Privacy Policy for Candidates

Privacy Policy for Candidates

In this section we descrives management procedures of website with reference to the processing of Personal Data of Users who send their curriculum vitae in these sections:

  • Work with us
  • Internships
  • Dissertations.

The Data controller is AEC SOLUZIONI SRL, based in Turin (Italy), Corso Montevecchio 46, 10129. Email Data Controller:

2 - Types of data collected

The Personal Data collected and processed are those provided voluntarily by the Candidate when sending own curriculum vitae

3 - Purposes of processing collected data

Data collected through the receipt of CV spontaneously sent by Users will be processed as part of the selection processes within the company in order to evaluate the profiles of candidates with respect to the need of staff enlargement of AEC Soluzioni Srl.

4 -Legal basis for processing collected data

The Data will be processed for the purpose of legitimate interest (Article 6 letter f of the GDPR 2016/679) linked to the personnel selection processes that have originated from the reception by our company of User’s CV.

5 - Mode and place of processing collected data
A - Methods of data processing

The Data Controller treats Users Personal Data by taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of such Personal Data. Processing is carried out using IT and/or telematic tools, with organizational methods and with related logics to the purposes indicated. In addition to the Data Controller, members of the AEC Soluzioni staff, indicated by the Data Controller as Data Officers, may also have access to the data described above. The updated list of Data Officers can be requested from the Data Controller. The Personal Data Bank is accessible only by the personnel appointed by the Data Controller. (Management of FTP accesses for domains with Aruba hosting service) and through non-automated means (paper archives). Both modes are equipped with appropriate security measures such as custom passwords with exclusive access.

B - Scope of communication and dissemination of data

Personal data processed will not object of dissemination but of communication to well-defined individuals. Based on the roles and tasks performed, internal and external personnel are entitled to treatment within the limits of their competences and in accordance with the instructions given by the Data Controller. The same data will be communicated to the legitimized subjects in accordance with Laws, Regulations and Legislations.

C- Data processing place

Data is processed at the Data Controller operative office and there is no transfer of personal data to countries outside the EU. For more information, please contact the Data Controller at

D - Data processing time

The Data are processed for the necessary time required by the purposes described in this document. The Personal Data provided will be deleted within 5 years from receipt of the curriculum vitae sent by Candidate

6 - Nature of data conferment

The data conferment for the above mentioned purposes is necessary and mandatory and any refusal to provide such data will make it impossible to proceed with the selection phase.

7 - Further information on the data processing
A - Defense in court

The User’s Personal Data may be used for the defense by the Data Controller in court or in the preparatory stages leading to its eventual establishment, by abuses in the use of the same or related services by the User. The User declares to be aware that the Data Controller may be required to disclose the data at the request of Public Authorities.

B - Information not contained in this Privacy Policy

More information in relation to the processing of Personal Data may be requested at any time to the Data Controller using the contact information.

C - Person concerned rights

The subjects to whom the Personal Data refer have the right to data portability (Article 20 “Right to portability”) and, at any time, to:

  • inform the Data Controller of any change related to their Personal Data (Article 15 “Right of access”)
  • ask the Data Controller to update, correct or supplement any of their Personal Data in his possession (Article 16 “Right of rectification”)
  • ask the Data Controller to cancel, block or limit the processing of their personal data in his possession (Article 17 “Right to cancel”). The User has the right to withdraw the consent at any time. The withdrawal of consent does not affect the legitimacy of any treatment based on consent given before such termination
  • to oppose, for legitimate reasons, the way in which their Personal Data are processed (Article 18 “Right to limit the processing”)

Furthermore according to Article 21 “Right to oppose the automated decision-making process of the GDPR 2016/679” the User may exercise his rights writing to the Data Controller at:

D - Complaint

User has the right to lodge a complaint (Article 77 “Right to lodge a complaint with the supervisory authority”) at the Supervisory Authority in the event that his requests for information addressed to the Data Controller have not determined satisfactory answers.
The Authority of reference is the Garante per la protezione dei dati personali:  website of Garante Privacy.

8 - Questions

In case of questions or doubts concerning the management of Personal Data or if someone want to exercise the rights provided for in this policy, it’s possible to contact the Data Controller at

9 - Information on this Privacy Policy

The Data Controller is responsible for this Privacy Policy.

A - Legal references

Notice to European Users: this Privacy Policy is prepared in fulfillment of the obligations established by the European Data Protection General Regulation no. 679/2016. This Privacy Policy concerns exclusively this website.

B - Changes to this Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time by giving notice to Users on this page. Please therefore consult this page often, referring to the date of the last modification indicated at the bottom. In case of non-acceptance of the changes made to this Privacy Policy, the User is obliged to cease using this Site and may request the Data Controller to remove his Personal Data. Unless otherwise specified, the previous Privacy Policy will continue to apply to Personal Data collected until then.

C - Privacy Policy Update

This Privacy Policy is updated as of 24 May 2018.