Privacy policy

UP Agenzia per il Lavoro SpA, with registered office at Via San Vitale EST 740/B in Medicina (BO) (henceforth "UP", "UP Lavoro", the "Company" or "we"), is committed to protecting your privacy while browsing this website (the "Website").

This 'Privacy Policy' or 'Policy' (together with the other documents referred to herein) explains the types of personal data we collect and how we collect, use and process such data.

Below you will find an index that allows you, if you wish, to access the relevant sections directly.

What personal data does the company collect and use?

We collect and use personal data to provide you with the best possible experience. This data is divided into the following categories:

- Identity data: includes name and documents proving identity.

- Contact data: this includes e-mail addresses, telephone numbers, postal addresses, country, job title, company name and other information that may appear on your business card.

- Technical data: this refers to the IP addresses from which you access UP's or third parties' products and services, cookies (as set out in the Cookie Policy) used to access this website.

- Contact form data: this includes any information you provide to us when you use contact forms (e.g. via the "Contact us", "Send us a message", "Stay in touch" or "Receive financial updates" functions on our websites, apps or products and services), or when you participate in a survey. This includes recording correspondence and other personal information you choose to share by filling out contact forms. Fields marked with an asterisk (*) are mandatory as they indicate information needed to fulfil your request or reply.

- Marketing communications data: information on your responses to e-mail, SMS, telephone and other marketing campaigns, as well as your subscription to newsletter services or updates from the Company.

- Social media data: includes any profile data and other information made public or shared with us via social media.

- Financial and legal event data: this includes any information you provide in connection with UP's financial or legal events, such as participation in webcasts on financial results or shareholder meetings. If you contact UP by telephone for these events (e.g. for technical support), we will process your telephone number and other information related to your request.

Depending on the circumstances and local regulations and obligations, we may collect some of the above information when you visit our website, provide us with your business card, attend a conference or other event, or if you are a current or potential customer.

As specified in section 2, we collect and use personal information to offer you products and services, send you requested information, or contact you to communicate further details about available products and services.

Why do we process your personal data and for how long do we keep them?

The use of personal data as described above is legitimate under current data protection legislation because:

- It is necessary to pursue a legitimate interest of ours for the purposes stated above, insofar as that interest does not override your data protection rights.

- In some cases, it is necessary to fulfil legal or regulatory obligations, such as communication to authorities, supervisory bodies and government agencies.

- In other situations, it is required for the performance of a task carried out in the public interest and, when processing special categories of personal data, for the exercise or defence of a right in court or if the processing concerns personal data that are manifestly in the public domain.

- In limited circumstances, with your consent, obtained from time to time, when you agree to receive marketing communications and news by email. For B2B marketing communications, please see the 'marketing communications' section.

We do not carry out any processing based solely on automated decisions, including profiling, which produces legal effects concerning you or significantly affects you.

How is your personal data collected?

UP uses various methods to collect data from and about you, including:

- Direct interactions: You can provide your identity data, contact form and survey data, marketing communication data, social media data and financial and legal event data by filling in forms or contacting us by mail, phone, e-mail or other means. This data is collected when:

- Request our products or services;

- Create an account on our website;

- You subscribe to our services or publications;

- Request to receive marketing communications;

- Participate in a competition, promotion or survey;

- Give feedback or contact the company.

- Automated technologies or interactions: When you interact with the website, we automatically collect technical data about your systems, actions and browsing patterns. This data is collected through cookies and other similar technologies, as well as from communications received from your browser. For more details on the use of cookies and similar technologies, please see our Cookie Policy.

- Third parties or public sources: We receive personal information about you from various third parties and public sources, including:

- Public information you make available on social media, websites and similar apps;

- Public information about you in registers/listings, such as those of associations or professional qualifications.

What kind of marketing communications do we send?

Communications with natural persons

We will only send you marketing communications as an individual if you have given your consent. To receive these communications, you can express your consent by checking the corresponding box on the data collection form.

Communications with companies

We process your data in the context of the business relationship with your company for the following reasons:

- We have a contract with your company (or are considering entering into one). In this case, most of the personal information we collect and use for marketing purposes relates to contact details of our customers and other companies with whom we do business; or

- We pursue our legitimate interests in our business activities, such as communicating with business contacts in a business-to-business context to promote our products and services that we believe may be of interest to the company. To this end, we may also obtain contact information from public sources, including content made public on social media, to establish initial contact with a contact person at a customer or other company.

How to unsubscribe?

When we send marketing communications by email, you can unsubscribe and receive no further communications by clicking on the "unsubscribe" or "unsubscribe" function in the email. In addition, you can exercise your right to unsubscribe at any time by contacting us, indicating the marketing communications you no longer wish to receive in the Request Details field.

Do we use artificial intelligence?

We share your information with third parties in order to use it more efficiently and offer you content, resources and/or services. However, data is only shared in the following circumstances:

- To suppliers: We entrust suppliers with the performance of administrative and operational activities relevant to our relationship with you. These suppliers are bound by contractual and legal obligations of confidentiality and respect for privacy and will only have access to the data necessary to perform their functions. Typically, these are IT service providers (who host or support the Company's IT systems, including information about you), site management companies (who manage the physical security of the buildings and need your information to grant you access), and financial and accounting back-office service providers (who manage applicant information to process debit and credit positions). In addition, we use technology and IT service providers and solutions.

- To members of UP and their associates (the "UP Members") inside or outside the European Union: The list of countries in which we operate is available at Data is shared for several reasons:

- With UP Members providing IT functions for UP companies worldwide, with offices in the Czech Republic and France, among others.

- With UP Members worldwide for the purposes described or to propose offers to you in line with your profile, if you have expressed interest in local or international opportunities or if UP Members believe you may have useful skills in that market.

- To government or law enforcement authorities: We will share your data with government, police, regulatory or law enforcement authorities if we believe we are legally obliged or authorised to do so, or if it is prudent in our discretion to do so.

- To prospective sellers or purchasers and their advisors: During due diligence relating to a merger, acquisition or other business transaction, or during the execution of such transactions, we may need to disclose your information to the potential seller or buyer and their advisors.

Do we transfer your personal data abroad?

Your personal data may be transferred to and processed in one or more countries, either within or outside the European Union or Switzerland. A list of the countries in which we operate can be found at

We may transfer data to the parties mentioned in the previous section that are located outside the European Economic Area, the United Kingdom or Switzerland:

- To countries that are deemed by the European Commission, the UK National Data Protection Authority or the Swiss Federal Data Protection and Information Commissioner to offer an adequate level of protection under Article 45 of the UK and EU GDPR or Article 6 of the Swiss Federal Data Protection Act (Article 16 of the revised Act). A list of these countries is available at the links (EU) and links (Switzerland).

- Where UP has put in place appropriate safeguards to preserve the privacy of your data. These measures usually include the use of standard contractual clauses approved by the European Commission, the UK National Data Protection Authority or the Swiss Federal Data Protection and Information Commissioner. Copies of these clauses are available at the links (EU), links (UK) and links (Switzerland). These measures are approved under Article 46 of the EU and UK GDPR and Article 6 of the revised Swiss Federal Data Protection Act.

These countries include the member states of the European Union, Switzerland, the United Kingdom and the United States.

By contacting us at the contact details given, you can request further information and obtain a copy of the relevant safeguard measures.

What data security measures do we take?

In accordance with applicable data protection laws, you have the following rights:

- Right to access and obtain a copy of your personal data: You have the right to ask the Company to confirm whether we process your personal data. In this case, you will be able to access part of your personal data and certain information on how we process it. In certain circumstances, you can request an electronic copy of your data and, in certain limited situations, you have the right to request the portability of your personal data to another third party provider.

- Right to rectification of your personal data: If you can prove that the personal data in our possession is incorrect, you have the right to request that it be updated or corrected.

- Right to oblivion or deletion of personal data: In certain circumstances, you have the right to request the deletion of your personal data. The request can be made at any time, but the Company will consider whether to grant it, taking into account the legal obligations to retain data. If the request is granted, the data will be deleted without undue delay.

- Right to restrict the processing of your personal data or to object to it: In certain circumstances, you have the right to restrict the processing of your personal data or to object to certain processing purposes for reasons related to your particular situation.

- Right to revoke consent: If the processing of your personal data is based on your consent, you have the right to revoke it at any time. However, revoking your consent will not affect the lawfulness of the processing carried out prior to the revocation. If you revoke your consent, we may not be able to provide you with certain products or services, and we will inform you of this at the time of revocation.

If you wish to exercise any of your rights, you can use the form provided by clicking here. If you have any problems with the link, you can contact us at

Lastly, you have the right to lodge a complaint with the data protection authority where you live or work, or where you believe there is a problem with your personal data.

How are changes to the Privacy Policy handled?
The terms of this Privacy Policy may change over time. The Company will notify you of any material changes by posting notices on this Website or by contacting you through other communication channels.

In the event that:

- You have questions or concerns regarding this Privacy Policy;

- You would like to receive further information on how we protect your data, e.g. when we transfer them outside the country;

- You want to contact UP's Data Protection Officer (DPO) or local privacy officer;

you can send an e-mail to UP's DPO at or to the local privacy officer at the same address:

To exercise any of your rights concerning your personal data, please fill in this form.