Privacy and Cookie Policy
Information provided pursuant to Art. 13 of the European Regulation No. 679/2016 (GDPR)
This document has been prepared following the principles of Legislative Decree 196/2003 and the EU Regulation 2016/679 (GDPR) on the protection of personal data (hereinafter: “Regulation”) to allow users to know our privacy policy, to understand how their personal information is handled when they use our site and, in case, to give an express and informed consent to the processing of their personal data.
By our site, we mean www.weareproject.com (hereinafter referred to as the “Site”), the sites dependent on the domain www.weareproject.com listed in point 4. , and not other websites that the user may consult via links on the Site.
The information and data provided by users or otherwise acquired during the use of navigation services and access to the reserved area of the Site (hereinafter “Services”) will be processed in compliance with the provisions of the Regulations and the confidentiality obligations that inspire the activity of Project Informatica Srl Unipersonale (hereinafter “Project”).
Following the provisions of the Regulation, the processing carried out by Project will be based on the principles of lawfulness, correctness, transparency, purpose limitation and conservation, data minimisation, accuracy, integrity and confidentiality, as well as the principle of accountability set out in art. 5 of the Regulation.
Specific security measures are observed to prevent data loss, unlawful or incorrect use and unauthorised access.
1 – General information
Users (hereinafter referred to as “data subjects”, ex. Art. 4, c.1 of the GDPR) are informed of the following general profiles, valid for all areas of processing:
- the Data Controller is the undersigned Company, in the person of its legal representative:
Project Informatica srl Unipersonale, Via Carlo Cattaneo, 6 – 24040 Stezzano (BG)
Telephone: 035 2050 301
Fax: 035 4540293
E-Mail: privacy@project.it - The Data Controller has appointed a Data Protection Officer (DPO) who can be contacted to exercise all the rights provided for by Articles 15 to 21 of the GDPR: the right of access, rectification, cancellation, limitation, portability, objection, as well as the right to revoke a previously granted consent; in the event of failure to respond to their requests, data subjects may lodge a complaint with the Data Protection Authority (pursuant to Article 13, paragraph 2, letter d of the GDPR).
E-Mail DPO: privacy.dpo@project.it
2 – Specific information
2.1 – Browsing data
This article describes the methods for managing personal data acquired through this site (navigation logs and cookies) and the services connected to it that involve interaction with the user.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
2.1.1 – Purpose and legal basis for processing (GDPR Article 13(1)(c))
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation. The data could also be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the site (legitimate interests of the owner).
2.1.2 – Scope of communication (GDPR Art.13, paragraph 1, letters e, f)
The data are processed exclusively by internal staff or authorised collaborators, duly authorised and instructed to process them (GDPR Art. 29) and will not be disclosed to external parties, disseminated or transferred to non-EU countries. Only in the event of an investigation may they be made available to the competent authorities.
2.1.3 – Data retention period (GDPR, Art.13, para. 2, lett. a)
The data are normally retained for short periods, except for any extensions connected with investigation activities.
2.1.4 – Conferment (GDPR-Art. 13, para. 2, lett.f)
The provision of data is necessary for the operation of the site.
2.2 – Contact
The optional, explicit and voluntary sending of electronic and/or ordinary mail to the addresses indicated in the “Contacts” section and any case present on this site, entails the acquisition of the sender’s address as well as any other personal data contained in the communication itself, to respond to requests.
The sender may contact Project through the following forms that can be filled in on the Site:
- Contact request (name, surname, company, e-mail, telephone)
- You & Project Portal Account Creation
- Creation of Project e-shop portal account
- Technical Support Enquiry
- Registration Form Events
2.2.1 – Purpose and legal basis for processing (GDPR Art.13, paragraph 1, lett. c)
The data are processed to respond to requests sent by the data subject by filling in the forms provided for each service. The legal basis for the processing is represented by the terms of use of the site (Art. 6 lett. b) GDPR). For commercial purposes aimed at establishing a contract with the company, the contact data of employees and collaborators of potential customers, suppliers and partners will be processed. The data will be processed by electronic means, such as so-called “digital business cards”, for the time strictly necessary to establish the contractual relationship between the companies, in any case for no longer than one year. Subsequently, the data may be subject to further processing for contractual purposes, in the event of a positive outcome of the negotiation, or for marketing purposes, if specific consent to that effect has been given.
2.2.2 – Scope of communication (GDPR, Art.13, para. 1, lett. e, f)
The data are processed by internal staff, duly authorised and trained to process them (GDPR Art. 29) and will not be disclosed to external parties, disseminated or transferred to non-EU countries; however, there is a possibility that your data may be disclosed to parties involved in the sender’s request (e.g. vendors or suppliers).
2.2.3 – Data retention period (GDPR-Art.13, paragraph 2, lett.a)
The data retention period is commensurate with the purposes for which the data are conferred, concerning each of the functionalities listed in point 2.2.
2.2.4 – Conferment (GDPR-Art.13, paragraph 2, lett.f)
The provision of personal data is necessary to respond to the Sender’s requests or for the operation of the service.
2.3 – Newsletter
Subscription to the newsletter service involves receiving communications about the activities and services offered by the data controller to its customers. Subscription includes providing an email address to which periodic communications will be sent, along with monitoring the level of satisfaction/engagement with the content.
2.3.1 – Purpose and legal basis for processing (GDPR Art.13, paragraph 1, lett. c)
The data are processed to inform the data subject about the services and events of the data controller. The legal basis for the processing is consent (Art. 6 lett. a) GDPR).
2.3.2 – Scope of communication (GDPR, Art.13, para. 1, lett. e, f)
The data are processed by internal staff, duly authorised and trained to process them (GDPR Art. 29) and will not be disclosed to external parties, disseminated or transferred to non-EU countries; however, there is a possibility that your data may be disclosed to parties involved in the sender’s request (e.g. vendors or suppliers).
2.3.3 – Data retention period (GDPR-Art.13, paragraph 2, lett.a)
The data will be retained until consent is revoked by the data subject.
2.3.4 – Conferment (GDPR-Art.13, paragraph 2, lett.f)
The provision of personal data is optional. The data subject may revoke his or her consent.
2.4 – Spontaneous applications
2.4.1 – Purpose and legal basis of processing (GDPR-Art.13, paragraph 1, lett. c)
Personal data are sent by the data subject by sending a curriculum vitae or filling in the fields provided. The data are processed for activities prior to the formalisation of a possible employment contract.
2.4.2 – Scope of communication (GDPR, Art.13, para. 1, lett. e, f)
The data are processed exclusively by internal staff employed, duly authorised and trained in processing (GDPR Art. 29) and will not be disclosed to external parties, disseminated or transferred to non-EU countries.
2.4.3 – Data retention period (GDPR-Article 13(2)(a))
Data are retained for six months.
2.4.4 – Conferment (GDPR-Art.13, paragraph 2, lett.f)
The provision of personal data is optional, however, failure to provide the data and consent to its processing may result in the impossibility of carrying out a proper assessment of the position for the selection itself and consequently, the impossibility for the company to manage the application.
2.5 – Whistleblowing
2.5.1 – Purpose and legal basis of the processing (GDPR Art.13, paragraph 1, lett. c)
The processing relating to whistleblowing is discussed in its most up-to-date version at the following link
3 – Cookie
3.1 – Definition of cookies
Cookies are small text files that are sent to your computer. This site uses the following types of cookies:
3.1.1 – Technical session cookies
The use of so-called session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the site to be explored safely and efficiently. The so-called session cookies used in this site avoid the use of other information technology techniques potentially prejudicial to the confidentiality of users’ browsing and do not allow the acquisition of personal data identifying the user. These cookies are processed by computer.
There are additional technical cookies that are essential for the website to function properly. These cookies make it possible to provide the services requested by users and to navigate the site using its best performance. This type of cookie cannot be disabled as the site must function properly.
3.1.2 – Analytics cookies
This website uses Google Analytics, a web analysis service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted anonymously and stored by Google on servers in the United States. Google (the data controller) will use this information to evaluate your use of the website. In particular, it is aimed at identifying which pages are the most viewed by users/visitors of the site, how long they stayed on the site and the geographical area of origin. This information is only processed for statistical purposes and anonymously. In any case, these cookies cannot be used to make profiling or identify particular users, but are only used for statistical purposes in aggregate form.
Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, but this may prevent you from using the full functionality of this website.
More information can be found at http://www.google.com/policies/privacy
3.1.3 – Third-party profiling/advertising cookies (eshop.project.co.uk only)
While browsing the Site, the user may also receive cookies from different sites or web servers (so-called “third-party” cookies): this happens because the Site may contain elements such for example, images, maps, specific links to web pages of other domains that reside on servers other than the one on which the requested page is located. In other words, these cookies are set directly by operators of websites or servers other than the Site.
These cookies may be sent to the user’s browser by third-party companies directly from their websites and can be accessed by navigating from the Site. In such cases, Project is extraneous to the operation of such cookies, the sending of which falls under the responsibility of such third-party companies. As clarified by the Privacy Guarantor: “The obligation to inform the user about the use of cookies and to obtain their prior consent, if any, lies with the operator of the site that uses them, in its capacity as data controller. Where a site also permits the transmission of ‘third-party’ cookies, the information and acquisition of consent are normally the responsibility of the third party. The user must be adequately informed, albeit in the simplified manner provided for by law, when accessing the site that allows the storage of third-party cookies, or when accessing the content provided by the third party and, in any case, before the cookies are downloaded on his terminal”.
3.2 – How to manage/disable cookies
Each browser has different procedures for managing cookies, below are links to the specific instructions for the most popular ones:
- Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11
- Google Chrome: https://support.google.com/accounts/answer/61416?hl=it
- Apple Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT
- Mozilla Firefox: https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
4 – Sites and services associated with project.co.uk
- https://www.project.it
- https://you.project.it
- https://sso.project.it
- https://eshop.project.it
5 – Update of this document
Last updated on 09/02/2023. This update is carried out as part of a policy of constant review of information.
Any updates will always be published on this page.