Privacy & Cookie Policy

Intro

Heartwatch s.r.l. with registered offices in Milano, via Nino Oxilia n. 3, (Italy) (hereinafter “HW”), in its capacity as data controller regarding the processing of personal data pursuant to the Italian applicable law on data protection pro tempore in force (“Italian Data Protection Law”) and the EU Regulation 679/2016 – General Data Protection Regulation (“GDPR”) (hereinafter Italian Data Protection Law and GDPR are collectively referred to as “Applicable Law”) recognizes the importance of personal data protection and considers that preserving the confidentiality of your personal data is one of the main objectives of its activity.

Before providing any personal data, HW invite you to carefully read this privacy policy (“Privacy Policy”), since it contains important information regarding the personal data protection and security measures adopted in order to ensure confidentiality and full respect of the Applicable Law. Moreover, this Privacy Policy is intended for the website www.heartwatch.io (“Website”) whilst it does not apply to other websites that could potentially be accessed by clicking external links; Is to be construed as an information notice pursuant to Article/Section 13 of the Applicable Law, intended for those who interact with the Website.

HW informs you that processing of your data will be carried out in accordance with the principles of, lawfulness, fairness, transparency, accuracy, purpose and storage limitations, data minimization, integrity and confidentiality. Your personal data will be processed in accordance with the legislative provisions of the Applicable Law and of the confidentiality obligations included therein.


Privacy Policy

Index

  1. DATA CONTROLLER
  2. PERSONAL DATA SUBJECT TO PROCESSING
    1. Browsing Data
    2. Data provided on a voluntarily basis
    3. Cookies and similar technologies
  3. PURPOSES OF THE PROCESSING AND VOLUNTARY OR OBLIGATORY NATURE OF PROVIDING THE DATA
  4. RECIPENTS
  5. TRANSFERS
  6. DATA RETENTION
  7. YOUR RIGHTS
  8. AMENDMENTS

1. DATA CONTROLLER

Pursuant to the Applicable Law, the data controller of the processing activates carried out through the Website is HW as defined above.

2. PERSONAL DATA SUBJECT TO PROCESSING

“Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that natural person.

By means of the Website, HW collects the following Personal Data:

A. Browsing Data

The computer systems and software procedures used to operate the Website collect some Personal Data, the transmission of which is an integral part of Internet communication protocols. This information is not collected to be associated with you but, by its very nature, it may allow you to be identified by processing and associating it with data held by third parties. Among collected Personal Data there are IP addresses or domain names of the devices used by you to connect to the Website, the URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file received as a reply, the numeric code indicating the status of the reply given by the server (successful, error, etc.) and other parameters regarding your operating system and device environment.

This data is used exclusively for the purposes of obtaining anonymous statistics on the use and proper functioning of the Website to control its correct functioning, to enable HW to correctly provide the various functionalities to you, as well as for security reasons. These Personal Data may also be used to ascertain any liability in cases of alleged computer crimes against the Website or against third parties and they will be deleted after 7 days.

B. Data provided on a voluntarily basis

By means of the Website you may voluntarily provide Personal data such as name, e-mail address for subscribing the on-demand service newsletter, gift card or to contact HW via the “Contact Us” form. HW will process these data in accordance with the Applicable Law and on the presumption they refer to you or to third parties who have authorized you to provide them pursuant to an appropriate legal basis which legitimize the processing at stake. In this case, you act as an independent data controller, assuming all relevant obligations and responsibilities according to the Applicable law. In this regard, you hence waive, in the full sense of the term, the right to all disputes, claims, claims for damages due to processing etc., which may be submitted to HW of the said third party whose Personal Data have been processed through your use of the Website in breach of the Applicable Law.

C. Cookies and similar technologies

HW collects Personal Data using cookies. You may find further information on the use of cookie and similar technologies here.

3. PURPOSES OF THE PROCESSING AND VOLUNTARY OR OBLIGATORY NATURE OF PROVIDING THE DATA

The Personal Data that you provide by using the Website will be processed by HW for the following purposes:

a. Purposes related to the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (e.g., contact request made by using the “Contact Us” form available on the Website, registration to the on-demand service newsletter, gift card);

b. Purposes related to research/statistical analyses on aggregated or anonymous data, without the possibility of identifying the data subject, aimed at measuring the functioning of the Website, traffic, usability, and interest;

c. Purposes related to the compliance with a legal obligation to which HW is subject;

d. Purposes necessary for the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity.

The legal basis for the processing of Personal Data for the purposes referred to in point a) is the provision of a service or the response to a request that does not require you prior consent under the Applicable Law.

The purpose referred to in point b) does not imply the processing of Personal Data, whilst the processing for the purpose referred to in points c) and d) constitutes a legitimate processing of Personal Data within the meaning of the Applicable Law because, once the Personal Data have been provided, the processing is indeed necessary to comply with a legal obligation to which HW is subject or for the establishment, exercise or defense of legal claims.

Providing your Personal Data for the above-mentioned purposes is voluntary, however, any refusal to provide such data may not allow HW to reply to your requests and to comply with legal obligations to which HW is subject.

4. RECIPENTS

Your Personal Data may be disclosed, in close relation to the purposes specified above in section 3, only to:

a. subjects necessary for order fulfillment of the services offered through the Website e.g., sending e-mails and analyzing data, which typically process Personal Data on behalf of HW as data processors.

b. persons authorized by HW to process Personal Data, that are committed to/ or under an appropriate statutory obligation of confidentiality (e.g., employees and lawyers of HW) (a. and b. are hereinafter collectively referred to as “Recipients”);

c. law enforcement agencies and public authorities when so required by the Applicable Law.

5. TRANSFERS

Some of your Personal Data are transferred to Recipients who may be established outside the European Economic Area. HW ensure that the processing of Personal Data by these Recipients is carried out pursuant to the Applicable Law. In fact, the transfer of Personal Data is based alternatively on an adequacy decision or the Standard Contractual Clauses

6. DATA RETENTION

HW will process your Personal Data only for the duration necessary to achieve the purposes described in section 3 (e.g., HW will process your Personal Data for the on-demand service “ICT Insider” until you will decide to unsubscribe). Apart from the above, HW will retain your Personal Data for a period of time necessary or permitted to comply with the Applicable Law (Artt.2946 and 2947(1)(3) of the Italian Civil Code). Further information regarding the period of retention of Personal Data and the criteria used to determine such period may be required writing to privacy@heartwatch.io

7. YOUR RIGHTS

Pursuant to and to the extent allowed by the Applicable Law, you have the right, at any time, to request to HW access to, rectification, erasure, restriction of the processing concerning your Personal Data or to object to relevant processing activity and to receive in a structured, commonly used and machine-readable format the Personal Data concerning you.

Requests to exercise your rights must be sent to the following address: privacy@heartwatch.io

In any case, pursuant to the Applicable Law, you have the right to lodge a complaint with the relevant supervisory authority (the Italian Garante) if you believe that the processing of your Personal Data is against the Applicable Law.

8. AMENDMENTS

This Privacy Policy came into force on 25 May 2018. HW reserves the right to amend or to update its content, whether in whole or in part, including following changes in the legal and regulatory obligations regarding data protection. HW will inform you on such amendments and updates through their publication on the Website as soon as they are adopted, and they will be binding from the moment of their publication. HW therefore invites you to visit this section of the Website regularly in order to be aware of the most recent and updated version of the Privacy Policy, so that you are always updated on the processing activities that HW carries out.

Cookie Policy

The present Cookie Policy is integral part of HEARTWATCH Privacy Policy available here.

1. Definitions and characteristics of cookies

Cookie and similar technologies are information sent/read by websites and apps on your devices during their first visit, which are then transmitted back to those websites and apps during the next visit. Thanks to cookies and similar technologies, websites and apps remember your actions and preferences (such as login data, the default language, font sizes, additional display settings, etc.) so that they do not need to specify them again on the next visit.

These technologies are used to perform IT authentications, session monitoring, and to store information about the activities of users who access a service, and may also contain a unique identifier that allows for monitoring of user experiences on the site for statistical or advertising purposes.

There are indeed various types of cookies, depending on their features and functions, and these may remain on your device for different periods of time: so-called session cookies, which are automatically deleted when you close your browser; and so-called persistent cookies, which remain on your device until a pre-established date.

According to the Applicable Law, your prior explicit consent for the use of cookies is not always required. In particular, such consent is not required for “technical cookies”, i.e. those used for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary to provide a service explicitly requested by the user. In other words, cookies which are indispensable for the operation of a website or to perform tasks requested by the user.

On the other hand, your prior consent is instead required for non-anonymized “analytics” and “profiling” cookies, i.e. those aimed at providing analytical statistics of the usage of a website or those creating profiles for users in order to send them advertising messages in line with the preferences they have expressed while surfing the web.

2. Types of cookies used by the Website and the possibility of (de-)selection

While navigating the Website, you will receive the following cookies:

Third-party cookies, i.e., cookies from websites or servers other than HEARTWATCH. Please note that these third parties, listed below with the corresponding links to their privacy policy and opt-out mechanisms, are processing your Personal Data as data processors on behalf of HEARTWATCH. Indeed, such third-party providers have signed data processing agreements with HEARTWATCH and cookies have been anonymized by means of masking IP addresses. Third party cookies are:

– Google Analytics. These cookies help HEARTWATCH to analyze the performance of the Website. To opt-out from Google Analytics cookie, you may download and install the Google Analytics opt-out browser add-on. This add-on instructs Google Analytics JavaScript (ga.js, analytics.js, and dc.js) to prohibit sending information to Google Analytics. The browser add-on is available for most modern browsers. Learn more about the Google Analytics opt-out browser add-on here.

– Worpress. These are technical cookies provided by WordPress in order to enhance the navigation of the Website (i.e. proving the Website in your own language, if available). If you want to disable such cookies, please refer to WordPress’s privacy policy available here and here

– Google YouTube

– Google Maps

3. How to view and modify the cookies through your browser

You may authorize, block or delete (in whole or in part) cookies through the specific functions of your browser. However, in the hypothesis in which all or some of the cookies are disabled, it may not be possible to consult the Website, or certain services or certain features of the Website may not be available or may not work properly and/or you may be forced to change or manually enter some information or preferences each time you visit the Website.

For more information on how to set preferences on the use of cookies through your browser, consult these instructions:

Microsoft Edge

Internet Explorer

Firefox

Safari

Chrome

The links listed above may be subject to changes over time, without any relation to the HEARTWATCH website. The same information could be found using a search engine. If your browser is not listed above, please refer to the cookies information of your browser. If you are using a mobile phone, please refer to the user manual to get more information. After cookies disabling through browser settings, you need to remove the active cookies, that are still in your browser.


Information for selection of candidates

This information is provided pursuant to art. 13 of the EU Regulation 679/2016 (“Regulation”) and is provided to interested parties who apply for collaboration with Heartwatch s.r.l. The data controller is Heartwatch, with registered office in Milano, Via Nino Oxilia n. 23, (Italy) (hereinafter “HW”). For further information write to the address: jobs@heartwatch.io

The data that is provided by you through the sending of your curriculum vitae (C.V.) or subsequent documentation will be processed for the following purposes:

1. to assess the consistency of the profile with respect to the available job positions at HW and in general for the management of selection procedures of the collaborators;

2. to contact you in order to schedule interviews as necessary, using the contact details that you provided.

The legal basis of the processing of your personal data for the above purposes can be found in art. 6 (1) (b) of the Regulation. Providing your personal data for these purposes is optional but a failure to provide it would deem it impossible for HW to evaluate your profile and schedule interviews.

If your application for collaboration is accepted, your personal data will be stored and processed by HW on the basis of privacy notice prepared for collaborators and employees, as opposed to this privacy notice that is drafted for candidates.

Your personal data will be kept for a period of 12 months, starting from the day that they have been submitted to us, and may be used for contacts and future interviews. At the end of this period, your data will be permanently deleted from our databases.

Your data will be shared with:

1. Persons that typically act as data controllers on behalf of HW;

2. Persons authorized by HW to process personal data on behalf of HW and are committed to confidentiality or have an appropriate legal obligation of confidentiality.

Through your curriculum vitae (C.V.) or subsequent documentation, HW may collect special categories of personal data as defined in art. 9 of the Regulation, such as:

– Data revealing racial or ethnic origin;

– Political opinions, religious or philosophical beliefs;

– Trade Union memberships;

– Data concerning health, sex life or sexual orientation of your person.

Any processing activity of such data takes place pursuant with art. 9 (2) (a) of the Regulation, therefore is subject to your explicit consent and in accordance with the pro tempore authorizations in force regarding the protection of personal data. In this respect, we ask you that you do not provide this type of personal information unless it is strictly necessary. However, if you decide to provide it we ask that give a statement of explicit consent in compliance with the current data protection legislation, which we expect that a candidate for a position in HW should know how to do. In the absence of consent for the processing of this data, your application will not be considered.

Through the “Work with us” section of www.heartwatch.io, it is also possible to process personal data by third parties (curriculum of third parties) sent to HW. With respect to this assumption, you are entitled to be an independent data controller, assuming all legal obligations and responsibilities. In this sense, give the widest indemnity with respect to any dispute, claim, request for compensation for damages from processing, etc. that may be received by HW from third parties whose personal data has been processed through your spontaneous submission in violation of applicable laws on the protection of personal data. In any case, if you provide or otherwise process personal data of third parties, guarantee now – overtaking all related liability – that this particular processing is based on an appropriate legal basis pursuant to artt. 6 and 9 of the Regulation, which legitimizes the processing of the personal data in question.

Some of your Personal Data is transferred to Recipients who may be located outside the European Economic Area. HEARTWATCH ensures that the electronic and paper processing of your Personal Data by the Recipients takes place in compliance with the applicable Regulation. Indeed, transfers are based either on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission.

You have the right to ask HEARTWATCH, at any time, for access to your personal data, for a rectification or erasure of your personal data, or for a request of restriction of processing in the cases provided for by art. 18 of the Regulation. Additionally, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, in the cases provided for by art. 20 of the Regulation.

In any case, you are always entitled to lodge a complaint with the competent supervisory authority (Data Protection Authority), pursuant to art. 77 of the Regulation, if you believe that the processing of your personal data is contrary to the law in force.