: Privacy Policy

Dear User,

In this page, you will find all the information regarding the way your personal data is managed within our website (www.re-lab.it).

We provide this policy not only to fulfill the obligations provided in the Regulation (EU) 2016/679 or “Regulation” on Data Protection, but also because we believe that the protection of personal data is a fundamental value for our enterprise and we wish to give you any information that may help you protect your privacy and take control over the usage of your data in relation to your experience on our website.

This Privacy Policy describes the management of this website concerning the processing of its users/visitors’ personal data. This policy is made available to anyone browsing our website, in compliance with articles 13-14 (C60-C62) of the Regulation 2016/679 and in consideration of WP187-259-260.

This policy applies to the abovementioned website and to other websites directly or indirectly owned by us, which might be accessed by the users using specific links.

The website is owned and managed by RE:Lab S.r.l. who ensures its compliance with the regulations on data protection.

The users/visitors are required to carefully read this Privacy Policy before submitting any kind of personal information and/or filling in any electronic form they may find on the website.

Privacy Policy in accordance with Article 13 of D.Lgs. 196/2003 and Article 13 of the Regulation (EU) 2016/679

According to Article 13 of D.Lgs. 196/2003  and Article 13 of the Regulation (EU) 2016/679 (hereinafter GDPR 2016/679) regulating the processing of personal data for the protection of individuals and other subjects, we wish to inform you that the data you provide will be processed according to the GDPR 2016/679 and with RE:Lab S.r.l.’s confidentiality obligations.

DATA CONTROLLER

The data controller, i.e. the decision-maker regarding the means and purposes of the processing of data, is RE:Lab S.r.l., established in Reggio Emilia (RE) – Via Tamburini, 5 (Italy). If you wish to contact the data controller, you are welcome to do so at the e-mail address: info@re-lab.it

DATA PROTECTION OFFICER (DPO)

The Data Protection Officer is NEWAY s.r.l via Plauto, 1 Reggio Emilia (Italy) – info@newaysrl.it.

Data voluntarily provided by the users/visitors

If users/visitors provide any personal data while browsing this website, RE:Lab collects the address of the sender and/or other personal data, which will only be processed in order to reply to the user/visitor’s request.

Please, find below the relevant information for all types of data:

Website usage data:

In fulfilling their normal functions, the IT systems and software supporting this website collect some personal data which are then implicitly communicated using Internet communication protocols. This information, by its nature, may allow the identification of users/visitors if processed or associated to third party data (e.g. IP address, etc.)

Type of data IP address and usage data
Purposes of processing ·      Website usage

·      Compliance with the law

Obligation to provide data These data are obligatory to browse the website and access its functionalities
Mode and place of processing The processing of data connected to the services provided in this website takes place at the premises of RE:Lab S.r.l., via Tamburini 5, Reggio Emilia.

The processing is mostly automated.

Specific security measures are implemented to prevent data loss, illicit or incorrect usage and unauthorized access.

Legal basis of processing The data is processed based on the need to provide the necessary instruments to visit the website and access its functionalities.
Data recipients The recipients of these data are exclusively internal personnel, such as employees, partners, associates and/or consultants appointed by the Controller for the purposes described above.
Storage period The data is stored for the whole duration of the session and usage of the website.

 

Regarding the use of cookies, please refer to our Cookie Policy.

Data provided by the applicants on the “Careers” page:

Type of data Name, surname, or any other identification data

Job information (e.g. VAT number, social security number, address, business name

Racial or ethnical origins

Culture and educatio

Data concerning family and personal circumstances (if mentioned in the CV) 

Religious beliefs (if mentioned in the CV)

Philosophical views or other kinds of convictions (if mentioned in the CV)

E-mail address

Purposes of processing The processing is performed for the purpose of evaluating CVs received through the website.
Obligation to provide data These data are necessary for the evaluation of the data subject’s professional profile and the possible establishment of an employment relation.
Mode and place of processing Evaluation of the CV by electronic visualization of the document and of the information it contains.
Legal basis These data are to be considered as voluntarily provided by the user upon submission of the CV
Data recipients The recipients of these data are exclusively internal personnel, such as employees and/or consultants appointed by the Controller for the purposes described above.
Storage period The data is stored strictly for the period necessary to perform the evaluation of the professional profile for which the data was collected.

In case an employment relationship is established between the data subject and RE:Lab, the data is stored until the end of the employment contract. This is further extended for a period of 10 years for labor law, civil law, fiscal law and accounting purposes.

 

Data provided by applicants in the page “NEW BUSINESS” and “RESEARCH PROJECT”:

 

Type of data Name, surname, or any other identification data (e.g. VAT number, social security number, address, business name)

Job

Specific needs concerning the economic activity of the data subject

E-mail address

Purposes of processing Management of the data provided by the Data Subject upon submission of a collaboration request with the Data Controller
Obligation to provide data These data are necessary in order to evaluate the data subject’s professional profile and the possible establishment of an employment relationship.
Mode and place of processing Evaluation by means of electronic visualization of the document and of the information it contains.
Legal basis These data are to be considered as voluntarily provided by the user upon sending the e-mail
Data recipients The recipients of these data are exclusively internal personnel, such as employees, partners, associates and/or consultants appointed by the Controller for the purposes described above.
Storage period The data is stored strictly for the period necessary to perform the evaluation and to contact the supplier/customer.

This is further extended for a period of 10 years for civil law, fiscal law and accounting purposes.

 

Data provided for newsletter subscription

 

Type of data Name, surname or other identification data

Job information

Business name

Place of residence

Telephone number

Subscription e-mail address (business domain)

Purposes of processing ·      The processing is performed to allow fruition of the required service related to the communication of information regarding the activities of RE:Lab and its partners

·      The processing is performed for the purposes of establishing relationships with the users, and in particular to provide commercial information (marketing);

·      Promotional and advertisement communication

Obligation to provide data If these data are not provided, it will be impossible to provide the service requested.
Mode of processing The processing will be performed in automated and/or manual mode, in accordance with Article 32 of the GDPR 679/2016 regarding Security Measures. Specific security measures are implemented to prevent data loss, illicit or incorrect usage and unauthorized access.
Legal basis of processing The data is intended as voluntarily provided by the users upon submission of the newsletter subscription form.
Data recipients The recipients of these data are internal personnel, such as employees and/or consultants appointed by the Controller for the purposes described above.
Storage period The data are stored strictly for the period necessary to fulfill the purposes for which they were originally collected (i.e., for the duration of the relationship with the client).

This is further extended for a period of 10 years for civil law, fiscal law, marketing and accounting purposes.

Mode of processing

The processing is automated and/or manually performed, in accordance with the provisions of Article 32 of the GDPR 2016/679 regarding security measures. The processing is performed through operations or set of operations such as:

  1. Collection, recording, organization, storage, consultation, elaboration, modification, selection, extraction, comparison, usage, interconnection, blockage, communication, erasure of data;
  2. The operations described can be performed with or without the support of electronic or automated instruments;
  3. The processing is performed by the Data Controller and/or Data Processors (also external)

We highlight that, in accordance with the principles of lawfulness, purpose limitation and data minimization, as provided in Article 5 of the GDPR 2016/679, subject to your freely and explicitly given consent, your personal data will be stored for the period of time necessary for the fulfillment of the purposes for which the data has been collected and processed.

Optional provision of data

Apart from specific provisions regarding website usage data, users/visitors are free to provide their personal data.

Failure to provide them may only make it impossible to use the services offered on this website.

Communication of data

The data will be known to managers and processors and may be communicated to external contractors and, in general, to all those persons RE:Lab considers necessary for the proper fulfillment of the abovementioned purposes.

Data dissemination

The data provided through this website will not be directly disclosed by RE:Lab unless expressly requested by the user.

The information that users of the site deem to make public (e.g. Facebook, Linkedin, etc.), is knowingly and voluntarily managed by the user, thus relieving this site from any liability for any violation of the law. It is up to the users to ensure they have permission to submit personal or third party data or content protected by national and international regulations.

Any improper and fraudulent use of data provided to RE:Lab s.r.l by third party users not authorized by the Controller is not to be considered direct responsibility of the company RE:Lab s.r.l.

Data transfer abroad

Personal data may be stored in European Union countries and in countries outside the European Union, as the website management providers may be established outside the EU.

 

RIGHTS OF DATA SUBJECTS

ACCESS TO PERSONAL DATA

In accordance with art. 15 of the GDPR 679/16, the Data Subject has the right to access the data processed and to obtain, in particular: data rectification (art. 16), data erasure (art. 17), restriction of processing (art. 18) and the right to object processing, as well as the right to portability of data.

In accordance with art. 15 par.3, the Data Controller shall provide a copy of the personal data being processed. If additional copies are requested by the data subject, the data controller may charge a reasonable fee based on administrative costs.

In accordance with art. 19, the controller shall inform each of the recipients to whom the personal data have been disclosed of any rectification, erasure or restriction of the processing carried out under Articles 16, 17(1) and 18, unless this proves impossible or involves a disproportionate effort. The Data Controller shall communicate these recipients to the Data Subject upon request.

RIGHT TO RECTIFICATION:

Users have the right to request the rectification of their personal data if they are inaccurate or incomplete. This right also implies that the rectification should be communicated to all third parties involved in the processing of the data concerned, unless this is impossible or particularly difficult. If requested by the user, RE:Lab shall also inform the user of the identity of such third parties involved.

If this is the case, you can contact the Controller using the email address: info@re-lab.it

RIGHT TO OBJECT:

In accordance with the GDPR, users have the right to object to certain processing activities of their personal data carried out by the data controller. In summary, the user may object to the processing of his or her data whenever it is based on a legitimate interest of the controller or the performance of a task in the public interest/exercise of official authority or for the purposes of scientific/historical research and statistics. The user must justify this objection, unless the processing is carried out for the purposes of direct marketing. In the latter case, no reasons are required for exercising that right.

If you wish to exercise this right, you can contact the Controller using the email address: info@re-lab.it

THE RIGHT TO DATA PORTABILITY:

The user has the right to obtain (in a readable electronic format) his/her personal data for the purpose of transferring them to another controller. The current Controller should not in any way hinder such procedure.

Data portability includes both data “provided” by the user and data “monitored”.

In this case, you can contact the Owner using the email address: info@re-lab.it

THE RIGHT TO ERASURE:

When the data are no longer useful for the purposes for which they were originally collected, in case of withdrawal of consent by the user or when personal data have been processed unlawfully, the user has the right to request their erasure and termination of any other form of dissemination.

In this case, you can contact the Controller using the email address: info@re-lab.it

The right to erasure may be denied when personal data are processed on the basis of public interest (such as scientific research), when the data are necessary for defense in court or to fulfil a legal obligation, for the performance of a task carried out in the public interest or for the exercise of public authority by the data controller. The right to erasure may also be denied when the data are necessary to exercise the right to freedom of expression, or when they are processed for health and public interest purposes.

RIGHT TO RESTRICTION OF PROCESSING:

The user has the right to request restriction on the processing of his/her personal data in cases where their accuracy has been contested, where there has been an objection to their processing and the company is assessing whether there is a legitimate reason for the objection, where the processing is unlawful, but the user requires restriction rather than erasure, or where the data is no longer necessary but the user needs it to establish, exercise or defend a legal claim.

In this case, you can contact the Owner using the email address: info@re-lab.it

The restriction will be communicated to all third parties involved in the processing of the data concerned, unless this is impossible or particularly difficult. If requested by the user, RE:Lab shall also inform the user of the identity of such third parties.

RIGHTS RELATING TO AUTOMATED DECISION-MAKING AND PROFILING:

Users have the right not to be subject to decision-making processes which are based on automated processing or profiling and which have a legal or equally significant effect.

In this case, you can contact the Owner using the email address: info@re-lab.it

Automated decisions can be made without the explicit consent of the user only if they relate to special categories of data, or for reasons of overriding public interest.

EXERCISING THESE RIGHTS:

The data subject may request the Controller to exercise the above rights by sending an email to info@re-lab.it. According to the provisions of the GDPR 679/2016, the Controller will respond to the request within 30 days (in the event of complications in the exercise of rights, the Controller may request 30 additional days).

RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY;

A data subject who considers that his or her data processing is in breach of the GDPR 679/2016 has the right to lodge a complaint with a Supervisory Authority, notably in the Member State where he or she has his or her habitual residence, employment or the place where the alleged breach occurred.

For Italy, the Data Protection Authority (Garante Per la Protezione dei Dati) has been identified.

 

Copyright and use of website content

Access to the pages of this website implies the unconditional acceptance of the following clauses by the Users/Visitors of the website:

The entire content of the Web pages, including texts, javascript codes and their optimization, reworked graphics, photographs and images, video, audio and any other multimedia content, have been developed by RE:Lab s.r.l. in an original way and are, therefore, to be considered intellectual works and, as such, specifically protected by the law.

The contents of the website are therefore the exclusive property of the company RE:Lab s.r.l. or, where otherwise indicated, of their authors and/or collaborators. All rights reserved. Any reproduction, distribution, storage or other use is prohibited and the use of material from the website, by unauthorized third parties, constitutes a violation of copyright rules, referred to in Law No. 633 of April 22, 1941, as well as a felony in accordance with the above-mentioned law. Furthermore, the user is allowed to print extracts from the web pages of this site only and exclusively for personal use.

The web pages of this site are periodically updated: the Authors, however, do not assume any responsibility if the information contained therein is not complete or up-to-date. Furthermore, no responsibility can be attributed for any manipulation of the website or the data contained therein carried out by third parties.

All communications or messages sent by users via e-mail will be considered non-confidential. Messages, communications or documents sent by users may be used by RE:Lab s.r.l. for the purposes set forth in Article 1 of the Privacy Policy.

All risks associated with the usage and browsing of the website are the responsibility of the use. The Authors and RE:Lab s.r.l. shall not be held responsible for any damage that may be caused to the user’s IT equipment following access, use, downloading or displaying of the materials on these web pages.

Although the information provided on the RE:Lab s.r.l. website is considered accurate at the time of publication, RE:Lab s.r.l. does not provide any declarations or warranties regarding the website, hyperlinks or any other information obtained directly or indirectly from the website and declines any responsibility for any errors or omissions on the website itself.

RE:Lab s.r.l. reserves the right to make changes and corrections at any time without notice.

The information provided must be used considering that RE:Lab s.r.l. will not be held responsible for losses, damages, expenses or anything else, deriving in whole or in part, directly or indirectly from the use of such information or anything related to it by the visitor or by third parties.