ARTEMEST S.R.L., with registered office in Milan, Via Savona 97, 20144, vat number 08791160966 (“ARTEMEST”) is an e-commerce company specialized design and home furniture.
Through this document, ARTEMEST, in its quality of data controller of the processing of personal data (hereinafter "Data Controller"), provides the information pursuant to art. 13 and following of EU Regulation 679/2016 (hereinafter "GDPR"), with reference to the processing of personal data of job applicants through the section “Careers” of the website www.artemest.com (“Website”).
1. TYPES OF DATA PROCESSED AND TYPES OF PROCESSING
a) DATA PROVIDED VOLUNTARILY FOR REGISTRATION TO THE RESERVED AREA OF THE WEBSITE AND CREATION OF A PROFILE. The data processed are: name, surname, mobile number, date of birth, e-mail, photograph. In the case of using the "Apply with LinkedIn" feature Artemest will have access to the data of your LinkedIn profile.
b) DATA PROVIDED VOLUNTARILY THROUGH THE "CAREERS" SECTION OF THE WEBSITE AS APPLICATION TO A SPECIFIC JOB POST OR TO THE SPONTANEOUS APPLICATION SECTION. The data subject to processing are those requested in the "Careers" section of the Website as well as those contained in your curriculum vitae and/or cover letter. The data that will be processed are among others: name, surname, mobile number, date of birth, e-mail, photograph as well as for example professional experience, studies, other certifications / diplomas, languages, computer skills, hobbies and personal interests etc.
c) DATA PROVIDED VOLUNTARY BY SENDING AN EMAIL TO email@example.com AS APPLICATION TO A SPECIFIC JOB POST OR TO THE SPONTANEOUS APPLICATION SECTION. The data subject to processing are those contained in your curriculum vitae and/or in the cover letter sent to the email address. The data processed are those contained in the documents sent by the applicant.
The applicant may indicate in the CV whether he/she belongs to a protected category. That information may reveal the state of health and is part of the special categories of data referred to in Article 9, paragraph 1 of GDPR and will be processed in accordance with current regulations (including the Italian Legislative Decree. N. 276/2003).
The applicant is requested not to indicate in his cv special categories of data (personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data intended for uniquely identify a natural person, data relating to health or sexual life or sexual orientation of the person).
2. PURPOSES OF THE PROCESSING AS WELL AS THE LEGAL BASIS FOR THE PROCESSING
Data will be processed by the Data Controller for:
- CREATING A PERSONAL PROFILE: for sending and management of the application for a job post in the Website. The legal basis for processing is art. 6, par. 1 letter b) of GDPR;
- EVALUATION OF THE PROFESSIONAL PROFILE: To evaluate the application in response to a specific job post and/or for the purpose of a possible professional collaboration. The legal basis for processing is art. 6, par. 1, lett. b) of GDPR.
3. DURATION OF PROCESSING AND THE PERIOD FOR WHICH THE PERSONAL DATA WILL BE STORED
Both the data provided for the creation of the personal profile and the data provided with the application will be stores for the period strictly necessary for the pursuit of the objectives set forth in art. 2) hereinabove and also subsequently, for the fulfillment of legal obligations and/or for defensive purposes.
Artemest has the right to store personal data for up to 24 months from the date of registration to the Website or from the last activity with which the candidate has shown his/her interest (for example, updating or uploading a CV).
4. PROCESSING METHODS
The processing will be carried out both on paper and electronically, with the help of modern computer systems and manual procedures, only by persons expressly appointed for this purpose. The processing will take place with logic and through forms of organization of data strictly related to the obligations, tasks or purposes mentioned above. The Data Controller uses technical and organizational measures to protect the data in his possession from manipulation, loss, destruction and against access by unauthorized persons. Security measures are constantly improved on the basis of technological development.
5. MANDATORY/OPTIONAL NATURE OF PROVIDING DATA
Providing the data referred to in point 1) is optional. In case of refusal, however, ARTEMEST will not be able to evaluate the application for the purposes of a possible collaboration.
In the event that the candidate does not give consent to the processing of data suitable to reveal the state of health it will not be possible to process the data relating to his/her belonging to a protected category.
6. DATA DISCLOSURE
The User's personal data will be processed by parties authorized to perform these tasks, duly appointed as data processors or in charge of processing, equipped with security measures to guarantee the confidentiality of the data subjects to which the data refer and to avoid undue access to third parties or unauthorized personnel. If necessary, the data collected may be communicated, within the limits strictly relevant to the obligations, tasks or purposes referred to in point 2, to public or private subjects (legal and fiscal consultants, employment consultants, etc.) or competent Authorities for the purpose of prevention, detection or repression of crimes, with the observance of the rules that regulate the matter. No data will be disseminated.
The updated list of all Data Processors is available at Artemest’s office and may be requested at the following e-mail address firstname.lastname@example.org. Such list may be updated from time to time.
User's data, stored in electronic form, is stored on a server located in the European Union.
in electronic form, is stored on a server owned by BOOM located in the European Union.
7. USER’S RIGHTS
Each data subject (applicant) has the right to the following pursuant to articles 15 and following of the GDPR:
• Right to be informed;
• Right of access by the data subject;
• Right to rectification;
• Right to erasure (‘right to be forgotten’);
• Right to restriction of processing;
• Right to data portability;
• Right to object.
The data subject can therefore know what personal data are hold by the Data Controller, their origin and how they are used, request the updating, correction or integration and, in the cases provided for by the provisions in force, the cancellation, the limitation of treatment or oppose to their treatment. Each data subject may, if he/she wishes, request to receive a copy of the personal data held by the Data Controller in a format readable by electronic devices and, where technically possible, the Data Controller may transfer the data directly to a third party indicated by the data subject.
If the applicant considers that the processing of his/her personal data has been carried out illegitimately, he/she can file a complaint with one of the competent control Authorities for compliance with the rules on the protection of personal data. In Italy, the complaint can be filed to Garante per la Protezione dei Dati Personali (http://www.garanteprivacy.it/).
8. EXERCISE OF RIGHTS
The applicant may request at any time the cancellation or anonymization of his/her data or execersi his/her right as provided for in section 7) herein above, by using the proper function in the Website or by sending an email to email@example.com.