Privacy Policy

2. SPECIFIC INFORMATION

Navigation data

The computer systems and software procedures used to operate this website collect, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet.

This information is not collected to be associated with identified data subjects, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment.

These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site. For further information on cookies, please refer to the Cookie Policy.

Scope of communication (refer to Art. 13, par. 1, letter e), para. 2, letter f) GDPR): When we process data within the European Economic Area, personal data is protected by European data privacy law, in particular the GDPR, where necessary, for the pursuit of the processing purposes, data may be transferred abroad, either to countries belonging to the European Union or to Third Countries not belonging to the European Union. The transfer of personal data to a third country is subject to adequate safeguards consisting of agreements signed with the party receiving the transfer and the implementation of appropriate mechanisms to ensure the protection, confidentiality and security of personal data.

Zenith Global is a company that is part of the Arrow Global Group whose parent company is Arrow Global Group Plc, based in the United Kingdom. As a result of Brexit, with effect from 1 January 2021, the UK will cease to be part of the European Union and the European Economic Area (“EEA”) and, accordingly from that date, any transfer to the UK of personal data will result in the application of the privacy laws in force in the UK. Taking care of personal data is very important to the Arrow Global Group and Brexit will not change that. Zenith Global will only share personal data with third parties outside the EEA where there is a valid legal basis, namely where:

– the EU Commission has declared that the country in question applies adequate data protection rules (“adequacy decision”);

– the ‘standard contractual clauses’ (a set of obligations on how personal data are protected and used) are in place with third party recipients of personal data;

– there is another statutory principle that authorises the sharing of personal data for judicial purposes, investigations or to protect the legal rights of the Company or the Group.

The Data subjects may request a copy of such data by sending an email to: zenithprivacy@zenithglobal.eu.

Data retention period(refer to art.13, paragraph 2, lett. a of the GDPR): data are kept for times compatible with the purpose of collection. See cookies policy.

The interactive modules:

“Write to us”

General: the page allows the Data subjects to request Zenith Global to provide them with contact details. Identification and contact data are requested.

Purposes and legal basis of the processing (refer to art. 13, paragraph 1, lett. c of the GDPR): identification and contact data are required in order to respond to contact requests from the Data subjects. The sending of the data is subject to specific, free and informed consent (refer to art. 6, paragraph 1, lett. a of the GDPR)

Scope of communication (refer to art. 13, paragraph 1, lett. e, lett. f of the GDPR): the data are processed exclusively by staff duly authorized and trained in the processing (pursuant to art. 29 of the GDPR).

Data retention period (refer to art.13, paragraph 2, lett. a of GDPR): data are kept for times compatible with the purpose of collection.

Data provisioning (refer to art.13, paragraph 2, letter f of GDPR): the provision of the data referred to the mandatory fields is necessary in order to obtain a reply.

“Work with us”

General: the page allows Data subjects to send their application to Zenith Global. Identification and contact details are requested, as well as the information necessary for personnel selection activities.

The collection will concern only general data, so the candidate will not be required to indicate the so-called special categories of data, as qualified under art. 9 of EU Reg. 2016/679, or data concerning health.

The inclusion of special data ex art 9 of EU Reg. 2016/679 will prevent the application from being evaluated.

Purpose and legal basis of the processing (refer to art. 13, paragraph 1, lett. c of the GDPR): identification and contact data as well as information necessary for personnel selection activities are requested. The sending of the data is subject to the specific, free and informed consent expressly provided by the Data subject (refer to art. 6, paragraph 1, letter a of the GDPR)

Scope of communication and (refer to art. 13, paragraph 1, lett. e, lett. f of the GDPR): the data are processed exclusively by staff duly authorized and trained in the processing (pursuant to art. 29 of the GDPR).

Data retention period (refer to art.13, paragraph 2, lett. a of GDPR): data are kept for times compatible with the purpose of collection.

Data provisioning (refer to art.13, paragraph 2, letter f of GDPR): the provision of the data referred to the mandatory fields is necessary in order to obtain a reply.

“Newsletter”

General: the form allows Data Subjects to request Zenith Global to send them newsletters. Identification and contact data are requested.

Purpose and legal basis of the processing (refer to art. 13, paragraph 1, lett. c of the GDPR): the identification and contact data necessary to respond to the request to receive the newsletter from the Data subjects are required. The sending of the data is subject to specific, free and informed consent (refer to art. 6, paragraph 1, letter a of the GDPR).

Scope of communication and (refer to art. 13, paragraph 1, lett. e, lett. f of the GDPR): the data are processed exclusively by staff duly authorized and trained in the processing (pursuant to art. 29 of the GDPR).

Data retention period (refer to art.13, paragraph 2, lett. a of GDPR): data are kept for times compatible with the purpose of collection. It is possible at any time to unsubscribe from the newsletter by clicking on the link in each communication or by writing to zenithprivacy@zenithglobal.eu

Data provisioning (refer to art.13, paragraph 2, lett. f of the GDPR): the provision of data related to mandatory fields is necessary in order to receive the newsletter.

“Complaints”

General: The page allows Data subjects to send a complaint. The claimant must be identified or identifiable; for this purpose, clients specify their personal data (including tax code) and sign their complaint by hand, attaching a valid identification document.

In case of submission of the complaint through a third-party representative (lawyer, consultant, body/association, trusted person), the power of attorney (in original or certified copy) with the authenticated signature of the claimant who issued it is required. In addition, a valid attestation of the consent expressed by the Data subject to the processing of his/her personal data is required, in compliance with the applicable regulatory provisions (EU Reg. no. 679/2016 so-called GDPR, Legislative Decree no. 196/2003 so-called Privacy Code and implementing provisions).

In order to facilitate the processing of the complaint, it is advisable to attach or indicate the details of the contract that governs the mutual obligations, as well as any supporting documents.

Purposes and legal basis of the processing: the personal data voluntarily communicated by the claimant will be processed exclusively for the management of complaints and for the pursuit of legitimate interests of the Intermediary such as the exercise of rights in court, arbitration or the management of any disputes.

Scope of communication (refer to art. 13, paragraph 1, lett. e, lett. f of the GDPR): the data are processed exclusively by staff duly authorized and trained in the processing (pursuant to art. 29 of the GDPR).

Data retention period: the data will be kept for the period strictly necessary for the purpose for which they were collected up to 10 years from the termination of the relationship. Once the terms have expired, unless otherwise required by law or the statute of limitations has expired, the data will be deleted or anonymized.

Data provisioning (refer to art.13, paragraph 2, letter f of GDPR): the provision of the data referred to the mandatory fields is necessary in order to obtain a reply.

Site registration

General: Registration to the site allows Data subjects to access their own personal area.

Purposes and legal basis of the processing: identification and contact data are required for registration and will be processed exclusively to allow access to the contents of your personal area. The sending of data is subject to the specific, free and informed consent (refer to art. 6, comma 1, lett. a of GDPR)

Scope of communication (refer to art. 13, paragraph 1, lett. e, lett. f of the GDPR): the data are processed exclusively by staff duly authorized and trained in data processing (pursuant to art. 29 of the GDPR).

Data retention period: the data will be kept for the period strictly necessary for the purpose for which they were collected.

Data provisioning (refer to art.13, paragraph 2, letter f of the GDPR): the provision of data related to required fields is necessary to access the requested content.