WEBSITE POLICY PURSUANT TO THE PROVISIONS OF ART. 13 AND 14 OF EUROPEAN REGULATION 2016/679 (GDPR)
Specific summary information will progressively be indicated or displayed on website pages dedicated to particular services on request requiring the submission of data collection forms. We also inform you that, to provide a complete service, our website may contain links to other websites, not managed by NAX B – Nordic Alliance X Business (hereinafter “NAX B”). NAX B is not responsible for errors, contents, cookies, publication of illegal moral content, advertising, banners or files that do not comply with the laws in force and the respect of Privacy laws by sites not managed by the Controller.
NAX B, with registered office in Salita San Nicola da Tolentino, 1/B, Rome (RM), which can be contacted by e-mail at email@example.com – pursuant to Italian Legislative Decree 196/2003, as subsequently amended and integrated (“Italian Privacy Code”) and the General Regulation on the Processing of Personal Data 679/2016 / EU (“European Regulation”) in its capacity as Data Controller of your personal data, pursuant to and in accordance with articles 13 and 14 of European Regulation, hereby informs you that the aforementioned regulation establishes the protection of data subjects as regards personal data processing and that said processing shall be grounded in the principles of propriety, lawfulness, transparency and shall ensure the protection of your confidentiality and rights. Personal data and information submitted by you or otherwise acquired while using the website shall be processed in compliance with provisions set forth in the aforementioned legislation and confidentiality requirements established therein and the data provided will be processed for the time strictly necessary for which they were collected.
TYPE OF DATA PROCESSED
- Navigation Data: IP addresses or domain names of computers and other devices used by users who connect to the site; URI (Uniform Resource Identifier) addresses of requested resources and any time indications thereof; parameters relating to the user’s operating system and IT environment; start and finish pages; Navigation index and identification behaviour during display of site pages.
- Personal data supplied voluntarily by the user: the optional, explicit, voluntary sending of emails to the addresses provided on this site and the compilation of forms it contains implies the subsequent acquisition of the sender’s personal data (for example, name, surname and email address). Specific, summarised information is provided on the pages where forms are available.
PURPOSE OF PROCESSING
Your data collected during browsing will be processed for the following purpose:
- performance of operations closely related and instrumental to the management of relations with users or with visitors of the website.
The processing of data to fulfill the purpose referred is necessary for your request and any refusal may limit and/or prevent full use of functionalities and services available on the website. The legal basis for the processing of your data for the purpose set out in point 1is the fulfilment of your request, pursuant to Article 6, first comma, subsection b) of the GDPR; if you were to refuse to contribute these data, you would be unable to use the Site.
COOKIES AND OTHER TRACKING SYSTEMS
PERSONAL DATA PROCESSING METHODS
in compliance with the procedures indicated as per articles 6, 32 of the GDPR and through the adoption of the appropriate security measures provided.
USE OF SOCIAL MEDIA PLATFORMS
RECIPIENTS OF PERSONAL DATA AND DATA DISSEMINATION
Your data will be processed by duly authorised staff and will be disclosed to companies acting in their capacity as autonomous Controller or Data processor:
- external parties that provide cloud services;
- technical assistance service providers;
- companies that provide third-party services;
- companies that provide the ordinary and extraordinary maintenance of the website
- You may request the full list by writing to the Controller
Your data will not be distributed.
TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION
You may request from the Data Controller a copy of the safeguard measures adopted for the extra-EU transfer of your personal data, as well as information on the places where they have been made available, by formulating a specific request to the Data Controller via the privacy e-mail address firstname.lastname@example.org.
APPLICATION OF THE POLICY HEREIN
If you have any doubts regarding this Policy, please contact NAX B.by sending an e-mail to email@example.com.
RIGHTS OF DATA SUBJECTS (EU Reg. 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22)
- The data subject is entitled to obtain confirmation as to the existence or otherwise of personal data concerning them, even if said data is yet to be recorded, and the disclosure of said data in an intelligible form, as well as to lodge a complaint with the Supervisory Authority.
- The data subject has the right to receive the following information:
a. the source of personal data;
b. the purposes and processing methods;
c. the logic applied in the event processing is carried out by electronic instruments;
d. the identification details of the data controller, of the processors and of the appointed representative according to art. 5, para. 2;
e. the subjects and categories of subjects to whom the personal data may be disclosed or who may become aware of said data in their capacity as designated representative in the country, as data processors or personnel authorised to process personal data.
- The data subject is entitled to obtain:
a. the updating, rectification or, if interested, the integration of data;
b. the erasure and transformation into anonymous form of any unlawfully processed data or data blocks, including those whose retention is not required in relation to purposes for which data were collected or successively processed;
c. certification that operations specified in letters a) and b) have been disclosed, together with their content, to the people to which data has been disclosed or provided, unless this proves impossible or requires the use of means clearly disproportionate to the right being protected;
d. data portability.
- The data subject is entitled to raise a total or partial objection:
a. for legitimate reasons, to the processing of the personal data concerning them, even if pertaining to the purpose of collection;
b. to the processing of personal data for the purpose of sending advertising materials or making direct sales or for carrying out market surveys or sales communications.
DATA STORAGE TERMS
The personal data of the interested party will be kept for the time limits specified below, as indicated in accordance with art. 13, paragraph 2 of the Regulations.
The personal data provided will be kept (in electronic archives) until deemed necessary for the provision of the services and services requested, and subsequently they will be deleted, and in any case for a period not exceeding 36 months from collection, if they are not used for further contractual purposes previously authorized by the interested party / user. The navigation data will be kept for 38 months.
AMENDMENTS TO THIS POLICY