Logo di 3ways
Contact
Logo di 3ways
Contact

Processing of Personal Data

3ways srl (hereinafter also referred to as ‘3ways’), in its capacity as Personal Data Controller, informs you that the website is a showcase website and that only for the spontaneous sending of curricula vitae et studiorum is the provision of Personal Data required, which will be processed in full compliance with European Regulation 2016/679 (hereinafter referred to as ‘GDPR’), the Privacy Code (Legislative Decree 196/2003 and subsequent amendments and additions), the provisions of the Privacy Guarantor and the relevant regulations.

Pursuant to the aforementioned regulations, such processing will be based on the principles of correctness, lawfulness and transparency, protecting the confidentiality and rights of the Data Subject.

Changes to this Information Notice

3ways srl reserves the right to make changes to this Information Notice at any time, informing the Data Subject of such changes on the specific web pages in the ‘Privacy Policy’ section: we therefore kindly ask you to consult the section often, referring to the date of the last change indicated at the bottom of the text.

In the event of non-acceptance of the changes made to this Policy, the Data Subject may exercise his/her rights by using the appropriate function in the reserved area or by making a request directly to the Data Controller, as indicated under ‘Data Subjects’ Rights’.

Unless otherwise specified, the previous Privacy Policy will continue to apply to Personal Data processed up to that point.

The Data Controller, Data Protection Officer and Data Processors

The Data Controller is 3ways srl with registered office in Rome, via Firenze n.47/a, P.IVA /CF 12322621009.

3ways srl has appointed a Data Protection Officer or Data Protection Officer (DPO) who can be contacted at the email address danivota@yahoo.it.

The full list of Data Protection Officers is available upon written request to the Data Controller.

The Purposes of the Processing and the Legal Basis.

The Personal Data processed are those conferred directly by the Data Subject, or those acquired automatically during navigation (hereinafter, ‘Personal Data’):

  • Spontaneous sending of curriculum through the website
  • Spontaneous sending of contact request through the Let’s talk form

Legal basis of the processing: Article 6 paragraph 1, letter f) of the GDPR: legitimate interest of the Data Controller in the selection of personnel and response to the contact request

The modalities of the processing and its security.

Data processing means “any operation or set of operations, carried out with or without the help of electronic or automated means, concerning the collection, recording, organisation, storage, processing, modification, extraction, comparison, use, communication, dissemination, interconnection, blocking, erasure, destruction and selection of data”.

Personal Data will be processed mainly in automated form, but also on paper, with logics strictly related to the stated purposes, by way of example through:

  • Computer databases;
  • Electronic platforms managed by 3ways srl or by third parties appointed as Data Processors;
  • Integrated systems of an IT nature;
  • Websites owned or used by 3ways srl

The Data Controller has adopted appropriate security measures to protect the Data Subject against the risk of loss, misuse or alteration of Personal Data. 3ways srl and its suppliers are committed to maintaining and increasing the physical, electronic and procedural security measures in place to protect Personal Data, in accordance with the requirements of national and European legislation.

Duration of processing.

The data provided shall be kept for the time necessary to fulfil the specific purposes indicated above, in accordance with the principle of minimisation of processing, namely 6 months.

Once the aforementioned retention periods have expired, the personal data will be destroyed or rendered anonymous, compatibly with the technical procedures for deletion and backup.

The data contained in the Let’s talk form will be retained solely for the purpose of contacting the person concerned and, in the absence of commercial continuation, destroyed.

Place of processing and contact details of the Data Controller.

Personal Data are mainly processed at the Data Controller’s registered office in Rome, via Firenze n.47/a and/or in its other offices and/or in the places where the appointed Data Processors are located. For further information on the processing of Personal Data, the Data Subject may contact the Data Controller by writing an email to info@3ways.it

The nature and procedures for the provision of Personal Data by the Data Subject.

The provision of Personal Data is optional and, in the case of sending the CV and contact request, spontaneous and voluntary on the part of the data subject.

Categories of Personal Data processed and their treatment.

The Data Controller processes only so-called ‘common’ Personal Data and does not in any case require the provision of special data pursuant to Article 9 GDPR, as specified in the ad hoc information for sending the curriculum and the contact request.

Reference is made, purely by way of example but not limited to, to so-called ‘cookies’ (as better specified below), “IP” addresses, domain names of the computers used by the Data Subject connecting to the Site, the addresses in ‘Url’ notation of the resources requested, geographical location.

Data processing is carried out manually and with the aid of computer tools, by persons appointed, instructed and in charge of data processing, observing all the security measures prescribed by law; the Data Controller ensures that it has put in place all the measures deemed necessary and/or appropriate to maintain the integrity of the data, to prevent their loss, including accidental loss, as well as unauthorised access.

There is no automated decision-making or profiling.

Categories of persons who may become aware of the Personal Data of the Data Subjects.

Personal Data may be brought to the attention of employees or collaborators of the Controller who, operating under the direct authority of the latter, have received adequate operating instructions in this respect.

Personal Data will be processed by 3ways’ employees, with particular reference to the Information Systems and HR Areas.

Personal Data may also be brought to the attention of third party companies or other entities that carry out outsourcing activities on behalf of 3ways srl, and that – where required by European legislation on the protection of Personal Data – have been duly appointed as Data Processors pursuant to Article 28 of the GDPR. These are, by way of example but not limited to, subjects to whom assistance and consultancy activities are entrusted, IT service providers, managers and/or developers of websites or applications, managers of electronic platforms.

Use of Cookies.

The site uses only technical cookies

Cookies and other third party platforms

3ways srl does not use other third party platforms

Disclosure of the Personal Data of the Data Subjects.

Personal Data will not be disclosed to third parties except as indicated in the sections ‘Categories of persons who may become aware of the Personal Data of the Data Subjects’. Personal Data will not be disseminated.

Transfer outside the EU of the Personal Data of the Data Subjects.

Personal Data will not be transferred to non-EU countries or to international organisations

The rights of the Data Subject.

The Data Subject may at any time exercise against the Data Controller the rights recognised by Articles 7 and 15 to 21 of the GDPR.

The Data Subject is recognised:

  • The right of access: to obtain confirmation or otherwise of the ongoing processing of Personal Data and in that case to obtain access to such data and to specific information listed in Article 15 GDPR (e.g. purpose of the processing, categories of the data in question, the recipients to whom the data will be communicated, The existence of an automated decision-making process, including profiling);
  • The right to rectification: to obtain the rectification or integration of Personal Data that are inaccurate or incomplete without undue delay. In this case, the obligation arises on the part of the Data Controller to communicate the rectification to all recipients to whom the data have been transmitted, unless this involves a disproportionate effort;
  • the right to erasure: to obtain the erasure of Personal Data, under certain conditions set out in Article 17 GDPR, without undue delay (e.g. if the Personal Data is no longer necessary in relation to the purposes for which it was collected or processed; if consent has been withdrawn or objection to processing has been made and there is no longer any legitimate reason to process the Personal Data; if it must be erased due to a legal obligation). In this case, an obligation arises on the part of the Data Controller to communicate the erasure to all recipients to whom the data have been transmitted, unless this would involve a disproportionate effort;
  • The right to restriction of processing: to obtain the restriction of processing if one of the cases of Article 18 GDPR applies. In case of limitation, Personal Data will only be processed, except for storage, with prior consent or for the establishment, exercise of rights or defence of the Controller or a third party or for reasons of important public interest. In this case, an obligation arises on the part of the Controller to communicate the restriction of processing to all recipients to whom the data have been transmitted, unless this would involve a disproportionate effort;
  • The right to data portability: to obtain the return of the Personal Data provided, in a structured, commonly used and machine-readable format or transmission from one Data Controller to another without hindrance, in the cases provided for in Article 20 GDPR;
  • The right to object: to object at any time, in the cases indicated in Article 21 GDPR, to the processing of Personal Data provided that there are no legitimate reasons, which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of a legal claim;

In addition, the Data Subject may lodge a complaint with the competent Supervisory Authority, if he/she considers that his/her fundamental rights and freedoms have been violated, in the manner, for example, indicated on the page www.garanteprivacy.it.

In order to exercise their rights, they may contact the address indicated in the section “The Data Controller and the Data Processors” by post or by e-mail at info@3ways.it.

Scroll to Top