Privacy Policy

Forequest Italia S.r.l. (“Forequest”, “we”, “us”, “our”) make this statement regarding the processing of your personal data (“Privacy Policy”) in accordance with art. 13 of the EU General Data Protection Regulation 2016/679 (“GDPR”) and Legislative Decree 196/2003 (“Privacy Code”).

This Privacy Policy describes the way in which Forequest, as Controller, collects and processes your personal data through the website: https://forequest.it/ (“Site”).

Please note that our Site is not intended for minors below the age of 18 years and we do not knowingly collect data relating to minors.

Through the Site, please provide us only your personal data. In the event that you provide us with the data of third parties (e.g. friends, family, etc …) you will need to make sure that these third parties have been informed and that they have authorized you to use them on an appropriate legal basis that legitimizes the processing of such data. In any case, with respect to this hypothesis, you act as an independent Controller and assume all the obligations and responsibilities of law. Therefore, if you provide us with the data of third parties, you grant indemnity for any dispute, claim, request for damages that we might be received from such third parties.

1- Controller

The Controller is Forequest Italia S.r.l., Tax Code 11164110964, with registered office in Milan (20123 – MI), Via Vincenzo Monti, 8.

2- Browsing data

As you interact with us via Site, we automatically collect some data (by the way of the example: IP address, pages visited, date and duration of navigation on the Site, etc.). We collect this personal data by using cookies, internet tags and other similar technologies. Such data allows you to access and navigate the Site as well as the use of certain services and may be used in anonymous and aggregated form for statistical purposes and to verify the proper functioning of the Site. Therefore, we invite you to read the relevant section on Cookie for detailed information on this and/or other tracking technologies used on the Site. Please note that the relevant section on Cookie also contains the guidance on how to disable the cookies.

3- Purpose of the processing, legal basis and data retention period

This Privacy Policy aims to give you information on why and how we collect and process your personal data.

In addition to the above, this Privacy Policy informs you about your privacy rights and how the GDPR and Privacy Code protect you.

It is important that you read this Privacy Policy together with any other notice or policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of why and how we are using your data. This Privacy Policy supplements other notices and policies and is not intended to override them.

Purposes	Legal basis	Category of personal data	Data retention period
to process and manage any requests, comments or instructions you make that you sent us also through the section “Contact” of the Site	Performance of a contract in accordance with art. 6.1 lett. b) GDPR	Identity data (i.e. name, surname, etc.), contact data (i.e. e-mail, telephone numbers), business contact data, any other personal data included in your requests, comments or instructions	For the period strictly necessary to handle and/or to answer your requests, comments or instructions and in any case for a maximum period of 12 months.
To manage our relationship with you which will include to reply to your request or to interact with you	Performance of a contract in accordance with art. 6.1 lett. b) GDPR	Contact data (i.e. e-mail, telephone numbers), business contact data	During the contractual relationship and for a maximum period of 5 years after the termination of the contractual relationship, unless otherwise required by law.
To select the job applicants through the section “Careers” of the Site and to contact you for scheduling the relevant job interviews	Performance of a contract in accordance with art. 6.1 lett. b) GDPR	the identity data, contact data, job position, employment history and qualification (both academic and professional) and any other personal data included in the curriculum (“CV”) and/or in the covering e-mail and/or your eventually reasons for applying to Forequest	During the recruitment process and in any case for 6 months after the closing of such recruitment process. Please note: if your application is successful and you are subsequently offered and accept employment at Forequest, the information we collect during the application and recruitment process will become part of your employment record.
to eventually schedule a job interviews if we do not have any open job positions and you voluntary send us your CV	Performance of a contract in accordance with both art. 6.1 lett. b) GDPR and art. 111bis Privacy Code	the identity data, contact data, job position, employment history and qualification (both academic and professional) and any other personal data included in the curriculum (“CV”) and/or in the covering e-mail and/or your eventually reasons for applying to Forequest	For 6 months after the reception of your CV
To contact you to inform of any changes of the Privacy Policy	Compliance with a legal obligation in accordance with art. 6.1 lett. c) GDPR	Contact data	During the contractual relationship

Please note that, if necessary, the Controller shall process the personal data on the basis of its legitimate interest (pursuant to art. 6.1 lett. f) GDPR) for establishment, exercise or defence of legal claims. In such case, the data shall be stored for the duration of the legal claim and until the time limits for appeal actions are exhausted.

If you refuse to provide personal data.

Generally, the failure to provide the data will not affect your ability to access and navigate into the Site.

However, where we need to collect personal data by law, or under the terms of a contract we have with you, and you refuse to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you – for example, to reply to your questions or to contact or to select you as candidate.

The personal data will be processed in accordance with the principles of minimization and storage limitation pursuant to art. 5.1 lett. c) and e) GDPR.

4- Data processing methods

The data processing is carried out through any operations or set of operations set out in art. 4.2 GDPR and the operations of data processing will be performed whether or not by electronical instruments or automated to logics that fully correspond to the purposes carried out by the Controller.

Pursuant to art. 5 GDPR the personal data shall be processed lawfully and fairly and limitedly to what is necessary in relation to the purposes indicated in the point 3 above.

5- Data communication and dissemination

The Personal data are not object of dissemination. Your personal data shall be processed by employees and collaborators of the Controller under the authority of the latter. Furthermore, your data shall be communicated to all those subjects to whom the communication is necessary to carry out the purposes such as established above, by way of example consultants, advisors and in general all third parties acting on behalf of the Controller.

These subjects shall process the data as independent controllers or as Processors pursuant to art. 28 GDPR.

In any case, these subjects shall process the data strictly necessary to fulfil the tasks assigned to them, without prejudice to the rights of the data subjects.

The updated list of all data recipients can be requested by sending a request to the Controller.

6- Data Transfer extra EU

The Personal data shall be processed in the European Union. In the event of data being transferred to third countries, the data shall be processed in accordance with art. 44 and following GDPR. You can get more information by contacting the Controller.

7- Cookie

The cookies are text files that the websites visited by the user (so-called “publisher” or “first party” websites) or other different websites or web servers (so-called “third parties”) place and store within a terminal device in the user’s possession — as such, they are referred to as “active identifiers”. Similar functions may be performed by other tools that rely on different technology – as such, they are referred to as “passive identifiers”; nevertheless, they also allow processing activities that are similar to those carried out by way of cookies.

The cookies may be:

Technical cookies, which are used solely for the purpose of carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the contracting party or user to provide that service in accordance with art. 122 of Privacy Code;
Profiling cookies, which are used to trace specific actions or recurring behavioural patterns in the use of the offered functionalities back to specific, identified or identifiable individuals for the purpose of grouping the different profiles within homogeneous, multi-sized clusters; this is aimed in turn to enable the controller to, inter alia, provide increasingly customized services beyond what is strictly necessary for the delivery of the given service and also send targeted advertising messages, i.e. messages that are in line with the preferences expressed by the user in the context of their web-browsing activities;
Analytics cookies are used so online services can collect information about how people access them – for example, the number of users on a website, how long they stay on the site for, and what parts of the site they visit. This is also sometimes known as “web audience measurement”. The analytics cookies are equivalent to technical cookie if: (i) they are only used to produce aggregated statistics concerning a single site or a single mobile app; (ii) at least the fourth component of each IP address is masked out as for third-party cookies; and (iii) the third parties do not match the analytics cookies data with any other information (such as customer records or statistics concerning visits to other websites) and do not forward such data to other third parties. However, statistical analyses concerning several domains, websites or apps that can be traced back to the same publisher or group of undertakings are allowed.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Site may become inaccessible or not function properly.

Categories of cookies used on the Site

Please note that the Site uses only technical cookies or equivalent to technical cookies. Such technical cookies are automatically enabled when you visit the Site and may not be turned off.

8- Subject rights

Pursuant from art. 15 to 22 GDPR, you shall be in the position to exercise your rights by contacting the Controller.

In particular, you have the right to:

Obtain the access to the personal data concerning you, information related the data processing in a clear, transparent and understandable manner (Article 15 of the GDPR);
Obtain the rectification or integration of inaccurate personal data (Article 16 of the GDPR);
Obtain the deletion of personal data concerning you in the following cases: (a) the data are no longer necessary in relation to the purposes for which they were collected; (b) the data subject withdraws consent on which the data processing is based, where the legal basis of the processing is your consent; (c) You have objected to the data processing concerning you, where the legal basis is the legitimate interest of the Controller. In any case, we recall you that the data retention by the Controller is lawful where the data processing is necessary for the establishment , exercise or defence of legal claims (Article 17 of the GDPR) ;
Obtain the restriction of the data processing where (a) you contest the accuracy of the personal data, for a period enabling the Controller to verify the accuracy of such personal data; (b) the processing is unlawful but you oppose the erasure of personal data and you request the restriction of their use instead; (c) the personal data are necessary for the establishment, exercise or defence of legal claims; (d) You have objected to the processing and pending the verification whether the legitimate grounds of the Controller override those of the data subjects (Article 18 of the GDPR);
Receive your personal data concerning you in a structured, commonly used and machine-readable format, where the processing is based on your consent or on a contract (Article 20 of the GDPR);
object at any time to the processing of your data, where the processing is based on the legitimate interest of the Controller, unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subjects or for the establishment, exercise or defence of a legal claims. Furthermore, you can object to the data processing at any time where your personal data are processed for direct marketing purposes (Article 21 of the GDPR);
Withdraw the consent at any time, where the processing is based on your consent. In any case, the withdrawal of the consent shall not affect the lawfulness of the processing based on consent before the withdrawal;
Lodge a complaint with the supervisory authority in the member state where you have habitual residence or in the place where the alleged infringement The Italian Supervisory Authority is the Garante Privacy ( https://www.garanteprivacy.it/ ).

9- Contact details of the Controller

The Data Controller is Forequest Italia Srl, Tax Code. 11164110964, with registered office in Milan (20123 – MI), Via Vincenzo Monti, 8, which can be contacted at the following e-mail address: [●]

10- Update of this Privacy Policy

The Data Controller reserves the right to update and/or amend this Privacy Policy at any time especially if it is necessary to comply with new regulatory requirements. The Data Controller will communicate any updates to this Privacy Policy through publication on the Site. Therefore, we invite you to periodically consult the Privacy Policy through publication on this Site.

Date of last updated: January 2024