Privacy Policy

Privacy Policy on the processing of Personal Data on this Website

This privacy policy is provided pursuant to Regulation 2016/679 of April 27, 2016, and pertains exclusively to the
website www.sdggroup.com

 

Data controller

The data controller is SDG Consulting Italia S.p.A., with its registered office at Via Vitruvio 1 - 20124 Milan, Italy. The controller can be contacted via email at privacy.it@sdggroup.com.

Data Protection Officer

The data controller has appointed a Data Protection Officer (DPO), as required by Article 37 of Regulation 2016/679.
The DPO can be contacted via email at the address dpoitalia@sdggroup.com.

Exercise of Rights of access, rectification or erasure of data

As a data subject, users of this website can exercise their rights under Articles 15, 16, 17, 18, 20, and 21 of Regulation 2016/679. This includes the right to request access to data, rectification, or erasure of data, to withdraw consent, and to the restriction of processing of data for legitimate reasons. Users can exercise these rights by contacting the data controller at address privacy.it@sdggroup.com. Data subjects also have the right to lodge a complaint with thecompetent supervisory authority (in Italy, the Garante della Privacy at http://www.garanteprivacy.it), if they believe that the processing of their personal data violates applicable laws.

Types of Data Processed

SDG will process the personal data provided by Users only in the ways established in this Privacy Policy and in compliance with current legislative provisions. The personal data, collected through the website, will be used for the following purposes:

  1. Newsletter Subscription: Data will be used for marketing, informational, and promotional purposes of our company and products. The legal basis for this processing is the consent of the data subject, which can be withdrawn at any time. Data will be retained until consent is withdrawn.
    Specifically, in the case of newsletter subscription, message sending will continue until the consent withdrawal.
    Nevertheless, it is possible to unsubscribe autonomously and at any time by activating the procedure indicated at the
    footer of one of the received newsletters.
    Furthermore, in order to measure the perceived quality of the service and to optimize its usage, information related to the opening and reading of informational messages will be collected using appropriate tracking systems.
  2. Contact Form: Data will be used to provide technical and commercial information aimed at defining commercial offerings for our products and services. Additionally, whenever the Data Subject participates in events registered through the Site or communicates through the contacts found on the Site, the Controller may collect further information that the Data Subject chooses to provide.
    In such cases, the legal basis is constituted by the performance of pre-contractual and contractual activities.
    Therefore, the collected data will be processed to fulfill legal obligations related to civil, fiscal, and accounting regulations, as well as the administrative management of the relationship. These data will be retained for the period prescribed by specific legal obligations and applicable regulations. In the absence of such a period defined by law, the retention duration is set at 5 years.
  3. Career Forms: which allow entering contact details and other relevant information for the purpose of
    submitting a job application. In this case, the legal basis is the consent of the Data Subject, which is necessary
    for the continuation of the processing. For the specific privacy notice, please refer to the page:
    https://careers.sdggroup.com/privacy-policy
    This data will be retained for a maximum of five years from the date of consent, unless the application results in an
    employment relationship.

 

Cookies

The cookie information notice can be read here: https://www.sdggroup.com /cookies.

 

Data Recipients and Transfers

Personal data may be shared with:

  • SDG partners
  • Entities acting as Partners of SDG, collaborating with us to promote joint products and services.
  • Entities typically acting as Data Processors, such as natural or legal persons providing assistance and consultancy services in accounting, administrative, legal, tax, financial, credit recovery services related to the provision of services, mailing of advertising materials or contractual communications, event organizing companies, providers of services for web meetings and training webinars;
  • Providers of email services (platforms for sending emails), also delegated to manage unsubscribe requests from users for marketing purposes;
  • Entities delegated to perform technical maintenance activities (including maintenance of network equipment and electronic communication networks);
  • Individuals authorized to process personal data necessary to perform activities strictly related to the provision of products/services; these individuals are subject to a legal obligation of confidentiality;
  • Entities, organizations, or competent Authorities to which the personal data must be communicated to comply with legal obligations, prevent abuse or fraud.

The names and contacts of these entities are available upon request via email at privacy.it@sdggroup.com.
Data processing will be performed within the European Economic Area (EEA).