INFORMATION ON THE PROCESSING OF PERSONAL DATA (Articles 13 and 14 EU Reg. 2016/679 and Legislative Decree 196/2003 et seq.) at link https://www.sweden-martina.com/en_gb/privacy_job/

Dear user, below we provide some information that we need to bring to your attention, not only to comply with legal obligations, but also because transparency and fairness towards you and towards all parties concerned is a fundamental part of our activity. DATA CONTROLLER The Data Controller (the subject that decides the purposes and methods for processing your personal data) is identified, based on the definition of “group of undertakings” pursuant to Art. 4.19 of EU Reg. 679/2016, represented by the parent company Sweden & Martina S.p.A. (00401550280), responsible towards you for the legitimate and correct use of your personal data and can be contacted for any information or request at the following: Email: privacy@sweden-martina.com - Tel: +39 0499124300 - Address: Via Veneto, 10 - 35020 Due Carrare, PD, Italy PERSONAL DATA PROTECTION OFFICER The Data Controller has appointed a Data Protection Officer (DPO), who can be contacted at the following: email: dpo@sweden-martina.com – certified email: dataprotectionofficer@pec.it CATEGORIES AND SOURCE OF DATA For processing purposes, the Data Controller will process ordinary data, such as: personal data, contact data, address data, data relating to identification/recognition documents, access and identification data, data relating to work activity, professional quality certificates, data relating to training recordings and video surveillance. The data processed are communicated by the data subject or by third parties, such as recruitment or employment agencies, and/or collected from publicly accessible sources. PROVISION OF DATA Failure to provide compulsory data may entail legal and contractual consequences, while failure to provide optional data may result in processing not being carried out or being carried out only in part. Therefore, in the event of failure to provide data, the data subject may not obtain the expected result or may obtain it only in part. PROCESSING Your personal data are collected and processed using automated, semi-automated and non-automated means, as specified below. In any case, the time necessary for the statute of limitation in relation to reciprocal rights and the storage time for backups to accrue must be added to the period for storing data indicated from time to time. We process your data in order to execute pre-contractual measures adopted at your request or to perform a contract to which you are party, specifically: search for personnel to be recruited to the Company (we will keep data for five years from the year of search). We process your data in order to fulfil a legal obligation which the Data Controller is subject to, specifically: management and maintenance of the IT network and systems (we will keep data for 18 months after termination of the contract relationship with regard to obligations relating to system administrators); ensuring corporate compliance, e.g., managing data protection requirements (we will keep the data for as long as necessary to fulfil the purpose). We process your data in order to pursue a legitimate interest of the Data Controller, specifically: monitoring people entering the company and sorting telephone calls (we will keep data for one year from the year of acquisition); ensuring corporate compliance, e.g., preventing the commission of criminal offences to the benefit of or in the interest of the organisation (we will keep data for as long as is strictly necessary to fulfil the purpose) video-surveillance activities to protect company assets, personal safety, perimeter security, against intrusion and damage to property (we will keep data for 24 hours unless events require footage to be kept longer - e.g., theft); management and maintenance of the IT network and systems (we will keep data for 10 years from the year of termination of the contractual relationship for accounts, passwords and usernames); to prevent and/or detect possible abuse and to defend our rights and interests in court or in the preparatory stages of a court case (we will keep data until the purpose of processing ceases). COMMUNICATION OF DATA Your data may be communicated, exclusively for technical and operational requirements strictly related to the above-mentioned purposes, to parties who process the data on behalf of the Data Controller, appointed as Data Processors pursuant to Art. 28 of EU Reg. 2016/679, as well as to public authorities with whom there is a legal obligation to communicate. DATA TRANSFER OUTSIDE THE EU The processing of personal data (e.g. storage, archiving and preservation of data on servers or the cloud) will be restricted within the areas of circulation and processing of personal data of countries that are part of the European Union, with an express ban on transferring them to non-EU countries that do not guarantee (or do not have) an adequate level of protection, or in the absence of the protection tools provided by EU Regulation 2016/679 (third country deemed adequate by the European Commission, group BCR, model contract clauses, data subject consent, etc.). DATA SUBJECT RIGHTS The data subject has the right, pursuant to Articles 15 et seq. of EU Reg. 2016/679, to request the Data Controller grant access to his or her personal data, as well as the right to rectification or deletion or the right “to be forgotten”. The data subject also has the right to request data portability, the restriction of processing or to object to processing. For processing based on consent, the data subject has the right at any time to revoke consent, without prejudice to the lawfulness of the processing based on the consent given before revocation. To exercise such rights or to request additional information, data subjects may contact the Data Controller using the information provided above. Lastly, data subjects may lodge complaints with the Italian Data Protection Authority, whose head offices are at Piazza Venezia 11, 00187 - Rome - protocollo@pec.gdpd.it. MODIFICATIONS We reserve the right to update our Privacy Policy. We will notify you of any changes as we deem appropriate and update the date in this Privacy Policy Statement. We therefore recommend you consult our Privacy Policy periodically, even by requesting a copy from the Data Controller. Last update Revisione 5 - 2023/05/29