Privacy Policy

COM.EN.CO. Srl is committed to protecting and respecting privacy pursuant to Regulation (EU) 2016/679. The purpose of this Privacy Policy is to inform the visitor, the candidate or the employee about any type of operation relating to the processing of their personal data provided through the use of the site www.comenco.it (hereinafter “Site”).

1. DATA CONTROLLER

The data controller is COM.EN.CO. Srl (hereinafter ‘the Data Controller’), with registered office at Agropoli (SA) – Via Autunno 4 84043, e-mail comenco(at)comenco.it, Tel. 0974 – 828254

2.OBJECT OF TREATMENT

The Data Controller treats:

Data provided voluntarily

– personal data (e.g. personal and contact data, user name, password) when the user/visitor interacts with the services of this Site, i.e. when, in order to receive information and/or quotes, he/she spontaneously contacts the Data Controller using the special form in the “contacts” section, or when the employee accesses the reserved area in the “reserved area” section.
Personal data means “any information relating to a natural person that can be identified, directly or indirectly, with particular reference to an identifier such as name, identification number, location data, online identifier or to one or more factors specific to his physical, physiological, genetic, economic, cultural or social identity”.

– personal and special data (e.g. personal details, contact details, professional experience, educational qualifications, photos, data contained in the CV sent by the applicant, etc.) when the applicant registers and submits his application.
Special data means “any information relating to a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs or trade-union membership, and the processing of genetic data, biometric data uniquely identifying a natural person, data concerning a person’s health or sex life or sexual orientation”. The optional, explicit and voluntary sending of personal data and special data in web forms or e-mail to the addresses indicated on this site involves the subsequent acquisition of these data, necessary to respond to requests, evaluate the application submitted, access the section from where you can access company documentation. Any other personal data included in the correspondence may also be processed.

Browsing data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet.
This category of data includes IP addresses or domain names of computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. Such data, necessary for the use of web services, may be processed for the purpose of:
– obtain statistical information on the use of the services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.);
– check the correct functioning of the services offered.
Navigation data is deleted immediately after aggregation (unless a criminal offence is discovered by a judicial authority).

Cookies and other tracking systems

The Site uses only session cookies (non-persistent) in a manner strictly limited to what is necessary for safe and efficient browsing. The storage of session cookies in terminals or browsers is under the control of the user, whereas on servers, at the end of HTTP sessions, information relating to cookies remains recorded in the logs of the services.

3. PURPOSES AND LEGAL BASIS OF THE PROCESSING

The personal data inserted in the “contact us” form are used to provide the user/visitor with the requested information on the services and products/services marketed by the Controller and/or estimates: this processing is necessary in order to respond to the requests received, and elaborate estimates aimed at the preparatory phase of the contract.
The personal and special data included in the “job opportunities” form are used for purposes related to the assessment and selection of candidates, or to propose other job offers consistent with the professional profile of the candidate: this treatment is based on the consent of the user / candidate and / or the legitimate interest of the Controller to implement pre-contractual measures taken at the implicit request of the candidate.
The personal data entered in the form “reserved area” are used to access company documentation: this treatment is based on the legitimate interest of the Controller aimed at ensuring the functioning of the company organization, to fulfill contractual and legal obligations.

4. MODALITIES OF TREATMENT AND RECIPIENTS OF DATA

The data processing takes place through the use of tools and procedures to ensure security and confidentiality and can be carried out either by paper means or through the use of electronic instruments. Any recipients of personal data are:
– the persons authorized by the Controller, such as collaborators and employees in the context of their duties;
– the server manager Aruba S.p.a., which may access the data during maintenance operations;
– the operator of the “software as a service” for the recruting process Intervieweb s.r.l., which could occasionally carry out maintenance or technical support operations. Intervieweb sw.r.l. has been appointed as controller;
– public and private authorities, in accordance with provisions of law, regulation or Community legislation, within the limits provided for therein.

5. PERIOD OF DATA RETENTION

The data are kept for a period of time strictly necessary to meet the purpose for which they were processed and in any case no more than 1 year from the last activity in which you show interest.

6. PROVISION OF PERSONAL DATA AND POSSIBLE REFUSAL

The conferment of data is mandatory. Any refusal to provide them in whole or in part will make it impossible for the Controller to provide the requested service, evaluate and select the application, access the “reserved area”.

7.DATA TRANSFER ABROAD

The Data Controller does not transfer personal data to countries where Regulation (EU) 2016/679 (non-EU countries) does not apply.

8. THE EXISTENCE OF AN AUTOMATED DECISION-MAKING PROCESS, INCLUDING PROFILING

The Controller shall not adopt any automated decision-making process, including profiling.

9. RIGHTS

The user, visitor, candidate or employee (hereinafter “Interested Parties”) may at any time:
– to request access to Their data. This allows you to receive a copy and check that it has been processed correctly
– to obtain the correction of inaccurate data concerning them
– to require deletion of data where there are no longer grounds for continued processing
– to request the limitation of the processing pending the rectification of the data, or the evaluation of the opposition request
– to request data portability. This allows him to receive the data in a format that can be used electronically and to transfer it to another Controller.
– to request revocation of consent

Interested parties may also:
– oppose the processing of the data provided for the pursuit of a legitimate interest of the Controller, only for reasons relating to Their personal situation and when their rights prevail over the interest of the Controller.

These rights can only be exercised in certain circumstances provided for by Regulation (EU) 2016/679, and using the contact details of the Controller specified in paragraph 1.

Data subjects may also lodge a complaint with the competent supervisory authority (Privacy Authority).