ISOLUTIONS’ PRIVACY POLICY

This privacy notice is provided pursuant to Article 13 of Regulation (EU) 2016/679 – the General Data Protection Regulation (GDPR) – to individuals who fill out the contact form on this website.

Data Controller

The data controller is iSolutions S.r.l. (hereinafter referred to as the “Controller”), VAT/Tax Code 02072600345, with registered office at Piazza Lunardi 20, 43015 Noceto (PR), Italy. Email: privacy@isolutions.it

Data Protection Officer (“DPO”)

The Controller has appointed a Data Protection Officer (DPO), who can be contacted at: dpo@isolutions.it

Source and Type of Data Processed
 The data (name, surname, contact information, and any additional information entered in the message field) are provided directly by the data subject by completing the form available on the Controller’s website.

Purpose and Legal Basis of Data Processing
 The user’s personal data are processed for the purpose of responding to the request submitted by the data subject, in the performance of pre-contractual or contractual measures (Art. 6(1)(b) GDPR).
 Any additional data entered in the form (e.g., email address) are processed on the basis of freely given consent (Art. 6(1)(a) GDPR), if provided for the purpose of receiving promotional communications.

Consequences of Failure to Provide Personal Data
 The Controller only requests data necessary to fulfill the purposes stated above. Fields marked with an asterisk (*) are required in order to process and respond to the request.
 Providing data for the purpose of receiving promotional or marketing communications is optional. Therefore, the user may still submit the message, but will not receive marketing and informational communications from the Company.

Data Processing Methods and Retention Period
 Personal data are processed using both automated systems (electronic or magnetic media) and non-automated systems (paper-based), in accordance with the confidentiality and security rules established by law, regulations, and internal procedures.
 The Controller does not engage in automated decision-making processes, including profiling.
 The personal data provided through the form will be stored in the Controller’s archives for a period of 24 months, unless the data are part of pre-contractual or contractual relations with clients. In such cases, the data will be retained for the entire duration of the relationship and for the legally required period following its termination.

Data Disclosure
 Data may be processed by employees and collaborators of the Controller, based on their roles and responsibilities and for the purposes described above. These individuals have been authorized to process the data and have received appropriate operational instructions.
 Data may also be shared with entities appointed as Data Processors, such as website management service providers or providers of digital email marketing services on behalf of the Controller.
 Finally, data may be disclosed to entities legally entitled to access them under applicable laws, regulations, or EU provisions.
 Data are never shared with or disclosed to unspecified third parties.
 The full and updated list of Data Processors is available upon request.

Transfer of Data Abroad
 The Controller does not transfer data outside the EU. However, it reserves the right to use cloud services; in such cases, any data transfer will be based on an adequacy decision pursuant to Article 45 or appropriate safeguards under Article 46 GDPR.
 In the case of any extra-EU transfer, the Controller will make available to the data subject the documentation relating to the safeguards in place.

Data Subject Rights
As a data subject, you have the rights provided under Articles 15.

Pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter, "GDPR") and in relation to the personal data that iSolutions S.r.l. (hereinafter, the “Company”) may process for the establishment and management of pre-contractual and contractual relationships, we provide the following information.

Managing the client relationship necessarily involves processing personal data (identification details, phone numbers, email addresses) related to individuals (legal representatives, partners, employees, collaborators).

Given the difficulty in directly providing this notice to all affected individuals, it is made available to clients with the request that it be forwarded to the relevant data subjects. 

Data Controller

The data controller is iSolutions S.r.l. (hereinafter, the "Controller"), VAT/Tax Code 02072600345, with registered office at Piazza Lunardi 20, 43015 Noceto (PR), Italy. Email: privacy@isolutions.it

Data Protection Officer (“DPO”)
The Controller has appointed a Data Protection Officer (DPO), who can be contacted at: dpo@isolutions.it

Source and Type of Data Processed
Data may be provided directly by the data subjects or by other company representatives during the preparation of commercial proposals or quotes, visits or phone calls, or other direct contacts.
 The data processed may include:

●      Identification data (name, surname, address, tax code, VAT number, registered office);

●      Contact details (phone number, email address);

●      Billing information (IBAN, bank account details).

For client contact persons, the processed data include:

●      Identification data (name and surname);

●      Contact details (phone number, email address).

Purpose and Legal Basis of Processing
 Personal data are processed for the following purposes:

1. To collect pre-contractual data and information (e.g., evaluating offers, preparing quotes and documents, sending and receiving communications regarding the management of the business relationship).
    Legal basis: execution of pre-contractual, contractual, and post-contractual measures (Art. 6(1)(b) GDPR).
2. To manage the contractual relationship (e.g., payments, financial flows, organizational management).
    Legal basis: execution of pre-contractual, contractual, and post-contractual measures (Art. 6(1)(b) GDPR).
3. To fulfill administrative, accounting, and tax obligations.
    Legal basis: compliance with legal obligations (Art. 6(1)(c) GDPR).
4. To conduct credit recovery activities and handle potential legal disputes, both in and out of court.
    Legal basis: the legitimate interest of the Controller (Art. 6(1)(f) GDPR); to establish or defend a legal claim in court or extrajudicial proceedings.
   
   

Consequences of Failure to Provide Personal Data
The Controller only requests data necessary for the purposes mentioned above. Providing such data is mandatory, and failure to do so may result in the inability to execute the contract or perform the required tasks.
Providing additional data (e.g., contact information, email addresses) is optional but necessary for the proper and efficient management of the business relationship. Refusal to provide such information may impair, fully or partially, the proper management of the relationship.

Data Processing Methods and Retention Period
Personal data are processed using both automated methods (electronic or magnetic media) and non-automated methods (paper-based), in accordance with the confidentiality and security rules set by law, regulations, and internal policies.
The processing is carried out in accordance with the principles of fairness, lawfulness, transparency, and confidentiality.
Your data are not subject to any fully automated decision-making process, including profiling.
The personal data will be retained by the Controller for the time required by applicable civil and tax regulations, generally ten years, unless legal proceedings or disputes are ongoing.

Data Disclosure
 Collected personal data may be disclosed to the following categories of recipients:

●      Law firms and auditing firms;

●      Banks;

●      Public authorities (e.g., the Italian Revenue Agency).

Additionally, the following categories of authorized personnel and/or data processors, appointed in writing and provided with specific instructions, may access your data:

●      Employees and collaborators (limited to their specific roles);

●      Professionals or service companies providing administrative and business management support, corporate and legal assistance on behalf of the Controller;

●      Accounting and tax advisors;

●      IT and software service providers, telecommunications and hosting providers involved in the management of the company’s information systems.

Lastly, your data may be disclosed to parties legally entitled to access them under applicable laws, regulations, or EU provisions. Under no circumstances will your data be made available to unspecified parties.
 The full and updated list of data processors is available upon request.

Transfer of Data Abroad
 The Controller does not transfer personal data outside the EU. However, it reserves the right to use cloud services. In such cases, any transfer will be based on an adequacy decision pursuant to Article 45 or appropriate safeguards pursuant to Article 46 of the GDPR.
 In the event of any transfer outside the EU, the Controller will provide the data subject with the necessary documentation regarding the safeguards in place.

Data Subject Rights
 As a data subject, you may exercise the rights granted under Articles 15–20 of the GDPR at any time, including the right to access your personal data, request rectification, erasure, restriction of processing, or data portability.
 You also have the right to object at any time to the processing of your personal data based on the legitimate interest of the Controller, under the conditions and in the manner described in Article 21 GDPR.
 To exercise any of these rights, you may contact the Controller via the contact details provided above.

Lastly, you have the right to lodge a complaint with the Italian Data Protection Authority if you believe that the processing of your personal data violates the provisions of the GDPR (Art. 77).

This notice is provided pursuant to Article 13 of Regulation (EU) 2016/679 – “General Data Protection Regulation” (GDPR), to individuals who subscribe to the newsletter of iSolutions S.r.l.

Data Controller

The data controller is iSolutions S.r.l. (hereinafter the “Controller”), VAT/Tax Code 02072600345, with registered office at Piazza Lunardi 20, 43015 Noceto (PR), Italy. Email: privacy@isolutions.it

Data Protection Officer (“DPO”)
 The Controller has appointed a Data Protection Officer who can be contacted at: dpo@isolutions.it

Purpose and Legal Basis for Data Processing
 The personal data of the subscriber is processed for the purpose of managing the subscription to the mailing list and sending informational and promotional communications regarding the Controller’s products, services, and events.
 Legal basis: the data subject’s explicit consent through subscription to the newsletter (Art. 6(1)(a) GDPR).

Consequences of Failure to Provide Personal Data
 The Controller only requests the data necessary to fulfill the purposes mentioned above. Providing an email address is essential in order to subscribe and receive the newsletter. Refusal to provide such data will prevent the subscription and the receipt of communications.

Processing Methods and Data Retention Period
 Personal data is processed for the above purposes using automated electronic and digital means, in compliance with the confidentiality and security rules established by law, related regulations, and internal policies.
 The Controller does not use automated decision-making processes, including profiling, on the personal data collected.
 Data will be retained until the data subject unsubscribes from the newsletter service.

Data Disclosure
 Data may be processed by employees and collaborators of the Controller based on their roles and responsibilities, and for the pursuit of the purposes described above. These individuals have been authorized to process the data and have received appropriate operational instructions.
 Data may also be communicated to data processors designated in writing, such as website administrators or third parties responsible for providing digital email marketing services on behalf of the Controller.
 Lastly, the data may be made available to entities entitled to access them by virtue of laws, regulations, or EU legislation.
 Under no circumstances will personal data be disclosed or shared with unspecified parties.
 A complete and updated list of data processors is available upon request.

Transfer of Data Abroad
 The Controller does not transfer personal data outside the EU. However, it reserves the right to use cloud services; in such cases, any data transfer will be carried out in accordance with Article 45 or with appropriate safeguards under Article 46 GDPR.
 In the event of extra-EU data transfer, the Controller will make the relevant documentation on the adopted safeguards available to the data subject.

Data Subject Rights
 As a data subject, you may exercise your rights at any time under Articles 15–20 GDPR, including the right to request access to your personal data, rectification, erasure, restriction of processing, and data portability.
 You also have the right to object at any time to the processing of your data under the conditions provided for in Article 21 GDPR and to withdraw your consent at any time (Art. 7 GDPR).
 Consent may be withdrawn using the unsubscribe link at the bottom of each newsletter message, which will result in the cessation of newsletter communications.
 You may exercise the above rights at any time by writing to the Controller at the contact details provided above.

Right to Lodge a Complaint
 You have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) if you believe that your data is being processed in violation of the GDPR (Art. 77).

Pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter “GDPR”) and in relation to the personal data that iSolutions S.r.l. (hereinafter the “Company”) may process for the establishment and management of pre-contractual and contractual relationships, we provide the following information.

Managing the relationship with the supplier (sole trader or legal entity) necessarily involves processing personal data (identification details, phone numbers, email addresses) related to individuals (legal representatives, shareholders, employees, collaborators).

Given the difficulty in directly providing this notice to all affected individuals, it is made available to suppliers with the request that it be forwarded to the relevant data subjects. 

Data Controller

The data controller is iSolutions S.r.l. (hereinafter the “Controller”), VAT/Tax Code 02072600345, with registered office at Piazza Lunardi 20, 43015 Noceto (PR), Italy. Email: privacy@isolutions.it

Data Protection Officer (“DPO”)
 The Controller has appointed a Data Protection Officer (DPO), who can be contacted at: dpo@isolutions.it

Source and Type of Data Processed
 Data may be provided directly by the data subjects or by other company representatives during the preparation of commercial proposals and quotes, visits or phone calls, or other direct contacts.
 The data processed for suppliers may include:

●      Identification data (name, surname, address, tax code, VAT number, registered office);

●      Contact details (phone number, email address);

●      Billing data (IBAN, bank details).

For supplier contact persons, the processed data include:

●      Identification data (name and surname);

●      Contact details (phone number, email address).

Purpose and Legal Basis of Data Processing
 Personal data are processed for the following purposes:

1. To collect pre-contractual data and information (e.g., evaluation of offers, preparation of documents, sending and exchanging communications related to the management of the supply relationship).
    Legal basis: performance of pre-contractual, contractual, and post-contractual measures (Art. 6(1)(b) GDPR).
2. To manage the contractual relationship for the purchase of goods or services (e.g., payment management, company financial flows, organizational management).
    Legal basis: performance of pre-contractual, contractual, and post-contractual measures (Art. 6(1)(b) GDPR).
3. To fulfill accounting and tax obligations arising from the supply relationship.
    Legal basis: compliance with a legal obligation (Art. 6(1)(c) GDPR).
4. To prevent and manage potential disputes, both judicial and extrajudicial.
    Legal basis: the legitimate interest of the Controller (Art. 6(1)(f) GDPR); establishing or defending a legal claim in court or out-of-court proceedings.
   
   

Consequences of Failure to Provide Personal Data
 The Controller only requests data necessary to fulfill the above purposes. Providing such data is mandatory; failure to provide them may result in the inability to execute the contract or to properly fulfill the related obligations.
 Providing additional personal data (e.g., contact details, email addresses) is optional, but necessary for the correct and efficient management of the contractual relationship. Refusal to provide such information may impair, in whole or in part, the proper handling of the relationship with the Controller.

Data Processing Methods and Retention Period
 Personal data are processed using both automated (electronic or magnetic) and non-automated (paper-based) means, in compliance with confidentiality and security rules set by law, regulations, and internal provisions.
 The processing is carried out in accordance with the principles of fairness, lawfulness, transparency, and confidentiality. Your data are not subject to any fully automated decision-making processes, including profiling.
 The personal data provided will be stored in the Controller’s archives for the period required by applicable civil and tax regulations—generally ten years—unless legal disputes or proceedings are ongoing.

Data Disclosure
 Collected personal data may be disclosed to the following categories of recipients:

●      Law firms and auditing companies;

●      Banks;

●      Public authorities (e.g., the Italian Revenue Agency).

In addition, the following categories of authorized individuals and/or data processors may access the data, having been appointed in writing and provided with specific instructions:

●      Employees and collaborators (each within their respective area of responsibility);

●      Professionals or service companies providing business administration and management support on behalf of the Controller;

●      Accounting and tax consultants;

●      IT professionals and service providers for data processing and IT consulting, including management of the company’s information systems.

Lastly, data may be disclosed to entities legally entitled to access them under applicable laws, regulations, or EU provisions. Under no circumstances will data be shared with unspecified parties.
 The complete and updated list of data processors is available upon request.

Transfer of Data Abroad
 The Controller does not transfer personal data outside the EU. However, it reserves the right to use cloud services; in such cases, any transfer will take place in accordance with Article 45 or with appropriate safeguards as per Article 46 GDPR.
 In the event of an extra-EU transfer, the Controller will make available to the data subject all documentation regarding the adopted safeguards.

Data Subject Rights
 As a data subject, you may exercise your rights at any time under Articles 15–20 GDPR, including the right to access your personal data, request rectification, erasure, restriction of processing, and data portability.
 You also have the right to object at any time to the processing of your data based on the Controller’s legitimate interest, in the manner and under the conditions provided by Article 21 GDPR.
 You may exercise your rights by contacting the Controller at the contact details provided above.

Lastly, you have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) if you believe that the processing of your personal data violates the GDPR (Art. 77).

This privacy notice is provided pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 – the General Data Protection Regulation (GDPR) – to individuals applying for job positions at the Company. 

Data Controller

The data controller is iSolutions S.r.l. (hereinafter the “Controller”), VAT/Tax Code 02072600345, with registered office at Piazza Lunardi 20, 43015 Noceto (PR), Italy. Email: privacy@isolutions.it

Data Protection Officer (“DPO”)
 The Controller has appointed a Data Protection Officer (DPO), who can be contacted at: dpo@isolutions.it

Source and Type of Data Processed
Personal data may be collected in response to a job advertisement or as part of a voluntary application:

●      Directly from you, through the submission of your CV, cover letter, or similar documents, including via the Controller’s website;

●      From third parties (e.g. LinkedIn or recruitment agencies engaged by the Controller) via your CV, cover letter, a summary profile report, or third-party referrals;

●      Directly from you during interviews or pre-employment negotiations.

Purpose and Legal Basis of Data Processing

 Your personal data will be processed for the following purposes:

1. To assess the match between your profile and any open job positions and, more generally, to evaluate the possibility of establishing an employment relationship;
2. To manage recruitment processes in accordance with internal procedures;
3. To contact you using the contact details you provided to schedule interviews;
4. To propose job offers aligned with your professional profile, including for potential future openings;
5. To carry out actions related to pre-contractual obligations;
6. To manage any legal disputes.

The types of data processed include:

●      Identifying information (e.g. name, surname, date and place of birth, address, gender);

●      Contact details (e.g. phone number, email address);

●      Curriculum data (e.g. CV, educational qualifications, professional training, certificates, specializations, licenses);

●      Photos (if included in the CV);

●      Any personal data falling under special categories as defined by Article 9 GDPR (e.g. membership in protected categories, etc.).

The legal basis for processing such data includes the execution of pre-contractual measures at your request (Art. 6(1)(b) GDPR) and the legitimate interest of the Controller in judicial or extrajudicial contexts (Art. 6(1)(f) GDPR), specifically for purposes 4 and 6.

Processing of any special categories of data (e.g. protected categories) that is strictly necessary for the above purposes will be carried out in accordance with Art. 9(2)(b) GDPR – i.e. to comply with obligations and exercise specific rights of the Controller or the data subject in the field of employment and social security and protection law.

Consequences of Failure to Provide Personal Data

The Controller only requests data necessary for the purposes outlined above. The provision of data is optional, but failure to do so may prevent the assessment of your application and the execution of the related selection process.

Data Processing Methods and Retention Period

Personal data are processed using both automated systems (electronic or magnetic media) and non-automated systems (paper-based), in compliance with applicable confidentiality and security regulations.

Processing will adhere to the principles of fairness, lawfulness, transparency, and protection of confidentiality.

Personal data will be retained by the Controller for 24 months from the date of collection or completion of the selection process. The Controller may retain data for longer periods if necessary to protect its interests in the event of disputes.

Data Disclosure

Your personal data will not be disseminated to unspecified parties or made publicly available in any form.
 However, your data may be accessed by:

●      Employees or collaborators under the authority of the Controller who have been authorized and properly trained (e.g. HR, ICT, and administrative staff);

●      Data processors appointed under service contracts for the purposes stated above (e.g. labor consultants in the case of selected candidates);

Data may also be disclosed to entities legally entitled to access them under applicable laws, regulations, or EU provisions. In no case will your data be shared with unspecified third parties.
 A complete and updated list of data processors is available upon request.

Transfer of Data Abroad

The Controller does not transfer personal data to third countries or international organizations. However, it reserves the right to use cloud services. In such cases, any transfer will be based on adequacy decisions under Art. 45 or appropriate safeguards under Art. 46 GDPR.

If data are transferred outside the EU, the Controller will make the relevant documentation on the adopted safeguards available to the data subject.

Data Subject Rights
 
As a data subject, you may exercise your rights under Articles 15–20 GDPR at any time, including the right to access, rectify, erase, or restrict processing of your personal data, as well as the right to data portability.
 You also have the right to object at any time to the processing of your personal data under the conditions set out in Article 21 GDPR, when the processing is based on the Controller’s legitimate interests.
 To exercise these rights, please contact the Controller using the contact details provided above.

Finally, you have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) if you believe that the processing of your data violates the GDPR (Art. 77).