A&F S.r.l. Società tra Professionisti (A&F) according to art. 13 of EU Regulation 2016/679 (GDPR) provides information on the type and extent of the processing of personal data carried out by the website https://www.advisoryandfinance.com/ (Website) to those who interact with the services of the Website by consulting or using any available services. Users must consult this policy before communicating data to A&F. This policy is not provided for other websites that may be consulted by the user via links. The services provided by this website are restricted to individuals over the age of 18, so if A&F checks that the data has been sent by a minor, it will cancel it.
Data Controller
A&F S.r.l. Società tra Professionisti based in Via Statuto 10, 20121 Milan. Tel.: +390258459177 Fax: +390258459170, email: info@advisoryandfinance.com.
Browsing Data
IT systems and software procedures used to operate the Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its nature it could allow to identify users, through processing and association with data held by third parties. This category of data may include the IP addresses or domain names of the computers used by the users connecting to the Website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data could be used to obtain anonymous statistical information on the use of the Site, to check its correct functioning, to prevent any illegal behavior (by blocking IP addresses) or to ascertain responsibility in the event of any IT crimes against the Site. In general data on web contacts are not stored for more than 30 days.
Data voluntarily provided
When utilizing some services of the Website, the user could send data of third parties. In these cases the user acts as an independent data controller, assuming all the obligations and responsibilities provided for by law: he is therefore required to: 1) guarantee (assuming the relative responsibilities) that the treatment is based on one of the legal bases provided by art. 6 of the GDPR; 2) relieve A&F in case of dispute or request for compensation of data processing damage by third parties whose data have been processed by the user using the functions of the Website in violation of data protection regulations. The data (name, address, contact details etc.) shared voluntarily, for example in a request sent by e-mail to the addresses indicated on the Website, they are processed only to reply to users’ requests. The legal basis of the treatment is Article 6 par. 1 let. b) of the GDPR as the treatments are necessary to provide services and / or respond to the user’s requests (execution of pre-contractual and / or contractual services). The user is obliged to communicate only the necessary data. The provision of data for these purposes is optional and failure to provide it makes it impossible to activate the services requested. If the user confers his data that fall under the “special categories of data” (art. 9 of the GDPR: data suitable to reveal the racial or ethnic origin, political opinions, religious, philosophical beliefs, trade union membership, genetic data , biometric data, data relating to health, sexual life or sexual orientation), must communicate such data only if strictly necessary. It should be noted that in case of disclosure of particular categories of data but in the absence of an explicit consent to process such data (which in any case obviously allows them to send a curriculum vitae), A&F cannot be held liable in any way, nor may receive any objection, since in this case the treatment will be allowed as having as object the data made manifestly public by the interested party (art. 9 paragraph 2) lett. e) of the GDPR). In any case, the importance of the user expressing his explicit consent to the processing of particular categories of data in the event he decides to communicate them is underlined. Data is kept for n. 1 year and a technical cookie that is used to memorize if users have viewed the pop up on the homepage announcing the partnership of A&F with other companies and which expires at the end of the browsing session. Please refer to what specified in the sections User rights and Data recipients.
Job Offers
Data collected through A&F Job Offers is processed in order to evaluate candidates’ professional profile and to set job interviews. Candidates are required to communicate only the necessary data. Data processing is based on the execution of pre-contractual measures adopted at the request of the candidates (Article 6 n. 1 letter b) of the GDPR). In case of transmission of special categories of personal data (art. 9 of the GDPR as described above) but in the absence of an explicit consent to process such data, A&F cannot be held responsible nor can it receive any dispute since in the aforementioned case the processing will be lawful as having as object data made manifestly public by the interested party (art. 9 n. 1 letter e) of the GDPR). In any case, we underline the importance of expressing explicit consent to the processing of particular categories of personal data, if candidates decide to share them. The communication of data is a faculty of the candidates, the refusal to supply it makes it impossible to evaluate their profiles. If A&F is not interested in the professional profile, it deletes the data it has just received or at the end of the interview; if, instead, it is interested in the professional profile but no type of employment relationship is established, it keeps the data for n. 1 year in order to be able to contact the candidate in the future for other possible job interviews. In the event of the establishment of an employment relationship, a specific privacy statement will be provided. Please refer to what is specified in sections User rights and Data Recipients.
Applications
Data contained in the curricula sent to the addresses indicated on the Website is treated to evaluate the professional profile of the candidate and set any job interviews. The user is obliged to communicate only data considered necessary. Data processing is based on the execution of pre-contractual measures adopted at the request of the user (Article 6 n. 1 letter b) of the GDPR). In case of transmission of special categories of personal data (art. 9 of the GDPR as described above) but in the absence of an explicit consent to process such data, A&F cannot be held responsible nor can it receive any dispute since in the aforementioned case the processing will be lawful as having as object data made manifestly public by the interested party (art. 9 n. 1 letter e) of the GDPR). In any case, we underline the importance of expressing explicit consent to the processing of particular categories of personal data, if the user decides to share them. The communication of data is a faculty of the users: the refusal to supply it implies the impossibility to send one’s own curriculum. If A&F is not interested in the professional profile, it deletes the data it has just received immediately or at the end of the interview; if, instead, it is interested in the professional profile but no type of employment relationship is established, it keeps the data for n. 1 year in order to be able to contact the candidate in the future for other possible job interviews. In the event of the establishment of an employment relationship, a specific privacy statement will be provided. Please refer to what is specified in sections User rights and Data recipients. Data is collected through the web portal on which the A&F job offer is published. Candidates are required to envision the privacy statement provided by the independent data controller of this web portal.
Data Recipients
Users’ data can be shared with: 1) subjects with whom it is necessary to interact for the provision of services (ex: hosting providers, subjects that manage the contents of the Website) that act as managers of the treatment pursuant to art. 28 of the GDPR (the list of data processors may be requested from A&F); 2) subjects, bodies or authorities, autonomous data controllers, to whom it is mandatory to communicate user data in accordance with legal provisions or orders from the authorities; 3) persons authorized to process data pursuant to art. 29 of the GDPR necessary to carry out activities related to the provision of the services provided (ex. the A&F staff).
Storage of Data
Data is processed for the time necessary to fulfill contractual and legal obligations, in the specified storage periods. Additional information can be requested by writing to A&F.
Users’ Rights
Pursuant to articles 15 (and following) of the GDPR, users have the right to request, at any time, access to their personal data, rectification or cancellation of the same, limitation of processing in the cases provided for by art. 18 of the GDPR, to obtain their data in a structured format, commonly used and readable by an automatic device, in the cases provided for by art. 20 of the GDPR, to lodge a complaint with the competent control authority pursuant to Article 77 of the GDPR (Guarantor for the Protection of Personal Data) pursuant to art. 77 of the GDPR, if they believe that the processing of data is contrary to the law, formulate a reasoned request in opposition to the processing of data pursuant to Article 21 of the GDPR. A&F has the right to evaluate requests which would not be accepted in the event of the existence of legitimate and binding reasons for proceeding with the processing that prevail over the interests, rights and freedoms of the users. Requests should be made in writing to A&F.
Cookies
Cookies are data-files that websites send to users’ internet devices, usually to browsers, where they are stored and retransmitted to the same websites at the next user visit. Cookies can be: 1) technical (they guarantee the usability of the websites, allow you to select parameters in browsing and to log in); 2) profiling (utilized for sending promotional messages based on the preferences shown by users on browsing choices); 3) of third parties (not installed by the websites that users visit but by third-party websites that install them on the first ones). Cookies can disappear when the browser is closed (session cookies) or can remain in users’ devices for a certain period of time until their set expiry (persistent cookies). Users can always choose which cookies to allow on their devices through browser configurations:
If technical cookies are disabled, users may encounter difficulty consulting the website or some of the website’s services may not be available. For the utilization of technical cookies, users’ consent is not necessary as these cookies are used to transmit a communication over an electronic network or to provide a service requested by the user. A&F Website utilizes a technical cookie that stores the language chosen by users and expires after n. 1 year. No profiling cookies or third-party cookies are used (ex. Google Analytics or other domain cookies). Please refer to what specified in sections User rights and Data recipients.
Copyright
The content of the Website, including A&F logo, data, information, communications, editorial content, software, photos, videos, graphics, music, drawings, sounds and in general any material and service therein, unless otherwise indicated, is owned by A&F and is protected under the laws on copyright and industrial property rights. Any trademarks mentioned on the Website for informational, educational or didactic purposes belong to their respective owners.
Amendments
A&F reserves the right to change the content of this policy also due to changes in the law and invites users to view them periodically to keep up to date with the data collected and the related use made by A&F.