• Home
  • Privacy Policy

Privacy Policy

1. Introduction

This privacy notice describes the methods for managing the personal data of users who, in various ways, interact with the website https://dvc.it/.

The protection of personal data is regarded as a matter of primary importance and is ensured in compliance with the applicable legal provisions on data protection, in accordance with Regulation (EU) 2016/679, hereinafter referred to as the “Regulation.”

The following information is provided to help users understand how personal data are collected, used, and protected, as well as to outline the tools through which data subjects may exercise their rights in relation to the processing of data connected to browsing this website.

2. Data Controller

The Data Controller, meaning the entity that determines the purposes and means of the processing of personal data, is Di Vincenzo Dino & C. S.p.A., with its registered office in San Giovanni Teatino (CH), Via Aterno no. 108.

To contact the Data Controller, you may use the following email address: privacyigefi@dvc.it.

3. Data Protection Officer (“DPO”)

Di Vincenzo Dino & C. S.p.A. has appointed a Data Protection Officer (DPO), who can be contacted at dpoprivacyigefi@dvc.it for any information regarding the processing of personal data.

4. Personal data collected, purpose of processing, whether data provision is mandatory, and legal basis for processing

USER REQUEST MANAGEMENT
  • Personal data collected: identification data (such as name, surname, etc.) and contact data (such as email address, phone number, etc.)
  • Purpose of processing: to respond to your requests (submitted via the contact form on the website or by sending spontaneous emails and/or letters to the Controller’s contact details provided on the site, which entails the subsequent acquisition of your name, surname, and other personal data contained in your communication).
  • Whether data provision is mandatory: mandatory in order to process your request.
  • Legal basis for processing: the processing is necessary for the execution of pre-contractual measures taken at your request (Art. 6, para. 1, lett. b) of the GDPR).
WEBSITE DISPLAY AND BROWSING
  • Personal data collected: IP addresses and browsing data.
  • Purpose of processing: website browsing. The computer systems and software procedures used to operate this website acquire certain personal data whose transmission is implicit in the use of Internet communication protocols (e.g., IP addresses or domain names of the computers used by users connecting to the site, URI – Uniform Resource Identifier – addresses, the method used to submit requests to the server, and other parameters related to the user’s operating system and IT environment). Technical/session cookies may be installed to improve the website’s functionality; please refer to the Cookie Policy.
  • Whether data provision is mandatory: mandatory to visit and access the various functionalities of the website.
  • Legal basis for processing: your data are processed based on the necessity to provide you with the tools required to visit the website and access its functionalities (Art. 6, para. 1, lett. f) of the GDPR).
RECRUITMENT – MANAGEMENT OF APPLICATIONS
  • Personal data collected: personal data contained in CVs (identification data, contact details, work experience, etc.).
  • Purpose of processing: management of received applications and staff selection.
  • Whether data provision is mandatory: mandatory for the evaluation of your application by the Data Controller.
  • Legal basis for processing: your data are processed based on the necessity to evaluate your CV following your explicit request when submitting it (Art. 6, para. 1, lett. b) of the GDPR).
ASSESSMENT, EXERCISE AND/OR DEFENSE OF A RIGHT
  • Personal data collected: identification data (such as name, surname, tax code, etc.), contact data (such as email address, phone number, residential and/or postal address, etc.), and data relating to the performance of the contract.
  • Purpose of processing: to establish, exercise, or defend the rights of the Data Controller, both judicially (including pre-litigation) and extrajudicially, against third parties (including public authorities) and the data subjects themselves.
  • Whether data provision is mandatory: necessary for the Data Controller to pursue its legitimate interest.
  • Legal basis for processing: legitimate interest, Article 6(1)(f) of the GDPR.

5. Methods and Place of Processing

Processing related to the web services of this website takes place in Europe. Personal data are primarily processed using automated tools. Specific security measures are implemented to prevent data loss, unlawful or improper use, and unauthorized access.

6. Data Recipients

Personal data are processed by authorized personnel (pursuant to Article 29 of the Regulation), by the Data Controller, or by service providers specifically appointed as Data Processors (pursuant to Article 28 of the Regulation) acting under the instructions of the Data Controller.

The complete and up-to-date list of Data Processors can be requested from the Data Controller at the contact addresses indicated above.

Data may be disclosed to the parent company, Igefi S.r.l., for the fulfillment of obligations carried out on behalf of the Data Controller.

Data may also be provided to entities that are legally or regulatorily entitled to access them (e.g., tax authorities, judicial authorities, etc.).

7. Data Retention Period

The collected data will be retained as follows:

  1. Data for managing user requests are retained for the period strictly necessary to achieve the purposes for which they were collected, i.e., to respond to the request or to carry out the checks required to comply with applicable law.
  2. Data for website display and navigation are retained for the duration of the session and for the entire period of website use.
  3. Data for managing job applications are retained for the period strictly necessary to achieve the purposes for which they were collected, i.e., the time needed to evaluate the submitted application. In any case, data will not be stored for more than 12 months in the event of non-selection.
  4. Personal data collected for the establishment, exercise, and/or defense of the Data Controller’s rights are retained for 10 years, in accordance with the ordinary limitation period (Article 2946 of the Italian Civil Code), unless the limitation period is interrupted.

8. Cookie Policy

For more information on cookies, you can visit the Cookie section of the website https://dvc.it/, where the Cookie Policy can be consulted together with this privacy notice.

9. Data Subject Rights

You may exercise the rights granted by the GDPR with respect to your personal data by writing to privacyigefi@dvc.it.
A response will be provided as soon as possible and, in any case, no later than thirty days from receipt of the request. In particular, you may exercise the following rights:

  • Right of access: the right to know whether your personal data are being processed and, if so, to obtain a copy of such data and be informed about their origin, the categories of personal data processed, data recipients, processing purposes, the existence of automated decision-making (including profiling), data retention period, and the rights provided by the GDPR;
  • Right to rectification or integration of your data;
  • Right to erasure of your personal data when such data are no longer necessary for the purposes for which they were collected, or when we are no longer authorized to process them;
  • Right to restriction of processing of personal data in the following cases:
    • i) you contest the accuracy of your personal data. You may request restriction for the period necessary to verify accuracy;
    • ii) we are no longer authorized to process the data, and instead of erasing them, you may request that their use be limited;
    • iii) even if the personal data we hold are no longer necessary for the purposes for which they were collected, you may need them for the establishment, exercise, or defense of legal claims.
  • Right to data portability, meaning the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that such data be transmitted to another controller;
  • Right to withdraw consent, for processing based on consent;
  • Right to object at any time to the processing of your personal data based on our legitimate interest.

You also have the right to lodge a complaint with the competent supervisory authority for data protection if you believe that the processing of your personal data is not in compliance with the provisions of the GDPR.

Any updates to the privacy notice and the cookie policy are published and made available in this section: