Privacy Policy

This page describes how the website is managed with regard to the processing of personal data of users consulting it. This privacy notice is also provided pursuant to article 13 of EU Regulation 2016/679 applicable from 25 May 2018 – General Data Protection Regulation (hereinafter referred to as GDPR) to those who interact with the web services of Cyber Guru Srl, accessible electronically from the electronic address:

www.cyberguru.it

The information is provided only for the site www.cyberguru.it and not for other websites that may be consulted by the user through links for which Cyber Guru Srl is not responsible.

 

DATA CONTROLLER

Pursuant to article 4 point 7 of the GDPR 2016/679, the data controller is the company Cyber Guru Srl, based in Rome (Italy), Viale della Grande Muraglia 284, 00144 Rome, in the form of its Legal Representative, Tel. (+39) 065159281, Fax (+39) 0651963515.

 

THE DATA PROTECTION OFFICER (DPO – Data Protection Officer)

Cyber Guru S.r.l. has taken steps in accordance with article 37 of GDPR 2016/679 to appoint a Data Protection Officer (DPO). The DPO is the company’s primary point of reference for all relevant privacy issues, including the protection of clients’ and users’ personal data and the exercise of their rights.

For any problem related to your privacy, you may contact our DPO at the following email address: privacy@cyberguru.it.

 

LOCATION OF DATA PROCESSING

The processing connected to the web services of this site takes place at the headquarters of the company that owns the processing and at the company Aruba Spa that manages the hosting site, and are handled only by technical staff of the service in charge of the processing. No data deriving from the web service will be communicated or disseminated.

 

TYPES OF DATA PROCESSED

Browsing data

The computer systems and software procedures used to run this website record some personal data during their normal operation, the transmission of which is implicit in the use of Internet protocols. These data are not collected in order to be associated with identified data subjects, but by their nature they could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and IT environment.

This data is used only to obtain anonymous statistics about the usage of the website and to check that it is functioning correctly; it is deleted immediately after processing. The data could be used to identify those responsible in cases of hypothetical computer crimes perpetrated against the site. In all other cases, web contact data is currently retained for no more than thirty days.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other personal data included in the message. The completion of a form on the pages of the same site also entails the subsequent acquisition of the data provided voluntarily by the person who completed it.

 

PROCESSING METHODS

Personal data are processed by automated tools for the time necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.

 

PURPOSE, LEGAL BASIS AND NATURE OF SUBMITTED DATA

Personal Data collected through the website will be processed by Cyber Guru Srl for the following purposes:

  1. Responding to specific requests from the data subject in the “Contacts” section (e.g., requesting an appointment, requesting information, contacting the team, etc.). Consent not requiredThe legal basis is identified in article 6 par. 1, letter b) of EU Reg. 2016/679, i.e., the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the data subject’s request;
  2. Voluntarily sign up for the company’s newsletter. Consent requiredThe legal basis is identified in article 6 par. 1, letter a) of EU Reg. 2016/679, i.e., the processing is possible with the explicit consent of the data subject;
  3. Request to become a Partner. Consent not requiredThe legal basis is identified in article 6 par. 1, letter b) of EU Reg. 2016/679, i.e., the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the data subject’s request;
  4. Request the access credentials for a demo or to download the materials in the “Resources” section (e.g., e-book). Consent not requiredThe legal basis is identified in article 6 par. 1, letter b) of EU Reg. 2016/679, i.e., the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the data subject’s request;
  5. Evaluate possible job applications by acquiring the CVs in the “Work with us” section. Consent not requiredThe legal basis is identified in article 6 par. 1, letter b) of EU Reg. 2016/679, i.e., the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject, as confirmed and implemented by article 111 bis of Italian Legislative Decree 196/2003 and subsequent amendments;
  6. Register for training courses and events. Consent not requiredThe legal basis is identified in article 6 par. 1 b), i.e., the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the data subject’s request prior to entering into a contract;
  7. Research and statistical analysis on anonymous aggregated data, aimed at measuring the functioning of the site, measuring traffic and assessing user-friendliness and interest in order to make the site more functional and improve performance; Consent not necessary as there is no processing of personal data;
  8. Compliance with laws and regulations; Consent not necessary as the legal basis of the processing is identified in article 6, par. 1, lett. c) of EU Reg. 2016/679, i.e., the processing is necessary to fulfil a legal obligation to which the data controller is subject;
  9. To establish, exercise, or defend a right in court, or whenever the courts exercise their judicial functions. Consent not necessary as the legal basis of the processing is identified in article 6, par. 1, lett. f), i.e., the processing is necessary for the pursuit of a legitimate interest.

 

MANAGEMENT OF CVS

This section supplements the general information on the processing with regard to any advertisements published for the search of personnel on sites or portals not managed directly by the data controller. Cyber Guru will process curricula vitae received by email or through third-party recruitment companies (publications on portals, etc.) to evaluate potential applications within the company or that may be submitted in the near future.

The processing is carried out electronically, with the exception of CVs received by ordinary post. Curricula vitae considered “interesting” will be stored at the company’s headquarters for a period not exceeding one year and will be processed in total compliance with the minimum security measures referred to in article 32 of the GDPR 2016/679. Curricula vitae deemed irrelevant, as well as any curricula vitae whose storage time has exceeded 18 months, will be deleted.

Curricula vitae will, in any case, be stored at the data controller’s headquarters and will be evaluated by employees or collaborators of the company formally appointed as data processors (pursuant to Articles 29 and 32 paragraph 4 of the GDPR 2016/679).

In any case, we ask candidates to observe the following rules when submitting their CVs electronically:

  1. Fill in their curriculum vitae in the European format;
  2. Transmit the curriculum vitae in pdf format;
  3. Avoid including in their curriculum vitae special categories of personal data as defined by article 9 of the GDPR 2016/679 (relating, in particular, to health status, religious, philosophical or political beliefs) not relevant in relation to the job offer;

The company reserves the right to delete any curricula vitae that do not comply with the above requirements.

Curricula vitae, in any case, will not be disclosed to unauthorised third parties.

 

TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS

Some of the data subject’s personal data are transferred to recipients outside the European Community.

Cyber Guru Srl undertakes to limit the areas of circulation and processing of personal data (e.g., storage, archiving, storage of data on its servers) to countries belonging to the European Union, with the express prohibition of transferring them to non-EU countries that do not guarantee (or in the absence of) an adequate level of protection, or, in the absence of protection tools provided for by EU Regulation 2016/679 – CHAPTER V (adequacy decision, Standard Contractual Clauses or explicit consent by the data subject).

In the “Podcast” or “Watch the video” or “Work with us” sections of the site, the user may be directed to third-party sites and/or platforms that may also process personal data outside the EU and, respectively: Spotify, YouTube, LinkedIn. It should be noted that these third parties, as well as other social media platforms (e.g., Facebook, Instagram, etc.) will process the data as autonomous data controllers. Therefore, users are invited to consult the relevant policies.

 

AREAS OF COMMUNICATION OF PERSONAL DATA

Personal data acquired through the website in question may be disclosed to:

  • hosting, maintenance and website management companies;
  • companies that provide management and technical support services for the company’s IT infrastructure;
  • third parties that manage cookies (based on the cookie policy);
  • companies that provide email marketing platforms;
  • public offices and organisations as a function of legal and/or contractual obligations;

An up-to-date list of any managers appointed may be requested from the data controller, pursuant to article 28 of the GDPR 2016/679.

 

DATA STORAGE

Cyber Guru Srl will process the data collected over the time strictly necessary to achieve the purposes indicated in this information. Without prejudice to the foregoing, Cyber Guru Srl will process personal data up to the time provided for by the sector legislation as defined in its retention policy that may be requested from the Data Controller.

 

MINORS

The services provided on this website are not intended for minors. We do not knowingly collect data, including personal details, related to or referring to minors.

Should we become aware that we have collected the personal data of a minor, we will immediately delete such data, unless we are obliged by law to retain the same.

Please contact us if you believe that Cyber Guru Srl has incorrectly or unintentionally collected information about a minor.

 

AUTOMATED PROCESSING

Cyber Guru Srl does not carry out processing based on an automated decision-making process, nor does it process your personal data acquired through the company’s website for profiling purposes. However, it uses profiling cookies. Details of the profiling cookies used and their interaction with social tools can be found in the Cookie Policy.

 

RIGHTS OF DATA SUBJECTS

The user can freely exercise the rights referred to in Articles 15 et seq. of the GDPR 2016/679 or:

  • withdraw their consent at any time. Users may revoke their consent to the processing of their personal data as described above.
  • the right to object to the processing of their data. Users may object to the processing of their data when it is carried out on any legal basis other than consent.
  • the right to access their data. Users have the right to obtain information on what data is being processed by the Controller and on particular aspects of the processing methodology, and to obtain a copy of any data processed.
  • the right to rectification of inaccurate personal data. Users may verify that their data is correct and ask for it to be updated or corrected as necessary.
  • the right to restriction of processing. In certain circumstances, users may ask for restrictions to be set on the processing of their data. In this eventuality, the Data Controller may not process the data for any purpose with the exception of storage.
  • the right to have their personal data removed or erased. In certain circumstances, users may request the erasure of their data by the Data Controller.
  • the right to receive the personal data concerning him or her or transferred to another controller. Users have the right to receive their data in a structured, commonly used and machine-readable format, where technically feasible, and to have it transferred without hindrance to another controller. This provision is applicable where the data is processed automatically, and the processing is based on the user’s consent, or a contract to which the user is a party or contractual provisions connected to it.

Requests should be addressed to the Data Protection Officer (DPO) of the company Cyber Guru Srl by writing to the email address: privacy@cyberguru.it.

 

 

RIGHT TO COMPLAIN

Data subjects who believe that the processing of personal data is in violation of the provisions of Regulation 2016/679 have the right to submit a complaint to the data protection authority, as provided for by article 77 of the regulation itself, or to address the appropriate judicial offices (article 79 of the regulation).

 

UPDATING AND REVIEWING

The privacy & cookie policy was updated to revision 7 on 22/02/2024 and may be subject to future revisions.