+39 331 386 7522 info@isheo.com
Privacy Policy

 

PRIVACY POLICY STATEMENT

 

The company ISHEO SRL, with registered office in Via Pinerolo, 2, 00182 ROME (RM), ITALY, Tax Identification Number/VAT 12127201007 (hereinafter referred to as “ISHEO”), pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data (hereinafter referred to as “GDPR” (General Data Protection Regulation) and Legislative Decree 196/2003 (Italian Privacy Code), provides you with the following information on the processing of your personal data, as website user/navigator or company requesting consulting services to ISHEO (hereinafter referred to as “WEBSITE”).

 

  1. HOLDER AND RESPONSIBLE OF THE DATA PROCESSING

The Data Controller is ISHEO S.R.L. with registered office in Via Pinerolo, 2, 00182 ROME (RM), ITALY, Tax Identification Number/VAT 12127201007, in the person of its representative Dr. Davide Integlia.

The rights identified below can be exercised by means of a written communication to be sent by certified email to the address privacy@isheo.com or registered letter with return receipt to the address indicated above.

 

  1. CATEGORIES OF DATA PROCESSED

The personal data collected and processed by ISHEO S.R.L. fall into the following categories:

– identification data (name, company name, registered office, tel., fax, e-mail, tax data, etc.), as well as, in the case of communications or requests sent via the website, any further personal data present in your message or in any material you send us;

– data relating to the activity and provision of the commissioned services (name, surname, date of birth, documents, health data, etc.);

– any data necessary for the fulfillment of legal obligations (such as, for example, your contact details for communications required by law or authority).

 

  1. SOURCE OF COLLECTION OF PERSONAL DATA

Your personal data will be obtained by the Data Controller directly from you and from your interaction with us.

 

  1. PURPOSES OF THE PROCESSING

In compliance with current legislation, your personal data will be processed lawfully, fairly and in a transparent manner in relation to the data subjects, for the purposes indicated below and according to the following requirements of lawfulness:

  1. a) Management of your requests and/or communications

Your personal data will be processed to correctly and effectively manage your request or communication sent through the contact details or the “Contact form” on our website (Article 6.1.b, GDPR).

  1. b) Execution of a contract or management of the pre-contractual relationship

The processing of your personal data for this purpose is necessary for the execution of a contract or the execution of pre-contractual measures (to be intended as a “legal relationship” established between you and the Owner following your possible request) (Article 6.1.b, GDPR). Specifically, the processing is aimed at:

◦ tax obligations

◦ administrative and accounting requirements

◦ obligations regarding work and health

◦ requirements and obligations deriving from the contract or legal relationship of which you are a party concerned.

 

  1. LEGAL OBLIGATIONS (Article 6.1.c, GDPR).

 

  1. PROCESSING MODALITY

The personal data you provide will be treated “lawfully and fairly”, in compliance of the afore-mentioned legislation and the confidentiality obligations which inspire our business.

The processing will be carried out with the support of paper, computer or telematic tools, in order to guarantee the physical and logical security and confidentiality of your personal data.

 

  1. SCOPE OF COMMUNICATION AND DISSEMINATION OF DATA

For the purposes indicated above (Paragraph 2), your personal data may be disclosed to:

– persons authorized by the Data Controller to carry out personal data processing operations (employees or collaborators of the Data Controller) in carrying out their duties;

– Data Processors appointed by the Data Controller (including, for example, IT and Telematics Technologies Providers);

– tax authorities, in accordance with the laws in force, as well as to Police and judicial and administrative authorities, for detection and prosecution of crimes, prevention and protection from threats to the public security, and to allow the Data Controller to ascertain, exercise or defend a right in Court, as well as for other reasons related to the protection of the rights and freedoms of others;

– any public and/or private natural and/or legal persons when the communication is necessary or functional to the performance of our business in the manner and for the purposes described above.

 

  1. MANDATORY OR OPTIONAL NATURE OF THE PROVISION OF DATA

The provision of your personal and sensitive data is not mandatory, however, the refusal to provide the requested personal data may make it impossible to provide you the services requested.

 

  1. DATA RETENTION PERIOD

We keep your personal data for a limited period of time, which varies according to the purpose of processing. After this period, your data will be permanently deleted or anonymized in an irreversible way.

 

Your personal data will be stored in compliance with the terms and criteria specified below:

 

– for the management of requests for a maximum of 6 (six) months from the date of the correct and complete management of your request;

– for the fulfillment of legal obligations for a maximum period of 10 (ten) years starting from the end of the calendar year in which the Data Controller has fulfilled the legal obligations required, in order to show evidence to have correctly accomplished the legal requirements.

 

For technical reasons, the termination of the processing and the consequent cancellation of your personal data or their anonymization will take place within 30 (thirty) days from the terms indicated above, except in the cases that require a longer storage period due to disputes, requests from competent authorities or pursuant to applicable law.

 

  1. EXTRA EU/EEA TRANSFER OF PERSONAL DATA

Your personal data may be transferred to countries not belonging to the European Union (EU) or to the European Economic Area (EEA) which however offer an adequate level of data protection, such as established by specific decisions of the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection / international-dimension-data-protection / adequacy-decisions_en).

The transfer of your personal data to countries that do not belong to the EU/EEA and that do not guarantee adequate levels of protection will be carried out only after signing specific agreements between the Data Controller and the recipients of the data, containing data safeguard clauses and adequate guarantees for the protection of your personal data, the so-called “standard contractual clauses”, for data transfers between EU and non-EU countries  approved by the European Commission, or if the transfer is necessary for the management of your possible requests.

 

 

  1. THE RIGHTS OF THE INTERESTED PARTY

According to this Privacy Statement, as regards personal data processing, the data subject, at any time, shall have the following rights:

– the right to have access to his/her personal data (Article 15 of EU Regulation no. 2016/679);

– the right to have personal data concerning him/her rectified (Article 16 of EU Regulation no. 2016/679);

– the right to remove his/her personal data (Article 17 of EU Regulation no. 2016/679);

– the right to restrict the processing of his/her personal data (Article 18 of EU Regulation no. 2016/679);

– the right to portability, intended as the right to receive personal data concerning him or herself that has been provided to the Data Controller in a structured, commonly used, and machine-readable format and has the right to transmit such data to another Data Controller without impediments (Article 20 of EU Regulation no. 2016/679);

– the right to object the processing of his/her personal data (Article 21 EU Regulation no. 2016/679);

– the right to withdraw his/her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.  (Article 7, paragraph 3 of EU Regulation 2016/679);

– the right to submit a complaint to the Guarantor Authority for the protection of personal data (Article 51 of EU Regulation no. 2016/679).

 

  1. UPDATE TO THIS PRIVACY STATEMENT

The continuous evolution of our activities and possible regulatory interventions on the subject may require changes in the characteristics of the processing of your personal data described so far. This Policy Privacy Statement, therefore, periodically undergoes changes and additions.

The updated version of this Policy Privacy Statement will be published on this page with the indication of the date of its last update. We therefore invite you to consult this page every time you visit the website.

Code Of Ethics

 

ISHEO S.r.l.

CODE OF ETHICS

 

Summary

 

ISHEO S.R.L. VISION STATEMENT ……………………………………… …………………………………….. 3

PURPOSES AND RECIPIENTS ……………………………………….. ……………………………………. 3

1 GENERAL PRINCIPLES ……………………………………….. ………………………………………….. … 3

1.1 Legality ………………………………………… ………………………………………….. …………… 3

1.2 Fairness ………………………………………… ………………………………………….. ……… 4

1.3 Non-Discrimination ……………………………………….. ………………………………………. 4

1.4 Meritocracy ………………………………………… ………………………………………….. …….. 4

1.5 Confidentiality ………………………………………… ………………………………………….. …… 4

1.6 Diligence ………………………………………… ………………………………………….. ………… 5

1.7 Loyalty ………………………………………… ………………………………………….. …………….. 5

2 RELATIONS WITH EMPLOYEES AND COLLABORATORS ……………………………….. 5

2.1 Personnel Selection ………………………………………. ………………………………….. 5

2.2 Personnel Management ………………………………………. ……………………………………. 5

3 WORKPLACE HEALTH AND SAFETY …………………………………….. ………………… 6

4 COMPANY MANAGEMENT ……………………………………….. …………………………………… 6

4.1 Compliance with Internal Procedures ……………………………………… …………………… 6

4.2 Accounting Management ……………………………………….. …………………………………………. 7

4.3 Asset Protection ………………………………………. ………………………………………. 7

4.4 Communication ………………………………………… ………………………………………….. … 7

5 RELATIONS WITH EXTERNAL ENTITIES……………………………………….. …………………………………. 7

5.1 Relations with Authorities and Public Administrations ……………………………………. …. 7

5.2 Relations with Customers and Suppliers …………………………………….. ……………………………. 8

6 INTERNAL CONTROL SYSTEM ……………………………………… ……………………….. 8

7 PENALTY SYSTEM GUIDELINES …………………………………….. ………….. 8

 

 

FOREWORD

ISHEO S.R.L. VISION STATEMENT

 

ISHEO S.r.l. is aware that the authority of a company can be measured by the competence of its collaborators, by the high quality of the service provided to customers and by the ability to create an ethically healthy environment based on fairness, respect, loyalty and encouragement of talent and merit.

The principles that inspire the work of this Company have been formally collected in a Code of Ethics and Business Conduct in the belief that the company’s reliability and prestige is built day by day respecting the rules and giving value to people.

This Code of Ethics therefore represents an important distinctive and identifying element towards the market and third parties, the knowledge and sharing of which is required of all those who operate in the Company or collaborate with it in any capacity. It constitutes the foundation of our business and an indispensable step for the achievement of our mission.

 

PURPOSES AND RECIPIENTS

This Code of Ethics (hereinafter referred to as the “Code”) contains the set of ethical and moral principles that inspire and guide the activity of ISHEO S.r.l. (hereinafter referred to as the “Company”) as well as the lines of conduct adopted by the Company both in the relations with employees and with external subjects and entities such as institutions, suppliers, customers, business partners, etc.

The observance of these principles is a priority to accomplish of ISHEO corporate mission and to ensure that it maintains its reputation in the socio-economic context in which it operates.

The present Code is therefore binding on ISHEO management and employees, as well as for all those who work and collaborate with the company, on a permanent or fixed-term basis (hereinafter referred to as “Recipients”).

The Code will be disseminated not only inside the company but also outside it, above all through its website.

 

1 GENERAL PRINCIPLES

The conduct of the Recipients, at all company levels, shall comply with the principles of legality, fairness, non-discrimination, meritocracy, confidentiality, diligence, and loyalty.

 

1.1 Legality

ISHEO operates in accordance with the laws in force and with the present Code.

All Recipients are therefore required to comply with all applicable regulations and to constantly be updated on legislative developments.

 

1.2 Fairness

Recipients are required to inspire their conduct on the principle of fairness.

Therefore, Recipients, in carrying out their activities, are required not to establish any privileged relations with third parties aimed at obtaining improper advantages and to not accept gifts or any other kind of benefit (except gifts of modest value or business courtesies) that could improperly grant advantages to third parties.

On their turn, Recipients are prohibited from making donations of money or offer gifts or favors of any kind to third parties (except gifts of modest value or business courtesies authorized by the Company) in connection with the activities performed by them for the benefit of ISHEO.

 

1.3 Non-Discrimination

In the personnel selection and management, in the organization of the working activities, in the choice, selection and management of suppliers, as well as in relations with entities, institutions and customers, ISHEO rejects any form of discrimination based on age, sex, race, sexual orientation, health conditions, political opinions, religion, culture and nationality of its interlocutors.

ISHEO is firmly convinced that wealth lies in diversity, and it is committed to encouraging integration through the promotion of intercultural dialogue and protection of the rights of minorities and weakest subjects.

 

1.4 Meritocracy

Personnel selection and management and work organization, at all levels, are based on the recognition of merit as a method to access rewards and improve one’s own professional status.

 

1.5 Confidentiality

ISHEO commits itself to ensure the protection and confidentiality of the personal data of which it gains knowledge in carrying out its business activities, in compliance with all national and/or EU regulations applicable to the protection of personal data.

Recipients are required to treat any information or data acquired during the execution of their work activities as confidential, to not disclose them for purposes not related to such activities, and in any case to always act in compliance with the confidentiality obligations undertaken by ISHEO. Particularly, Recipients are required to assure the utmost confidentiality and inaccessibility to third parties on documents relating know-how, transport information, business information and corporate operations.

 

1.6 Diligence

The relationship between ISHEO and its employees is based on mutual trust. Employees are required to work to promote the interests of the company, in conformity with the ethical values set forth by the present Code of Ethics, and to refrain from any activity that could constitute a conflict of interest with the interests of ISHEO.  Any direct or potential conflicts of interest that may arise, must be promptly reported to the Management to evaluate case-by-case their existence and severity and to avoid or mitigate the relevant consequences.

In case of violation, the Company will take all appropriate measures to remove the conflict of interest, reserving the right to act for its own protection.

 

1.7 Loyalty

ISHEO undertakes to conduct its activities, within a framework of fair competition, in accordance with current national and EU legislation, in the awareness that virtuous competition stimulates innovation and the development, producing benefits for the entire Community.

 

2 RELATIONS WITH EMPLOYEES AND COLLABORATORS

2.1 Personnel Selection

The Personnel assessment and selection are based on the principles of fairness, transparency, and equal opportunities in order to combine the needs of ISHEO with the candidate’s professional profiles, ambitions, wishes and expectations.

ISHEO undertakes to manage the personnel selection procedures so as to avoid any form of favoritism, using objective and merit-based criteria, respecting the dignity of the candidates in the view of the company success.

ISHEO undertakes to provide hired personnel with clear and correct information as regards roles, mutual responsibilities, rights, and duties.

 

2.2 Personnel Management

ISHEO protects and makes the most of its human resources, committing itself to ensuring a context that favors professional growth, knowledge, and skills of each person. ISHEO rejects any form of top-down management of personnel recognizing, on the contrary, that a horizontal approach based on participatory tools that allow to gather opinions, suggestions, and the widest participation of its resources, ensures greater benefits to people and company organization.

Without prejudice to the maximum availability towards the Company, no employee can be forced to perform duties, services or favors not due under his/her employment contract and his/her role within the company.

The Company is firmly committed to prevent and combat episodes of mobbing, stalking, psychological violence, and any discriminatory or harmful behavior that violates a person’s dignity inside and outside the business premises.

Relations between employees must be conducted with loyalty, fairness, and mutual respect, in compliance with the values of civil coexistence and freedom of people.

 

2.3 Conflict of Interest

ISHEO employees or consultants are required to inform in writing the legal representative of any, direct or indirect, relations, paid in any form, they had in the last three years, with private subjects that can even also abstractly influence or compromise professional judgement and objectivity in the performance of their tasks.

Any kind of interest can raise a potential conflict, including non-financial ones.

 

3 WORKPLACE HEALTH AND SAFETY

ISHEO is committed to ensuring its staff a work environment based on health, safety, and respect of the dignity of workers.

Workplace safety is ensured both by strictly implementing the provisions provided for by the laws in force and by actively promoting a culture of safety.

 

4 BUSINESS MANAGEMENT

4.1 Compliance with Internal Procedures

ISHEO believes that management efficiency is essential for achieving its objectives. Without prejudice to the company’s willingness to evaluate any improvement of the procedures proposed by the staff, this latter is required to strictly observe the company’s internal procedures and instructions.

Recipients must act according to their respective authorization profiles and must keep any suitable documentation to keep track of the actions taken on behalf of the company.

 

4.2 Accounting Management

In the accounting management activity, Recipients are required to act in compliance with the principles of truthfulness, accuracy, and transparency, so that the reputation of ISHEO is protected both internally that externally. The observance of these principles also allows the company to define its own operational strategies based on its actual economic and financial situation.

All the accounting items must therefore be supported by a complete, clear, and valid documentation, avoiding any form of omission, falsification and/or irregularity.

In case of economic or financial elements based on evaluations and estimates, the relating recording must be inspired by criteria of reasonableness and prudence.

 

4.3 Asset Protection

Recipients must carry out their activities inspired by a rational and efficient use of the business resources. Recipients are required to comply with safety provisions, to protect hardware from unauthorized access, which could seriously damage the right to the protection of personal data concerning ISHEO’s staff and customers.

 

4.4 Communication

ISHEO promotes an effective corporate communication that make it possible to establish contacts with the civil society, in order to acknowledge the Community demands and needs and to disseminate the company’s values and mission.

ISHEO’s advertising promotion respects ethical values, protecting minors and repudiating vulgar or offensive messages.

 

5 RELATIONS WITH EXTERNAL ENTITIES

 

5.1 Relations with Authorities and Public Administrations

Relations with Authorities and Public Administration must be based on the maximum clarity, transparency, and collaboration, in the strictest observance of laws and regulations and according to the highest moral and professional standards.

In relations with Public Officials, Public Service Officers and Public Administration in general, the authorized Recipients must comply with the highest levels of fairness e integrity, refraining from any form of explicit or veiled pressure aimed at obtaining any undue advantages for themselves or for ISHEO.

 

5.2 Relations with Customers and Suppliers

ISHEO undertakes to not provide its services in favor of direct competitors in the same timeframe in relation to a specific product or service.

Recipients are required to interact with customers and suppliers in a competent, professional, and polite manner, in the awareness that the protection of the image and of the reputation of the company and, consequently the achievement of company objectives, depends also on their ability to deal with third parties.

Recipients are required to make every effort to offer timely and high-quality services to customers.

Relations with suppliers are based on loyalty, fairness, and transparency.

The choice of suppliers is be made on the basis of objective suitableness and cost-effective criteria.

It is forbidden to choose suppliers on the basis of purely subjective and personal grounds or, in any case, by virtue of interests conflicting with those of the company.

Recipients must put in place every possible control measure to ascertain that also customers and suppliers comply with the fundamental ethical principles set out in the present Code of Ethics.

It is forbidden, in the relationship with third parties, to ask or solicit, in any way, payments, gifts or other benefits, for oneself or for others, except for those of modest value occasionally offered within the scope of normal courtesy relations and in the context of international customs. The modest value must not exceed € 150.00.

In any case, it is forbidden to accept gifts in the form of money, for whatever amount.

The company annually organizes anti-corruption courses for its employees.

 

6 INTERNAL CONTROL SYSTEM

Compliance with the provisions of this Code of Ethics is entrusted to prudent, reasonable, and careful supervision of each of Recipients within their respective roles and functions within the company. ISHEO shall adopt all the measures needed to bring the infringement to an end, having authority to take any disciplinary measures in compliance with the law and workers’ rights.

 

7 PENALTY SYSTEM GUIDELINES

Violation of the principles set out in the Code of Ethics and in the procedures indicated in internal controls compromises the fiduciary relationship between the Company and its directors, employees, consultants, collaborators in various capacities, customers, suppliers, commercial and financial partners.

Such violations will therefore be immediately prosecuted by ISHEO in an effective and timely manner, through the adoption of adequate and proportionate disciplinary measures.

Violation of the rules of the Code of Ethics constitutes:

◦ serious breach for employees (workers, employees, managers) that can result in sanctions, applied, on a severity scale, according to the provisions of the National Collective Labor Agreement for each specific category. In the case of pending criminal proceeding or execution of a measure restricting personal freedom relating an employee, before adopting the disciplinary measure, the suspension from work without pay can be adopted, for the duration corresponding to the outcome of the prosecution or until the end of the measure restricting personal freedom;

◦ cause of immediate termination of the work relationship, in the case of serious infringements, for external collaborators e parasubordinates;

◦ cause of immediate termination of the work relationship, in the case of serious infringements, for suppliers, contractors and subcontractors.

The identification and application of sanctions shall always take into account the general principles of proportionality and adequacy with respect to the alleged violation.

In all the above cases, ISHEO also retains the right to exercise all the actions it deems appropriate for compensation for the damage suffered as a result of the violation of the Code of Ethics.