Modula SpA, with registered office at via San Lorenzo 41, Casalgrande (RE) , Italy, is issuing the following information sheet to inform you that, under the terms of the requirements of art. 13 of EU Regulation 2016/679 on the protection of personal data (“GDPR”), your personal data will be processed using electronic and manual instruments, including through social networks, in Italy and abroad.
This information sheet, drawn up in accordance with the principle of transparency and all GDPR requirements, consists of individual sections each dealing with a specific topic making it easier and quicker to read and understand (hereinafter the “Information Sheet”).

1. Data Controller

The Data Controller is Modula SpA, with registered office at via San Lorenzo 41, Casalgrande (RE), Italy.

2. Legal basis and purpose of processing

Purpose Legal Basis
a) requirements related to contractual and fiscal obligations arising from fulfilment of the contract;
b) receipt and transmission of spontaneous job applications for positions advertised on this Site.
Processing of data for these purposes is necessary to fulfil contractual and/or legal requirements (art. 6b & 6c of GDPR).
c) to carry out promotional activities such as the transmission of publicity materials by post, email, telephone, fax, SMS, MMS and similar methods (i.e. direct marketing);
d) to transmit information, answers to queries or newsletters for purely informative/publicity purposes unconnected to any sales campaign.
Processing of data for these purposes is performed with the express consent of the User and/or Data Subject (art. 6a of GDPR).
e) for the promotion of services similar to those supplied without affecting the User’s right to object to their data being processed at any time Processing of data for these purposes is performed in order to pursue the legitimate interests of the Data Controller (art. 6f of GDPR).

Conferring the right to process your data is required to fulfil the indicated purposes.
Failure to confer the right to process your data (whether partial or incomplete) shall render the requested services impossible to provide.
Conferring the right to process your data for the purposes allowed under section c) is optional, but refusal to allow this data to be processed shall render the related service impossible to deliver.

3. Disclosure of personal data

Personal data shall be processed exclusively by authorised persons and by designated persons such as Data Managers in full compliance with the GDPR regulations in order to carry out the processing activities necessary to fulfil the purposes indicated in this Information Sheet. Personal data may be disclosed to public or legal authorities when required by law or in order to report or prevent a crime from being committed.

4. Data storage period

Any personal data collected shall be held by the Data Controller for the period of time strictly necessary to fulfil the purposes indicated in point 2.
In particular,
– for the purposes indicated in point 2a until the contractual relationship is terminated, with the exception of a further storage period which may be required by law;
– for the purposes indicated in point 2b up to a maximum of 24 months from the date of application;
– for the purposes indicated in point 2c & 2d until consent is explicitly revoked;
– for the purposes indicated in point 2e until the Data Subject raises an objection.

5. Revocation of consent

The Data Subject has the right to revoke their consent at any time either fully or partially. This will not affect the legality of any processing carried out on the basis of consent given before revocation.
In order to revoke consent, simply contact the Data Controller at the address published in this Information Sheet. Where the User is required to register on a website, they can simply access their personal profile and modify any consent given.

6. Geographical location of the processing

Your personal data will be processed by the Data Controller within the European Union
If, for technical and/or operational reasons, it becomes necessary to use entities located outside the European Union, the said entities will be designated Data Processors and the transfer of personal data to the said entities, only for the performance of specific Processing activities, will be regulated in accordance with the provisions of the GDPR.
All necessary precautions will be adopted to ensure the total protection of the personal data, and the transfer will be based on the evaluation of appropriate guarantees, such as adequacy decisions regarding the destination third countries issued by the European Commission, or adequate guarantees provided by the third party recipient entity under article 46 of the GDPR.
In this case, you may request further details from the Data Controller if your personal data are processed outside the European Union, requesting proof of the specific guarantees adopted.

7. Rights of the data subject

Under the terms of arts. 15 and subs. of GDPR, you may exercise the rights explicitly enshrined in the regulations at any time, and in particular obtain:
• confirmation as to whether or not personal data concerning you is being processed, along with access to that data and the following information (purposes of the processing, categories of personal data, recipients and/or categories of recipients to whom the data has been and/or will be disclosed, storage period);
• rectification of inaccurate personal data concerning you and/or completion of incomplete personal data, also by providing an additional statement;
• deletion of personal data, in cases provided for by the GDPR;
• restriction of processing in the circumstances envisaged by current privacy legislation;
• portability of data concerning you, and in particular to request the personal data you provided to the Data Controller and/or have your personal data transmitted directly to another data controller;
• objection, at any time, to the processing of personal data concerning you for reasons relating to your particular situation and/or to the processing of personal data concerning you in full compliance with current privacy legislation and for any marketing and profiling purposes.
You may exercise these rights by contacting the following email address, attaching a copy of your ID document:
In any case, you are always entitled to lodge a complaint with the competent supervisory authority (Data Protection/Information Commissioner) under the terms of art. 77 of GDPR if you feel that the processing of your data is in breach of current privacy legislation.