PRIVACY POLICY

I – GENERAL INFORMATION

  1. General information
    • 1.1 This section contains information about the website of the company SVA Italy S.r.l., which can be reached at the url https://svadvisory.com/.
    • 1.2 This policy also has value in accordance with Art. 13 of the EU Reg. 2016/679 (GDPR – General Data Protection Regulation) on the protection of individuals with regard to the processing of personal data and on the free movement of such data. This policy is therefore aimed at informing Users of the site (who qualify as data subjects under the GDPR) about the processing operations carried out by this website, the types of data processed, the methods of their processing and the retention times by SVA Italy S.r.l..
    • 1.3 This website is intended only for Users over the age of 18; by connecting to https://svadvisory.com/ and, if applicable, voluntarily providing their own data, the User declares that they are over the age of 18.
    • 1.4 Given that some companies of the SVA Group are based abroad (in Switzerland), this disclosure is made as part of the company’s adaptation to the GDPR, which has already been completed through the adoption of all updated documentation and procedures, the carrying out of congruous risk analysis and the implementation of technical and organizational measures appropriate according to the level of risk; this fulfillment of has become necessary because the processing of personal data by it – not only through this site – may involve the processing of data of citizens residing in the EU. At the same time, this disclosure is also made pursuant to the Federal Data Protection Act 2020 (DPA 2020).

II – PARTIES INVOLVED IN DATA PROCESSING

  1. Data controller and data protection officer (so-called DPO).
    • 2.1 The data controller is the natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data. Pursuant to Article 25 GDPR, the controller is also required to identify and take appropriate technical and organizational measures to ensure a level of security of the personal data it processes that is appropriate to the risk generated by the processing operations carried out as well as related to other relevant circumstances. A similar definition is formulated by Article 3 DPA 2020 with reference to the Holder of a data collection, defined as the person who decides on the purpose and content of the data collection.
    • 2.2 With reference to this site, the data controller is the company SVA Italy S.r.l., with registered office in Milan (MI), 20121, Palazzo Duomo via San Raffaele 1.
    • 2.3 To the owner the interested parties may refer for any clarification or to exercise the rights that are recognized to them by Articles 15 – 22 EU Reg. 2016/679, at the following addresses:

       

      • SVA Italy S.r.l., with registered office in Milan (MI), 20121, Palazzo Duomo via San Raffaele 1

      • Ordinary e-mail: info@svadvisory.com

      • Tel: +39 02 500 33 108

  1. Responsible for data handling
    • 3.1 The data controller is the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller. The data controller, in the performance of personal data processing activities related to the management of this website, makes use of services rendered by companies that, in the provision of the same, process data on behalf of the data controller; these companies have been appointed, when necessary under Article 28 GDPR, external data controllers.
  2. Place of data processing
    • 4.1 Personal data are recorded and stored in electronic databases owned by the owner as well as, if necessary, by external data processors; processing related to the management of this website is carried out at the headquarters of the owner as well as at the offices of companies that provide services essential to the operation of the website itself (such as the hosting service provider).

III – DATA PROCESSED

  1. Types of data handled
    • 5.1 This website collects information by means of log files exclusively in an anonymous form, for the sole purpose of compiling statistics regarding the use of the site, as well as to verify its proper functioning. This information will be processed according to the legitimate interests of the owner.
    • 5.2 By means of this site, the following personal data of Users may also be collected and subsequently processed by the owner and processors:
      • User’s first and last name and/or e-mail address (are if voluntarily by the User, e.g., by sending an e-mail to the owner);
      • additional personal data of the User (are if voluntarily by the User, e.g., by sending an e-mail to the owner);
      • Internet Protocol (IP) address of the User;
      • technical cookies.
    • 5.3 If the User voluntarily sends his/her Curriculum Vitae to the owner with a view to the possible establishment of a working relationship or requests for collaboration, the relevant data will be examined. In case of saving for future working collaborations, summary information will be provided to the User following the regulations in force.
  1. Purpose of processing and data retention period
    • 6.1 Personal data referred to in Article 5.2. are collected and handled for the following purposes:
      • 6.1.1 delivery of services provided by the website
      • 6.1.2 response to contact requests transmitted by Users by sending an e-mail
      • 6.1.3 delivery of newsletters about the Company’s activities to Users who request the subscription to the mailing service by manifestation of the appropriate consent
      • 6.1.4 sending business proposals to Users who express consent to the sending
      • 6.1.5 fulfillment of obligations imposed by applicable regulations (accounting, fiscal, etc.).
    • The personal data referred to in Article 5.2. will be kept for the period of time strictly necessary to achieve the purposes indicated above, unless it is necessary to keep them due to legal obligations. The data may also be retained for as long as necessary – by the owner or any responsible parties – to ascertain, exercise or defend a right of theirs in a court of law, within the statute of limitations of any related actions that may be brought against them.
    • In the case of personal data processing based on the legal basis of the User’s consent, the owner may retain personal data until it is revoked.
  2. Legal basis for data handling
    • 7.1 The legal bases of personal data processing stated in Article 5.2. are as follows:
      • 7.1.1 for the purposes referred to in Articles 6.1.1. and 6.1.2. the legal basis of the processing is the provision of a service at the request of the data subject, pursuant to Art. 6 para. 1 (b) GDPR (contractual basis);
      • 7.1.2 for the purposes referred to in Articles 6.1.3., 6.1.4. and 6.1.5. the legal basis for the processing is the free, specific, informed and unambiguous consent of the data subject, in accordance with Article 6 para. 1(a) GDPR (consent);
      • 7.1.3 for the purpose of Art. 6.1.5. the legal basis for the processing is the fulfillment of a legal obligation to which the owner is subject under Art. 6 para. 1(c) GDPR (legal obligation).
  1. Social Network Plugin
    • 8.1 This website does not incorporate plugins and/or buttons for social networks; in fact, it only contains links to the pages of the Owner, as well as its main contributors, on the various social networks. By clicking on such links the User exits the Owner’s website and, consequently, from the scope of applicability of this policy. For the personal data processing operations carried out by such social networks, on which the owner has no responsibility, please refer to the relevant information under Article 13 GDPR rendered by each site.

IV. RIGHTS OF THE DATA SUBJECT

  • 9.1 13(2) GDPR lists the User’s rights.
  • 9.2 The owner informs the User about the rights recognized to the same by articles 13, par. 2, letters b) and d), 15, 16, 17, 18, 19 and 21 GDPR and precisely the rights of: access to data (art. 15 GDPR and art. 10 LPD 2020); rectification (art. 16 GDPR), cancellation (art. 17 GDPR), restriction of data processing (art .18 GDPR); data portability (art. 20 GDPR); objection to processing (art. 21 GDPR); revocation at any time of one’s consent that may have been given (art. 13 par. II lett. c GDPR). Requests can be addressed to the data controller, without formalities or, alternatively, using the template provided by the Data Protection Authority, by sending an email toinfo@svadvisory.com
  • 9.3 If the processing is based, as indicated in Art. 6.3, on the User’s consent, the User has the right to revoke it at any time without affecting the lawfulness of the processing carried out prior to such revocation.
  • 9.4 At the same time, if the User believes that with the processing of personal data by this site has been violated the current legislation, he/she has the right to file a complaint with the competent supervisory authority.
  1.  

V – NATURE OF CONTRIBUTION

  1. Nature of provision of User data
    • 10.1 The provision of the personal data referred to in Art. 5.2. – as well as consent to the processing of the data, when required – are mandatory for the fulfillment of the purposes indicated in art. 6: any refusal to provide such data (or to express consent to their processing, when required) makes it impossible for the owner to provide the relevant services, to follow up on the User’s request (to subscribe to the newsletter or to receive commercial communications) or to fulfill the legal obligations placed on it by the current legislation.

VI – DATA TRANSFER TO COUNTRIES OUTSIDE THE EU

  1. Transfer of data subject’s data to countries outside the EU
    • 11.1 No data will ever be transferred to third countries that do not comply with the conditions set forth in Articles 45 et seq. – in particular Article 46 – of EU Reg. 2016/679.

VII – SECURITY

  1. Security measures implemented by the owner
    • 12.1 This website processes Users’ data in a lawful manner that complies with the GDPR and DPA 2020, taking appropriate security measures to ensure the security of the data and related processing operations, taking into account the mapped risk profiles and the need to prevent personal data breaches in the form of unauthorized access, unauthorized disclosure, modification or destruction of data.
    • 12.2 The data processed may be accessed by any authorized persons employed by the data controller who are involved in the management of the site or in the processing operations of the data collected through it; in addition, any external data processors called upon to outsource services to the data controller necessary for the operation of the site may have access to the data.

VIII – COOKIE

  1. The various types of cookies
    • 13.1 The https://svadvisory.com/ website uses cookies directed at making navigation easier and more intuitive for the User.
    • 13.2 Cookies are small strings of text used to store certain information that may relate to the User, their preferences or the device used to access the site; this information is collected to provide the User with a personalized browsing experience by storing the User’s previous choices and adjusting the operation of the site accordingly.
    • 13.3 Cookies may record personal information about the User: the User may delete all cookies (or some of them) if he/she wishes, by following the instructions in Article 17.
  2. Technical cookies
    • 14.1 Technical cookies allow navigation on the site and facilitate access to it, as well as the enjoyment of its contents, by the User. They, therefore, are necessary for the transmission of communications over electronic networks or for the owner to provide the requested service.
    • 14.2 The settings to disable, manage or delete cookies vary depending on the browser used by the User. It should be noted that, in some cases, disabling or deleting cookies may slow down or prevent access to some parts of the site.
    • 14.3 With regard to the retention period of cookies, two types can be distinguished: temporary ones, which are automatically deleted at the end of the browsing session and have the function of allowing the identification of the User, making it so that the User does not have to repeat the login on each page visited; permanent ones, which are stored in the browser for a preset duration or until deleted by the User.
    • 14.4 The site also may install session cookies in the browser, intended to allow User access (and consequent stay) in the restricted area of the site as an authenticated User until the logout operated by the same.
  3. Third-party cookies
    • 15.1 Based on the origin, cookies can be distinguished between those directly sent to the browser used by the User from the site being visited and those prepared by third parties.
    • 15.2 Most third-party cookies are tracking cookies used to keep track of Users’ online behavior and use the information collected for the provision of such third parties’ own services: the operation of these cookies is governed by the rules prepared by the third parties who set them, available on their sites, to which we refer
  4. Profiling cookies
    • 16.1 Profiling cookies are those aimed at creating a profile of the User, in order to then send him/her advertising messages in line with the preferences previously expressed.
    • 16.2 With reference to this type of cookie, where present the User must give explicit consent to their use.
  5. Configuration of the browser used by the User
    • 17.1 The User can manage cookies through the settings of the browser he/she uses.
    • 17.2 To know in detail how to configure cookies, the User can refer to the specific page of the main browsers.
    • 17.3 To receive more information and get support on the point, the User can visit the specific page of the main browsers:

IX – AMENDMENTS TO THE PRESENT DOCUMENT

18. Changes to the site’s privacy policy

    • This privacy policy, published at https://svadvisory.com/privacy-policy/, may be – as needed – freely modified by the owner; therefore, Users are encouraged to constantly monitor this document.
    • This privacy policy was last updated on 08.07.2022 to comply with the GDPR and the Federal Data Protection Act of 1992.
    •