Privacy Policy

Updated on 27 April 2017

Welcome to halldis.com, the website of Halldis SpA.

Your privacy is very important to us and this is why we want to inform you of the methods by which we collect and use information concerning you.

Halldis SpA, the Data controller, with registered office in Milan, Piazza IV November no. 7, a Company belonging to the Windows on Europe Group, always takes great care over the treatment and protection of the personal data of its Clients, Users, Suppliers, Collaborators and all those with which it engages in relations.  For this reason, in order to guarantee the utmost respect for the regulations promulgated by the Legislative Decree of 30 June 2003, no. 196, our Company is furnished with a specific organisation, adopting a suitable Privacy Organisation Model.

This Privacy Policy concerns the methods we use all the personal information provided both through the functions of this website and through emails, by telephone, messages or paper correspondence.

Halldis SpA reserves the right, moreover, to amend this Privacy Policy at any time: we therefore ask you to return to this page frequently for the purpose of checking for any amendments. The use of the Website and our Services implies acceptance of our Privacy Policy, as updated from time to time.

Halldis Spa, in thanking you for providing your personal data, by means of the following Information Briefing given in accordance with article 13 of Legislative Decree 196/2003 (Privacy Code), makes you aware of the purposes and methods of treatment for which it is intended, distinguishing between:

  • Website users
  • Clients and Suppliers
  • Curricula Management

Your rights and the Data managers

Firstly, we remind you that, in accordance with art. 7 of Legislative Decree 196/2003, reported below, it is your right, among others, to be aware of your personal data treated by us, as well as to request supplements, corrections or deletions.

To exercise these rights, you can apply to our Privacy Officer at the following email address privacy.officer@windowsoneurope.com, or the postal address of the registered office of our organisation.

The complete list of all the data managers of personal data, appointed by us, can be obtained by contacting our Privacy Office.

Art. 7 (Right of access to personal data and other rights)

  1. The persons concerned have the right to obtain confirmation of the existence or otherwise of personal information concerning them, even if not yet registered, and communication of the information in intelligible form.  
  2. The persons concerned have the right to obtain an indication: a) of the origin of the personal data; b) of the purposes and methods of the treatment; c) of the logic applied in the case of treatment carried out with the aid of electronic instruments; d) of the identification details of the holder, the Managers and the designated representative in accordance with article 5, paragraph 2; e) of the subjects and categories of subjects to which the personal data may be communicated or who could become aware of it as designated representatives in the territory of the State, Managers or Employees.
  3. The persons concerned have the right to obtain: a) the updating, correction or, where necessary, the supplementing of the data; b) the deletion, conversion into anonymous form or blockage of data treated in breach of the law, including those where retention is not necessary for the purpose for which the data was collected and later treated; c) confirmation that those to whom the data has been communicated or disseminated have been made aware of the operations under letters a) and b), including as regards their content, except if such fulfilment proves impossible or leads to the use of means clearly disproportionate to the protected right.
  4. The parties concerned have the right to object, entirely or in part: a) for legitimate reasons, to the treatment of personal data concerning them, even if relevant to the purpose of the collection; b) to the treatment of personal data that concerns them for the purposes of sending advertising or direct sales material or to carry out market research or commercial communication.

Website User Information Briefing

The methods of managing the website are described on this page with regard to the treatment of the personal data of the users who consult it and use its functions. Such treatment is always based on principles of legality and propriety in compliance with all the current regulations.

This privacy policy is also presented as an Information Briefing, in accordance with art. 13 of Legislative Decree 196/03 (Italian regulations on the treatment of personal data in compliance with EC Directives 95-46), to all those who interact with the web services of this site, for the purpose of the protection of personal data, accessible by means of digital transmission, starting with the address www.halldis.com, corresponding to the home page of our website. The Information Briefing is made available only for our website and not for any other websites that may be consulted by the user via links. These are autonomous Data holders and therefore reference should be made to the websites in question.

The Information Briefing is also in compliance with Recommendation No. 2/2001, which the European authorities, for the protection of personal data, gathered as the Group established under art. 29 of the EC Directive No. 95/46, adopted on 17 May 2001, in order to identify certain minimum prerequisites for the on-line collection of personal data and, in particular, the methods, times and nature of the information that the Data controller must provide to users when the latter connect to web pages, irrespective of the purposes of the connection.

The treatment of the data freely granted by you will be carried out in compliance with the regulations in force. In particular, the treatment will be marked by the principles of propriety, legality and transparency; relevance, completeness and not in excess; the data will be collected and registered for the purposes referred to in the following point and retained for a period strictly necessary for the purposes.

Types of data treated, methods of the treatment, purposes of the treatment, optional or otherwise.

Navigation data

The computer systems and the software procedures assigned to the functioning of this website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of the Internet’s communication protocols.

This is information that is not collected in order to be associated to identified, interested parties but which, by its very nature, could, through processing and association with data held by third parties, allow the identification of the users.

This category of data includes IP addresses or the domain names of the computers used by users who connect to the site, the addresses in the URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply data from the server (correct outcome, error, etc.) and other parameters regarding the operating system and the digital environment of the user.

These data are used for the sole purpose of extracting anonymous statistical information on the use of the site and to check its proper functioning. These data are deleted immediately after processing. The data could be used to ascertain Liability in the event of computer crimes to the detriment of the website.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of information by filling in forms or sending electronic mail to the addresses shown on this website leads to the subsequent acquisition of the sender’s address and personal data, required to respond to the requests and/or provide the services requested, as well as any other personal data included in the correspondence (and in any attachments to it) or on the appropriate forms.

The information and emails received are stored for an indefinite time on the Servers of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (US), protected by appropriate measures and security procedures guaranteed by the certification of Google, including Google Inc. and its 100% owned subsidiary companies in the United States, in adherence to the principles of the Privacy Shield.

The persons concerned can exercise all the rights laid down by art. 7 of Legislative Decree 196/2003 reported at the beginning of this Privacy Policy and, in particular, they can know which of their data are stored in the archive and obtain their deletion by writing to our Privacy Officer at the email address privacy.officer@windowsoneurope.com.

The data will be treated with information technology and digital transmission methods in order to respond to the requests and/or provide the service requested. Granting the data is always optional and failure to do so would only lead to the impossibility of following up on the requests.

Your data may be communicated by us (the term ‘communicating’ means making them known to one or more determined subjects) to subjects that can access the data by virtue of the provisions of the law, regulations or community legislation, within the limits laid down by those regulations, in addition to subjects that need to access your data for auxiliary purposes for the relations undertaken between you and us, within the limits strictly necessary to carry out auxiliary tasks (credit institutes, by way of indication).

Subscriptions to the Newsletter

Whoever wishes to be promptly informed via email with regard to our initiatives can subscribe to our Newsletter by following the procedures indicated in the appropriate section of the website.

Anyone who subscribes to our Newsletter shall receive no more than one message a week, unless in cases of particular topicality. A short advertisement may be included in every message.

The personal information requested (email address) is essential for the service described above. It will be treated with automatic and/or manual procedures only for this purpose. It will not be communicated or disseminated. We remind you that, every time a Newsletter is received, you can easily remove yourself from our mailing list by clicking on the appropriate link at the foot of the Newsletter. You will be given immediate confirmation of the cessation of the treatment. After the deletion of an address, it can no longer be recovered.  You can follow this link for further information on our Profiling Policy aimed at sending you personalised

Cookies
Our Cookie Policy is available here.

Profiling
Our Profiling Policy is accessible here.

Place of treatment of the data and scope of communication or dissemination

The data connected to the web services of this site are treated at the registered office of our organisation only by technical personnel assigned to the treatment. The information treated may be transferred to a third-party country outside the European Union only in the event that that Country guarantees an adequate level of protection of personal data on the basis of a decision by the European Commission and subject to the appointment of the importer Subject as external data manager.

The data will also be transferred to and stored at the Servers of:

  • Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (US), protected by appropriate measures and security procedures guaranteed by the certification of Google, including Google Inc. and its 100% owned subsidiary companies in the United States, in adherence to the principles of the Privacy Shield.
  • Amazon, 410 Terry Ave. North, Seattle, WA 98109-5210 (US), protected by appropriate measures and security procedures guaranteed by the certification of Amazon in adherence to the principles of the Privacy Shield.
  • Future Simple Inc., Mountain View, CA, 850 North Shoreline Blvd (US), protected by appropriate measures and procedures guaranteed by the certification of Future Simple Inc.  in adherence to the principles of the Privacy Shield.

Your data may be communicated to parent, subsidiary or associated companies in accordance with article 2359 of the Civil Code, or to companies subject to common control for administrative and accounting purposes, as defined in article 34, paragraph 1-ter of Legislative Decree 196/2003, or those connected to the conduct of the activities of an organisational, administrative, financial and accounting nature, irrespective of the nature of the treated data.   

Your rights and the respective methods of exercising them are provided at the beginning of this Privacy Policy.

Information Briefing for Clients and Suppliers

Nature of the data treated

Halldis SpA treats your personal and tax data, as well as other personal data of an ordinary nature, required for the conduct of contractual relations, current or future, with our company.

Purpose of the treatment

Your data will be treated in relation to contractual requirements, and the consequent fulfilment of legal and tax obligations, as well as to enable the effective management of financial and commercial relations.

The data will be treated for the entire duration of the contractual relationship and, thereafter, for the execution of legal obligations and for administrative and commercial purposes.

Opposition to the treatment for commercial purposes: opt-out

The email or paper coordinates provided by you may be used by Halldis SpA for the purposes of the direct sending of its advertising material or direct sales or for carrying out its market research or commercial communication. This promotional activity may concern only goods and services similar to those concerned in the contractual relationship. We remind you that, at the time your data is collected by us and on the occasion of any communication made for the aforementioned purposes, you may object to the treatment simply by contacting our Manager, who can be contacted at the email address privacy@halldis.com, the postal address of the registered office of our organisation, or by clicking on the appropriate delete me link at the foot of the email sent to you. You will be given immediate confirmation of the cessation of the treatment.

Profiling
Our Profiling Policy is accessible here.

Method of the treatment

The treatment of the data takes place by the means of instruments and procedures suitable to ensure their security and confidentiality and can be carried out by means of paper media and with the aid of information technology.

Obligation or authorisation to grant the data

As regards the data we are obliged to be aware of in order to fulfil the obligations laid down by laws, regulations and community legislation, or the measures imparted by Authorities legitimated by law and supervisory and control bodies, failure to grant them by you shall lead to the impossibility of establishing or continuing with the relationship, within the limits in which these data are required for its execution. As regards the data that we are not obliged to know, failure to obtain them will be assessed by us from time to time and will determine the consequent decisions, in relation to their importance to our organisation of the data requested and not granted.

Scope of awareness and communication of your data

Directors, administrators, those assigned to the accounting, administration and operational management, and external consultants, may become aware of your data, exclusively as data managers or data processors appointed by the undersigned organisation. Your data may be communicated by us (the term ‘communicated’ means making them known to one or more determined subjects) to subjects who can access the data by virtue of the provisions of the law, regulations or community legislation, within the limits laid down by those regulations, in addition to subjects who need to access your data for purposes auxiliary to the relations undertaken between you and us, within the limits strictly necessary to carry out auxiliary tasks. They may also be communicated to parent, subsidiary or associated companies in accordance with article 2359 of the Civil Code, or to companies subject to common control for administrative and accounting purposes, as defined in article 34, paragraph 1-ter of Legislative Decree 196/2003, or those connected to the conduct of the activities of an organisational, administrative, financial and accounting nature, irrespective of the nature of the treated data. In particular, these purposes are pursued by internal organisational activities for the fulfilment of contractual and pre-contractual obligations, the management of the employment relations in all phases, the keeping of accounts and the application of the regulations on matters concerning tax, trade unions, social security and pensions, health, hygiene and safety in the workplace.

The information treated may be transferred to a third-party country outside the European Union only in the event that that Country guarantees an adequate level of protection of personal data on the basis of a decision by the European Commission and subject to the appointment of the importer Subject as external Data manager.

The data will also be transferred to and stored at the Servers of:

  • Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (US), protected by appropriate measures and security procedures guaranteed by the certification of Google, including Google Inc. and its 100% owned subsidiary companies in the United States, in adherence to the principles of the Privacy Shield.
  • Amazon, 410 Terry Ave. North, Seattle, WA 98109-5210 (US), protected by appropriate measures and procedures of security guaranteed by the certification of Amazon in adherence with the principles of the Privacy Shield.
  • Future Simple Inc., Mountain View, CA, 850 North Shoreline Blvd (US), protected by appropriate measures and procedures guaranteed by the certification of Future Simple Inc.  in adherence to the principles of the Privacy Shield.

In addition to the above, the transfer, including temporarily, of your personal data to a Country that does not belong to the European Union may only take place if necessary for the performance of obligations arising from a contract to which you are a party or to fulfil, before the conclusion of the contract, your specific requests, or for the conclusion or execution of a contract stipulated in your favour.

Your rights and the respective methods of exercising them are provided at the beginning of this Privacy Policy.

Information for Recruitment Candidates

Halldis SpA, in conducting personnel selection activities, pursues equality between male and female workers and does not discriminate against candidates of either gender, in compliance with Laws 903/77 and 125/91.

Your data, moreover, will be treated and safeguarded with the utmost confidentiality, care and diligence in compliance with the measures of Legislative Decree 196/2003 and in accordance with the methods given below.

Collection and nature of the data

The collection of the data takes place through the sending of Curriculum Vitae by those concerned. The collection may take place both through digital transmission (email or the attachment of appropriate forms) and on paper.

Purpose of the treatment

The treatment of personal data is carried out exclusively in the field of conducting activities of seeking, selecting and assessing personnel.

Mandatory and optional nature of granting the data

The granting of personal data by the person concerned and the sending of a Curriculum Vitae are optional: however, in the event of the failure to do so, we will not be able to carry out the activities of seeking, selecting and assessing personnel.

Scope of communication and dissemination of the data

Your data may become known to Managers or Employees assigned to their treatment by our company. Your data may also be communicated to third-party subjects that provide specific services or carry out activities that are connected, instrumental or in support of the methods and purposes for which your data has been supplied by you. They may also be communicated to parent, subsidiary or associated companies in accordance with article 2359 of the Civil Code, or to companies subject to common control for administrative and accounting purposes, as defined in article 34, paragraph 1-ter of Legislative Decree 196/2003, or those connected to the conduct of the activities of an organisational, administrative, financial and accounting nature, irrespective of the nature of the treated data.  In particular, these purposes are pursued by internal organisational activities for the fulfilment of contractual and pre-contractual obligations, the management of the employment relations in all phases, the keeping of accounts and the application of the regulations on matters concerning tax, trade unions, social security and pensions, health, hygiene and safety in the workplace.

Methods of the treatment and storage of the data

The treatment of the data will be conducted in compliance with the provisions of art. 11 of Legislative Decree no. 196/2003. The treatment of data will always take place with logic strictly related to the purposes indicated and with methods that guarantee the security and confidentiality of that data, through the adoption of suitable measures to prevent the alteration, deletion, destruction, unauthorised access or treatment not permitted or not in compliance with the purposes of the collection.

The data will be stored in our databases at the Servers of Google, protected by appropriate measures and security procedures guaranteed by the certification of Google, including Google Inc. and its 100% owned subsidiary companies in the United States, in adherence to the principles of the Privacy Shield.

The duration of the storage will be no longer than 18 months and, in any case, no longer than necessary to manage and monitor the process of research and selection.

 

Your rights and the respective methods of exercising them are provided at the beginning of this Privacy Policy.

 


TOP