Privacy Policy - Italy

 

Who are we

As an executive search company we are collecting and storing data about our clients and candidates to help both fulfil their professional goals. At Robertson Associates, we take data privacy seriously and are committed to comply to the General Data Protection Regulation (GDPR).

This policy explains when and why we collect personal information, how we use it, disclose it to others and how we keep it secure. This policy will be updated any time necessary. By using our website, you are agreeing to this policy.


Our company:
Robertson Associates Srl (AUT. MIN. Prot. 13/I/0002084/MA004.A003 - DLGS 276/03)
Piazza Sant’Ambrogio, 1 - 20123 Milano - Italy
info@robertson-associates.it

 

How we receive information and how we may use it

Our objective is to minimize the data we collect to the strict minimum needed to provide quality services to our clients and candidates. However, it is important for you to know what information we collect, why and what we do with it.

 

1. Website visitors

Like most websites, we may use cookies and tracking pixels. A cookie is a small text file that is downloaded when a user accesses a website. It collects statistical data about your browsing actions and patterns but do not identify you as an individual. This helps us improve our website and deliver a better service. 

It is possible to switch off cookies by changing your browser preferences. Turning cookies off may result in a loss of functionality when using our website or applying to a job. 

 

2. Companies

A) When you get in touch with us for a request or question about our services or company
We collect your contact details limited to your first name, last name, function, title and email address. We do this to be able to contact you and answer your request or question and may keep it for maximum 5 years after our last contact. We consider there is a legitimate interest for both you and us to store and process this data because you reasonably expect us to get back to you with answers and information.

B) When you enter into a service contract with us
We collect your contact details limited to your first name, last name, function, title and email address. We do this to be able to render services to you and may keep it for maximum 5 years after our last contact. We consider there is a contractual need for us to store and process this data to manage our services in a professional manner.

C) When we get your data from other sources
We may collect your contact details limited to your first name, last name, function, title and email address from third parties. We will not store nor use this information unless we receive a consent from you. In such case, we may keep your data for maximum 5 years after your consent. 

D) When you subscribe to our newsletter 
We offer you the option to subscribe to our newsletter or information emails. In this case, we will only send you such emails after your consent to them when subscribing. We collect your contact details limited to your first name, last name and email address. We may keep your data for maximum 5 years after your consent. 


At any point in time, you can ask us to access, rectify, restrict, transfer or delete your personal data (see below).

 

3. Candidates
When you apply to a job, we need to collect, store and process some information to understand your profile, experience, work history, qualifications, education, preferences, location, mobility and more. This information is necessary to professionally assess your application and potentially select it for further steps.


This information is stored for maximum 5 years after our last contact because we might work on other similar jobs that we believe you may have an interest in receiving. At any point in time, you can ask us to access, rectify, restrict, transfer or delete your personal data.


A) When you apply for a job or inform us of your search for a new job
You may for instance apply on our website, external career pages or through an advert we placed on a job board or on social media. You may also send an email to one of our employee or representative directly. In most cases, we collect:

  • your contact details (first name, last name, email address, phone number, country) in order to be able to contact you
  • your CV (and/or other documents you send to us) in order to understand your professional profile

We consider there is a legitimate interest for both you and us to store and process this data because you applied voluntarily and because you reasonably expect us to process your application for the job you applied to or a job corresponding to your professional profile. In all case, you will receive an application confirmation email with a link to our privacy policy.

B) When we get your data from other sources
We may sometimes receive information about you from others as potential candidate for a job. In such case, we will contact you by email within 1 month maximum explaining why we would like to keep your details. We will ask for your consent or suggest you apply voluntarily online or per email to validate your application. If you don’t, your data will not be stored nor processed.

C) When we collect additional information after your application

  • During phone or email conversations, video or face-to-face interviews, we may collect additional information on your preferences, strengths, mobility, experience, etc. 
  • In some cases, for pre-selected candidates, you may be invited
    • to participate in a test or assessment
    • to provide references to validate your professional experience

In such case, the details and resulting information may be added to your personal record in our systems.

  

D) When you subscribe to our newsletter
We offer you the option to subscribe to our newsletter or information emails. In this case, we will only send you such emails after your consent to them when subscribing. We collect your contact details limited to your first name, last name and email address. We may keep your data for maximum 5 years after your consent.

 

Sharing of data

We never sell or rent your personal information to third-parties. However, we work with partners and suppliers who store or process data on our behalf. Such providers support us in hosting our data, operating the websites, improving marketing and analytics, sending email newsletters for us and more.

These processors may be located outside the European Union. In such cases, we select them only when they provide guarantees of compliance with the GDPR.

Additionally, we inform you of the following:

  • Our websites may include social media features (e.g., share or like buttons). Such features are provided by third-parties such as LinkedIn, Twitter or Facebook. Where data is collected this way, its processing is governed by their respective privacy policy.
  • Our content may link to third party websites to provide relevant references. We are not responsible for such external content, which may contain separate privacy policies.
  • We may disclose your personal information if required by law, regulation, or other legal requirements.
  • We may disclose your personal information in case of merger, acquisition, joint venture or bankruptcy.

 

Automated Decision Making and Profiling

We do not use any automated decision making or profiling process.

 

Your right to access, rectify, restrict, transfer or delete personal data

Over time, it is possible that you wish to access, rectify, restrict, transfer or even delete the personal details we hold. We commit to do this within 1 month of receiving your request. Your request can be sent to privacy@robertson-associates.it. Before taking your request into account, we will need to verify your identity and, in some case, check if your request can be executed for example in case of transfer.

In the event you wish to delete your personal data, we may reject if the data is needed for the establishment, exercise or defence of legal claims. In such case, we will ensure only minimal personal data is retained and will not make any further use of the data. When you wish to rectify, restrict or delete your personal data, we will also inform any other party we have shared your data with.

These actions are free of charge unless your request is excessive or unfounded in which was a fixed fee of 75 EUR ex VAT will be charged.

 

Data security

To protect your data and its confidentiality, we do have important security measures to protect logical and physical places where this data is stored or can be accessed. 

All of our offices and systems are protected with strict procedures and only our staff and authorized representatives have access to the information we store. When hosting our data and working with data processors, we only work with trusted providers offering guarantees of compliance and security.

 

Data privacy breaches

We acknowledge that we do store highly personal information and are aware of our responsibility to protect your information.
In the unlikely event that our logical or physical systems are compromised and there is a potential loss of confidentiality, we commit to report the breach within 72 hours of being notified of such event to the national privacy commission and take any action necessary to restore security of your personal data. In case of a high impact on privacy, we will directly inform the impacted individuals.

 

Complaints

If you have a complaint about the way your data is stored or handled, please contact us at privacy@robertson-associates.it. If you remain unhappy with the handling of your data, you can complain to the national privacy commission: 

GARANTE PER LA PRIVACY
Piazza di Monte Citorio n. 121 - 00186 Roma
E-mail: garante@gpdp.it
Website: www.gpdp.it - www.garanteprivacy.it