Privacy Policy

  1. Home
  2. Privacy Policy

Information Notice regarding the Processing of Personal Data (GDPR UE 2016/679)

Dear Candidate,

We are writing to inform you about the methods of processing the data you will provide following your spontaneous application, pursuant to European Regulation (EU) 2016/679 on the protection of personal data (GDPR). We will notify you of any potential need to process your data outside of the EU.

Please note that once the statutory terms for the custody of the personal data you provide have expired (e.g., for fiscal or other legal purposes), you may request us to delete them from our archives. In line with regulations, Curriculum Vitae submitted will be retained for 4 months and subsequently deleted from our archives.

Therefore, your data will be managed and processed by us according to the following policy:

  • 1. Subject of Processing

The Data Controller processes personal, identifying, and non-sensitive data (specifically, name, surname, tax code, VAT number, email, telephone number—hereinafter, “personal data” or “data”) communicated by you.

  • 2. Purpose of Processing

Your data will be processed exclusively for the evaluation of your application to determine your suitability for carrying out activities at CRdC Tecnologie. Your data will not be used for any other purpose, nor will it be communicated to third parties unrelated to the aforementioned evaluation, except in the cases described in Article 4 below.

  • 3. Methods of Processing

The data processing is carried out through the operations indicated in Article 4 of the Privacy Code and Article 4 no. 2) of the GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction of data. The data is subject to both paper and electronic and/or automated processing.

The Data Controller will process the data for the time necessary to fulfill the purposes mentioned above.

  • 4. Data Access

The data may be made accessible for the purposes referred to in Article 2 to:

  • Employees and collaborators of the Data Controller or the Data Controller’s Shareholders, in their capacity as authorized persons and/or internal Data Processors and/or system administrators.
  • Service companies essential to the Data Controller for carrying out its administrative activities (e.g., tax consultancy, management control activities, technical management activities, personal data storage, etc.).
  • Third parties (e.g., website management and maintenance providers, suppliers, credit institutions, professional firms, etc.) who perform activities, including outsourcing, on behalf of the Data Controller, in their capacity as external Data Processors.
  • 5. Data Disclosure

Without your express consent (ex Article 24 letters a), b), d) of the Privacy Code and Article 6 letters b) and c) of the GDPR), the Data Controller may disclose the data we become aware of for the purposes referred to in Article 2 to Supervisory Bodies, Judicial Authorities, as well as to all other subjects to whom disclosure is mandatory by law for the fulfillment of said purposes.

  • 6. Data Transfer

The management and storage of personal data will take place on servers located within the European Union, owned by the Data Controller and/or by duly appointed third-party companies acting as Data Processors. Currently, the servers are located in Italy and generally within the EU. The data will not be transferred outside the European Union. In any case, it remains understood that the Data Controller, should it become necessary, will have the right to move the location of the servers within Italy and/or the European Union and/or non-EU countries. In this event, the Data Controller ensures that the transfer of data outside the EU will comply with applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses provided by the European Commission.

  • 7. Nature of Data Provision and Consequences of Refusal to Respond

The provision of data for the purposes referred to in Article 2 is mandatory. In their absence, we will not be able to assess your profile and application for any potential request for supply or employment.

  • 8. Data Subject Rights

The data subject holds the rights referred to in Article 7 of the Privacy Code and Article 15 of the GDPR, specifically the right to:

  • Obtain confirmation of whether or not personal data concerning him or her exists, even if not yet recorded, and to have that data communicated in an intelligible form.
  • Be informed of: a) the source of the personal data; b) the purposes and methods of the processing; c) the logic applied to the processing if carried out with the aid of electronic tools; d) the identification details of the Data Controller, Data Processors, and the designated representative pursuant to Article 5, paragraph 2 of the Privacy Code and Article 3, paragraph 1, of the GDPR; e) the entities or categories of entities to whom the personal data may be communicated or who may become aware of it as a designated representative in the territory of the State, or as Data Processors or authorized persons.
  • Obtain: a) the updating, rectification, or, where interested therein, the integration of the data; b) the erasure, transformation into an anonymous form, or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as regards their content, to the entities to whom the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

Where applicable, the rights referred to in Articles 16-21 of the GDPR (Right to rectification, right to erasure/to be forgotten, right to restriction of processing, right to data portability, right to object) also exist, as well as the right to lodge a complaint with the Supervisory Authority (Garante).

  • 9. Exercise of Rights

You may exercise the aforementioned rights at any time by sending (as an alternative):

  • A registered letter with return receipt to CRdC Tecnologie scarl, via Nuova Agnano 11– Napoli.
  • A certified email (PEC) to the address crdctecnlogie@pec.it
  • 10. Data Controller, Processor, and DPO

The Data Controller is CRdC Tecnologie Scarl. The updated list of Data Processors and authorized persons is kept at the headquarters of the Data Controller.

  • 11. Amendments to this Policy

This Policy may be subject to changes. In this event, the most updated version will be promptly sent to you.

CRdC Tecnologie S.c.a.r.l. Chairman of the Board of Directors Prof. Giuseppe Mensitieri

Search
CRdC Tecnologie
Company Overview
Mission Mission & Strategic Goal
Organization chart
Privacy Policy
Cookies Policy
Contacts
Work with CRdC
CRdC Tecnologie Scarl

CRdC Tecnologie Scarl

Research and Technology Transfer
Sectors: Energy, Materials, Electronics, Aerospace