PURSUANT TO EU REGULATION 2016/679 – GDPR
NTE Process Srl considers the protection of the personal data of its users (hereinafter, the “Users”) of fundamental importance and guarantees that the processing of personal data carried out through the site https://nte-process.com (hereinafter, the “Site”) takes place in compliance with the rights of the interested party’s data, with particular reference to confidentiality, the protection of personal identity and the right to the protection of personal data (hereinafter, the “Data”), in compliance with the provisions of the Regulation European no. 679/2016 (hereinafter, the “GDPR”) and other national and community provisions of reference.
The subject who determines the purposes and methods of data processing, or the Data Controller is NTE Process Srl, Via Milano, 14 / N – 20064 – Gorgonzola (MI) Italy, tel: +39 02.9516875, mail: info @ nte-process .com (the “Company” or the “Owner”).
All employees of the Company who access, or will access, Users’ data operate / will operate under the direct authority of the Data Controller, are / will be appointed persons authorized to process personal data and have / will have received adequate operating instructions in this regard.
Users may address any type of communication and request to the Data Controller at the aforementioned postal, fax or certified mail addresses.
Types of data processed and methods of processing
The Company collects some personal data of Users, such as name, surname, email address, company reference and aggregated information while browsing the Site, other personal data provided voluntarily by the User when requesting services offered by the Site or requesting information. sent to the Site by e-mail.
The personal data of the Users, therefore, may be processed, by automated means, during navigation, at the time of the request for the supply of a single service.
Furthermore, in the event that a User contacts us to request information, the Company will collect his personal data in order to be able to provide an answer.
Nature of data
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow Users to be identified.
This category of data includes the IP addresses or domain names of the computers used by the Users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the Users.
Data provided voluntarily by the User
The Company also collects the personal data of Users entered in the service request forms, as well as forwarded to the Data Controller by e-mail.
This is mainly information necessary to provide the User with the requested services, or to meet specific requests.
Personal data automatically placed on Users’ computers (Cookies)
Cookies are small files, generally short strings of text and numbers, containing information entered on the Users browser when a website is visited.
They perform various and important functions within the network (execution of computer authentication, session monitoring, storage of information on specific configurations regarding Users who access the server, storage of preferences, etc.), both aimed at promoting technical functionality. of the site is to carry out behavioral analysis of navigation.
While browsing, Users may also receive cookies from different sites on their terminals (so-called “third-party” cookies), set directly by the managers of said websites and used for the purposes and in the manner defined by them.
Purpose of the processing of personal data
The Data Controller will process the Users’ personal data for the following purposes:
1) requirements relating to the operations of authorization, enabling and personalization of access to the various areas and related contents of the Site;
2) direct marketing activities, aimed at promoting the services, products and brands of the Company, both with traditional communication methods (e.g. paper mail, telephone calls from the operator, etc.), and with automated electronic methods referred to in art. 130, paragraphs 1 and 2 of Legislative Decree 196/03 and, possibly, referred to in the community and / or national provisions that will replace / integrate the aforementioned legislation;
3) analysis and market research activities, both with traditional methods of communication (e.g. paper mail, telephone calls from the operator, etc.), and with automated electronic methods pursuant to art. 130, paragraphs 1 and 2 of Legislative Decree 196/03 and, possibly, referred to in the community and / or national provisions that will replace / integrate the aforementioned legislation;
4) sending newsletters and periodic updates (e.g. by e-mail) relating to services, initiatives and events organized by or in collaboration with the Company, including invitations to the aforementioned events, both with traditional communication methods (e.g. paper mail, telephone calls from the operator, etc.), both with automated electronic methods pursuant to art. 130, paragraphs 1 and 2 of Legislative Decree 196/03 and, possibly, referred to in the community and / or national provisions that will replace / integrate the aforementioned legislation;
5) based on the legitimate interest of the owner, based on the provision referred to in art. 130, paragraph 4 of the Legislative Decree. 196/2003, according to which “if the data controller uses the e-mail coordinates provided by the interested party in the context of the sale of a product or service for the purposes of direct sales of its products or services, he / she may not request the consent of the interested party, provided that these are services similar to those being sold and the interested party, adequately informed, does not refuse such use, initially or on the occasion of subsequent communications. The interested party, at the time of collection and at the time of sending any communication made for the purposes referred to in this paragraph, is informed of the possibility of opposing the processing at any time, easily and free of charge “(purposes referred to in paragraph 4, sub 4).
Legal bases of the processing
The processing of data for the purposes listed above is carried out:
- a) in execution of the contract of which the User requests to be a party or during the pre-contractual phase, in execution of pre-contractual measures adopted at the request of the latter (purpose sub 1));
- b) to satisfy the legitimate interest of the Data Controller, (purpose sub 5));
- c) after obtaining the express consent of the User (purpose sub 2); 3)).
Consequences of failure to provide the data
Except as specified for navigation data, Users have the right to provide or not personal data in the forms for registration on the Site or for requesting services available on the Site, to propose themselves as candidates for the courses proposed by the Company, or by sending a request for information from the Site by e-mail.
The provision to the Company of the Users’ personal data, which are requested in the various collection occasions, may be, in some cases, indispensable for the pursuit of the purposes identified in the specific information.
The need for the provision is, in such cases, specified by the symbol (*) next to the information.
The provision of data for the purposes listed in points 2); 3) requires express consent, pursuant to the GDPR.
The consent given for the sending of commercial and promotional communications by electronic means is also understood to be given in relation to traditional methods of contact.
In case of refusal to provide the data requested for the purposes listed in points 1), the consequence may be the impossibility for the Company to manage the relationship with the User and to respond to his requests.
In case of refusal to provide the data requested for the purposes listed in points 2); 3), 4) the consequence could be the mere impossibility for the Company to carry out the activities indicated therein and therefore for the User to receive commercial information and updates with respect to the activities of the Company.
The processing of the Data will be based on the principles of lawfulness, correctness, transparency, proportionality and minimization and can also be carried out through automated methods designed to store, manage and transmit them and will take place using suitable tools, as far as reason and state of the art is concerned, to guarantee security and confidentiality through the use of suitable procedures that avoid the risk of loss, unauthorized access, illicit use and dissemination.
In addition to the employees and / or collaborators of the Company – authorized to carry out processing operations on the instructions of the same Company and who will act under the supervision of the Data Controller – who may become aware of the Data, the latter will be (or could be) communicated to:
- a) tax consultants of the Company;
- b) IT consultants and electronic and cloud service providers of the Company;
- c) legal advisors of the Company;
- d) competent authorities (such as, for example, the authorities and bodies responsible for managing training and intermediation of job supply and demand);
- e) subjects who can access your data under the provisions of law or secondary or community legislation;
The Data will not be disseminated.
Data retention period
The Data will be stored in electronic format, with limited access rights and kept for the period of time strictly necessary to comply with legal and contractual obligations.
In this regard, it is specified that the Data:
1) necessary for the fulfillment of requests will be kept for the period strictly necessary to process the request, if the same does not have a contractual follow-up;
2) necessary to guarantee the Company compliance with legal obligations (eg accounting and tax legislation) will be kept for the period indicated by the applicable legislation;
3) necessary for carrying out marketing activities pursuant to art 130 c. 4 will be kept until the interested party opposes
4) the data necessary for direct marketing will be kept for 5 years from the consent given
Data transfer abroad.
The Data may be transferred outside the European Economic Area, in accordance with the principles set out in Articles. 45 and 46 of the GDPR.
Rights of Users with regard to their personal data
The User has the right to ask the Owner:
1) access to data;
2) the correction of data;
3) the cancellation of data;
4) the integration of incomplete data;
5) limitation of data processing with regard to specific purposes;
6) to receive the Data in a structured format, commonly used and readable by an automatic device and to transmit them to another data controller (so-called portability);
7) to withdraw consent where given;
8) to object in whole or in part to the use of the Data;
9) to lodge a complaint, pursuant to art. 77 of the GDPR, to the national supervisory authority of the member state of the European Union in which the User has his habitual residence or place of work or where the alleged violation of his right has occurred; if this State is Italy, the subject to which the User can contact is the Guarantor Authority for the protection of personal data.
It should be noted that the User’s right to object to the processing of Data for the purposes listed in points 3), 4) and 5), carried out through automated contact methods, extends to traditional methods and the possibility for the User remains unaffected. to exercise this right in part, that is, in this case, by opposing, for example, only the sending of promotional communications via automated tools.
The rights referred to in the above list may be exercised, among other things, by writing by e-mail by writing to the Owner at the address indicated in point 2 of this information.
Third party sites