This page describes the procedures for managing the website www.aurigaspa.com with reference to the processing of personal data of users who consult it. The personal data provided by users are treated confidentially and used for the sole purpose of executing the requests made, in compliance with the specific information provided pursuant to Article 13 of Italian Legislative Decree 196/2003, and Article 13 of Regulation (EU) 2016/679 (hereinafter "GDPR"), containing provisions relating to the protection of personal data of natural persons.
1. DATA CONTROLLER
The Data Controller referred to in this policy is Auriga SpA with registered office in Altamura (BA) at Via Selva 101 and operational headquarters in Bari at Via Don Luigi Guanella 17; VAT number 05566820725.
2. PURPOSE OF THE DATA
The data are processed by Auriga S.p.A. for the following purposes:
- marketing activities through the sending of promotional and informative material;
- completion of the selection process regarding the sending of the curriculum vitae within the Careers section;
- reporting and invitations to industry events, including follow-up for content sharing;
- management, analysis and optimisation of marketing activities, including website analysis and auditing;
- providing, improving and optimising the performance of our services;
- core business development and new services to be integrated into the product portfolio;
- carrying out surveys and searches; managing contact and user support requests;
- fulfilment of all obligations in relation to the whistleblowing policy adopted by Auriga in accordance with Legislative Decree No. 24 of 10 March 2023.
- user profiling.
3. RIGHTS OF THE DATA SUBJECT
The subjects to whom the personal data refer, pursuant to Article 7 of Italian Legislative Decree 196/2003 and Articles 15-22 GDPR, may exercise the right to:
- Request confirmation of the existence or otherwise of their personal data;
- obtain information on the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data has been or will be communicated and, where possible, the retention period;
- obtain the rectification and erasure of the data;
- obtain the restriction of the processing;
- obtain data portability, i.e. to receive personal data from the Data Controller in a structured, commonly used and machine-readable format and have the right to transmit such data to another Data Controller without hindrance;
- object to the processing at any time, including the case of processing for direct marketing purposes;
- oppose an automated decision-making process relating to natural persons, including profiling, where this is implemented.
The rights can be exercised with a request sent to Auriga S.p.A. at the email firstname.lastname@example.org.
4. TYPE OF DATA PROCESSED
When browsing the Auriga Website, the following information may be collected and stored in the server log files (hosting) of the site:
- Internet protocol (IP) address;
- settings of the device used to connect to the website;
- name of the Internet Service Provider (ISP);
- visit date and time;
- visit time per page (bounce rate).
By subscribing to the newsletter "Let's connect with Auriga" the following data is provided:
By sending their curriculum vitae within the Careers section, on the other hand, the following data are collected:
- main telephone;
- date of birth;
- all personal data contained within the curriculum vitae uploaded to the platform.
Finally, by filling out the contact form in the 'contacts' section, the following are collected:
5. LEGAL BASIS FOR DATA PROCESSING
The personal data referred to in point 4 processed by Auriga have been provided by the user.
The user can revoke their consent at any time, by requesting it at the following email address email@example.com
Auriga processes the personal data it needs to fulfil the aforementioned purposes on the basis of Article 6 (1) (b) GDPR.
Other personal data will be processed in accordance with Article 6 (1) (f) GDPR for the pursuit of Auriga's legitimate interests, e.g. for the optimised and technically error-free provision of the Service referred to in the App.
In addition, it may be necessary to process personal data in order to fulfil a legal obligation to which Auriga is subject (Article 6 (1) (c) GDPR or for the protection of the fundamental interests of the User (Article 6 (1) (d) GDPR).
6. DATA RETENTION PERIOD
Auriga will retain your personal data only for as long as is reasonably necessary to fulfil the purposes for which it was collected.
With specific regard to data acquired for the purposes of Article 2 letter h), Auriga will keep the user's personal data for a maximum of 5 (five) years.
Auriga may retain the User's personal data for an even longer period provided for by specific legal obligations or by applicable legislation and therefore for compliance purposes. This is carried out in any case without prejudice to the storage of the data referred to in point 4 for the purposes of protection in court provided for by the applicable legislation. To determine the appropriate retention period for personal data, Auriga considers the amount, nature and sensitivity of personal data, the potential risk of damage resulting from the unauthorised use or disclosure of the User's personal data, the purposes for which Auriga processes the User's personal data and whether it can achieve such purposes through other means.
In any case, it may occur that the European or national legislator imposes a longer retention period. In such cases, the data will not be deleted or blocked until the corresponding retention period has expired. After this period, the data will be permanently deleted.
7. DISCLOSURE OF THE USER'S PERSONAL DATA
Auriga may disclose the User's personal data – only when necessary for the provision of the service and always for the purposes referred to in point 2 – to its employees and/or consultants, in their capacity as internal data processors and/or system administrators and to all companies controlled by it.
These companies process data on behalf of Auriga as Data Processors.
Without the express consent of the user, the data may not be transferred to third parties for their use for their own purposes, and therefore outside the access referred to in the previous art. 6.
In any case, personal data will not be subject to disclosure.
The Data Controller has adopted a variety of security measures to protect the data referred to in point 4 against the risk of loss, abuse or alteration, consistent with the measures expressed in art. 32 GDPR.
This statement may be subject to change. We therefore recommend regularly checking this Policy and referring to the most recently updated version thereof.