Why this notice
Pursuant to the European Regulation 2016/679 also known as General Data Protection Regulation (hereinafter "European Regulation" or according to the English acronym "GDPR"), this page describes the methods of processing of users’ personal data who consult or interact with the ProPosition Management Search S.r.l. website at the following address: https://www.propositionmanagementsearch.com.
The Controller of processing of personal data
The Controller of processing of personal data is ProPosition Management Search S.r.l., with its registered office in Corso Re Umberto 20 bis, 10128 Torino. (hereinafter “Controller” or, in brief, “ProPosition”).
The Data Protection Officer
The Controller has appointed a Data Protection Officer (hereinafter “DPO”), who can be contacted at the following e-mail address email@example.com.
Types of personal data, purposes of processing
Information systems and software procedures used to operate this website collect, during the normal course of operation, some personal data whose transmission is implicit in the communication protocols of the Internet.
It concerns information that is not collected to be associated with specific individuals, but by their own very nature could, through the processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method utilized to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters related to the operating system and the user’s computer environment.
This data is used only to check the correct functioning of the website. The data could also be used by the forces of Public Safety to ascertain responsibility in case of hypothetical computer crimes against the site, except for this possibility, the data are stored for the times defined by the relevant legal regulations for the time strictly necessary to provide the user with the service required to guarantee the transmission of the communication.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of messages to Proposition's contact addresses, as well as the compilation and submission of the forms on the website, entail the acquisition of the sender's contact data, necessary to reply, as well as all the personal data included in the communications, forms and curricula transmitted.
In particular, through the website, all the information provided by users is collected and processed by registering and compiling the contact forms (provided for in the "Send us your CV" and "Sign In" sections), and in particular personal data, contact details and information relating to work or training experiences. Providing personal data through our contact forms is not a legal or contractual requirement; however, please note that fields marked with an asterisk (*) are required fields, as we need this information to respond to your request. Additional information and personal data are shared at the time of filling out the contact forms at the user's discretion.
If you contact us, we will keep record of this correspondence.
The Controller will process the personal data voluntarily provided by the user for the following purposes:
- for personnel recruitment on behalf of client companies;
- to manage the application of the user in relation to the recruitment promoted by client companies, including those published on the website; for this purpose, personal data of candidates may be communicated, after the first interview carried out by Proposition's staff, to client companies (also established abroad, in EU or in non-EU countries). The communication of the candidate's personal data to client companies established in non-EU countries will take place only with the consent of the data, subject collected during the first interview;
- to include data in our list of candidates and job search in line with the candidate's professional profile, based on what emerges from the data provided;
- to comply with legal obligations, including the collaboration with the Public Safety Authorities, where required.
Specific notices are published on the pages of the website dedicated to the user’s registration and the sending of resumes.
Methods of processing and security measures
Personal data will be processed by the Controller and authorized personnel using computer systems, according to the principles of accuracy, loyalty and transparency provided for by the applicable law on personal data protection, protecting the privacy of the data subject and its rights through the adoption of suitable technical and organizational measures to ensure a level of security appropriate to the risk.
The processing will be carried out by the employees and collaborators of the Controller, trained and authorized to process the data, for the pursuit of the afore-mentioned purposes.The personal data of candidates will be shared with ProPosition's subsidiaries and affiliates which also carry out personnel selection activities. In particular, in order to ensure an adequate level of protection and safeguard of personal data, appropriate data protection safeguards have been taken where such data is shared with ProPosition's subsidiaries and affiliates located outside the European Economic Area. A copy of these safeguards is available at the Data Controller's offices and at your request.
Furthermore, in certain cases, personal data may also be disclosed to suppliers, contractors and consultants, in charge of maintenance operations of the contents of the website or the provision of certain functions or services related to it. Recipients will have access to personal data only to the extent required for the performance of their duty, according to certain contractual confidentiality obligations. The recipients of the data are designated by the Supervisory Authority pursuant to Article 28 of the GDPR, as processors.
Data Retention Periods
Users' personal data will be retained for the time necessary to pursue the purposes for which the data are collected.
The retention period of the personal data depends on the purposes for which they are processed and it may therefore vary. The criteria used to determine the applicable retention period are the following: the retention of personal data will take place for the time necessary (i) the research professional positions in line with the profiles of candidates as resulting from the curricula and the information sent via the form ; (ii) the management of specific user requests; (iii) to enforce rights through legal action as well as (iv) for the time required by applicable law.
Data subject rights
The data subject may exercise, in relation to the processing of the data described therein, the rights provided for the European Regulation (Articles 15-22 of the GDPR), including:
- receive confirmation of the existence of your personal data and access their content (right of access);
- update, modify and / or correct your personal data (right to rectification);
- request the erasure or restriction of processing of data processed in violation of the law including those data whose conservation is not required in relation to the purposes for which the same has been collected or subsequently processed (right to be forgotten and the right to restriction of processing);
- object to processing (right to object);
- withdraw the consent, where given, without prejudice to the lawfulness of processing based on the consent given prior to the withdrawal;
- receive a copy of the data in electronic format concerning the data subject provided to ProPosition and request that such data be transmitted to another data controller (right to data portability).
The appropriate request is sent to the Data Protection Officer at the following email address firstname.lastname@example.org.
Right to lodge a complaint
If the data subjects believe that the processing of their personal data is in violation of the provisions of the GDPR, they have the right to lodge a complaint with the supervisory authority, as provided by Article 77 of the GDPR, or to lodge complaints before the appropriate courts (Article 79 of the GDPR).