In accordance with EU Regulation 2016/679 (GDPR) we provide the following information on data processing:
1. DATA CONTROLLER
MYCO s.r.l
Registered Office: Via Principe Eugenio 14, 20155 Milan (MI)
Fiscal Code and VAT number 09750400963
Telephone: +39 02 6666 9893
Contact details: privacy@myco.it to be used also for contacting the data protection officer if designated
2. PURPOSE OF PROCESSING AND DATA RETENTION TIME
PURPOSE 1:
Carrying out human resources management activities, such as, for example, but not limited to, recruiting activities, talent management activities, performance analysis activities, business climate analysis activities, responding to requests from data subjects, executing contractual and pre-contractual obligations and legal obligations.
PURPOSE 2:
Use of data for promotional purposes by sending third-party commercial communications or carrying out market studies. For this purpose, it may be necessary to use the data of data subjects for normalisation, deduplication, filtering and verification operations. Communications will be sent by the DATA CONTROLLER.
Promotional actions carried out by the DATA CONTROLLER may take place through the following channels:
• electronic mail,
• mail,
• telephone calls to fixed or mobile lines,
• sending SMS and/or MMS messages,
• messaging platform services, chat
• any other similar type of communication.
STORAGE OF PERSONAL DATA:
With reference to data collected by the data controller for requests by the data subject, performance of contractual, pre-contractual or legal obligations: The Data Controller will keep the database for as long as is necessary for the management of the activities related to data processing.
With reference to information activities: the data of the persons concerned will be kept for the time necessary for the performance of the activity, in any case avoiding indefinite storage and facilitating the exercise of their rights by the person concerned.
The data may be transformed in such a way as to render them anonymous and to allow them to be stored for a longer period of time for the needs of analysis and statistical research and for the elaboration of general patterns.
3. LEGAL BASES LEGITIMISING DATA PROCESSING
The legitimacy for the processing of your data in relation to the purposes of processing is based on the following:
• For the purpose of processing the data subject’s requests and the data subject’s participation in activities carried out by the Controller – Need to execute the data subject’s requests.
• In order for the Controller to carry out institutional communications also outside EU territory – Legitimate interest.
4. RECIPIENTS TO WHOM PERSONAL DATA WILL BE DISCLOSED
The data collected for requests by the data subject in respect of requests organised by the Controller may be communicated to persons authorised to process the data and to persons responsible for the processing of personal data.
Data collected for the implementation of information actions by the Data Controller are not to be disclosed to third party recipients, but the data may be processed by data processors with a specific legal act.
5. RIGHTS THAT BELONG TO YOU WHEN YOU PROVIDE US WITH YOUR PERSONAL DATA
You are entitled to:
• Access your data
• Ask for rectification
• Request cancellation
• Oppose treatment
• Request restriction of processing
• Ask for data portability
You may exercise your rights directly and free of charge by contacting the following email address privacy@myco.it and indicating in the subject line ‘EXERCISE YOUR RIGHT TO PERSONAL DATA’ specifying which right you require or by written communication to the Controller’s address.
Your request must indicate dates, first name, surname, request, address for notification purposes. In order to avoid any misunderstanding as to the identity of the individual requesting the exercise of his/her rights, the Controller reserves the right to ask for a copy of the identity document to confirm the identity of the applicant in cases where this is necessary.
The data subject is entitled to lodge a complaint with the Data Protection Authority at www.garanteprivacy.it.