Candidate personal data processing policy

We understand how important the way information about you is used and shared is important to you, and we want to treat it scrupulously and responsibly. This privacy policy describes how we collect and treat your personal data as an “Interested”. All treatments are in line with the EU Regulation 2016/679 (below GDPR) and national legislation on the subject.

Treatment Owner

The controller is the one who defines the purpose of the processing of personal data and, after collecting it, “uses” it in accordance with the principles enshrined in the GDPR.
Dauvea  manage  the recruiting process and the data requested are only those only necessary for  that. Data that can be requested and/or communicated – even spontaneously – may also include data belonging to the particular categories of data referred to in art. 9 of the GDPR. Such data will be processed only and as it is strictly necessary to fulfil the obligations and exercise the specific rights of the controller or the Person concerned in matters of employment law, social security and social protection, to the extent that it is authorised by EU or Member State law or by a collective agreement under The law of the Member States, in the presence of appropriate guarantees for the fundamental rights and interests of the Person concerned. If personal data that is not relevant to the purpose pursued is provided, this information will be immediately deleted and, under no circumstances, taken into account for the conduct of  recruitingactivities.

Specifically, the Titolare of the treatment is  Dauvea SRL  Via  Riva Villasanta,  233  –  09134 Cagliari (CA)– P.I  03718890928  in the person of the legal representative who is domiciled at the headquarters of the Company, contactable at the following e-mail address:  



Transferring personal data

Your data will not be transferred out of the EU. If it is necessary to transfer personal data outside the European Union, it will only be for the purposes listed above, and only to countries that give adequate guarantees of protection of personal data or by adopting the appropriate technical, legal and organizational security measures provided by the GDPR.

Security measures

All the data you provide to us will be processed according to the principles of lawfulness, transparency and fairness, in accordance with the company’s security policies. We guarantee an “adequate” level of security in accordance with GDPR and national legislation in this area but above all the security of your personal data. If there is even a particular risk of a breach, we will be in our care to report it promptly.


Rights of the Interested

The GDPR, in addition to guaranteeing the right to complain to the Control Authority, which for Italy is the Guarantee Authority for the protection of personal data, gives you the following rights:

  • Right of access (art.15 GDPR): The Person can confirm whether or not personal data is being processed and to obtain additional information, including the purpose of the processing, categories of personal data and recipients.
  • Right to rectify (art.16 GDPR): The Ability for the Person to obtain from the Holder the correction of inaccurate personal data.
  • Right to Cancel (art.17 GDPR): The Person may request the deletion of personal data concerning him where there is one of the reasons provided by the article itself, including: the withdrawal of consent, the unlawful treatment and the fulfillment of a legal obligation.
  • Right to limitation (art.18 GDPR): The ability for the Person to obtain the limitation of treatment, configurable as a total or partial suspension of the treatment of the data or even in some cases as a immobilization of the same. This can only be requested in exceptional cases expressly determined by the rule, including the period required to ascertain the accuracy of personal data, unlawful treatment, and the exercise of a legal right.
  • Right to data portability (art.20 GDPR): The Person has the right to receive, in structured format, common and readable by an automatic device, personal data concerning him provided by a treatment holder and the right to transmit such data to another controller.
  • Opposition law (art.21 GDPR): The Person may be able to oppose the treatment of him under Article 6 paragraph 1, letters and f) and/or for direct marketing purposes.
  • Right of non-subject to automated processes (art.22 GDPR): The Person may object to the subject to processes based solely on automated treatment in the event that they produce legal effects that affect or significantly affect his person. The holder does not use automated decision-making processes that can have legal effects on those affected.
  • The right to complain to the relevant supervisory authority (art 13 – 77 GDPR) and the right to an effective judicial appeal (article 79 GDPR).


Time to retain personal data

Depending on how you apply, your data will be retained as follows:

Delivery mode

Storage Mode

Retention times

Paper/Manual (e.g. recruiting events, etc.)


24 months maximum

Self-publishing through the portal


24 months maximum

Application to open positions in the portal


24 months maximum