PRIVACY POLICY

The extended version of the privacy policy is available at the following link: EXTENDED PRIVACY POLICY

Data Controller
Sky Alps S.r.l. with registered office in Bolzano, Piazza del Grano no. 3, postal code 39100, VAT-number 03067170211 (“Sky Alps” or “Controller”)
Contact e-mail address: privacy(at)skyalps.com

Data Protection Officer (DPO)
The DPO appointed by Sky Alps can be contacted at dpo(at)skyalps.com

Personal data being processed

Personal data, within the meaning of the GDPR, shall mean any information relating to an identified or identifiable natural person ('data subject'). An identifiable person is any natural person who can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which express the physical, physiological, mental, economic, cultural or social identity of these natural persons. 
The personal data processed through the Website are as follows:
a. Browsing data

b. Special categories of personal data

c. Data provided voluntarily by the data subject

d. Cookies (cookie policy)

Purpose of processing, legal basis and retention period

The processing of your Personal Data is carried out for the purposes listed below (a. - f.), and based on an adequate legal basis. 

a. offering the requested services and responding to requests for assistance and/or information
•    legal basis: performance of a contract
•    storage limitation: for the time strictly necessary to achieve the purpose and, in any case, up to the time permitted by Italian law for interest’s protection purposes (section 2946 Italian civil code)

b. responding to requests for assistance or information
•    legal basis: performance of a contract
•    storage limitation: for the time strictly necessary to achieve the purpose and, in any case, up to the time allowed by Italian law for interest’s protection purposes (section 2946 Italian civil code)

c. analysing applications and CVs received through the 'Jobs and Careers' section
•    legal basis: performance of a contract 
•    storage limitation: as long as the position for which the CV was sent is available or, in the case of spontaneous applications, up to 12 months thereafter

d. fulfilling legal, accounting and tax obligations

•    legal basis: legal obligation 
•    storage limitation: until the time provided for by the specific obligation or rule of law applicable   
e. sending newsletters and promotional communications
•    legal basis: consent of the data subject 
•    storage limitation: until revocation of consent by the data subject
f. profiling and targeted advertising
•    legal basis: consent of the data subject 
•    storage limitation: until revocation of the data subject's consent

g. prevention and conduct of litigation and other legal matters and for defence in the event of legal proceedings
•    legal basis: legitimate interest of the Controller
•    retention limitation: 10 years, unless opposed and except for the time required for defence in court

h. handling of data protection requests

•    legal basis: legal obligation 
•    storage limitation: 5 years from the closure of the request, except in the event of litigation

Recipients of personal data

For the above processing purposes, some of your personal data will be transferred to external parties as acting as data controllers and/or data processors pursuant to section 28 GDPR, as well as processed by natural persons, appointed pursuant to section 29 GDPR, on the basis of specific instructions provided  regarding the purposes and methods of processing.

Transfer of personal data to countries outside the EU

Some of your personal data will be transferred to countries outside the EU. Such transfers will take place in accordance with the requirements of the law (e.g. on the basis of an adequacy decision of the European Commission or the EU-US Data Privacy Framework or subject to Standard Contractual Clauses).

Automated decision-making processes
Sky Alps does not use automated decision-making processes, including profiling as referred to in section 22(1) and (4) of the GDPR, without your consent.

Rights of data subjects

You may at any time revoke your consent to the processing of your personal data for all further processing not required for the provision of the services. Revocation does not affect the lawfulness of the previous processing based on consent.

Pursuant to sections 15 et seq. GDPR, you have the right to ask Sky Alps at any time for access to, rectification or erasure of your personal data or to object to their processing, you have the right to request the restriction of processing in the cases provided for by section 18 GDPR, as well as to obtain in a structured, commonly used and machine-readable format the data concerning you, in the cases provided for by Article 20 GDPR. 

You always have the right to lodge a complaint with the competent Italian supervisory authority (Garante per la Protezione dei Dati Personali), if you consider that the processing of your Personal Data is contrary to the legislation in force.

Contact address: privacy(at)skyalps.com

Updates

Sky Alps reserves the right to change or simply update the content of this policy, in part or completely, also due to changes in the applicable legislation. For easier verification of any changes, the policy contains date of the update.

Last update: March 2024