data might be shared with recipients outside the European Economic Area. The company ensures that the processing of Personal Data by such recipients is carried out in accordance with the applicable regulations. In fact, the transfer of data can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission. For more information, please write to the company as instructed in Section 8 below.
Personal Data processed for the purpose of Service Provision will be preserved solely for the time strictly necessary for the fulfilment of said purpose (e.g. for managing the contract). In any case, since this Personal Data is processed in order to provide Services, the company may store it for a longer period, in particular since it might be needed for protecting its interests from possible complaints relative to the Services.
Personal Data processed for the purpose of Recruitment will be stored either for the entire period during which the relative position remains open or for six (6) months, whichever period is shorter. The company reserves the right to contact applicants before this deadline to request the extension of the storage period for their Personal Data or to request an updated Application. Should the company receive no reply, the Personal Data will be erased.
Personal Data processed for the purpose of Marketing will be stored until you withdraw your consent. You will, however, be asked periodically to renew your consent. Once you withdraw your consent, the company will no longer use your Personal Data for this purpose, but may continue to store it, in particular for the period necessary to protect its interests from possible complaints based on the relative processing.
Personal Data processed for the purpose of Profiling will be stored until you withdraw your consent. You will, however, be asked periodically to renew your consent. Once you withdraw your consent, the company will no longer use your Personal Data for this purpose, but may continue to store it, in particular for the period necessary to protect its interests from possible complaints based on the relative processing.
Personal Data processed for the purpose of Soft Marketing will be stored until you withdraw your consent through the link that you will find at the bottom of every Soft Marketing email.
Personal Data processed for the purpose of Compliance will be stored for the period provided for by specific legal obligations or the applicable regulations.
Personal Data processed for the purpose of Abuse/Fraud will be stored for the time strictly necessary for this purpose and in any case as long as the company needs to store it in order to protect itself in court to communicate said data to the competent authorities.
You have the right to ask the company, at any time:
You may also:
When you request Services, you select the communication channel(s) through which you wish to be contacted for Marketing purposes (email, SMS, MMS, app, paper post, telephone and/or the company’s social network pages).
You may withdraw your consent for Marketing relative to any of these communication channels following the instructions indicated below.
You may also withdraw your consent to Marketing sent via email and stop receiving Soft Marketing using the link found at the bottom of every email of this type. The same method may be used to stop receiving the newsletter, if you have requested it as a Service.
Consent to Profiling via cookies may be withdrawn following the instructions indicated above in Section 2.f.
In addition to the above, you may also exercise your rights writing to the company at the following email address: [email protected]
In any case, you always have the right to lodge a complaint with the competent supervisory authority (Italian Data Protection Authority) should you hold that the processing of your Personal Data does not comply with current regulations.