N2S srl (hereinafter referred to as "N2S" for the sake of brevity), with registered office in Via A. Fogazzaro, 54/56 - 36073 Cornedo Vicentino (VI) Italy, VAT no. 03883570248 - Tax code 03883570248, Tel. 0445.952800 - e-mail firstname.lastname@example.org, as Data Controller, is responsible for the confidentiality of your personal data and for guaranteeing the necessary protection from any event that might put them at risk of being violated.
The Data Controller undertakes to process your personal data in compliance with the GDPR, Legislative Decree 196/2003 and subsequent amendments and additions (hereinafter referred to as the "Privacy Code" for the sake of brevity), the relevant provisions and guidelines of the Data Protection Authorities and the national and European judicial authorities, as well as the applicable national and European legislation.
The Data Controller processes your personal data, collected when you visit the Site, when you use its services and/or when you access its contents, as well as when you contact the Data Controller also by filling in a contact form. By way of example, the Data Controller may acquire the following types of information:
N2S may also collect data relating to Your interaction with social networks (e.g. "Share" or Facebook's "Like") and/or external platforms (e.g. Google Maps). The interactions and information acquired through this modality are in any case subject to the privacy preferences set by You on each social network and/or external platform. In any case, the data controller of your data is the operator of the social network and the external platform.
Your data will be processed by the Data Controller exclusively for the purposes and within the limits set out in the following sections.
Personal data relating to you will be processed for the following purposes:
1) Use of the content and services offered through the Site;
2) Manage and process your requests for assistance, information and/or clarifications received by the Data Controller by means of a communication using the contact addresses on the Site or the contact form;
3) Fulfilment of obligations, including legal obligations, and any other obligation resulting from orders by the competent authorities, as well as the exercise or defence of a right or interest of the Data Controller or a third party deriving from the relationship.
In connection with the aforementioned activities, your Personal Data will also be processed for all related administrative, financial and/or legal operations.
Below we set out the legal basis of the processing for each of the purposes indicated in the previous section:
a. The legal basis of the processing for the purposes referred to in points 3.1) and 3.2) is to be found in the need to execute the contractual relationship to which you are party and/or to take pre-contractual measures at your request (Art. 6(1)(b) GDPR);
b. The legal basis of the processing for the purposes referred to in point 3.3) is to be found in the need to fulfil obligations, including legal obligations, and any other obligation arising from decisions of the competent authorities, as well as to exercise or defend a right or interest of the Data Controller or a third party.
The provision of your Personal Data for the purposes set out in points 3.1), 3.2) and 3.3) is necessary and a failure to do so will not allow the Data Controller to perform the requested service.
Only for the purposes specified above, the Data Controller may communicate your personal data to the following categories of subjects as Autonomous Data Controllers, Data Processors or External Data Processors:
- internal figures authorised to process data in accordance with their respective duties;
- public, financial and institutional bodies and/or administrations and/or authorities;
- entities, companies, freelancers and other entities that provide goods/services to the Data Controller;
- partners of the Data Controller for the performance of the service requested/assigned by the data subject;
- external accounting and tax consultants;
- legal consultants;
- computer technicians, internet service operators or other providers of telematic/digital services.
The processing of data is performed using printed material or computerised procedures by specially authorised persons. They are granted access to your personal data to the extent and within the limits necessary for the performance of the processing activities concerning you.
The Data Controller periodically checks the instruments through which your data are processed and the security measures established for them, which it constantly updates; it verifies, also through the persons authorised to process them, that no personal data are collected, processed, filed or stored whose processing is not necessary or whose purposes have been fulfilled; it verifies that the data are stored with a guarantee of integrity and authenticity and that they are used for the purposes of the processing actually undertaken.
The Data Controller guarantees that any data that, even after verification, prove to be superfluous or irrelevant shall not be used, except for the possible storage, in accordance with the law, of the act or document containing them.
The processing of users' personal data is carried out through the use of automated tools with reference to access data to the pages of the website.
The data are stored in paper, computer and electronic archives within the European Economic Area (EEA) and security measures are in place to protect them.
Should it become necessary for technical and/or operational reasons to use entities located outside the European Union, or should it become necessary to transfer some of the data collected to technical systems and services managed in the cloud and located outside the European Union, the processing will be carried out in accordance with the provisions of Regulation (EU) 2016/679. All necessary precautions will be taken in order to ensure the protection of personal data basing such transfer: a) on third country adequacy decisions expressed by the European Commission; b) on adequate guarantees expressed by the third party recipient in accordance with Article 46 of Regulation (EU) 2016/679; c) on the guarantees referred to in Article 49 of Regulation (EU) 2016/679.
Your personal data are stored for as long as it is necessary for the performance of the relationship with the Data Controller and for the fulfilment of obligations, including legal obligations, as well as the exercise of the rights arising therefrom.
Navigation data do not last for more than 12 months.
In any case, once all the purposes justifying the storage of your personal data have been fulfilled, the Data Controller will take care of deleting them or anonymising them.
In any case, your data may be stored - for the sole purpose of protecting any rights of defence - for a maximum of 10 years.
This type of service allows interactions with external platforms, specifically Google Maps, directly from the pages of this Application.
The interactions and information acquired by this Application are in any case submitted to the User's privacy settings relating to the external platform.
The rights you are granted allow you to be in control of your data at all times. You have the rights to:
Basically, at any time and free of charge and without any special charges or formalities for your request, you can:
The Data Controller shall do so without delay and, at the latest, within one month of receipt of your request. The deadline may be extended by two months if necessary, taking into account the complexity and number of requests received. In such cases, the Data Controller shall, within one month of receipt of your request, inform you and notify you about the reasons for the delay.
For any further information and to send your request, please write to N2S to the following e-mail address: email@example.com
Without prejudice to any other administrative or judicial action, you may lodge a complaint with the Italian Data Protection Authority whose contact details can be found at garanteprivacy.it. However, you may appeal to the Supervisory Authority of another Member State when the object of the processing only concerns an establishment in that Member State or substantially affects data subjects only in that Member State.
Any updates to this policy will be communicated to you promptly and by appropriate means, and you will also be informed if N2S processes your data for purposes other than those referred to in this policy, before doing so and in time to give your consent if necessary.
Last update: 29/05/2023