Privacy

WEBSITE PRIVACY POLICY
Privacy Policy under art. 13 of EU Regulation no. 2016/679

 

This document describes the website management procedures concerning the processing of the personal data of its users.

This Privacy Policy is valid only for the present website, and not for any other website the user may potentially consult via other links.

 

THE DATA PROCESSING “OWNER”
Data regarding identified or identifiable individuals may be processed following the consultation of this website.

The Owners of the data processing, each responsible for its own? of competence, are:

>Mercato Centrale Firenze Srl, headquarters in Piazza del Mercato Centrale snc, 50123, Florence, VAT registration no. 06315160488 – email: privacy@mercatocentrale.it, responsible for activities concerning the management of the website and

>Mercato Centrale Roma Termini Srl, headquarters in Via G. Giolitti 36, 00185, Rome. VAT registration no. 13885561004;
WAYS OF COLLECTING AND PROCESSING DATA
>AI BANCHI Srl, headquarters in Via San Quirico 165, 50013, Campi Bisenzio (FI). VAT registration no. 06740620486.

connected companies that take part in: the management of the services provided through the website; ensuring that the requests by interested parties are satisfied; activities involving both the informing and the sending of commercial communications.

The contact details of the Data Protection Officer (DPO), nominated by the Company, which has agreed to avail the possibility of sharing such resource, in order to even attain the necessary coordination, are: dpo@mercatocentrale.it

 

TYPES OF PROCESSED DATA – Navigation data
During their normal operations, the IT systems and the software procedures responsible for the functioning of this website acquire some sets of personal data whose transmission is implicit in the communication protocols of the Internet.

Such information isn’t collected to make associations with identified individuals, however; by their very nature, this data may allow to identify users by means of elaborations and associations made with data obtained by third parties.
The following data falls into this category: the IP addresses or the domain names of computers used by users who connect to this site; the URI (Uniform Resource Identifier) addresses; the time of the request; the method used to submit a request to the server; the size of the file obtained in reply; the numerical code indicating the state of the response from the server (successful, error, etc.); and other parameters relating to the user’s operating system and IT setup.

This data is used for the sole purpose of gathering anonymous statistical information concerning the use of the website by the user and to monitor its proper functioning. The data may be used to ascertain responsibility only in the case of potential cybercrimes against the website, and only in such cases will specific procedures be carried out for the identification of the author of such illicit actions.

The LEGAL BASIS OF THE PROCESSING of such data is represented by the legitimate interest of the owners in ensuring the safety of the data and the proper functioning of the website.

 

WAYS OF COLLECTING AND PROCESSING DATA
Personal data is processed through the use of automated tools for the amount of time that is strictly necessary to reach the purpose for which the data was originally collected. The processing regarding web services on this site is entrusted to the employees of Mercato Centrale Firenze s.r.l, of Mercato Centrale Roma Termini s.r.l. and of Ai Banchi s.r.l, as well as other, occasional technical and maintenance operations of the website and its relative IT systems.

Specific security measures are taken in order to prevent data loss, illicit or incorrect uses and unauthorised access.
The personal data provided by users who submit requests authorising the sending of informative materials (newsletters, answers to enquiries, etc.) are used for the sole purpose of performing the requested service or feature, and are communicated to third parties only if necessary to fulfil such purpose.

 

THE PROVISION OF DATA
Besides what has been specified for the navigation data, the user is free to provide the personal data requested during navigation to solicit the sending of informative materials, or other communications.
Not providing such data could result in the impossibility to send whatever was requested.

 

DATA VOLUNTARILY PROVIDED BY USERS
When a user visits a page of the website that requires the collection of personal data, he/she is shown a new link to this privacy policy and, if necessary, will be asked to provide his/her consent.
The optional, explicit or voluntary sending of emails to the addresses indicated on this site entails the successive acquisition of the address of the sender, which is necessary to respond to requests, as well as potential other personal data submitted when compiling the message, which, unless different requirements have been duly indicated, will be stored for the time necessary to satisfy the requests.

Hereby listed are specific disclosures regarding the website’s pages that provide particular services that involve a request, or through which it’s further personal data can be acquired.

 

PROCESSING AFTER A CONTACT REQUEST
The personal data spontaneously provided by an interested user through a contact form:

 

1. is processed using prevalently automised tools in order to:
> ensure a certain and quick response to satisfy the request of said user;
> comply with obligations deriving from laws, norms and Community regulations; compliance with dispositions imparted by the judicial authority;
> supply the system for the acquisition of the public’s knowledge, necessary in order to verify, improve, and therefore design a constantly improved system for the demand, hence representing both a legitimate interest of the Owner and a benefit for users;
> the contacts, postal addresses and email addresses provided may be used for sending courtesy communications and/or informative/promotional materials regarding provided services, commercial initiatives and/or events promoted by the Owners. It remains understood that an interested user can oppose such activities at any given time, even if said user has provided consent.

 

2. can be processed by: the communication and marketing staff; personnel entrusted with the maintenance of the IT systems responsible for ensuring system functionality, as well as the security of the data and backup operations; other employees, always within the limits of their duties and the boundaries of company procedures; other subjects that provide services for auxilary purposes in order to satisfy the requests of the interested user, always within the strictly necessary limits needed to carry out their duties.

 

3. can be communicated or made available to:
> subjects that can access the data according to provisions of the law, of regulations or of Community norms, always within the limits foreseen by such norms;
> subjects that provide services for purposes connected to the satisfaction of the requests made by interested users, always within the stricty necessary limits needed to carry out their duties;
> connected businesses (controlled or controlling), always for administrative-accounting purposes concerning the satisfaction of the requests made by interested users.

 

When filling out the forms present on this website, the optional fields are specified, and, if the necessary data is not provided, it won’t be possible to satisfy user requests.

 

When sending a contact request, if the interested user communicates particular sets of data (such as: personal data revealing the user’s race or ethnicity or his/her public opinions, religious or philosophical beliefs, trade union memberships, as well as the processing of genetic data, biometric data intended to uniquely identify a physical person, data regarding an individual’s health, sexual life or sexual orientation), then a specific consent may be required for the processing of such data, in absence of which it may be impossible to fulfill the requests made by the interested user, therefore WE RECOMMEND THAT THE USER DOES NOT SUBMIT DATA RELATED TO THESE CATEGORIES IN HIS/HER FIRST REQUEST.

If not otherwise communicated, the data provided will be stored for the amount of time necessary to fulfill the requsts made by the interested user. If the relationship between user and Owner is of a different nature (contract, buying of services, subscription to loyalty programs, etc.), the data will be stored, if pertinent to it, for the duration of such relationship, and after which the data will be stored only if foreseen by the law, and in compliance with the norms that regulate the conservation of administrative documents.

 

NEWSLETTER SUBSCRIPTION
Personal data that is spontaneously provided by the interested user in order to subscribe to the Newsletter service:
> is processed using prevalently automised tools for the sole purpose of satisfying the requests of said interested user, who will be free to interrupt such processing at any given time;
> can be processed by the communication and marketing staff; personnel entrusted with the maintenance of the IT systems responsible for ensuring system functionality and the security of the data and backup operations; employees, always within in the limits of their duties and the boundaries of company procedures; subjects that provide services for auxilary pruposes in order to satisfy the requests of the interested user, always within the strictly necessary limits needed to carry out their duties;
> can be communicated or made available to:
> subjects that can access the data according to provisions of the law, of regulations or of Community norms, within the limits foreseen by such norms;
> subjects that provide services for purposes connected to the satisfaction of the requests made by interested users, always within the stricty necessary limits needed to carry out their duties;
> connected businesses (controlled or controlling), always for administrative-accounting purposes concerning the satisfaction of the requests made by interested users.

 

DATA STORAGE
The data, unless otherwise requested by an interested user, will be stored for the amount of time necessary to satisfy the requests of said interested user and comply with the current laws.

 

If the user registers to sections of the website, then the data will be stored until such registration is cancelled, after which, the storage of the data will continue only if foreseen by the current laws and in compliance with the norms regulating the conservation of administrative documents.
Similarly, if the interested user has a relationship of a different nature with the Owner (contract, buying of services, subscription to loyalty programs, etc.), the data will be stored, if pertinent to it, for the duration of such relationship, and after which the data will be stored only if foreseen by laws and in compliance with the norms concerning the conservation of administrative documents.
The contacts provided for which a consent has been given for the sending of commercial communications will be stored up to 12 months following the last communication or until the user withdraws his/her consent.

 

COOKIES

 

What are Cookies?
A cookie is a small amount of data, often containing a unique and anonymous identification code that is sent to the browser through a web server, and which is then memorised on the user’s hard disk. The cookie is then read and recognised only by the website that sent it each time a future connection is made. For clarity: the browser is the software that allows a user to navigate online through the visualisation and transfer of information on the user’s hard disk. If the preferences of the browser are set in order to accept cookies, any website may send its cookies to the browser; however, in order to protect a user’s privacy, a website can solely and exclusively detect those cookies sent by the website itself, and not those sent to the browser by other websites.

 

In any case, cookies cannot cause damage to the user’s computer.

 

ALTERNATIVES FOR COOKIE SETUP

The user’s privacy is fundamentally guaranteed by the fact that he/she can, AT ANY GIVEN MOMENT:

> configure their browser in order to accept or deny all cookies, or even choose to receive a notification whenever a cookie is sent;
> delete one, some or all cookies.

Disabling cookies through the browser’s configuration:

 

Chrome
Open the Chrome browser
Click on the menu in the browser’s toolbar, next to the URL field
Click on “Settings”
Scroll to the bottom and click on “Advanced” for more Settings
In the “Privacy” section, click on the “Content Settings” tab
In the “Cookies” section, the following settings regarding cookies can be managed:
>Allow sites to save and read cookie data
>Keep local data only until you quit your browser
>Block third-party cookies
>Manage exceptions for specific websites
>Delete one, some or all cookies
For further information, visit the dedicated page.

 

Mozilla Firefox
Open the Mozilla Firefox browser
Click on the menu in the browser’s toolbar, next to the URL field
Click on “Preferences”
Select “Privacy & Security” in the menu on the left-hand side
Scroll down to the “Cookies and Site Data” section
In the “Cookies and Site Data” section, you can manage the following settings regarding cookies:
>Accept cookies and site data from websites
>Determine until when to keep local data
>Accept third-party cookies and site data
>Block cookies and site data
>Clear data
>Manage data
>Add exceptions
Scrolling below to the “Tracking Protection” section, you can also;
>Use Tracking Protection to block known trackers
>Send websites a “Do Not Track” signal that you don’t want to be tracked
>Add exceptions
>Change block list
For further information, visit the dedicated page.

 

Internet Explorer
Open the Internet Explorer browser
Click on the “Tools” button and select “Internet Options”
Click on the “Privacy” tab and in the “Settings” section move the cursor to the desired level for cookies:
>Block all cookies
>Allow all cookies
>Select websites from which to accept cookies: move the cursor in an intermediate position in order to block or allow all cookies, then press on “Websites”, and in the “Website Address” field add a website and select either “Block” or “Allow”.
For further information, visit the dedicated page.

 

Safari 6
Open the Safari browser
Click on Safari in the navigation menu, click on “Preferences” and select the “Privacy” tab
In the “Privacy” section, you can manage the following settings regarding cookies:
>Block cookies and other website data
>Limit website access to location services
>Remove all website data, or click on “Details” to view the websites that stored cookies or other data.
For further information, visit the dedicated page.
Safari iOS (mobile devices)
Open the Safari iOS browser
Click on “Settings” and then “Safari”
Click on “Block Cookies” and choose between the different options: “Never,” “By third parties and advertisers,” or “Always”
To delete all cookies stored by Safari, click on “Settings,” then “Safari,” and finally on “Delete All Cookies and Data.”
For further information, visit the dedicated page.

 

Opera
Open the Opera browser
Click on “Preferences,” then on “Advanced,” and finally on Cookies
Choose one of the following options:
>Accept all cookies
>Accept cookies only by the visited website: cookies from third parties and those sent by a different domain from the one that is being visited will be denied
>Never accept cookies: cookies will never be stored.
For further information, visit the dedicated page.

 

How to disable cookies by third-party services:
Google Services
Facebook
Twitter

 

COOKIES USED BY THIS WEBSITE

 

We use cookies to understand how our website users interact with our service, and to assist them by quickening and personalizing the communication and navigation as much as possible, in order to allow ourselves to provide the best service possible. Thanks to cookies, it’s possible to recognise a user (more precisely, the device he/she uses) that has previously already visited our website, and therefore remind him/her, for example, what sections he/she already visited, highlighting potential updates.
This website uses cookies in order to make its services simple and efficient for the users that visit the website’s pages. Users that view the website will receive a minimal amount of information on their devices, whether desktop or mobile, in the form of small, text file packages known as “Cookies,” which will be saved in the directories used by the user’s web browser.
There are several different kinds of “Cookies”: some allow for a more efficient use of the website, while others unlock specific functions. Analysing them more in depth, our Cookies allow us to:
> Store potential preferences expressed/submitted by users;
> Avoid requesting the re-submission of the same information multiple times during the user’s visit, such as username and password;
> Analyse the use of services and contents provided by this website in order to optimise the navigation experience and services provided.
In any case, cookies cannot cause damages to the user’s device.
Hereby we list the cookies used by this website, indicating to which category they belong BASED ON THE FOLLOWING CLASSIFICATION:

 

CATEGORY A) – TECHNICAL COOKIES
Technical cookies include those used for the sole purpose of “carrying out the transmission of a communication through an electronic network or, in what is strictly necessary for the provider, of a service by the information company explicitly required by the subscriber or by the user to distribute such service” (see art. 122, paragraph 1, of the Civil Code). These are not used for any further purposes. They can be divided into navigation and session cookies, which guarantee the normal navigation and use of the website (allowing, for example, to complete a purchase or the authentication to access restricted areas); cookie analytics, assimilated to technical cookies when used directly by the website’s manager to collect information, in aggregate form, on the number of website users and on how they navigate such website; functionality cookies, which allow the user to navigate based on a series of criteria he/she has selected (for example, the website’s language, or the selected products to be purchased) in order to improve the service provided to said user. For the installation of such cookies, no previous consent by the user is required.

 

CATEGORY P) – PROFILING COOKIES

 

Profiling cookies allow the creation of profiles regarding the user, and are used in order to send commercial messages in line with the preferences indicated by the user during the user’s navigation:
These cookies:
> are used to see advertisements in line with the user’s interests, gathered from the website’s pages that are visited by said user. They’re also used to avoid showing the same advertisement, and therefore help measure the efficacy of an advertisement campaign;
> are usually set by advertising companies, after being granted permission from the website’s manager;
> are oftentimes connected to website functions provided by third-party companies.

 

 

COOKIE LIST

 

(*) GOOGLE ANALYTICS

 

This website uses Google Analytics, a web analysis service provided by Google Inc. for the generation of statistics regarding the user’s behaviour and fruition of the website.
Google Analytics uses “cookies,” which are stored on your computer to analyse the website’s fruition by users. The information generated from cookies regarding the website’s use (including the IP address) is transmitted from the user’s browser to Google, headquarters in 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and is deposited onto its servers.
Google Analytics gathers information anonymously, and without identifying single visitors. Browsers don’t share cookies that are proprietary of the Google Analytics tool among the different domains. Google Analytics doesn’t notify information on the actual addresses: Google Analytics communicates information so that only a part of the IP is used for geo-localisation, instead of the entire address, by employing a method known as IP masking.
Google will use this information in order to track and examine the website’s usage, compile reports on the website’s activities and provide other services to the owner of the website regarding such activities, the ways users connect to it (mobile, pc, browser, etc.) and how users search and reach the website’s pages. Google can also transfer such information to third parties if the law requires it, or if these third-party companies process such information on behalf of Google. Google will not associate your IP address to any other data owned by Google. It’s possible to disable Google Analytics cookies by using an add-on opt-out component provided by Google for all the main browsers. This way, it will still be possible to also use the online services.

 

See also:
– Google Analytics’ Terms of Service
– Google’s privacy policy
Google’s privacy norms
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
https://support.google.com/analytics/answer/2763052

 

(**) COOKIES BY THIRD PARTY COMPANIES

 

There are links to other third party websites that allow the user to access and use specific services present on this website, such as Instagram or Google Maps, in the “Contacts” section.
Upon activating the relative service, these third-party websites can store cookies on the user’s device through the browser.
To know the scope and the entity of the tracking and processing/use of the data carried out by these third party websites, of which we are not a part of, a user can access their privacy policies made available directly through their websites by the social media platforms:
http://www.google.com/policies/privacy/
https://help.instagram.com/155833707900388

USER RIGHTS

A user has the following rights:
> to request to the owner of processing access to his/her stored personal data, as well as the correction or deletion of such data, or even the limitation to processing his/her personal data and oppose its processing;
> if the processing is being carried out through automated processes (IT) based on the consent he/she has expressed, to receive his/her personal data in a structured format, of common use and legible from any device, and/or obtain its direct transmission to a different owner of processing, if technically feasible;
> to revoke his/her consent at any time (without undermining the legitimacy of the processing based on the process of consent before withdrawal); clearly, this applies for the kinds of processing carried out on the basis of such premise;
> to file a claim to a supervisory authority: Authority for the protection of personal data – Piazza di Monte Citorio 121, 00186, Rome – Fax: (+39) 06.69677.3785 – Operator: (+39) 06.696771 – E-mail: garante@gpdp.it – certified email address protocollo@pec.gpdp.it

All requests must be addressed to the following contact by means of a written request by registered letter or email to privacy@mercatocentrale.it.

Legal validity
For the correct interpretation for legal purposes, please refer to the Italian version of this document.

 

 

IMPORTANT INFORMATION:
> The platform can be used exclusively by individuals of age (18+).
> The Applicant interested in expressing his/her availability must fill out the required fields. Unless there is a clear proxy by the Applicant, current laws, in particular those regulating the matter of privacy, don’t allow third parties to fill in fields or send a CV on behalf of the Applicant.
> At any given time, the Applicant can update or correct the data provided by accessing his/her reserved area, using the credentials he/she will receive.

The password and user ID to access the reserved area of the Applicant are to be considered personal “authentication credentials,” which provide access to the data of the candidate him/herself; therefore, it’s necessary that he/she, in his/her own interest, keep such authentication credentials secure in order to safeguard his/her privacy, and morever should modify his/her password after their first access, and at least every three months.
> The Applicant may only communicate information of which he/she has the full breadth and scope of, and for which he/she has received all the necessary authorisations by all concerned subjects.
> We invite the Applicant to periodically update his/her information, keeping in mind that:
– the Company CANNOT take into considearation, for the selection process, CVs that haven’t been updated in more than 12 months, and that, after such period, only the name, the contact information and the generic indication of the positions of interest made by the Applicant will be used in order to ask him/her to update his/her data as well as confirm his/her availability;
– In any case, after 24 months from the last update made by the Applicant, his/her data can be deleted from the Company’s database.

 

 

POLICY UNDER articles 13 and 14 of EU Regulation no. 016/679

1. WHAT DATA IS PROCESSED
a) data and information provided by the Applicant, or by subjects he/she has proxied or authorised, even through the compilation of data sheets, sending of CVs, etc.;
b) data relating to the information drawn from public registries, lists, records or documents of public nature;
c) data that originates from potential verification processes and interviews with the applicant, and on the occasion of the possible assessment of the physical and psychological suitability of candidates for the job (i.e.: subjective evaluations by the staff responsible for selections or even attestations/certifications of conformity released during the pre-hiring phase by a Competent Doctor).

The abovementioned data may include information regarding criminal convictions or crimes and/or particular sets of data, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data, biometric data intended to uniquely identify a physical person, data regarding health or sex life or sexual orientation of an individual, however only if pertinent and necessary in relation to the aims listed below. Among the information mentioned in point 1, the following sets of data can be attributed to the following categories:
> manifestation of conscientious objection, in the cases foreseen by the law;
> membership in political parties, trade unions, associations or political or labour organizations;
> data collected in relation to diseases, even professional ones, handicaps, disabilities, assessment of the mental and physical health necessary to carry out specific duties, or belonging to legally protected categories.

The abovementioned data can be treated, alwas in relation to the following finalities:
> data necessary for the performance of precontractual measures adopted upon request of the interested party;
> data that has been made manifestly public by the interested party;
> to pursue a legitimate interest of the owner of processing, consisting in the safeguard of assets as well as in ensuring a correct selection process and assessment of the claims made (in particular, with reference to the aims listed in point 3, letters b, c and d);
> data relating to the information present in public registries of public nature;
> data necessary to evoke or defend a right in judicial courts, or to evaluate if there’s a right to be further safeguarded in judicial courts;
> having the interested party expressed his/her consent (in particular, in relation to the processing of particular sets of data that are not alraedy present in the CV submitted by the Applicant, for the possibility of providing such data to other subjects, and based on the methods of processing hereby described as well as potential further storage in compliance with the terms hereby indicated).

 

 

2. ORIGIN OF THE DATA

The operations of Collecting and Updating data are mainly carried out by the interested party, by individuals acting on his/her behalf, by other authorised subjects (i.e.: family members, job agencies, schools/education entities, associations, etc.) or even by sources of public domain, and in some cases by previous employers or references provided by the Applicant.

 

3. WHY IS THE DATA PROCESSED Aims of the processing

The processing of the personal data has the following aims:
a. evaluation of the candidate for possible collaboration opportunities, even outside the realm of employment, even by connected and/or controlled companies;
b. conservation and insertion in a database that is also managed by companies connected to Mercato Centrale Firenze S.r.l. for a possible future opportunity for collaboration, even outside the realm of employment (i.e.: temporary partnerships, etc.);
c. verify the completness and veracity of the data provided by the Applicant;
d. integrate the information provided by the Applicant, sourcing from public registries, lists or documents of public domain, even available on the Internet, verifying their reliability, credibility and plausibility, always in reference to the professional attitude of the Applicant and to characteristics/data that affect the work procedures or represent an essential and determining requsite for the job position for which the Applicant is being evaluated.

 

4. HOW THE DATA IS PROCESSED and how long it is stored

In relation to the abovementioned aims, the processing of personal data may take place using paper, digital or telematic tools, and will encompass all the operations, or set of operations, necessary for the processing itself, including the communications in the sectors mentioned in this document and potential assessments of the correctness of the data, even including the data of the subjects indicated on the CV by the Applicant, always ensuring the highest degree of privacy, pertinence and non-excessiveness with regards to the abovementioned aims.
Even in the case that the candidate isn’t immediately selected, the abovementioned data will be stored, always with regard to the selection process, for a period of time no longer than 24 months after the last contact established with the Applicant, keeping in mind that after 12 months only the candidate’s name, contact information and generic indication of the interested positions will be used in order to request that the Applicant updates his/her data and confirms his/her availability.

 

5. WHO CAN PROCESS THE DATA

For the same aims, the data can be processed by the following categories of entrusted and/or responsible individals:
– HR staff at Mercato Centrale Firenze S.r.l., Mercato Centrale Roma Termini srl, and Ai Banchi srl;
– Managers and coordinators of the Management/Function/Office/Unit interested in the Applicant’s profile;
– Resources (internal and external) which have a proxy for the management and maintenance of the IT systems;
– Businesses/consultants entrusted to carry out selection or verification activities on behalf of the Owner.

 

6. WHO CAN THEY BE COMMUNICATED TO

The personal data with regards to the processing at hand can be communicated to:
– Connected entities/companies (part of Human Company Group, further information at http://www.humancompany.com/), always in relation to the selection process of personnel for a potential opportunity for collaboration, even outside the realm of employment, and for the aims mentioned in point 3.
– Businesses/consultants entrusted to carry out selection or verification activities on behalf of the Company.
– Of course, the abovementioned communications are solely limited to the data needed by the Entity/Office of destination in order to carry out their duties and/or achieve objectives linked to the communication itself, which can always be connected to point 3. The data will not be disclosed.

6.1 Transfer abroad
The data can be transferred exclusively to Countries that host the workplace for which the Applicant expressed his/her interest, though always within the European Union.

 

7. WHEN IS IT REQUIRED TO PROVIDE DATA

Communicating and updating personal data is entirely optional, just like providing the required consents.

 

8. WHO IS THE OWNER OF THE PROCESSING

The Owners of the processing are: Mercato Centrale Firenze srl, Mercato Centrale Roma Termini Srl, Ai Banchi srl.

 

9. APPLICANT RIGHTS

Applicants have the right to:
> request to the owner of processing access to his/her stored personal data, as well as the correction or deletion of such data, or even the limitation to processing his/her personal data and oppose its processing;
> if the processing is being carried out through automated processes (IT) based on the consent he/she has expressed, to receive his/her personal data in a structured format, of common use and legible from any device, and/or obtain its direct transmission to a different owner of processing, if technically feasible;
> revoke his/her consent at any time (without undermining the legitimacy of the processing based on the process of consent before withdrawal); clearly, this applies for the kinds of processing carried out on the basis of such premise;
> file a claim to a supervisory authority: Authority for the protection of personal data – Piazza di Monte Citorio 121, 00186, Rome – Fax: (+39) 06.69677.3785 – Operator: (+39) 06.696771 – E-mail: garante@gpdp.it – certified email address protocollo@pec.gpdp.it

 

To exercise their rights, applicants can send their enquiries to Mercato Centrale Firenze Srl, headquarters in Florence – Via della Condotta 12, Fiscal Code and VAT Registration no. 06315160488, by means of a written request by registered letter or by sending an email to privacy@mercatocentrale.it.

Finally, we invite the Applicant to periodically update his/her data, keeping in mind that:
– the Company CANNOT take into considearation, for the selection process, CVs that haven’t been updated in more than 12 mon
ths, and that, after such period, only the name, the contact information and the generic indication of the interested positions made by the Applicant will be used in order to ask him/her to update his/her data as well as confirm his/her availability;
– In any case, after 24 months from the last update made by the Applicant, his/her data can be deleted from the Company’s database.

 

 

WHAT IS THE MAGNA CARD / MAGIAIBANCHI

The Magna Card/MangiAiBanchi is a project promoted by Mercato Centrale Firenze Srl, Mercato Centrale Roma Termini Srl and Ai Banchi Srl. Magna Card/MangiAiBanchi allows you to: benefit from special discounts reserved to the cardholder; access initiatives and promotions held by Mercato Centrale; associate the card to meal vouchers registered in the name of the cardholder or the pertaining residual values after consumption.

REQUIREMENTS FOR MAGNA CARD / MANGIAIBANCHI HOLDERS
The Magna Card/MangiAiBanchi is reserved to physical persons of age who are registered owners of meal vouchers or employees of companies that have commercial partnerships with Mercato Centrale Firenze Srl, Mercato Centrale Roma Termini Srl and Ai Banchi Srl.

CONDITIONS FOR ISSUING AND USING THE MAGNA CARD / MANGIAIBANCHI
Those who fulfil the requirements and submit a request will receive a card called Magna Card/MangiAiBanchi. Each card is numbered and has a unique code to which data is associated concerning the purchases made at partner stores and shops present in the structures managed by Mercato Centrale and by Companies connected to it (Mercato Centrale Firenze Srl, Mercato Centrale Roma Termini Srl and Ai Banchi Srl). The Card will be issued upon the submission of a request form by the applicant at an Infopoint or at the cashiers present inside the structures of Mercato Centrale Firenze Srl, Mercato Centrale Roma Termini Srl and Ai Banchi Srl.
The request for the issuing and activation of the Magna Card/MangiAiBanchi implies that the applicant has fully acknowledged and accepted this document. The Magna Card/MangiAiBanchi is owned by Mercato Centrale Firenze Srl, Mercato Centrale Roma Termini Srl and Ai Banchi Srl (hereinafter Mercato Centrale).

A cardholder may request to associate to his/her Magna Card/MangiAiBanchi the meal vouchers in his/her name and/or any pertaining residual values after consumption of the meal. The vouchers associated to the Magna Card/MangiAiBanchi can be used exclusively at the cashiers in Mercato Centrale Firenze Srl, Mercato Centrale Roma Termini Srl and Ai Banchi Srl present inside their structures, and within the stores of the Mercato Centrale, provided the cardholder presents a valid ID or other appropriate method.

Each card is personal and has no expiration date. If the Magna Card/MangiAiBanchi isn’t used for six consecutive months, it will be deactivated, unless there are still meal vouchers or residual values associated to it.
If the card is stolen or lost, the cardholder must promptly report this by sending an email to info@mercatocentrale.it.

The card will be blocked effectively within 48 hours from receiving such report. The meal vouchers or the residual values associated to it will be transferred onto a new card with a different code, which will be issued at the Infopoint in Mercato Centrale Firenze, Mercato Centrale Roma and Ai Banchi. If the meal vouchers associated to the card are used by third parties via fraudulent actions prior to the effective block of the card, these won’t be transferred onto the new card and no responsibility may be attributed to Mercato Centrale.
Mercato Centrale may not be held responsible for any problems linked to disservices of a technical nature beyond the company’s control (malfunctioning of the Internet or phone networks, network overload, national network malfunctions, etc.).
Mercato Centrale Firenze, Mercato Centrale Roma and Ai Banchi may offer particular promotions, even for a limited amount of time or on specific categories of products and/or services, to Magna Card/MangiAiBanchi cardholders. Such opportunities will be notified to Magna Card/MangiAiBanchi cardholders through specific communications that will be sent, upon receiving consent by cardholders, via text message, email, WhatsApp or push notifications through the dedicated App.
Informative policy under articles 13 and 14 of UE Reg. no. 2016/679 on the processing of personal data carried out within the Magna Card/MangiAiBanchi project.

1. WHAT DATA IS PROCESSED
– data provided by applicants directly, or through individuals he/she has authorised;
– data regarding the purchases made with the Magna Card/MangiAiBanchi;
– other data connected to the use of the Magna Card/MangiAiBanchi.

Interested parties are reminded that the current laws establish specific methods for the protection of judicial data (concerning criminal convictions or crimes) and for “particular categories of data,” as defined by art. 9 of UE Reg. no. 2016/679: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data, biometric data intended to uniquely identify a physical person, data regarding health or sex life or sexual orientation of an individual.

There is a possibility that some data acquired related to the use of the Magna Card/MangiAiBanchi or communicated by the applicant may fall into this category (in particular, information regarding health-related data), and therefore, the applicant must express specific consents, if required by the characteristics or methods of processing.
On this point, particular attention has been given towards exclusively carrying out the processing necessary to satisfy the legitimate requests of the applicants.
Data can be processed, always in relation to the purposes hereby listed:
> as necessary to fulfil obligations deriving from a contract undersigned by the applicant, and the consequent legal obligations (in particular for the finalities listed in point 2, letters a, b, c and d);
> as necessary for the continuation of a legitimate interest by the owner of processing, consisting in: optimising the organisation of activities; ensuring the systems’ security, safeguarding assets and credits (in particular for the aims listed in point 2, letter e);
> as necessary to invoke or defend a right before judicial courts, or to evaluate if there is a right to be usefully safeguarded in judicial courts;
> as they came from public registries accessible by whomever and/or made manifestly public by the interested party;
> as the interested party has expressed his/her consent (in particular in relation to: the processing of some particular categories of personal data communicated by the interested party; profiling and using contacts for commercial and advertorial communications, as specified in the following points 2.1 and 2.2).

2. WHY IS DATA PROCESSED
The processing procedures carried out have the following aims:
a) aims connected to the correct administration and operation’s management of the Magna Card/MangiAiBanchi initiative; allow interested individuals to access initiatives promoted by Mercato Centrale Srl and by Companies connected to it (Mercato Centrale Roma Termini Srl and Ai Banchi Srl); as well as access to the promotions reserved to Magna Card/MangiAiBanchi cardholders;
b) comply with obligations deriving from laws, regulations or EU norms;
c) comply with contractual, accounting and fiscal obligations;
d) compliance with instructions imparted by the Judiciary Authority and Public Bodies that are granted such right;
e) records management of Magna Card/MangiAiBanchi cardholders, address books and statistical calculations;
f) potentially safeguard a legitimate interest, or enforce or defend a right.

2.1 Public relaations, direct marketing, information and detection of customer satisfaction
In particular, phone contacts, postal addresses and email addresses provided by applicants may be used for sending courtesy, informative, advertorial, direct sales, market surveys and/or commercial communications by Mercato Centrale, which may even regard products and services of third-party Companies (partners, establishments and stores present in the structures managed by Mercato Centrale). Providing the data and the consent for such an aim is optional for the cardholder, and not providing it doesn’t preclude an applicant from receiving a Magna Card/MangiAiBanchi, however the applicant will not receive informative/commercial materials and communications deemed of his/her interest or regarding opportunities and discounts reserved to Magna Card/MangiAiBanchi cardholders. In any case, even by providing such consent, the cardholder is granted the right to oppose such processing at any given time.

2.2. Profiling
The data either provided by the applicant or relative to his/her use of the Magna Card/MangiAiBanchi (i.e.: establishments where the card is used and data concerning purchases made) may be processed to generate a profile of the Magna Card/MangiAiBanchi assignee, necessary to identify his/her needs and mainly used to better address the communications and invitations mentioned in point 2.1, avoiding repetitive or uninteresting communications. Of course, the consent for such profiling activity is optional, and not providing it doesn’t preclude an applicant from being issued a Magna Card/MangiAiBanchi or take advantage of the promotions and services connected to it.

3. HOW IS DATA PROCESSED
Regarding the abovementioned aims, the processing of personal data may occur by means of paper, digital or telematic communications, chosen according to functionality, safety and efficacy criteria, whilst always guaranteeing the utmost privacy, pertinence and non- exceedance with regards to the aims described above, in terms of registration and periods for the conservation of data.
The personal data mentioned in point 1 will be stored for the period of validity of the Magna Card/MangiAiBanchi, after which, with the exception of the provisions indicated in the norms on the conservation of administrative documents, it will be stored exclusively for the amount of time allowed/imposed by the current laws, applicable to the specific aim for which such data is processed.
Email addresses and other contact information for which the applicant provides his/her consent, even for commercial purposes, will be stored for 12 months following the last contact made with the cardholder.

4. WHO CAN PROCESS DATA
Data can be processed by the following categories of entrusted and/or responsible subjects:
> personnel of the owner of processing involved in the management of the “Magna Card” or “MangiAiBanchi” initiative (direction and management, administration, communication and marketing staff, etc.);
> resources responsible for the management and maintenance of the IT systems that ensure system functionality, security of the data and backup operations;
> subjects (companies/professionals), connected or not to the owner, who collaborate acting as: responsible subjects, management of the “Magna Card” or “MangiAiBanchi” initiative, or that carry out auxiliary activities of the abovementioned aims, always strictly within the limits necessary to carry out their duties, such as: assistance in the completion or direct execution of fiscal/accounting/assistance compliance, management of IT systems, financial services.

5. WHO CAN THE DATA BE COMMUNICATED TO
Personal data may be communicated or made available to:
> connected companies (controlling, controlled, participating or subordinate to the same control) for current administrative and accounting purposes;
> subjects that can access the data for legal reasons and for conformity with regulations and EU norms, always within the limits foreseen by such norms;
> individuals potentially indicated by the applicant or by persons acting on his/her behalf;
> other subjects (companies/professionals), connected or not to the cardholder, who collaborate to the management of the “Magna Card” or “MangiAiBanchi” initiative, or that carry out auxiliary activities of the abovementioned aims, always strictly within the limits necessary to carry out their duties, such as: assistance in the completion or direct execution of fiscal/accounting/assistance compliance, management of IT systems, financial services. Of course, all the above communications are limited to only the data needed by the Entity/office of destination (which will remain the independent Owner for all subsequent processing) to fulfil its duties and/or to achieve the purposes related to the communication itself, always with regards to the abovementioned aims.

5.1 Transfer abroad
Personal data may be transferred abroad, outside the EU, exclusively upon request of the interested party, towards subjects indicated by him/her.

6. DISCLOSURE
Personal data will not be disclosed.

7. WHEN IS IT MANDATORY TO COMMUNICATE YOUR DATA
The communication and updating of data required upon submitting a request, or subsequently to its submission, is entirely optional. Of course, the applicant will be always notified of the data that without which it’s impossible to issue a Magna Card/MangiAiBanchi.

8. OWNER OF PROCESSING
The owners of processing are:
Mercato Centrale Firenze Srl – Piazza del Mercato Centrale snc, 50123, Florence.
VAT registration no. 06315160488

– Mercato Centrale Roma Termini Srl – Roma Termini, Via G. Giolitti 36, 00185, Rome.
VAT registration no. 13885561004

– AI BANCHI Srl -Via San Quirico 165, 50013, Campi Bisenzio (FI).
VAT registration no. 06740620486

9. USER RIGHTS AND WHO TO CONTACT
Cardholders have the right to:
> request to the owner of processing access to his/her stored personal data, as well as the correction or deletion of such data, or even the limitation to processing his/her personal data and oppose its processing;
> if the processing is being carried out through automated processes (IT) based on the consent he/she has expressed, to receive his/her personal data in a structured format, of common use and legible from any device, and/or obtain its direct transmission to a different owner of processing, if technically feasible;
> revoke his/her consent at any time (without undermining the legitimacy of the processing based on the process of consent before withdrawal); clearly, this applies for the kinds of processing carried out on the basis of such premise;
> file a claim to a supervisory authority: Authority for the protection of personal data – Piazza di Monte Citorio 121, 00186, Rome – Fax: (+39) 06.69677.3785 – Operator: (+39) 06.696771 – E-mail: garante@gpdp.it – certified email address protocollo@pec.gpdp.it

To exercise their rights, cardholders can contact the subject responsible for the data processing: Mercato Centrale Firenze Srl, headquarters in Florence – Via della Condotta 12, Fiscal Code and VAT Registration no. 06315160488, by means of a written request by registered letter or by sending an email to privacy@mercatocentrale.it; Mercato Centrale Roma Termini Srl, headquarters in Via G. Giolitti 36, 00185, Rome, VAT Registration no. 13885561004; Ai Banchi Srl, headquarters in Via San Quirico 165, 50013, Campi Bisenzio (FI), VAT registration no. 06740620486

10. MODIFICATIONS TO THE PRESENT POLICY
The present policy may be subject to modifications both in relation to the legislative evolution and to the methods of processing, hence we invite all interested parties to periodically check its contents. If the modifications are relevant with regards to the right to oppose or to consent, they will be notified via email to the interested parties.

This document is written for Mercato Centrale Firenze Srl, Mercato Centrale Roma Termini Srl, Ai Banchi Srl.

Reproduction and/or transfer to third parties, as well as the use or copying, even partial, by subjects not authorized by the author are prohibited. In any case, the reproduction is allowed only if complete with this disclaimer.