For THINKOPEN S.P.A. Your privacy and the security of your personal data are particularly important, which is why we collect and treat them with the utmost care, attention, at the same time adopting specific technical and structural measures to ensure full security of treatment.

We therefore inform you, pursuant to art. 13 of the European Regulation 2016/679 (‘Regulation’) and of the Privacy Code, Legislative Decree 169/2003, as amended by Legislative Decree 101/2018, that the processing of your personal data takes place in a manner suitable to guarantee security And confidentiality, and is carried out using paper, computer and / or telematic supports, as detailed in this information.



The processing of your personal data is carried out by THINKOPEN S.P.A. (hereinafter also “THINKOPEN”), with registered office in Via A. Manzoni, n. 45, 20121 – Milan (MI), Italy, VAT number: 0239690018, as Data Controller pursuant to and for the purposes of the EU Regulation.

For any question or request related to the processing of your personal data, you can contact THINKOPEN at any time by sending a request to the following references:


Holder of the treatment

Company name: THINKOPEN S.P.A.

Registered office address: Via A. Manzoni, n. 45, 20121 – Milan (MI), Italy

Contact details email:


Type of data and purpose of processing

The personal data that THINKOPEN processes through its website are, specifically:

Personal data provided by the user or collected by us to allow registration and use of the services offered;

The data belonging to spontaneous candidates to whom THINKOPEN offers the possibility to insert the curriculum vitae on its ‘Careers’ site of THINKOPEN, as well as any identification and personal data useful for verifying whether the professional figure of the candidate is in line with the needs of the company.

Your personal data, once collected, are processed for the following purposes:



Legal basis


Research and selection of personnel to be included in the THINKOPEN staff.

Consent of the interested party to the processing of personal data


Profiling (not automated) and statistical analysis carried out by analyzing the data contained in the CVs of potential employees.

Consent of the interested party to the processing of personal data, explicitly expressed.


Fulfill obligations established by laws, regulations, European legislation.

The treatments put in place for these purposes are necessary for the fulfillment of legal obligations and do not require specific consent from the interested party.


Customize and implement the services provided by the Company and check the level of satisfaction with them.

The treatments put in place for these purposes are necessary for the execution of the contract or pre-contractual measures.


Your personal data is processed by THINKOPEN personnel specifically authorized pursuant to art. 4 paragraph 10 of the EU Regulation which processes data following precise indications from the Data Controller.


Your data may be disclosed to the police forces and to the judicial and administrative authorities, in accordance with the law, for the detection and prosecution of crimes, the prevention and protection from threats to public security, as well as to allow THINKOPEN to exercise or protect one’s own rights or those of third parties before the competent authorities, as well as for other reasons connected with the protection of the rights and freedoms of others.


Your data may also be transmitted to third parties the personal data provided only to the extent that the disclosure is necessary for the performance of its business and for the pursuit of the purposes referred to in point 3., as well as if this is required by law. Therefore, personal and identification data will be communicated, among other things, to:

  1. A) Companies related to THINKOPEN.
  2. B) Public bodies or private companies, for the fulfillment of contractual and legal obligations;
  3. C) Companies dealing with statistical calculations;
  4. D) Third-party companies, appointed as data processors by THINKOPEN, which provide the management service of the Company’s website.

These third parties have been adequately selected by us and offer a suitable guarantee of compliance with the rules on the processing of personal data. These subjects have been appointed as data processors pursuant to art. 28 of the EU Regulation, and are required to carry out their activities according to the specific instructions given by THINKOPEN and under its control.


Data transfer outside the EU


Some of the third parties referred to in paragraph 4 above may be based in non-European Union states, states which however offer an adequate level of data protection, as established by specific decisions of the European Commission.

The transfer of your personal data to third parties residing or located in countries that do not belong to the European Union and that do not ensure adequate levels of protection will be carried out, only with your consent or after the conclusion between THINKOPEN and said subjects of specific agreements, containing safeguard clauses and appropriate guarantees for the protection of your personal data so-called “standard contractual clauses”, also approved by the European Commission, or if the transfer is necessary for the conclusion and execution of a contract between you and THINKOPEN or for the management of your requests.


Data Retention


In compliance with the principles of proportionality and necessity, the data will not be kept for longer periods than those indispensable for the achievement of the aforementioned purposes and, therefore, to the employment contract or to the specific laws. In particular, personal data processed for contractual purposes are processed for the time strictly necessary to achieve the purposes for which they were collected.


Your rights

We inform you that you have the right to exercise the following rights in relation to the personal data subject of this information, as provided and guaranteed by the Regulation:

Right of access and rectification (articles 15 and 16 of the Regulation): you have the right to access your personal data and to request that it be corrected, modified or integrated. If you wish, we will provide you with a copy of your data in our possession.

Right to delete data (Article 17 of the Regulation): in the cases provided for by current legislation you can request the deletion of your personal data. Once your request has been received and analyzed, it will be our responsibility to stop processing and delete your personal data, if found legitimate.

Right to limitation of processing (Article 18 of the Regulation): you have the right to request the limitation of the processing of your personal data in the case of unlawful processing or contesting the accuracy of personal data by the interested party.

Right to data portability (Article 20 of the Regulation): you have the right to request to obtain your personal data from the Data Controller in order to transmit them to another Data Controller, in the cases provided for in the article referred to.

Right to object (Article 21 of the Regulations): you have the right to object at any time to the processing of your personal data carried out on the basis of our legitimate interest, explaining the reasons that justify your request; before accepting it, THINKOPEN will have to evaluate the reasons for your request.

Right to lodge a complaint (Article 77 of the Regulation): you have the right to lodge a complaint with the competent Authority for the protection of Personal Data if you believe that a violation of your rights has occurred, or is in progress, with regard to the processing of your personal data.

You can exercise your rights at any time with reference to the specific processing of your personal data by THINKOPEN.

Further information about the rights of the interested party can be obtained by asking the Owner for an integral extract of the aforementioned articles.


Security measures

The Company adopts suitable and preventive security measures to safeguard the confidentiality, integrity, completeness and availability of the data subject’s personal data. Technical, logistical and organizational measures are developed which have for THINKOPEN the objective of preventing damage, even accidental losses, alterations, improper and unauthorized use of the data processed.