Privacy Policy
Last updated: May 2, 2025
This policy is provided pursuant to Art. 13 of Regulation (EU) 2016/679 (“GDPR”) and the relevant national legislation (Legislative Decree 196/2003, as amended by Legislative Decree 101/2018) to users interacting with the website fairport.it (hereinafter, the “Site”).
1. Data Controller
Controller: Portway Human Capital S.r.l., in the person of its pro‑tempore legal representative
Tax Code / VAT No.: 13870280966
Certified e‑mail (PEC): portway@pec.it
Contact for privacy requests: info@fairport.it
Phone: +39 347 113 0750
2. Types of Data Processed
Navigation data – e.g. IP address, device identifiers (browser user‑agent), log files, URI/URL of requested resources, time and method of the request, size of the response file, numerical status code. These elements are indispensable for technical operation and security of the Site.
Technical cookies – exclusively those strictly necessary for navigation and essential features (session management, security). Further details are given in Section 9.
Data provided voluntarily by the user
Identification and contact details entered in Site forms (name, surname, e‑mail, phone number, company, role) when requesting information or contact.
Any content contained in comments or reviews should such functions be enabled.
Note: The Site does not collect or process CVs directly. Job applications are managed via external platforms such as LinkedIn, whose own privacy policies apply.
3. Purposes and Legal Bases for Processing
a. Site navigation, functionality and security – Legitimate interest of the Controller (Art. 6 (1)(f) GDPR).
b. Handling contact or information requests submitted via forms – Performance of pre‑contractual measures at the data subject’s request (Art. 6 (1)(b) GDPR).
c. Management of comments or user accounts (if enabled) – Performance of a contract or pre‑contractual measures (Art. 6 (1)(b) GDPR).
d. Sending newsletters or marketing communications (only upon subscription) – Explicit consent of the data subject (Art. 6 (1)(a) GDPR).
e. Compliance with legal, tax or regulatory obligations – Legal obligation (Art. 6 (1)(c) GDPR).
Provision of data for purposes a, b and c is necessary to browse the Site or obtain the requested service; failure to provide it may prevent use of the Site or fulfilment of the request. Data for purpose d is optional and based on consent.
4. Processing Methods and Security Measures
Processing is primarily electronic. Appropriate technical and organisational measures, compliant with Art. 32 GDPR, are in place to safeguard integrity, confidentiality and availability of personal data, preventing loss, unlawful use or unauthorised access.
5. Recipients or Categories of Recipients
Personal data are not disseminated. They may, however, be communicated to:
Technical and IT service providers (e.g. hosting companies such as Elementor Pro or its infrastructure partners, maintenance providers, e‑mail service providers).
Consultants and professionals (accountants, lawyers, etc.) assisting the Controller for organisational, administrative, legal or tax purposes.
Public bodies or authorities whenever required by law or by official orders.
Depending on their role, such parties act as Data Processors (formally appointed under Art. 28 GDPR) or as independent Data Controllers. An updated list of Data Processors is available upon request.
6. Data Transfers Outside the EEA
Data are stored on servers within the EU/EEA. Where service providers (e.g. cloud hosting, newsletter, security tools) are located outside the EEA, transfers occur only:
To third countries recognised as adequate by the European Commission (Art. 45 GDPR), or
Under Standard Contractual Clauses (Art. 46 GDPR) plus any supplementary safeguards ensuring a level of protection essentially equivalent to EU standards.
Copies of such safeguards (e.g. SCCs) can be requested by writing to info@fairport.it.
Privacy Policy
Last updated: May 2, 2025
This policy is provided pursuant to Art. 13 of Regulation (EU) 2016/679 (“GDPR”) and relevant national legislation (Legislative Decree 196/2003, as amended by Legislative Decree 101/2018) to users interacting with the website fairtport.it (hereinafter, the “Site”).
1. Data Controller
| Controller | Portway Human Capital S.r.l., in the person of its pro-tempore legal representative |
| Tax Code/VAT No. | 13870280966 |
| Certified E-mail (PEC) | [email protected] |
| [email protected] (for privacy requests) | |
| Phone | +39 3471130750 |
2. Types of Data Processed
Navigation Data: IP address, device identifiers (e.g., browser user agent), log files, URI/URL of requested resources, time of the request, method used to submit the request to the server, size of the response file, numerical code indicating the status of the response. This data is necessary for the technical operation and security of the Site.
Technical Cookies: The Site uses exclusively technical cookies strictly necessary to allow navigation and use of its essential features (e.g., session management, security). These cookies do not require the user’s prior consent. More details are provided in Section 9.
Data Provided Voluntarily by the User:
Identification and contact details entered in forms on the Site (e.g., name, surname, e-mail, phone number, company, role) for information or contact requests.
Any content of comments or reviews left by the user, should such features be active on the Site.
Note: This Site does not directly collect or process Curriculum Vitae (CVs). Any job applications or professional profiles are managed through external platforms such as LinkedIn, to whose specific privacy policies reference should be made.
3. Purposes and Legal Bases for Processing
| # | Purpose | Legal Basis (Art. 6 GDPR) |
| a | To allow navigation on the Site and ensure its proper functioning and security | Legitimate interest of the Controller (Art. 6(1)(f)) |
| b | To manage and respond to contact or information requests submitted via forms | Performance of pre-contractual measures taken at the data subject’s request (Art. 6(1)(b)) |
| c | Management of any comments or user accounts (if features are active) | Performance of a contract or pre-contractual measures (Art. 6(1)(b)) |
| d | Sending newsletters or marketing communications (only if the user subscribes) | Explicit consent of the data subject (Art. 6(1)(a)) |
| e | Compliance with legal, tax, or regulatory obligations | Legal obligation (Art. 6(1)(c)) |
Providing data for purposes a, b, c is necessary for navigation and use of the requested services (e.g., sending a message). Failure to provide data may prevent the use of the Site or the provision of the service. Providing data for purpose d is optional and based on consent.
4. Processing Methods and Security Measures
Data is processed mainly using electronic tools, adopting appropriate technical and organizational measures to ensure its security, integrity, and confidentiality, in compliance with Art. 32 GDPR, in order to prevent data loss, unlawful or incorrect use, and unauthorized access.
5. Recipients or Categories of Recipients
The processed personal data will not be disseminated but may be communicated to well-defined parties. Based on their roles and duties, internal and external personnel are authorized to process data within the limits of their competencies and in accordance with the instructions given to them by the Controller. The same data may be communicated to the following subjects:
Technical and IT service providers (e.g., the company providing site hosting – such as Elementor Pro or its infrastructure partners, technical maintenance services, e-mail service providers).
Consultants and professionals supporting the Controller for organizational, administrative, legal, or tax requirements (e.g., accountants, lawyers).
Public bodies or authorities, where required by legal obligations or authority orders.
These subjects will operate, depending on the case, as Data Processors formally appointed pursuant to Art. 28 GDPR or as autonomous Data Controllers. The updated list of Data Processors is available upon request.
6. Data Transfer to Countries Outside the EEA
Personal data is stored on servers located within the European Union or the European Economic Area (EEA). However, some service providers used by the Controller (e.g., hosting on global cloud platforms like those potentially used by Elementor, newsletter services, security tools) may be based or have servers outside the EEA. In such cases, the Controller ensures that the transfer takes place in compliance with applicable regulations, in particular:
To third countries deemed adequate by the European Commission (Art. 45 GDPR);
Or subject to the stipulation of Standard Contractual Clauses (SCCs) adopted by the European Commission (Art. 46 GDPR), possibly supplemented by additional measures to ensure a level of protection substantially equivalent to that of the EU.
A copy of the adopted safeguards (such as SCCs) is available upon request by writing to [email protected].
7. Data Retention Period
| Data Type | Maximum Retention Period |
| Navigation Data | Generally not exceeding 12 months (unless needed for crime investigation by judicial authorities). |
| Technical Cookies | For the duration of the browsing session or for the time technically necessary to ensure the specific functionalities of the Site. |
| Data provided for contact | For the time necessary to manage the request, and no longer than 12 months after its fulfillment, unless different legal obligations apply. |
| Data for user accounts | As long as the account remains active (if feature is present). Mandatory logs may be kept for longer periods (e.g., 10 years). |
| Content (e.g., comments) | Until requested for deletion by the user (if feature is present). |
| Data for marketing (newsletter) | Until consent is withdrawn by the data subject or, in the absence of withdrawal, for a maximum of 24 months from the last interaction. |
Data may be retained for longer periods only in compliance with legal obligations or for the protection of the Controller’s rights in legal proceedings.
8. Rights of the Data Subject
Pursuant to Articles 15-22 of the GDPR, you have the right to:
Obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the data (right of access, Art. 15);
Request the rectification of inaccurate data or the completion of incomplete data (Art. 16);
Obtain the erasure of data (“right to be forgotten”, Art. 17), in the cases provided for;
Obtain the restriction of processing (Art. 18);
Receive the data concerning you in a structured, commonly used and machine-readable format, and request its transfer to another controller (right to data portability, Art. 20);
Object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you based on the legitimate interest of the Controller (Art. 21);
Withdraw at any time the consent given for specific purposes (e.g., marketing), without affecting the lawfulness of processing based on consent before its withdrawal;
Lodge a complaint with the Data Protection Authority (in Italy: Garante per la protezione dei dati personali – www.garanteprivacy.it).
Requests to exercise your rights can be sent via e-mail to [email protected].
9. Cookies
This Site uses exclusively technical cookies, i.e., cookies strictly necessary to ensure the proper functioning of the Site and allow the user to navigate and use its basic features (for example, to maintain an active session, manage essential technical preferences, or ensure browsing security).
Since only essential technical cookies are used, your prior consent is not required for their installation, as provided by current regulations. The Site does not currently use profiling cookies, analytical cookies requiring consent, or other cookies managed by third parties for purposes other than strictly technical ones.
The legal basis for processing data collected through technical cookies is the legitimate interest of the Controller (Art. 6, par. 1, lett. f GDPR) to ensure the proper functioning and security of the Site.
10. Site Security and Spam Prevention
To ensure the security of the Site and prevent illegal activities, spam, or abuse, security systems may be active (e.g., firewalls, anti-spam plugins like Akismet, verification systems like reCAPTCHA). These systems may automatically collect some navigation data (such as the user’s IP address and browser/device information) for the sole legitimate purpose of identifying and blocking threats or unwanted traffic.
11. Changes to this Policy
The Data Controller reserves the right to update this privacy policy at any time, for example, in case of regulatory changes or evolution of the services offered by the Site. Updated versions will be published on this web page and will be effective from the publication date, indicated as “Last updated”. Users are advised to consult this page regularly.
