Information notice pursuant to Article 13 of the Regulation (EU) 2016/679 – General Data Protection Regulation (hereinafter “GDPR”)
"This document is intended to inform you about the processing of your personal data. This is an information provided pursuant to art. 13 Reg. UE 2016/679 not to be considered valid for websites that may be consulted through links on this platform. This information specifically concerns the processing carried out by MSC Technology Italia S.r.l. "
With reference to this notice, the Data Controller is MSC Technology Italia S.r.l. (hereinafter “MSC Tech” or the “Controller”) with registered address at Via Nizza, 262/Int.27 - 10125 Turin (Italy), E-Mail: firstname.lastname@example.org
Data protection officer of MSC Tech
The Controller also appointed a Data Protection Officer (hereinafter “DPO”) pursuant to articles 37 et. seq. GDPR in charge for monitoring the compliance of the Company from a privacy standpoint, available at the following email address: email@example.com.
Main definitions – categories of personal data being processed
Processing/process/processed means: “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction” (art. 4 par. 1, n. 2 GDPR).
Data subject means: “the natural person (identified or identifiable)”.
Personal data means: “any information relating to an identifiable natural person (images, pictures and videos included), in particular by reference to an identifier such as a name, an identification number, a location data, an online identifier or to one or more specific factors to the physical, physiological, genetic, mental, economic, cultural or social identity” (art. 4 par. 1, n. 1 GDPR).
Navigation data means: “any information acquired in order to operate the plaftorm”. This category of data includes IP addresses or domain names of computers and terminals employed by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of request, the method used to submit the requests, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to users’ operating system. Data provided on purpose: optional and explicit messages sent to the contact addresses hereabove indicated involves the subsequent acquisition of sender’s address and any other personal data provided, necessary to reply to the requests.
Purpose of processing
Data Retention period
Nature of provision (in the case of personaldata provided directly by the data subject)
A- Staff recruitment activities Allowing website browsing and the management of technical operation relating to the platform. Data provided or acquired during navigation and necessary to avail yourself of the platform are also processed to:
• Acquire some platform’ statistical information (most viewed pages, hourly or daily number of single visitors, geographical areas of origin, …)
• Grant the availability of offered services. The data will be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Legitimate interest: Art. 6 (1)(f) and recital 47 GDPR: Activities strictly necessary to the operation of the website and to allow the user to browse the platform.
Legitimate interest Art. 6 (1)(f) and recital 47 GDPR: Activities strictly necessary to the operation of the website and to allow the user to browse the platform.
Necessary to browse on the platform.
Except from technical cookies, the processing is grounded on user’s consent poursuant to (art. 6 par. 1 lett. a and C42, C43 GDPR). Consent could be released within the banner eventually appearing.
C- Contact or Information Request. To provide feedback to requests of information addressed to the Data Controller.
Execution of pre-contractual measures pursuant to Art. 6 (1)(b) GDPR: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Up to 12 months.
Necessary: The provision of personal data is mandatory or optional depending on specific form; where mandatory, in case of lack the Data Controller will not be able to reply or guarantee his services.
Recipients/categories of recipients
Personal data could be disclosed to recipients who will process them as Data Processors (art. 28 GDPR) and/or as natural person acting under the Controller’s authority (art. 29 Reg. UE 2016/679) for the abovementioned purposes.
Namely, data will be communicated to:
• Other companies within MSC Group;
• Third parties (offices or professionals) providing assistance and consulting services to the Controller;
• Competent authorities for compliance with legal obligations and/or provisions of public bodies, upon request;
Data transfer to third countries and/or international organization
Your personal data will be transferred to countries in Switzerland according to article 45 GDPR (transfers based on an adequacy decision adopted by the European Commission).
Data subjects' rights
You can exercise your rights as expressed by articles 15 et. seq. of Regulation EU 2016/679 by writing to the Data Controller and the DPO to the addresses hereabove provided. You have the right, at any time, to obtain from the Data Controller the access to your personal data (article 15), request their rectification (article 16), their erasure when possible (article 17) or the restriction of their processing (article 18). Furthermore, for the purpose of processing B, Section 5. of the present information notice, you have the right to withdraw your consent at any time without affecting the lawfulness of the processing. You have also the right to data portability when applicable (article 20). In case of a request for data portability, the Data Controller shall provide your personal data to you in a structured, commonly used and machine-readable format.
Finally, you have the right to lodge a complaint with the Supervisory Authority for personal data protection (https://www.garanteprivacy.it/), or file a complaint to the judiciary authorities.
Amendment of MSC Tech information notice
The Data Controller reserves the right to amend this statement at any time.
Last update: 28th October 2022
The Data Controller
MSC Technology Italia S.r.l.