- Identity and contact details of the data controller
The data controller is Amilon S.r.l., C.F. and P.IVA 05921090964, with registered office in via Natale Battaglia n. 12, Milan, e-mail address [email protected] (from now on, “Data Controller” or “Amilon”).
- Contact details of the Data Protection Officer (DPO)
The DPO can be contacted at the e-mail address [email protected].
- Types of data processed
a. Navigation data
The computer systems and software procedures used to operate the portal acquire, during their regular operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment.
These data, necessary for the use of web services, are also processed to:
– allow access to the portal and the use of the relative functionalities;
– to allow and monitor the correct functioning of the portal and carry out maintenance activities
– obtaining anonymous statistical information on the use of the portal;
– to ascertain possible responsibilities in case of hypothetical computer crimes against the portal and to exercise and/or defend the Controller’s rights.
The legal bases of the processing carried out for the above purposes are the execution of a contract to which the interested party is a party and the pursuit of the Controller’s legitimate interest.
b. Data provided voluntarily by the user
To benefit from certain services on the portal it is necessary to provide personal data. Please refer to the specific information provided at the time of collection.
c. Information processed through cookies
What are cookies?
Cookies are small text files sent to the user’s terminal equipment (usually to the user’s browser) by the websites the user visits; they are stored in the user´s terminal equipment to be then re-transmitted to the websites on the user’s subsequent visits.
Types of cookies
In general, there are three different ways to classify cookies: their provenance, how long they endure, what purpose they serve.
First party and third party cookies
Unlike first-party cookies, which are put on your device directly by the website you are visiting, third-party cookies are placed on your device by a third party (like an advertiser or an analytic system).
Permanent and session cookies
Session cookies are temporary and expire once you close your browser (or once your session ends).
Persistent cookies remain on your hard drive until you erase them or your browser does, depending on the cookie’s expiration date. All persistent cookies have an expiration date written into their code, but their duration can vary.
Technical, analytical and profiling cookies
Depending on the purpose, cookies can be divided into technical cookies and profiling cookies.
Technical cookies are stored for the sole purpose of “carrying out the transmission of a communication over an electronic communication network or as strictly necessary for the supplier of an information society service explicitly requested by subscriber or user to provide the service” (see Art. 122, paragraph 1 of Privacy Code).
They are essential for you to browse the websites and use its features, such as accessing secure areas of sites (so-called “essential” or “strictly necessary”). They allow a user to navigate back and forth between pages without losing their previous actions from the same session. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies.
This category includes also “references cookies” (also known as “functionality cookies”), which allow a website to remember choices you have made in the past, like what language you prefer, what region you would like weather reports for, or what your username and password are so that you can automatically log in.
“Statistics” or “analytical” cookies (also known as “performance cookies”) collect information about how you use a website, which pages you visited and which links you clicked on in order to improve website functions.
Pursuant to the art. 122, paragraph 1 of the Privacy Code, technical cookies do not require consent, but it should be explained to the user what they do and why they are necessary or useful.
Pursuant to the Decision, analytical cookies are equivalent to technical cookies (and, therefore, users’ consent is not required) if:
- are stored directly exclusively by the owner of the visited website with the purpose to collect aggregated information on the number of users and how they visit the website, or
- created and made available by third parties if:
- used by the first party for merely statistical purposes, where the ability to identify users is reduced (for example, through hiding significant portions of the IP address) and such data are processed just for make aggregate statistics in relation to a single site or a single mobile application (so there is no tracking of the navigation of the user on different applications or navigating different websites);
- such third parties, who provide the web measurement service, do not combine, enrich or cross-reference the data, even minimized as above, with other information available to them (e.g. customer files or statistics of visits to other sites) or transmit them to other third parties.
“Profiling” or “marketing” cookies are used to track your on line activity and behaviour for marketing purposes. They allow advertisers to create profiles of users’ preferences, habits, choices, etc. in order to deliver them targeted advertising.
These kinds of cookies can be stored on the users’ device only after they have given their consent.
Uses must be able to access the websites even if they refuse to allow the use of profiling cookies.
List of cookies and other tracking tools used by the Portal
Below, the name, purpose of use, the first or third party to which it refers and duration are reported for each cookie used.
|NAME||FIRST/THIRD PART||DESCRIPTION (PURPOSE)||DURATION|
|_GRECAPTCHA||Third-party (Domain: www.google.com )||oogle reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.||6 months|
|PHPSESSID||First-party (Domain: www.jobandjoy.eu)||Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.||Session|
|__cf_bm||Third-party (Domain: www.google.com)||This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.||30 minutes|
|wp-wpml_current_language||First-party (Domain: www.jobandjoy.eu)||Stores the current language. By default, this cookie is set only for logged-in users. If you enable the language cookie to support AJAX filtering, this cookie will also be set for users who are not logged in.||Session|
|TCPID||First-party (Domain: www.jobandjoy.eu)||Before users provided consent TrustCommander uses the TCPID cookie to measure anonymous statistics for privacy banner.||1 year|
Anonymized analytical cookies
The Portal uses analytical cookies created and made available by third parties to statistically analyze accesses or visits to the Portal itself, to allow the Controller to improve the structure, navigation logic and content and to collect information on the use of the Portal.
For more details and information you can visit the following link: https://support.google.com/analytics/answer/1011397
These cookies, suitably anonymized (by masking significant portions of the IP address), allow the collection of aggregate information on the number of users and how they visit the portal without being able to identify the individual user. Therefore, the prior consent of users is not required, in accordance with the provisions of the Measure.
Below, for each analytical cookie used, the name, the first or third party to which it refers, the purpose of use and duration are reported.
|NAME||FIRST/THIRD PART||DESCRIPTION (PURPOSE)||DURATION|
|_ga||First-party (Domain: .jobandjoy.eu)||This cookie name is associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.||2 years|
|_gid||First-party (Domain: .jobandjoy.eu)||This cookie is set by Google Analytics. It stores and update a unique value for each page visited and is used to count and track pageviews.||1 day|
|_ga_2DR9CZQPWL||First-party (Domain: .buonibenzina.com)||This cookie is part of Google Analytics and is used to limit requests (throttle request rate).||1 minute|
On the page(s) below are installed the so-called “pixels” of Facebook to show personalized ads of the same, as well as of Amilon, on Facebook. For these tools, as indicated above, the prior consent of the users is required pursuant to art. 122 of the Privacy Code and in accordance with the Provision.
|NOME||FIRST/THIRD PART||DESCRIPTION (PURPOSE)||DURATION|
|_fbp||First-party (Domain: .buonibenzina.com)||Used by Meta to deliver a series of advertisement products such as real time bidding from third party advertisers||3 months|
- Provision of data
Without prejudice to what has been indicated above regarding cookies and similar markers used on the Portal, navigation data are necessary to carry out computer and telematic protocols.
The interested party remains free to give consent or not to give consent to profiling through the tracking tools mentioned above.
The processing of data related to the web services of the Portal is carried out by personnel expressly authorized to do so and who have received adequate operational instructions.
The data will be communicated to Meta Platforms, Inc. who will process them for the purposes indicated in the previous art. 3 as autonomous controller.
The data may be communicated to public authorities.
- Procedures for granting and revoking consent for the installation of profiling cookies
You can always change your choice and, in particular, revoke the consent previously given, by clicking on “Cookie settings” at the bottom of each page of the Portal.
It is understood that where the user clicks on “Technical cookies only”, no profiling cookies will be installed.
Users may, however, express their options on cookies also through the settings of the browser used. Even if the web browser used by the user is set to automatically accept cookies, the user can modify the default configuration through the settings menu, deleting and/or removing all or some cookies, blocking the sending of cookies or limiting it to certain sites. Disabling, blocking cookies or deleting them may compromise the optimal use of certain areas of the Portal or prevent certain features of the same, as well as affect the operation of third party services. Below are the links to the guides to cookie management for the main browsers:
For browsers other than those listed above, it is necessary to consult the relevant guide to identify how to manage cookies.
- Data subjects’ rights
Data subjects may exercise their rights under the GDPR by sending an e-mail to [email protected]. In particular, in addition to what is pointed out in the previous paragraph, they have the right:
- to obtain the confirmation as to whether or not personal data concerning them are being processed, and, where that is the case, access the data concerning them in accordance with Article 15 GDPR,
- to obtain the rectification of inaccurate data,
- to have incomplete data completed,
- to obtain the erasure of data in the cases provided for by Article 17 GDPR (“right to be forgotten”),
- to obtain restriction of processing in the cases provided for by Article 18 GDPR,
- to object, at any time, on grounds relating to their own particular situation, to the processing carried out in the legitimate interest of the Controller,
- where the processing is based on consent or contract and is carried out by automated means, to receive the data in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (“right to data portability”);
- to lodge a complaint with the competent supervisory authority in the Member State of their habitual residence, place of work or place of the alleged infringement.