Privacy Policy

Pursuant to and for the purposes of Article 13 of Regulation (EU) 2016/679 on the Protection of Personal Data (hereinafter ‘GDPR’), this text indicates how we protect the privacy of visitors to the corporate website www.dils.com (‘Website’) and to the various sites managed by Dils S.p.A. (‘Project Websites’), describing how we collect, process and protect personal information, the rights guaranteed to interested parties, and how to contact us.

Personal data is information concerning an identified or identifiable natural person defined as ‘interested’ (hereinafter also ‘User’), such as personal data, contact details (telephone, e-mail), and browsing data.

Data Controller

The data controller, which determines the purposes of and means for processing personal data, to whom one can turn in order to exercise the rights recognised by GDPR, is:

Dils S.p.A., whose registered office is in Piazza Armando Diaz, 7 – 20123, Milan (MI), Italy; is registered in the Milan, Monza Brianza and Lodi Business Register; Fiscal Code 00274180165; VAT number 07575790154; REA MI 1033235, Real Estate Agents Section of the Province of Milan (‘Dils’ or ‘Data Controller’).

The Data Controller can be contacted by sending an email to privacy@dils.com or by sending traditional post to the Data Controller’s address, taking care to specify the reason for the request.

Sources and categories of data processed, nature of the data provision, and methods of processing

The personal data processed is mainly collected from the User, when the User browses the Website or Project Websites or uses the services made available. These guidelines analyse the personal data processed in the different sections of the Website or of the Project Websites, and exclusively regulates the processing of personal data carried out on the Website or on the Project Websites but not on other websites to which the User is redirected.

Contacts area for brokerage and real estate consultancy services

Dils collects, via the Website and the various Project Websites, the personal information that Users freely provide by filling in the special contact request form relating to real estate brokerage and consultancy services, real estate enterprises, or individual properties promoted on the Website or on the Project Websites.

This section collects the following types of data:

(i)        name and surname

(ii)       e-mail address and telephone number

(iii)      additional fields to describe the User’s request

Dils cannot carry out any type of prior check in relation to the information entered into the fields, that can be freely filled in by the User.

The provision of Data in these areas is optional. If the User decides not to provide such data, the User will not be able to forward a contact request to Dils which will therefore be unable to respond appropriately.

Purpose of processing

The personal data provided is processed in order to provide feedback on requests for contact sent to Dils by Users via the form, and in particular:

  1. To satisfy the specific contact request submitted by the User.
  2. To comply with contractual obligations and/or obligations deriving from EC legislation, law and regulations, and provisions issued by the competent authorities and by supervisory bodies.
  3. Subject to the consent of the interested party, for sending newsletters, advertising communications relating to properties or other real estate enterprises (including related events or other promotional activities), market research and commercial communications, via both automatic and traditional means of contact.
  4. To send offers on products or services similar to those purchased and requested by the User of Dils by e-mail, even in the absence of specific consent (so-called soft opt-in), except in the case of the User’s express refusal to receive such communications, which may be expressed at any time (via the unsubscribe mechanism in the footer of the email received), by writing to privacy@dils.com, or by expressly denying consent for the promotional purposes referred to in point 3 above.

Legal basis

The processing of personal data with reference to the purposes referred to in points 1 and 2 above is based on the principle expressed in Article 6, paragraph 1, point b) of the GDPR, according to which the processing is lawful when necessary for the execution of                                                                                                                                                                                                                             pre-contractual measures at the request of the interested party.

Pursuant to Article 6, paragraph 1, point a) of the GDPR, the processing of personal data with reference to the purposes referred to in point 3 above is based on any specific consent granted by the User. This consent can be revoked at any time, without prejudice to the lawfulness of the processing carried out prior to revocation, following the instructions contained in the ‘Rights of the interested party’ section.

The processing of personal data with reference to the purposes referred to in point 4 is based on article 130, paragraph 4, of the Privacy Code (Legislative Decree no. 196/2003), provided that the communications involve products or services similar to those that have been the subject of a purchase or request by the User who, having been adequately informed, has not opposed or does not oppose such communications in the future.

Period of data storage

For the purposes referred to in points 1 and 2, personal data will be kept only for the time necessary to re-contact the User who requests it and for a period not exceeding 12 months from the response to the User’s request, in order to correctly manage any subsequent requests from the same User or for additional information relating to the same or similar topics.

For the purposes referred to in point 3, personal data will be stored until the User’s express consent is revoked.

For the purposes referred to in point 4, until opposition from the User. The User may oppose the processing of his/her personal data for this purpose both when requesting the products and services available on the website (by expressly denying the consent to processing for promotional purposes referred to in point 3), or on the occasion of subsequent commercial communications from the Data Controller, by writing to privacy@dils.com or via the unsubscribe mechanism in the footer of the received email.

HR Contacts Area – Work with us

Via its corporate website, Dils collects the personal information that Users freely provide by filling out the appropriate form in the ‘Work with us’ section of the website.

This section collects the following types of data:

(i)        name, surname, date of birth

(ii)       desired place of work

(ii)       e-mail address and telephone number

(iv)      Curriculum Vitae and covering letter

Dils cannot carry out any type of prior check in relation to the information entered into the fields that can be freely filled in by the User. If sensitive data is submitted (relating, in particular, to racial and ethnic origin; to religious, philosophical or other beliefs; to political opinions and membership of political parties, trade unions, associations; or religious or philosophical organisations; as well as personal data that might reveal state of health or sexual orientation), this data will be deleted immediately in the absence of a written declaration from the interested party consenting to its processing by the Dils.

Data provision in these areas is optional. If the User decides not to provide such data, the User will not be able to forward a contact request to Dils which will therefore be unable to respond appropriately.

Purpose of processing

The personal data provided is processed in order to provide feedback to requests for contact sent to Dils by Users via the form, and in particular:

  1. to manage incoming applications, for the purposes of staff research and selection.

 

Legal basis

The processing of personal data with reference to the purposes referred to in point 5 is based on the principle expressed in article 6, paragraph 1, point b) of the GDPR, according to which the processing is lawful when necessary for executing pre-contractual measures at the request of the interested party.

Period of data storage

The data collected via the relevant form in the ‘Work with us’ sectionand contained in the curricula which are sent spontaneously, will be used for the sole purpose of evaluating the candidates and, in the event of non-selection, will be deleted within 12 months. In the event of a positive evaluation, it will be kept for the entire duration of the employment relationship.

Browsing data

In addition to the data provided directly and intentionally by the User, the IT systems and software procedures used to operate the Website acquire, during normal operation, certain browsing data whose transmission is implicit in the use of TCP/IP.

This is information which is not collected in order to be associated with identified data subjects but which, by its very nature could, via processing and association with data held by third parties, allow identification of the Users. This category of data includes the IP addresses or domain names of the computers used by the Users who connect to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the timing of the requests, the method used to submit the requests to the server, the size of the files obtained in response, the numerical codes indicating the status of the response given by the server (successful, error, etc) and other parameters relating to the operating system and to the Users’ IT environment. This data is solely used to compile anonymous statistics on the use of the website and to verify its correct operation. It could be used to ascertain responsibility in the event of a crime.

For more relevant information, please refer to the Cookie Policy.

Legal basis

The processing of browsing data is based on the principle expressed in Article 6 (1) (f) GDPR – Legitimate interest of the data controller in maintaining the security of the website, and that it is not used in such ways as are detrimental to third party rights or as a channel for committing offences or possible fraud (see: recital no. 47 of the GDPR).

Processing Methods and Security

The processing of personal data refers to any operation or set of operations performed on personal data or on sets of personal data, with or without the aid of automation, such as collection, recording, organisation, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission or dissemination or otherwise making the data available, comparison or combination, restriction, erasure, or destruction.

With regards to security, please be informed that access to personal data is permitted only to personnel who are formally authorised by the Data Controller, as are the relevant activities described above, and that your data will be processed using methods and tools which are suitable in order to ensure data confidentiality and may be carried out by electronic or automated means and non-automated means (paper archives), both equipped with adequate security measures, as provided for by the GDPR, in order to prevent the loss of data, its unlawful or incorrect use, and unauthorised access.

Data Disclosure to Third Parties

Without prejudice to any communications to comply with legal obligations, the Data Controller will communicate the personal data provided by users only with reference to third parties selected for the support of the requested service, i.e. for fulfilment of the purposes listed above, appropriately designated as data controllers, such as:

  • external companies for the management of the information system, website or databases and telecommunications networks.

Finally, Users’ data may be transmitted, in compliance with law, to the police forces and to the judicial and administrative authorities, for the detection and prosecution of crimes, for the prevention of and protection from threats to public security, to allow the Data Controller to ascertain, exercise or defend a right in court, and for other purposes related to the protection of the rights and freedoms of others.

User’s rights

Pursuant to the GDPR, the User has the right to ask the Data Controller for access to personal data (art. 15), the rectification (art. 16), cancellation (art. 17), the limitation of the processing of personal data concerning him/her (art. 18), the right to data portability (art. 20) or to object to its processing (art. 21), in addition to the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning the subject or which significantly concerns them (art. 22).

Where the processing of personal data is based on the User’s express consent, pursuant to Art. 7 Paragraph 3 of the Regulation, the possibility exists to revoke the consent given for the sending of communications and updates for promotional and commercial purposes.

The right also exists to lodge a complaint with the competent supervisory authority (Article 77 of the Regulation) should the users consider that the processing carried out by the Data Controller does not comply with the provisions of legislation regarding the protection of personal data. In Italy, the complaint may be submitted to the local data protection Authority. Additional information on how to submit complaints can be found on the Authority’s website, at www.garanteprivacy.it.

Requests can be forwarded to the Data Controller in the following ways:

  • by writing to the following email address: privacy@dils.com
  • by registered mail to: Piazza Armando Diaz, 7 – 20123, Milan (MI), Italy

Changes to Policy

The Data Controller reserves the right to modify this privacy policy as deemed necessary. We encourage Users to view this page periodically in order to keep track of any changes.

Last updated: June 2022