Privacy Policy

Notice to customers and their contact persons

Pursuant to Article 13 of European Regulation 2016/679 on personal data protection (GDPR) and to Article 14 of the Federal Law on Data Protection (LPD), this notice is provided to those customers who are natural persons (i.e., one-person businesses and professionals), as well as to the contact persons of Human Intelligence Factory’s customers.

Pursuant to the Federal Law on Data Protection (LPD), this notice is also provided to customers who are legal persons.

Controller
The Controller is Human Intelligence Factory (hereinafter “the Company”), with registered office at Oberwilerstrasse 2, 4102 Binningen, Switzerland, as represented by its Administrator.
Data subjects may contact the Controller at the above address or at the following e-mail address info@humanintelligencefactory.com.

Controller representative
The Controller has appointed as its representative in the European Union Mr Alessandro Ortolani, who can be contacted by e-mail at the following address aortolani@humanintelligencefactory.com.

Data type(s) and source(s)
The Company may process the following personal data for the purposes illustrated below, as the case may be.
Customers who are natural persons:
– personal data (name, surname, tax number or VAT identification number, address(es), etc.);
– contact data (telephone number(s), e-mail address(es), etc.);
– any other data related to contract preparation and/or performance.
Customers who are legal persons:
– company data (company name, VAT identification number / tax number, address(es), etc.)
– contact data (telephone number(s), e-mail address(es), etc.);
– any other data related to contract preparation and/or performance.
Customers’ contact persons:
– personal data (name, surname), if any;
– contact data (telephone number(s), e-mail address(es), etc.);
Such data may be provided by Data subjects during:
– the development of business proposals and quotations;
– visits or telephone calls;
– direct contacts;

Purposes of the processing
Natural and legal person customer data are processed in order to:

1) acquire pre-contractual data and information (as needed to fulfil requests for information concerning the provided services, to submit offers and quotations, to prepare documents, etc.);

2) manage contractual relationships (e.g., to forward and exchange communications, etc.)

3) manage any reports and complaints;

4) exchange information of various kinds via different communication means (by telephone, smartphone, SMS, e-mail) in order to provide services or manage customer care tasks;

5) fulfil accounting, civil law and tax requirements;

6) prevent and manage any disputes in and out of court;

Customers’ contact persons’ data are processed in order to:

1) acquire pre-contractual data and information (as needed to fulfil requests for information concerning the provided services, to submit offers and quotations, to prepare documents, etc.);

2) manage contractual relationships (e.g., to forward and exchange communications, etc.)

3) manage any reports and complaints;

4) exchange information of various kinds via different communication means (by telephone, smartphone, SMS, e-mail) in order to provide services or manage customer care tasks;

Legal ground for the processing

The legal ground for the processing is:

– the need to fulfil pre-contractual, contractual and post-contractual obligations, for the purposes mentioned under points 1, 2, 3 and 4.

– Fulfilling legal obligations for the purpose mentioned under point 5;

– The Controller’s legitimate interest consisting of exercising or defending its legal claims in and out of court, for the purpose mentioned under item 6.

Nature of the provision of data and consequences of the refusal to provide them

Customers who are natural or legal persons:

providing personal data is mandatory in order to fulfil the civil law, accounting and tax requirements related to business transactions or invoicing.

The provision of further personal data is not compulsory, but it is needed for the proper and efficient management of contractual relationships. The refusal to provide such data may therefore prevent the fulfilment of some requests or affect the service provided under the specific contractual relationship.

Customers’ contact persons:

The provision of personal data is not compulsory, but it may be unavoidable for the proper and efficient performance of the contractual relationship. Their missed provision may therefore jeopardize the management of such relationship.

Data storage period

The Controller stores and processes personal data as long as needed to achieve the stated purposes. In particular:

Customers who are natural or legal persons:

customer data are stored for the administrative limitation

period, as well as for the legal limitation period in connection with possible disputes.

Customers’ contact persons:

contact data are stored up to the end of the relationship between the customers’ contact persons and the Company.

Recipients of the data

The personal data processed by the Controller will not be disseminated, i.e., they will not be disclosed to unknown parties in any form, including their availability or simple consultation.

Such data may be processed by the Controller’s employees, based on their roles and duties, and partners in order to pursue the above-mentioned purposes.

These parties receive authorizations to perform the processing, as well as proper operating instructions.

The data may also be disclosed, as strictly needed, to parties who, at the Controller’s request, need to provide goods or services in order to fulfil customers’ requests, such parties having been designated as Processors.

Finally, the data may be disclosed to parties who are entitled to access them by virtue of provisions of laws, rules and EU regulations.

Data transfers

In no case does the Controller transfer personal data to third countries or international organizations. The Controller, however, reserves the right to use Cloud-based services, in which case service providers will be selected among parties providing appropriate safeguards, as set forth in Article 46 of Regulation 2016/679 (GDPR).

Data subjects’ rights

The Company guarantees Data subjects the possibility to exercise at any time their rights pursuant to EU Regulation 679/2016 (GDPR) and to the Federal Law on Data Protection (LPD), and specifically:

– the Right to access (Article 15 of GDPR and Article 8 of LPD);

– the Right to rectification (Article 16);

– the Right to erasure (Article 17);

– the Right to restriction of processing (Article 18);

– the Right to data portability (Article 20);

– the Right to object (Article 21);

– the Right to object to automated decision-making (Article 22).

Data subjects may exercise their rights by contacting the Controller in writing at the above address, or via e-mail; they need to specify the object of their requests and the right(s) they intend to exercise; they need to enclose a photocopy of their identity document as proof that their request is legitimate.

In particular, the Controller reminds Data subjects that they can exercise their right to oppose in the forms and manners set forth in Article 21 of the GDPR.

Submission of complaints

Data subjects have the right to submit complaints to the supervisory authorities of their countries of residence.

Automated decision-making

The Controller carries out no personal data processing consisting of automated decision-making.

 

Notice to e-mail message recipients

The contents of e-mail messages are confidential. The information contained in e-mail messages or their enclosures is therefore exclusively reserved for the intended recipients. Pursuant to Article 616 of the Italian Criminal Code, individuals other than the intended recipients shall not read, copy or edit the messages, nor distribute them to third parties. If you receive from us a mistaken communication, please do not use it nor make it available to anybody, but delete it from your mailbox and notify the sender.

Sender and content authenticity are not guaranteed, except for digitally signed documents.

Pursuant to Article 13 of EU Regulation 2016/679 (GDPR) we further advise that our filing systems contain e-mail addresses related to natural persons, companies and entities with whom messages were exchanged in the past by e-mail or other communication means, or who actively provided their e-mail addresses in direct contacts. We use such addresses in accordance with the willingness and availability of Data subjects to receive e-mail messages from our organization. Also, please be advised that all the e-mailboxes belonging to domain “humanintelligencefactory.com” are business mailboxes and, therefore, are used for business communications. Due to operating requirements, any incoming and outgoing messages may therefore be read by parties other than their senders and/or recipients.

Data subjects wishing to have their e-mail address(es) removed from our filing system or to exercise their rights under Articles 15. Right to access, 16. Right to rectification, 17. Right to erasure, 18. Right to restriction of processing, 20. Right to data portability, 21. Right to object and 22. Right to object to automated decision-making, of EU Regulation 2016/679 (GDPR), may contact the Controller in writing at the following e-mail: info@humanintelligencefactory.com.

 

Notice for contact form

Pursuant to Article 13 of European Regulation 2016/679 on personal data protection (GDPR) and to Article 14 of the Federal Law on Data Protection (LPD), this notice is provided to those individuals who contact the Company via the form available on its website.

Controller

The Controller is Human Intelligence Factory (hereinafter “the Company”), with registered office at Oberwilerstrasse 2, 4102 Binningen, Switzerland, as represented by its Administrator.

Data subjects may contact the Controller at the above address or at the following e-mail address info@humanintelligencefactory.com.

Controller representative

The Controller has appointed as its representative in the European Union Mr Alessandro Ortolani, who can be contacted by e-mail at the following address aortolani@humanintelligencefactory.com.

Processed data type(s)

The processed data are:

– name, surname, e-mail address and job title (compulsory);

– company industry and size (not compulsory).

Data source(s)

Data subjects provide their data by filling out the form available on the Controller’s website.

Purposes of the processing

The data are processed in order to process and answer the various questions asked by Data subjects.

Legal grounds for the processing

The legal ground is the consent given by the Data subject by freely and unconditionally filling out the form.

Withdrawal of consent

Pursuant to Article 7 of EU Regulation 2016/679 (GDPR), Data subjects may withdraw at any time their consent, as given for the above-mentioned purpose. Following the withdrawal of consent, the Controller will no longer process the associated data for the above-mentioned purposes.

Nature of the provision of data and consequences of the refusal to provide them

The provision of data is never compulsory. The data marked by an asterisk (*) are needed to process the submitted requests and reply to Data subjects. Their missed provision, therefore, prevents submitting the related request by means of the form.

Data storage period

The Controller stores personal data as long as needed to pursue the stated purposes. In this specific case, data are stored for two years.

Recipients of the data

The personal data processed by the Controller will not be disseminated, i.e., they will not be disclosed to unknown parties in any form, including their availability or simple consultation.

Such data may be processed by the Controller’s employees and partners, based on their roles and duties, in order to pursue the above-mentioned purposes.

These parties receive authorizations to perform the processing, as well as proper operating instructions.

The data may also be disclosed, as strictly needed, to parties who, at the Controller’s request, need to provide goods or services, such parties having been designated as Processors.

Finally, the data may be disclosed to parties who are entitled to access them by virtue of provisions of laws, rules and EU regulations.

Data transfers

In no case does the Controller transfer personal data to third countries or international organizations. The Controller, however, reserves the right to use Cloud-based services, in which case service providers will be selected among parties providing appropriate safeguards, as set forth in Article 46 of Regulation 2016/679 (GDPR).

Data subjects’ rights

The Company guarantees Data subjects the possibility to exercise at any time their rights pursuant to EU Regulation 679/2016 (GDPR) and to the Federal Law on Data Protection (LPD), and specifically:

– the Right to access (Article 15 of GDPR and Article 8 of LPD);

– the Right to rectification (Article 16);

– the Right to erasure (Article 17);

– the Right to restriction of processing (Article 18);

– the Right to data portability (Article 20);

– the Right to object (Article 21);

– the Right to object to automated decision-making (Article 22).

Data subjects may exercise their rights by contacting the Controller in writing at the above address, or via e-mail; they need to specify the object of their requests and the right(s) they intend to exercise; they need to enclose a photocopy of their identity document as proof that their request is legitimate.

In particular, the Controller reminds Data subjects that they can exercise their right to oppose in the forms and manners set forth in Article 21 of the GDPR.

Submission of complaints

Data subjects have the right to submit complaints to the supervisory authorities of their countries of residence.

Automated decision-making

The Controller carries out no personal data processing consisting of automated decision-making.

 

Notice to suppliers and their contact persons

Pursuant to Article 13 of European Regulation 2016/679 on personal data protection (GDPR) and to Article 14 of the Federal Law on Data Protection (LPD), this notice is provided to those suppliers who are natural persons (i.e., one-person businesses and professionals), as well as to the contact persons of Human Intelligence Factory’s suppliers.

Pursuant to the Federal Law on Data Protection (LPD), this notice is also provided to suppliers who are legal persons.

Controller

The Controller is Human Intelligence Factory (hereinafter “the Company”), with registered office at Oberwilerstrasse 2, 4102 Binningen, Switzerland, as represented by its Administrator.

Data subjects may contact the Controller at the above address or at the following e-mail address info@humanintelligencefactory.com.

Controller representative

The Controller has appointed as its representative in the European Union Mr Alessandro Ortolani, who can be contacted by e-mail at the following address aortolani@humanintelligencefactory.com.

Data type(s) and source(s)

The Company may process the following personal data for the purposes illustrated below, as the case may be.

Suppliers who are natural persons:

– personal data (name, surname, tax number or VAT identification number, address(es), etc.);

– contact data (telephone number(s), e-mail address(es), etc.);

– any other data related to contract preparation and/or performance.

Suppliers who are legal persons:

– company data (company name, VAT identification number / tax number, address(es), etc.)

– contact data (telephone number(s), e-mail address(es), etc.);

– any other data related to contract preparation and/or performance.

Suppliers’ contact persons:

– personal data (name, surname), if any;

– contact data (telephone number(s), e-mail address(es), etc.);

Such data may be provided by Data subjects during:

1) the development of business proposals and quotations;

2) visits or telephone calls;

3) direct contacts;

Purposes of the processing

Natural and legal person supplier data are processed in order to:

1) acquire pre-contractual data and information (e.g., to assess offers and quotations, to prepare documents, to submit and exchange communications concerning supply relationship management, etc.);

2) manage the contractual relationship involved in the purchase of goods and services (e.g., to manage payments and Company cash flows, receive goods, etc.)

3) manage the accounting and tax requirements arising from the supply relationship;

4) prevent and manage any disputes in and out of court;

Suppliers’ contact persons’ data are processed in order to:

1) acquire pre-contractual data and information (e.g., to assess offers and quotations, to prepare documents, to submit and exchange communications concerning supply relationship management, etc.);

2) manage the contractual relationship involved in the purchase of goods and services (e.g., to manage payments and Company cash flows, receive goods, etc.) and exchange information of various kinds via different communication means (by telephone, smartphone, SMS, e-mail) in order to use the services

Legal ground for the processing

The legal ground for the processing is:

– the need to fulfil pre-contractual, contractual and post-contractual obligations, for the purposes mentioned under points 1 and 2.

– Fulfilling legal obligations for the purpose mentioned under point 3;

– The Controller’s legitimate interest consisting of exercising or defending its legal claims in and out of court, for the purpose mentioned under item 4.

Nature of the provision of data and consequences of the refusal to provide them

Suppliers who are natural or legal persons:

provision of personal data needed to fulfil civil law, accounting and tax requirements.

The provision of further personal data is not compulsory, but it is needed for the proper and efficient management of contractual relationships. The refusal to provide such data may therefore wholly or partly jeopardize the proper management of the supply relationship with the Company.

Suppliers’ contact persons:

The provision of personal data is not compulsory, but it may be unavoidable for the proper and efficient performance of the contractual relationship. Their missed provision may therefore jeopardize the management of such relationship.

Data storage period

The Controller stores and processes personal data as long as needed to achieve the stated purposes. In particular:

Suppliers who are natural or legal persons:

supplier data are stored for the administrative limitation period, as well as for the legal limitation period in connection with possible disputes.

Suppliers’ contact persons:

contact data are stored up to the end of the relationship between the suppliers’ contact persons and the Company.

Recipients of the data

The personal data processed by the Controller will not be disseminated, i.e., they will not be disclosed to unknown parties in any form, including their availability or simple consultation.

Such data may be processed by the Controller’s employees, based on their roles and duties, and partners in order to pursue the above-mentioned purposes.

These parties receive authorizations to perform the processing, as well as proper operating instructions.

The data may also be disclosed, as strictly needed, to parties who, at the Controller’s request, need to provide goods or services in order to fulfil customers’ requests, such parties having been designated as Processors.

Finally, the data may be disclosed to parties who are entitled to access them by virtue of provisions of laws, rules and EU regulations.

Data transfers

In no case does the Controller transfer personal data to third countries or international organizations. The Controller, however, reserves the right to use Cloud-based services, in which case service providers will be selected among parties providing appropriate safeguards, as set forth in Article 46 of Regulation 2016/679 (GDPR).

Data subjects’ rights

The Company guarantees Data subjects the possibility to exercise at any time their rights pursuant to EU Regulation 679/2016 (GDPR) and to the Federal Law on Data Protection (LPD), and specifically:

– the Right to access (Article 15 of GDPR and Article 8 of LPD);

– the Right to rectification (Article 16);

– the Right to erasure (Article 17);

– the Right to restriction of processing (Article 18);

– the Right to data portability (Article 20);

– the Right to object (Article 21);

– the Right to object to automated decision-making (Article 22).

Data subjects may exercise their rights by contacting the Controller in writing at the above address, or via e-mail; they need to specify the object of their requests and the right(s) they intend to exercise; they need to enclose a photocopy of their identity document as proof that their request is legitimate.

In particular, the Controller reminds Data subjects that they can exercise their right to oppose in the forms and manners set forth in Article 21 of the GDPR.

Submission of complaints

Data subjects have the right to submit complaints to the supervisory authorities of their countries of residence.

Automated decision-making

The Controller carries out no personal data processing consisting of automated decision-making.