Privacy Policy and information pursuant to Article 13 of the EU Regulation 2016/679
With this privacy policy, pursuant to and in accordance with Art. 13 of EU Reg. 679/2016 (hereinafter, the “GDPR”) Nexo Service Srl intends to provide you, in a clear and transparent manner, with information regarding how the site is managed with regard to the processing of your personal data.
This information is provided for the Nexo Service.com and domusrome.com websites (hereinafter “Sites”) and their possible subdomains, and not also for other websites that may be consulted by the user through appropriate links. The Sites are owned and operated by Nexo Service Srl. Browsing and use of the Sites implies acknowledgement and acceptance of this Privacy Policy, which users/visitors are invited to read before submitting any kind of personal information and/or filling in any electronic form on the site itself. Nexo Service Srl reserves the right to change the terms of the Privacy Policy at any time, on the occasion of updates to the site, and such changes come into force the same day of the update.
The processing of the data collected, will take place in full compliance with the principles of fairness, transparency, limitation of storage, integrity and confidentiality, within the scope of the explicitly determined purposes, only to the extent strictly necessary for the pursuit of the same. By using Nexo Service Srl’s website, you consent to the collection, use and disclosure of your personal data to the company, in accordance with this Privacy Policy. Should you not wish to authorize such processing, please do not use the services provided by the site.
Minors
The services offered through this site are designed solely for use by an adult audience. Should we discover that a minor’s personal information has been collected without the necessary consent of a parent or guardian, we will take immediate action to destroy and delete that information altogether.
DATA CONTROLLER, DATA PROCESSORS AND AUTHORIZED PERSONS
The Data Controller is Nexo Service Srl with registered office and management at Via Sistina 57, 00187 Rome. The Data Controller, in order to provide the services offered, may make use of third parties, who will act on its behalf as Data Processors by virtue of an appropriate appointment. Your data may also be brought to the attention of parties who will act as persons authorized to process them.
DATA PROTECTION OFFICER
Nexo Service Srl pursuant to Article 37 of GDPR EU 2016/679, has proceeded to identify and appoint the Data Protection Officer (DPO) who can be contacted at the email address dpo@domusrome.com
NATURE OF DATA PROVISION AND TYPE OF DATA PROCESSED
The provision of data is mandatory in nature as it is necessary for the performance of the requested services.
Nexo Service Srl does not require the Data Subject to provide so-called “special” data, i.e., in accordance with the GDPR (art. 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the person’s health or sexual life or sexual orientation.
In the context of this Privacy Policy, personal data means any information that could enable your identification. In particular, through your navigation of the site, the following may be collected:
PERSONAL DATA: first name, last name, address, city, nationality, social security number, nationality, landline phone, cell phone, e-mail address.
The data are provided voluntarily and directly by the users. Any request for information or service from the user/visitor will result in the acquisition by Nexo Service Srl of the sender’s address and/or any other personal data
BANK DATA: IBAN only in the case of application for financing and/or operating leases
NAVIGATION DATA: Logs, browsing IP addresses.
The computer systems and software procedures responsible for the operation of this site acquire, in the normal exercise of their routines, some personal data that are then transmitted in the use of Internet communication protocols. This is information that by its nature could, through association and processing with data held by third parties, make it possible to identify users and visitors (e.g. IP address, domain names of the computers used by users/visitors connecting to the site, etc.); such data is collected automatically and exclusively for the purpose of enabling navigation on the site and, in an absolutely anonymous form, may also be used for statistical surveys;
Nexo Service Srl uses cookies and invites you, therefore, to read the Cookie Policy.
PURPOSE OF PROCESSING
Forms to be filled out, in the form of contact requests and registration for events and initiatives, include:
- data that are strictly necessary to adhere to what is of interest and whose failure to indicate does not allow the request to be carried out
- optional contribution data.
Mandatory data are, generally, clearly stated.
The data provided will be retained by the Data Controller for the following purposes and in accordance with EU Regulation 2016/679 (GDPR):
1- master registration for contact requests, sending of informational materials, invitations to events, and newsletter subscription
The processing of the Data Subject’s personal data is carried out in order to give effect to the activities preliminary and consequent to the request for personal registration, the management of requests for information and contact and/or the sending of informative material, the registration to events and initiatives such as webinars, conventions, seminars through dedicated forms, the subscription to the newsletter as well as for the fulfillment of any other obligation arising.
2 – The management of the contractual relationship
The processing of the Data Subject’s personal data is carried out to give effect to the activities preliminary and consequent to the purchase of a Service and/or a Product, the management of the related order, the provision of the Service itself and/or the production and/or shipment of the purchased Product, the related invoicing and management of payment, the processing of complaints and/or reports to the support service and the provision of the support itself, the prevention of fraud as well as the fulfillment of any other obligation arising from the contract.
3 – Promotional activities on Services/Products similar to those purchased by the Interested Party.
The data controller, even without your explicit consent, may use the contact information disclosed by the Data Subject, for the purpose of direct sales of its own Services/Products, limited to the case of Services/Products similar to those being sold, unless the Data Subject explicitly objects.
4 – The activities of commercial promotion on Services/Products different from those purchased by the Interested Party.
Personal data of the Data Subject may also be processed for purposes of commercial promotion, surveys and market research with regard to Services/Products that the Data Controller offers only if the Data Subject has authorized the processing and does not object to it.
Such processing may take place, in an automated manner, in the following ways:
- sms
- telephone contact
And can be carried out if:
(a) the Data Subject has not revoked his or her consent for the use of the data;
(b) if, in the event that the processing is carried out by means of contact with a telephone operator, the Interested Party is not registered in the oppositions register referred to in Presidential Decree no. 178/ 2010.
MODE OF TREATMENT
Data are processed by automated means (e.g., using electronic procedures and media) and/or manually (e.g., on paper) for the time strictly necessary to achieve the purposes for which the data were collected so as to provide you with the browsing experience and allow you to take advantage of the services you have requested and in any case in accordance with the relevant regulations. Nexo Service Srl has taken appropriate technical and organizational measures to ensure a level of security appropriate to the risk in accordance with Art. 32 of the GDPR, so as to prevent data loss, unlawful or incorrect use, and unauthorized access.
Personal data will be kept by Nexo Service Srl for the time strictly necessary to pursue the relevant purposes and in any case for a maximum time of 10 years.
CYBERSECURITY
The Data Controller, in line with the provisions of Recital 49 of the GDPR, processes, including through its suppliers (third parties and/or recipients), the Data Subject’s personal traffic data to the extent strictly necessary and proportionate to ensure network and information security, i.e., the ability of a network or information system to withstand, at a given level of security, unforeseen events or unlawful or malicious acts that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted.
The Controller will promptly inform the Data Subjects if there is a particular risk of a breach of their data without prejudice to the obligations under Art. 33 of the GDPR on personal data breach notifications.
RIGHTS OF INTERESTED PARTIES
The subjects to whom the personal data refer have the right at any time to exercise their rights under Articles 15 et seq. of the GDPR, consisting in particular of the right of access, rectification, cancellation, opposition and restriction of processing.
The Data Subject will also have the right to lodge a complaint with the Data Protection Authority.
Rights may be exercised by sending a request addressed to the Data Protection Officer at dpo@domusrome.com
