Privacy Notice

This privacy notice provides a framework of understanding about the personal data that are collected by Human Age Institute Foundation (“hereinafter called the Data Controller”), as required by law including the provisions of the European Union’s General Data Protection Regulation (GDPR) and applies to users of our internet sites and apps.

 

Data Controller

The Data Controller is Human Age Institute Foundation with the registered office in Via Rossini 6/8 20122 Milan - Italy

The personal data collected will be controlled and processed by the Data Controller.  Additionally, personal data may be processed or jointly controlled by affiliates of the Data Controller.   

1. Information We Collect

We collect personal information about you in several ways: through our Websites and social media channels, during our events and via telephone and fax, through the applications and in connection with personal assumptions. The types of personal information we may collect are as follows (according to the extent permitted by local law):

• contact information (such as name, address, email address and telephone number);
• username and password if you are registered on our sites;
• age or date of birth;
• gender;
• previous work experience and education;
• linguistic and other working skills;
• other information that you may provide using the Sites (like photos or personal experiences) or, for example in surveys or through the "Contact Us" feature on our Sites;
• information contained in your resume or C.V., or information provided by you on your professional interests and other information concerning your useful qualifications.

In addition, we may collect information you provided to us about other individuals, such as information related to emergency contacts.

2. How we use the information collected

We use the above information to perform the following activities (according to the extent permitted by local law):

1. create and manage online accounts;
2. manage relations;
3. respond to individual requests;
4. monitor and support you in using effectively our Sites 
5. provide, operate, evaluate and improve our services (including developing, enhancing, analyzing them; managing our communications; performing data analytics; performing accounting, auditing and other internal functions);
6. protect against, detect and try to prevent fraud and other illegal activities, claims and responsibilities; 
7. comply with and enforce the legal requirements in force, applicable industry standards, contractual obligations and our policies.
8. send promotional materials, alerts regarding available positions and other communications;
9. inform about and manage participation in special events, promotions, programs, offers, surveys, contests and market research;

Your consent for the processing of your data we collected is required for the purposes set out above, with the clarification that any refusal would in fact makes it impossible for the Company to execute the aforementioned activities. 

If the Company intends to use the personal data collected for any other purpose incompatible with the purposes for which the personal data were originally collected or authorized, the Company will inform you in advance.

 

We can use the information in other ways, for which will be given a specific information at the time or before the collection of information.

3. How We Process and Protect Personal Information

We process the personal data we collect, also by automated means, for the purposes defined above and for a specific period of time, which complies with our internal retention policy, in order to ensure that the personal data are not kept longer than necessary.

We adopt administrative, technical and physical safeguards designed to protect your personal information from destruction, loss, alteration, unauthorized access, disclosure, or accidental use, unlawful or unauthorized.

4. How long we Store The Data We Collect

We store in our systems the personal data we collect in a way that allows the identification of the data subjects for no longer than it is necessary in light of the purposes for which the data was collected, or for which that data is further processed. 

We determine this specific period of time by taking into account:

• The necessity to keep stored the personal data collected in order to offer services established with the user; 
• In order to safeguard a legitimate interest of the Data Controller as described in the purposes;
• The existence of specific legal obligations that make the processing and related storage necessary for specific period of times;

5. Information We Share

We do not disclose the personal information we collect about you, except as described in this Privacy Notice or in separate notices provided in connection with particular activities. We share your personal information with vendors who perform services on our behalf in accordance with our instructions. These vendors are not permitted to use or disclose such information except as necessary to perform services on our behalf or comply with legal provisions. We may also share your personal information (i) with our subsidiaries and affiliates; (ii), with customers who may have job opportunities available or interest in taking our candidates and (iii) with other parties with whom we cooperate, for example, job placement consultants and subcontractors, to find a job.

In addition, we may disclose information about you (i) if this is required by law or legal process; (Ii) to law enforcement authorities or other public officials behind a lawful request for information, and (iii) when we believe such disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with investigations into alleged or discharged fraudulent or illegal activities. We also reserve the right to transfer personal information about you in the event that we sell or we surrender all or part of our business or of our assets (in the event of reorganization, dissolution or liquidation).

6. Data Transfer

The personal information we collect about you may also be transferred to countries other than those in which it was originally collected. These countries may not have the same laws on data protection of the country in which the information was originally provided. When transferring your data in other countries, we will protect such information in accordance with this Privacy Notice.

The countries to which we may transfer the personal data we collect about you may be: 

• Within the European Union 
• Outside the European Union

When we transfer personal data from within the European Union to countries or international organizations that are based outside the European Union the transfer takes place on the basis of:

1. An adequacy decision by the European Commission;
2. In absence of an adequacy decision other legally permitted grounds (a) legally binding and enforceable instrument between public authorities or bodies; (b) binding corporate rules; 
3. Standard Contractual Clauses on data protection adopted by the Commission.

7. Your rights and options

When required by applicable law, a data subject can exercise under Articles 15 to 22 of the GDPR the following specific rights:

1. Right of access: A data subject has the right to access his or her personal data concerning which in order to verify that his or her personal data is processed in accordance to the law.
2. Right to rectification: A data subject has the right to request the rectification of any inaccurate or incomplete data held about him or her, in order to protect the accuracy of such information and to adapt it to the data processing.
3. Right to erasure: A data subject has the right to erase or request that the Data Controller erases information about him or her and to no longer process that data.
4. Right to restriction of processing: A data subject has the right to request that the Data Controller restricts the processing of his or her data.
5. Right to data portability: The data subject has the right to request the data portability meaning that the data subject can receive the originally provided personal data in a structured and commonly used format or that the data subject can request the transfer of the data to another Data Controller.
6. Right to object: The data subject who provide a Data Controller with personal data has the right to object, at any time to the data processing on a number of grounds as set out under GDPR without needing to justify his or her decision.
7. Right not to be subject of automated individual decision-making: The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, if such profiling produces a legal effect concerning the data subject or similarly significantly affects him or her.
8. Right to lodge a complaint with a supervisory authority: Every data subject has the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes GDPR.

Whenever the processing is based on the consent, as under art.7 of the GDPR, the data subject may withdraw their consent at any time.

If you require more information about the processing of your personal data, please refer to the How to Contact Us section below. 

8. Updates of our Privacy Notice

This Privacy Notice (including any appendices) may be periodically updated to reflect changes in our privacy practices. You will be informed about the meanings change through a notice on our Sites and bringing the top of the latest update policy.

9. Contacting Us

For any questions or comments about this Privacy Policy, or to exercise your rights please write to:

Human Age Institute Foundation Attn: General Counsel Via Rossini 6/8 20122 Milan – Italy