Work with us policy


    Pursuant to Art. 13 of EU Regulation 2016/679, Qura S.r.l., with registered office in Mirandola, via di Mezzo 23, 41037, (MO), Tax Code and VAT No. IT03663360364, certified email qurasrl@legalmail.itas Data Controller, informs users of the methods of processing personal data deriving from filling in their data in the “contacts” section. 

    Data Controller 

    The Data Controller is Qura S.r.l. with registered office in Mirandola, via di Mezzo 23, 41037, (MO), Tax Code and VAT No. IT03663360364, certified email

    Data Protection Officer 

    The Data Controller has appointed a Data Protection Officer who can be contacted at the email address

    Type of data

    The data processed are those entered in the section Work with us i.e. identification data such as name and surname, contact details such as telephone and personal email and any other information contained in the attached Curriculum Vitae . This should include information on: 

    1. educational qualifications, professional experience, skills, abilities and competences essential for the role you have chosen or for the possible position that we will consider offering you;
    2. the Data Controller may also process special data pursuant to Art. 9 letter b) of EU Regulation 2016/679 related to you for the purposes strictly necessary for recruitment if it is essential for the procedure itself. 

    Purposes of processing

    Your data will be processed in order to carry out personnel selection activities. The processing is necessary to respond to your application or to offer you, at a later date, a new proposal if your profile is deemed appropriate to our needs. 

    Legal basis for processing

    The legal basis for data processing is the fulfillment of pre-contractual obligations, as identified by Art. 6 lett. b) of EU Regulation 2016/679. The legal basis for special data processing is Art. 9 par. lett. b) of EU Regulation 2016/679 as the processing is necessary to fulfill the obligations and exercise the specific rights of the Data Controller or the Data Subject in the field of labor law, social security and social protection, insofar as it is authorized by the European Union or its member states’ laws or by a collective agreement  pursuant to the laws of member states, where there are appropriate safeguards for the fundamental rights and interests of the Data Subject. 

    The provision of data is mandatory, otherwise it will not be possible to proceed with the selection of the application. 

    Data recipients

    The data may be disclosed to employees and contractors of the Data Controller who may process them in accordance with the instructions given by the Data Controller.  

    Your personal data may be processed by third parties who collaborate with the Data Controller for the same purposes. These subjects may, as appropriate, act as independent Data Controllers or as specifically appointed Data Processors. 

    Transfer of data

    The Data Controller does not transfer personal data to third countries or international organisations.

    Data retention

    The personal data you provide will be kept for the time strictly necessary to pursue the highlighted purposes and in any case for a period not exceeding 24 months: at the end of this period, your data will be deleted. 

    Data Subject’s rights

    Pursuant to Articles 13, (2) and 15 to 21 of the Regulation, we inform you that in relation to the processing of your personal data, you may exercise the following rights:

    1. Right to obtain access to personal data and the following information: 
    • confirmation that your personal data is being processed;
    • purposes of processing; 
    • categories of personal data; 
    • recipients or categories of recipients to whom the personal data has been or will be communicated;
    • if the personal data are not collected from the Data Subject, all available information about their origin and the existence of automated decision making, including profiling
    • a copy of the personal data being processed.
    1. Right to rectify/modify any personal data.
    2. Right to erasure of data (“right to be forgotten”) if any of the following reasons exist:
    • the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
    • the Data Subject withdraws consent to data processing and there is no other legal basis for the processing;
    • the Data Subject objects to the processing and there is no overriding legitimate ground for processing;
    • personal data have been processed unlawfully;
    • personal data must be deleted in compliance with a legal obligation under EU or Member State law to which the Data Controller is subject;

    If the Data Controller has made personal data public and is obliged to delete it, the same must inform any other Data Controllers processing personal data of the request to delete any link, copy or reproduction of such data.

    1. Right to limitation of processing in the event that:
    • the Data Subject contests the accuracy of personal data for as long as it is necessary for the Data Controller to verify the accuracy of such personal data;
    • the data has been unlawfully processed and the Data Subject objects to the erasure and instead requests that its use be restricted;
    • the Data Controller no longer needs the personal data for processing, but the Data Subject needs them to keep it in order to establish, exercise or defend a legal claim;
    • the Data Subject objected to the processing, pending verification as to whether the legitimate reasons of the Data Controller prevail over those of the Data Subject. 
    1. Right to file a complaint with the Data Protection Authority, following the procedures and directions published on the official website of the Authority
    2. The Data Subject’s right to data portability, i.e. the right to receive in a structured, commonly used and machine-readable format personal data concerning him or her that have been provided to a Data Controller and, where appropriate, to transmit them to another Data Controller, where the processing is based on consent or on a contract and is carried out by automated means. Where technically possible, the Data Subject has the right to obtain direct transmission of the data from one Data Controller to another.
    3. Right to object to the processing of personal data at any time, including profiling, in particular if:
    • the processing is carried out based on the legitimate interest of the Data Controller, subject to explanation of the reasons for the objection; 
    • personal data are processed for direct marketing purposes.
    1. Right not to be subject to a decision based solely on automated processing, including profiling, except where the decision is necessary for the conclusion or performance of a contract between the Data Subject and a Data Controller, is authorised by Union law or by the Member State to which the Data Controller is subject, or is based on the explicit consent of the Data Subject.

    The Data Controller has created a policy for the exercise of Data Subjects’ rights that can be consulted at the following link. 

    Procedure for exercising rights

    After identifying the Data Subject, requests can be made by sending: