Privacy Policy

Data Controller

The Data Controller is:

DINOVA S.r.l.  – Via dei Lapidari 12, 40129 Bologna, (Italy) – Tel.: +39 0516120291

email: privacy@dinova.one PEC: dinova@legalmail.it

National insurance number 03008670360; VAT number: 03008670360

Typology of personal data collected

Below are the types of data collected through the Dinova website.

Data collected when browsing the Dinova Web Site. The computer systems underlying the functioning of the Web Site acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected for the purpose of being associated with identified subjects, but by its very nature could, through processing and matching with information held by third parties, allow the identification of the User ("Data Subject" pursuant to Article 4 of the Regulations, i.e. the natural person to whom the personal data refer).

These information may include:

• the browser type and version
• the operating system and interface
• language preferences
• the website from which you are visiting us (referrer URL)
• web pages you are visiting on our website
• date and time of your visit
• your Internet Protocol (IP) address

This data is used for the sole purpose of keeping track of the traffic developed by the Website, to obtain anonymous statistical information on the use of the site and to check its correct functioning. This data could also be used, exclusively upon request by Judicial Authorities and in compliance with the laws in force, for the investigation of computer crimes.

Data processed using cookies

The DINOVA website uses cookies, and similar technologies, during its operation. Please consult the specific section “Cookie Policy ”.

Data collected by subscribing to the Newsletter. 

When subscribing to the newsletter via the Dinova website to receive information on products, services and special events, personal data are collected via the relevant subscription form.

Data collected by filling in the forms (web form) on the Website

By using the forms (web forms) on the Web Site, the following personal data may be collected by Dinova:

Section 'Contact us' (to provide information requested by the User, by email or telephone contact):

• First name and second name
• Email address
• Telephone number
• The content of your request

“Recruiting” section (to manage the applications received in relation to the open positions published on the website):

• First name and second name
• National insurance number
• Email address
• The data in the Curriculum Vitae

IMPORTANT NOTICES

The Dinova Website does not offer services specifically directed to minors under 16 years of age and does not knowingly collect their data. If the User believes that they have provided personal data by or concerning minors, they can contact DINOVA using the references given in the "Data Controller" section, requesting its cancellation.

It is recalled that the User assumes responsibility for the personal data of third parties when provided through the Web Site, and warrants that they have the right to communicate them, releasing Dinova from any liability.

Purpose of data processing and legal bases

Dinova processes personal data only where the following legal bases are in place:

• to fulfil any applicable legal/regulatory obligations;
• to perform the services requested through the use of forms on the website (e.g. newsletter subscription or application for a job position);
• to pursue our legitimate interests or those of third parties;
• once we have received your consent to our specific use.

The purposes for which Dinova uses and processes the User's personal data and the legal basis on which the processing is carried out are set out below.

Purpose of personal data processing	Legal basis
Send communications to the User about products, services, news and events.	Dinova will send electronic communications if the User has consented to such communications (e.g. Newsletter). Regarding other communications, it is in Dinova's legitimate interest to communicate to the User information about products, services, promotions, offers, news and events. This use is considered proportionate and not prejudicial or harmful to the User.
Providing advertising and offers based on online interests and activities	Advertisements and offers based on online interests and activities will only be sent if the user has consented to this processing.
Improving the Website, through the User's experience and judgements on the quality of the service.	It is in Dinova's legitimate interest to improve its offer. This use is considered proportionate and not detrimental or harmful to the User.
Provide the information and services requested by the User.	It is necessary to process the User's personal data in order to provide the information and services requested as a result of filling in forms (web forms).
Managing the website, including troubleshooting, data analysis, testing, research, to keep it safe and secure and to prevent and detect fraud and abuse.	It is in Dinova's legitimate interest to continuously monitor and improve the services and experience of the Website and to ensure network security. This use is considered proportionate and not detrimental or harmful to the User.
Manage participation in the personnel search and selection process for the evaluation of applications received in relation to open positions published on the website.	Dinova shall proceed in the execution of pre-contractual measures taken at the Candidate's request arising from the application proposal received, and in fulfilment of legal obligations related to the relationship itself.

Failure to provide personal data - Consequences

When personal data is collected via web forms, mandatory fields are indicated by means of asterisks. Failure by the user to provide data marked with an asterisk prevents the form from being used.

How and where personal data are processed

The processing of the User's personal data is carried out using appropriate procedures and measures to protect the security of the User's personal data in terms of integrity, confidentiality and availability.

Personal data acquired through the website are processed (stored) on servers at the headquarters or data centres of DINOVA, all located on Italian territory. Their processing is carried out exclusively by the technical staff of the company, explicitly appointed for the processing purposes indicated in the section "Purposes of the processing and legal bases". No personal data is communicated to third parties or transferred outside Italian territory.

Spoofing, phishing and other risks

Specific security measures are observed to prevent data loss, illegal or incorrect use and unauthorised access. Despite Dinova's best efforts, it is not possible to guarantee that the transmission of data over the Internet is 100% secure. Although the Company uses commercially reasonable means to ensure the security of information transmitted by the User, it is not possible to guarantee that such information will not be intercepted by third parties (Spoofing). However, Dinova is committed to prosecuting any unauthorised or fraudulent actions to the fullest extent permitted by law.

Phishing, Vishing, Smishing, and other types of attacks are common Internet scams. These scams can occur when you receive e-mails, messages, or phone calls from what appears to be a legitimate source and in which you are asked to provide personal information. Please note that Dinova will never send e-mails, messages or make phone calls asking the User to verify payment card or banking information. In the event of receiving requests that appear to come from Dinova of this nature, the User must NEVER respond and/or click on any hypertext links.

Personal data retention periods

Dinova will keep the User's personal data for no longer than is necessary for the purposes for which the personal data are collected and processed as indicated in the section "Purposes of the processing and legal bases".

Specifically:

• Automatically collected browsing data are stored for 6 (six) months, and subsequently processed, for statistical purposes, in a way that no longer allows personal identification of the User. Longer retention periods may be imposed by applicable laws on security and criminal investigation.
• Data collected through subscription to the "Newsletter" will be retained until the User revokes consent by unsubscribing. If the frequency of Newsletter sending is less than 6 months, Dinova shall send the User a verification communication containing the unsubscription link. To unsubscribe from the "Newsletter" or no longer receive e-mails from Dinova, the User need only click on the "Unsubscribe" link at the bottom of each communication received.
• The data collected by filling in the form in the "Contacts" section will normally be kept for 24 (twenty-four) months (2 years), subject to the User's request for deletion when exercising his or her rights (see section 'Exercise of data subject's rights')
• The data collected by filling in the "Recruiting" Section form shall be kept until the Candidate expresses the will to delete his/her personal data and in any case no longer than eighteen (18) months from the moment of their acquisition, after which DINOVA shall delete them.

With regard to Cookies, the retention times are those indicated in the cookie banner and in the detail of the User's preferences with regard to the specific selection made and which is set out on the "Your Cookie Preferences" page

Communication of personal data

Dinova will not sell the User's personal data for a fee. DINOVA may share personal data in limited circumstances, such as to conduct its business, and share some data (e-mail addresses) in rare circumstances with the companies of the Maggioli Group in order to give communications to the User about the companies, new products, services, promotions, offers, news and events.

Exercise of data subject's rights

Dinova always guarantees the right to know the processing of personal data and its purpose, as well as the possibility to withdraw consent in the event that this is the legal basis for the processing of personal data. In particular, the User may exercise the following rights (*):

• Right of access: The User has the right to request confirmation as to whether Dinova is processing his or her personal data and to access this and related information.
• Right to rectification: Users have the right to have their personal data corrected, as permitted by law.
• Right of deletion: the User has the right to request deletion of their personal data, as permitted by law.
• Right to restriction of processing: the User has the right to request the restriction of processing in limited circumstances.
• Right to data portability: the User has the right to receive the personal data provided, in a structured, commonly used and machine-readable format, as well as the right to transmit such information to another data controller, and to request the direct transmission of such data, where technically feasible.
• Right to object: Users have the right to object to the processing of their personal data, as permitted by law, in limited circumstances.

(*) questi diritti si applicano solo alle persone fisiche residenti nell’Unione Europea.

To exercise any of these rights, the User may use the references given in the "Data Controller" section, indicating in the subject line of the communication that it is a request "Exercise of Rights under EU Regulation No. 2016/679".

Please note that the above rights are not absolute and Dinova may refuse requests, in whole or in part, where exceptions under applicable law apply. You have the right to receive a copy of your personal data being processed. If additional copies are requested, Dinova may charge a reasonable fee based on administrative costs. The right to obtain a copy shall not infringe the rights and freedoms of others.

In the event that the User requests to exercise his/her rights, Dinova may need to verify his/her identity and, therefore, request essential identification and contact data from the User. Any limitations on the exercise of the User's rights and the consequent obligations of Dinova may be imposed by applicable law.

Should the User consider that the data processing carried out by Dinova is in breach of the provisions of the GDPR, they have the right to lodge a written complaint with the appropriate courts pursuant to Article 79 of the GDPR. The Data Controller, whom you may contact to assert the rights set forth in Articles 15 to 22 of the Regulation and in the national legislation in force, is the one identified in the epigraph and can be reached at privacy@dinova.one

The User also has the right to lodge a complaint with the Data Protection Authority pursuant to Article 77 of the GDPR (https://www.garanteprivacy.it/web/garante-privacy-en/home_en).

Cookie management

The Dinova Web Site uses cookies, and similar technologies, during its operation. Please consult the specific section “Cookie Policy ”.