This policy applies to the company PhinancePartners SpA and its subsidiary Phire Srl.
As a financial, business, and real estate advisory organization, privacy and information security issues are very important to us and we believe that each individual’s personal data should be treated ethically and
responsibly. This page describes how the information contained in the site is managed www.phinancepartners.com with reference to the processing of the personal data of users who consult it. This information is provided pursuant to art. 13 and 14 of EU Regulation 679/2016 (“GDPR”) exclusively for the site
www.phinancepartners.com and not for other websites that may be consulted by the user via links. Personal data will be processed in compliance with the GDPR and European and national laws that modify and/or supplement it (“Privacy Policy”).
In particular, this policy defines:
the type of personal data we may collect from you;
how and why we use your personal data and with what safeguards;
your rights and choices regarding your personal data.
Subsequently, the methods of managing the data acquired for the purpose of executing professional mandates are then described.
DATA CONTROLLER
Following consultation of this site, data relating to identified or identifiable persons may be processed. The company Phinance Partners S.p.A., and the company Phire srl, both with registered office in Rome, Via Giulio Caccini n. 1, are each data controllers (hereinafter each the “Data Controller”) for the personal data processed in the performance of their activities, as better described below. With regard to the personal data processed when browsing and using the www.phinancepartners.com website (hereinafter “the Site”), which Phinance Partners S.p.A. owns, the latter assumes the role of Data Controller. The Owner reserves the right to update this policy at any time and to inform users through the use of the most appropriate tools. For any further information or questions you can contact us at the email address: info@phinancepartners.com
PERSONAL DATA PROCESSED
We collect various types of data, including information that identifies you or could identify you as an individual, as explained in more detail below.
Browsing data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Similarly, the request by the user to send information material by the Data Controller involves the acquisition of the user’s email address, which is necessary for sending communications as requested by the user. The personal data contained in any CVs sent to the Data Controller’s addresses will be used for the sole purpose of evaluating the candidates’ profile and selecting them. It is possible to contact the Data Controller to update or correct and to exercise the other rights referred to in art. 15-22 of the GDPR. Any sending of particular categories of personal data (relating, in particular, to racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, as well as personal data suitable for revealing the state of health and sex life) will result in the immediate deletion of the data in the absence of a written declaration of consent of the data subject to their processing by the Data Controller.
COOKIES
No personal data of users is acquired by the site through the use of cookies. The site, in fact, uses only technical or assimilated cookies, such as: navigation or session cookies;analytics cookies, to collect information, in aggregate form, on the number of users and how they visit the site itself; Functionality cookies, which allow the user to browse according to a series of selected criteria, in order to improve the service provided and to facilitate subsequent access to our website. Cookies are not used to transmit personal information. The site uses its own cookies and third-party cookies. In particular, the third-party cookies used concern the Google Analytics service. You can consult the information relating to Google’s use of the information provided by the sites that use its services by clicking here or disable the use of Google Analytics by clicking here. The types of cookies used by this site do not require the user’s prior explicit consent. The receipt of cookies used on this site can be stopped at any time by the user by changing the settings of their browser, as indicated in the links below:
Internet Explorer
Chrome
Firefox
Safari
However, after doing so, some functions of the site may not be performed correctly and some operations may become more complex and/or less secure.
METHODS AND PURPOSES OF PROCESSING
Personal data may be processed by the Data Controller in paper format or with automated tools for the time strictly necessary to achieve the purposes for which they were collected. The data will not be processed beyond the period necessary to achieve the purposes indicated in this policy. The processing will be carried out exclusively by subjects duly authorized in writing by the Data Controller, in compliance with the provisions of Current Legislation. Apart from what is specified for browsing data, the personal data provided by users who send requests for information material or applications for professional positions to the addresses published on this site are used for the sole purpose of sending the requested information or evaluating the applications submitted and are not communicated to third parties, unless the communication is required by law or is strictly necessary for the fulfillment of the requests. The processing of the user’s personal data through the Site is carried out to fulfill the user’s requests or to ensure the proper functioning of the site. Therefore, in compliance with the Privacy Legislation, the user is not asked for consent, except in cases of request for information material (e.g. newsletters, events) by the user.
COMMUNICATION AND TRANSFER OF DATA
We may need to share your information with third parties, such as consultants and other service providers that we employ to perform tasks on our behalf. In any case, the communication of data will take place in the manner and guarantees provided for by the GDPR. It is understood that users’ personal data may be communicated to third parties entitled to receive them by law in specific situations, such as law enforcement agencies and other authorities, if this is required by law or by an order of the competent authority. To find out the list of the Data Controller’s suppliers, you can request it at the email address indicated above. Should it be necessary to transfer data outside the European Economic Area, such transfers will take place exclusively on the basis of the adequacy decisions of the European Commission and other appropriate safeguards provided for by the Privacy Legislation.
EXERCISE OF RIGHTS
The GDPR expressly recognizes certain rights, including those to:
(i) obtain confirmation from the Data Controller of the existence of their personal data,
(ii) have knowledge of the origin of the data as well as the logic and purposes of the processing,
(iii) obtain the identification details of the data controller and data processors,
(iv) know the subjects or categories of subjects to whom the personal data may be communicated
or who may become aware of them in their capacity as designated representatives in the territory of the State, managers or persons in charge,
(v) obtain the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as the updating, correction or, if there is interest, the integration of data, and
(vi) object to the processing in whole or in part, for legitimate reasons;
(vii) withdraw consent (where this is the necessary legal basis for the processing) at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal;
(viii) lodge a complaint with the Guarantor for the Protection of Personal Data, following the procedures and indications published on the official website of the Authority on www.garanteprivacy.it.
For any communication, request or report on privacy, as well as to exercise the rights provided for by the Privacy Policy, you can send an email to the email address indicated above. Any rectifications or cancellations or limitations of processing carried out at the request of the user concerned – unless this proves impossible or involves a disproportionate effort – will be communicated by the Data Controller to each of the recipients to whom the personal data have been transmitted. The Data Controller may communicate these recipients to the user if the latter requests it. In order to become aware of changes or modifications in the policies applied by the Data Controller regarding privacy, mainly due to regulatory changes, the user should constantly consult this Privacy Policy document.
PROCESSING FOR THE PURPOSE OF EXECUTING THE PROFESSIONAL MANDATE
For the purpose of carrying out the professional assignment received from third parties natural and/or legal persons, the Data Controller may also process personal data (including data belonging to particular categories referred to in Article 9 of the GDPR, and data relating to criminal convictions and offences or related security measures referred to in Article 10 of the GDPR) of the third parties themselves and/or their employees, suppliers and/or customers, hereinafter, collectively, the “Customers”) acquired during the establishment, management, execution and/or conclusion of the assistance and consultancy relationship provided in their favour. The processing of Customers’ personal data is carried out using manual or IT tools, in any case suitable for guaranteeing their security and confidentiality, as well as for avoiding unauthorised access to personal data, for the following purposes: (i) purposes instrumental to the establishment, management, execution and/or conclusion of the assistance and consultancy relationship, (ii) fulfilment of obligations deriving from national and/or EU legislation or issued by authorities authorised to do so by the law, (iii) information, dissemination (e.g. invitations to conferences, seminars, etc.) and/or publication of the operations followed by the Data Controller (limited to the indication of the Customer and the type of assistance provided), (iv) purposes related to the management of reports of facts and activities that may cause damage to the Data Controller, or that are contrary to values, internal protocols, laws or regulations, and in particular to anti-corruption legislation (whistleblowing). The processing of Customers’ personal data by the Data Controller is necessary to fulfil the professional assignment entrusted and to fulfil the obligations provided for by tax and/or administrative legislation. The Data Controller collects the consent of the Customers for the processing of their personal data only in the cases referred to in point (iii) and, even in such cases, only if the applicable Privacy Legislation does not exclude the need for the consent itself (e.g. if there is a legitimate interest of the Data Controller in the processing). If consent is required for the purposes of processing, Customers have the right to withdraw it at any time. Customers’ personal data are processed in accordance with the Privacy Legislation, and are not stored for a period exceeding 10 years (unless otherwise and justified needs).
Customers’ personal data may be communicated or made available by the Data Controller for the same purposes as above, to categories of external and internal parties (who will act as independent data controllers, data processors or persons authorised to process them, as the case may be), including, by way of example but not limited to: professionals and/or staff who collaborate with the Data Controller, for this purpose, specifically designated according to criteria of minimum access to the personal data necessary for the processing to be carried out, natural and/or legal persons who provide assistance and/or consultancy services to the Data Controller, subjects who have the right to access personal data by law, etc. (the complete list of names of third parties to whom the Customers’ data may be communicated is available upon request by the Customers themselves by e-mail to the following address: info@phinancepartners.com).
The Data Controller may also transfer Customers’ personal data outside the European Union with the consent of the Customers themselves or in accordance with the requirements of the Privacy Legislation. Customers may exercise the rights provided for by the Privacy Legislation, including those of (i) obtaining confirmation from the data controller of the existence of their personal data, (ii) being aware of the origin of the data as well as the logic and purposes of the processing, (iii) obtaining the identification details of the data controller and data processors, (iv) knowing the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of it as a designated representative in the territory of the State, of managers or persons in charge, (v) obtain the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as the updating, correction or, if there is interest, the integration of data and (vi) object to the processing in whole or in part, for legitimate reasons. To this end, they may lodge a complaint with the supervisory authority where provided for by the Privacy Legislation. They may also object to the processing of data on grounds relating to your particular situation and, in any case, to the processing of data for direct marketing purposes. Customers may address the above requests by e-mail to info@phinancepartners.com