In compliance with the provisions of European Regulation 2016/679 (hereafter GDPR) and Legislative Decree No. 196/2003 (as amended and supplemented by Legislative Decree 10 August 2018, No. 101), DenWorker wishes to inform the Buyer that the personal data provided by them or obtained from the supplier in the course of their activities, necessary to provide the services offered to the customer, will be processed in compliance with privacy regulations and principles of correctness, lawfulness, transparency, and the protection of the confidentiality and rights of the customer.
Notice on the Protection and Processing of Personal Data
European Regulation 2016/679 (GDPR) and Legislative Decree No. 196/2003 as amended by Legislative Decree 10 August 2018, No. 101. Data Controller: DenWorker Srl
Data Processed, Purpose, and Legal Basis
1. Information systems and software procedures for the operation of the supplier’s website acquire certain personal data as a result of using Internet communication protocols (e.g., domain names and IP addresses). These data are not accompanied by additional personal information and are used to obtain anonymous statistical information on site usage, monitor site usage patterns, and ascertain responsibility in case of cybercrimes. The legal basis for processing such data is the necessity of enabling the functionalities of the company website as a result of the User’s access.
2. The data voluntarily provided by the User are those required by the Controller to provide the available services. These data are processed lawfully and fairly, collected and recorded for specific, explicit, and legitimate purposes as indicated below, and used for processing operations compatible with those purposes.
3. Personal data (e.g., name, surname, business name, tax code, VAT number, address, phone/fax, email, banking, and payment references) are collected and processed for: a) managing customer relations based on pre-contractual and contractual agreements; b) administrative, tax, or accounting purposes related to the customer-supplier relationship and compliance with legal obligations; c) with specific consent, for marketing purposes such as sending newsletters, updates, promotional material, or commercial communications; d) with specific consent, for third-party marketing purposes; e) reviewing CVs exclusively for personnel selection and employment. The legal basis for processing the data described in “a” and “b” is the execution of a contract. For “c,” “d,” and “e,” the legal basis is the customer’s consent.
Processing Methods
Personal data are processed through operations such as collection, registration, organization, storage, consultation, processing, modification, extraction, comparison, use, interconnection, blocking, communication, deletion, and destruction. Data are stored in both paper and electronic formats and protected to minimize risks of unauthorized access, accidental destruction, or processing not compliant with the purposes of collection.
Communication of Data
Providing personal data is optional. However, failure to provide data may result in the partial or total inability to establish or continue a relationship. The provision of data for marketing purposes is also optional. The customer may refuse to provide data or withdraw consent, but this will prevent the receipt of newsletters, commercial communications, and promotional material.
Data Recipients
Data may be processed by employees or collaborators authorized by the Data Controller. When necessary, data may be processed by third parties appointed as Data Processors or autonomous Controllers. An updated list of Data Processors is kept at the Controller’s headquarters.
Data Retention Period
Data will be retained for the duration of the contractual relationship and beyond, as required by legal and fiscal regulations.
Rights of the Customer
Customers have rights under GDPR articles 15-21, including access, rectification, erasure, restriction, data portability, objection, and complaint to a supervisory authority.