HOW MYFOGLIO WORKS
myfoglio is a technological platform operating through the Internet network and mobile device applications, through which a free or upon payment service is provided to professionals or to companies, and includes:
– a tool that generates documents such as invoices, credit notes, notes and other administrative and fiscal documents;
– a non fiscal forecasting support system with reference to due taxes;
– a myfoglio internal/external messaging system;
– a sharing and cooperation tool;
– a scheduler of activities (agenda);
– an index book;
– a community tool for researching and sharing information;
– services interfaced via API for the interoperability with third-party’ system (reserved to partners and developers) trough seas interface directly from myfoglio servers spread over the territory of Switzerland.
Further information about how myfoglio works is provided in its Terms of Services (“ToS”).
Information entered by the Candidate in the on-line application form and that included in the Curriculum Vitae spontaneously submitted by the Candidate (“Personal Information”) shall be used by Coverclip for the sole and exclusive purposes described in point 4 below.
At the moment of the User’s registration on myfoglio, a dedicated personal account shall be created (“User Account”), trough which User will benefit of myfoglio services as indicated above and/or anyhow promoted by myfoglio.
Any and all User’s information provided to myfoglio, therein included information relating to taxation and accountability (“Personal Information”), shall be used by the Company for the purposes indicated hereunder.
WHAT DATA CAN BE PROCESSED: SENSITIVE DATA AND COMMON DATA
HOW USERS COMMON DATA CAN BE USED
Without prejudice to what provided above with reference to Users’ Sensitive and Judicial Data, and with reference to Third Parties’ Common, Sensitive and Judicial Data pursuant to art. 3.2. and 3.3. above, the management of Users’ Common Data shall be provided either manually that digitally, with the following purposes:
a) fulfillment of any and all applicable Law, regulatory and UE Law;
b) supply of myfoglio services;
c) communication relating to potential commercial activities connected to myfoglio;
d) communication of any relevant information with reference to the Company and to Company networking activities;
e) operational management of myfoglio and relevant Users’ access data, therein including security data and digital platform security.
COMMUNICATION TO THIRD PARTIES FOR MARKETING PURPOSES
Upon User’s authorization, the Company shall communicate for marketing purposes Users’ Common Data to third parties operating in one of the following product area: banking, insurance, GDO, luxury goods, clothing, legal services, real estate, web services. Failure to provide such an authorization, the Company shall not communicate such Users’ Common Data, notwithstanding that myfoglio service shall be provided.
WHO THE CONTROLLER OF THE USER’S PERSONAL DATA PROCESSING IS
WHO THE PROCESSOR OF THE CANDIDATE’S PERSONAL DATA PROCESSING IS
WHO THE PERSONS IN CHARGE OF THE USERS AND THIRD PARTIES PERSONAL DATA
Provided the above, the User, in order to allow the Company to provide myfoglio services, shall appoint the latter as subject in charge for the treatment of Third Parties’ Common, Sensitive and Judicial Data, in compliance with Section 30 of the Privacy Code, ensuring to have collected any and all authorizations and consents of such datas by such Third Partiesin compliance with the Privacy Code, indemnifying and holding the Company harmless from any responsibilities arising from the failure to have collected such Third Parties’ authorization.
TERRITORY SCOPE IN WHICH THE USERS AND THIRD PARTIES’ PERSONAL DATA ARE PROCESSED
WHERE THE PERSONAL DATA ARE STORED
The Company processes and stores personal data with the help of information technology of its own or of third parties, and that are managed either by the Company or by third technical services suppliers. Data are only processed by specifically authorized personnel, including the personnel in charge of extraordinary maintenance operations.
WHAT SECURITY MEASURES THE COMPANY ADOPTS FOR PERSONAL DATA PROCESSING
The Company is committed in safeguarding personal data security and to comply with the security provisions as set up under the applicable regulations, in such a way as to prevent data loss, unlawful or illegal use of the data and unauthorized access to the data, specifically but not limited to Annex B of the Privacy Code (Technical Specifications concerning minimum security measures). Furthermore, information systems and softwares are set up in such a way as to minimize the use of personal data and identifying data, and they are only used by the Company when it is necessary in connection with the specific processing purposes pursued. The Company makes use of several security advanced technologies and specific procedures in such a way as to protect the users’ personal data.
WHAT RIGHTS THE USER SHALL HAVE IN RELATION TO HIS/HER PERSONAL DATA
Pursuant to Section 7 of the Privacy Code, the User shall have the following rights in respect of his/her personal data provided to the Company:
1. The Users shall have the right to obtain confirmation as to whether or not personal data concerning him/her exist, regardless of their being already recorded, and communication of such data in an intelligible form.
2. The Users shall have the right to be informed:
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing when the latter is carried out with the help of electronic tools;
d) of the identifying data concerning data controller, data processors and the representative designated as per Section 5, paragraph 2;
e) of the entities and categories of entities to whom personal data may be disclosed and who may get to know said data in his/her capacity as representative designated in the State’s territory, data processor or person in charge of the processing.
3. The Users shall have the right to obtain:
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification that the operations as per letters a) and b) have been notified, as also related to their contents, to those entities to whom the data have been disclosed or publicized, unless this requirement proves impossible or involves a manifestly disproportionate effort comparing to the right that is to be protected.
4. The Users shall have the right to object, in whole or in part:
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials, direct selling or else for the performance of market surveys or marketing communication.
For further information about privacy and about the Privacy Code, please visit official website of the EU.
HOW LONG PERSONAL DATA PROCESSING LASTS
Personal data processed by the Company are mainly stored for regulatory requirement purposes. In such cases, data keeping period coincides with the longest keeping period that is necessary in relation to one of said purposes.
Currently, it is to be considered that the 10-year keeping time provided by the applicable regulations represents a keeping period reasonably sufficient also for any other purposes.
Sole exceptions to the principle above are to be considered as occurring in case of litigation or, more generally, in case of necessary protection of the company’s rights and interests.
In relation to the first exception, data shall continue being kept, with any precaution, only for the time necessary to achieve said purpose.
Once said period has elapsed, therefore, data shall be anonymized in order to ensure data subject’s protection and privacy.
In relation to the purpose of protection of the Company’s rights and interests, it is made clear that data belonging to data subjects who may have exercised processing consent revocation are solely kept for defensive purposes and in the view to retrieving information in case of litigation. Once the time congruous for this purpose has elapsed, such data are anomymized. During this period, these data cannot be used for any other purpose.
TO WHOM THE USER SHALL ADDRESS FOR THE EXERCISE OF HIS/HER RIGHTS CONCERNING PERSONAL DATA
Updated on March 2016