Privacy policy – Hermes
Pursuant to Article 13 of the European Regulation 2016/679 (the “Privacy Regulation”), HUB 55 SRL intends to inform all users and/or visitors of the website WWW.HERMESCORPORATE.IT (respectively referred to as the “Users” and the “Site”) about the use of personal data, log files, and cookies collected through the Site itself.
1.Data Controller and Data Protection Officer
The Data Controller of personal data is HUB 55 SRL (Tax Code and VAT number 07222960481, with legal headquarters in Firenze (FI), Via Panciatichi 55, (hereinafter referred to as the “Data Controller”).
2. Data Collected by the Site:
a) automatically
- Browsing Data:
The computer systems and software procedures used to operate this Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.
These data, necessary for the web services use, are also processed for the purpose of:
- obtaining statistical information on the use of services
- checking the correct functioning of the services offered
Browsing data does not persist for more than 6 months (except for any need to ascertain crimes by the Judicial Authority).
b) provided by the User
- User-Provided Data:
The optional, explicit, and voluntary sending of data through the various form fields present on the Site, which involve the acquisition of the sender’s contact data, necessary to fulfill contact requests, services, and any assignment of credentials for restricted areas.
c) through cookies
The Site uses cookies, for which please refer to the extended “cookie policy” statement.
3. Types of Personal Data, Purposes, Legal Basis, and Retention Periods
The personal data requested and provided are necessary for us to allow access to the Site and the use of the following services:
Service type: Contact Area/Reminder .
Types of personal data collected: demographic information, contact details (e.g., email, phone numbers, etc.).
Purpose: to acquire, through the completion of a specific form, the references of the website users to meet requests for informational/commercial contact (Contact Area/Reminder).
Legal basis: contract execution for requests; consent in case of requesting authorization to send promotional or marketing material.
Retention period: until withdrawal of consent.
Service type: Newsletter
Types of personal data collected: demographic information, web contact data.
Purpose: to include the individual in the newsletter mailing list.
Legal basis: user’s consent.
Retention period: until withdrawal of consent or unsubscription.
Service type: Registration for “Searching for New Talents”
Types of personal data collected: demographic information, web contact data.
Purpose: to acquire, through the completion of a specific form, the demographic references of the website users to allow the submission of unsolicited applications.
Legal basis: user’s consent.
Retention period: 2 years.
The processing of data for the above purposes will be carried out in compliance with the Privacy Regulation and all specific sector regulations.
The data provided will be processed mainly by computer under the authority of the Data Controller, by persons specifically instructed, authorised and trained to process the data in accordance with Articles 28 and 29 of the Privacy Regulation. Please note that appropriate security measures are also observed pursuant to Articles 5 and 32 of the Privacy Regulation to prevent the loss of data, unlawful or incorrect use and unauthorised access.
4. Compulsory or optional nature of consent to provide data
The provision of data is optional, but if it is not provided it will not be possible to take advantage of certain services provided by the Site.
5. Where we may transmit the data
The data may be communicated, within the EU, in full compliance with the provisions of the Privacy Regulation, to the following entities:
(1) the financial administration and/or other public authorities, where required by law or at their request;
(2) the structures, subjects and external companies which the Data Controller uses to carry out activities connected with, instrumental to or consequent upon the performance of the Site services.
The information automatically collected by the Site may also be transferred to cloud servers of Third Parties also located outside the EU, if such processing is necessary for the performance of the Site services. The legal basis of such processing is therefore Article 49, paragraph 1, letter b of the Privacy Regulation.
6. Security Measures
Through the Site, data are processed in compliance with the applicable law and using appropriate security measures in accordance with the legislation in force, also pursuant to Articles 5 and 32 of the Privacy Regulation.
In this regard, we confirm, inter alia, the adoption of appropriate security measures aimed at preventing unauthorised access, theft, disclosure, modification or destruction of processed data.
7. Rights
Please be aware that you have the right to exercise your entitlements under Articles 15 et seq. of the Privacy Regulation at any time. This can be done by sending a written request to the Data Controller at the provided contact details. Such a request can facilitate:
- confirmation of whether or not your personal data exists, along with details of its source;
- verification of its accuracy, or the initiation of procedures to update, correct, or supplement the data;
- access to the data, its deletion, or the imposition of restrictions on its processing;
- conversion of the data into an anonymous format, or the blocking of data that has been processed unlawfully.
Furthermore, you retain the right to object to the processing of your personal data that has been consented to previously.
Regarding the Newsletter, please be informed that requests for unsubscribing can be made effectively through a designated link/button provided for that purpose.
8. Changes to the Privacy Policy
The Owner reserves the right to make changes to this Privacy Policy, replacing previous versions. This Privacy Policy was issued in September 2023.