Política de privacidad



INFORMATION WITHIN THE MEANING OF ART. 13 OF THE EUROPEAN REGULATION N. 2016/679 (General Data Protection Regulation)

Hereby we would like to inform you that our company processes your personal data in full compliance with the current national and European legislation on the processing of personal data.

Pursuant to art. 13 of UE REGULATION 2016/679 we inform you that:

1. Data Controller

The Data Controller is NEM srl (VAT No. 00523800316), in person of the legal representative pro tempore, with registered office in SAN PIER D’ISONZO, Via degli Artigiani n. 9, www.nemsrl.it, hereinafter “the Data Controller”.

The Data Controller intends to provide the interested party with complete information on the purposes and methods of personal data processing.

2. Category of collected data

The collected data form part of the category of personal identification data (personal data, tax code or VAT number, IDs details) that are closely related to the managing of contractual and pre-contractual relationships (for example acquisition of preliminary information for the conclusion of an agreement, execution of operations based on the concluded agreement’s duties) as well as to the fulfilment of legal obligations.

3. Methods of personal data processing

Personal data (e.g. address, telephone number, email address, etc.) are processed on computer or with the aid of automated tools in compliance with the minimum security measures and, in any case, in such a way as to guarantee the integrity, security and confidentiality of the data.

4. Purposes of personal data processing

The Data Controller will process your personal data for the following purposes:

  1. Execution of contractual and pre-contractual activities;
  2. Fulfilment of tax and legal obligations;
  3. Conduct of surveys on the level of client satisfaction and the quality of the provided services;
  4. Direct and indirect marketing and market research;
  5. Sending commercial/promotional information;
  6. Sending newsletters for information and promotional purposes;
  7. Sending emails for information, promotional and advertising purposes.

Your personal data will also be processed in compliance with the principles of correctness, lawfulness, transparency, for purposes related to the contractual relationship (registration in the System, performance of accounting and administrative obligations, invoicing, sending communications relating to the business relationship, etc.), and closely related to the fulfilment of obligations concerning the aforementioned points.

The consent you have expressed is the legal basis of the processing pursuant to art. 13, clause 1), letter c) of the GDPR.

5. Nature of the provision

The provision of your data for the purposes referred to points 1) and 2) of the art. 3 does not require any consent since it is preliminary and essential to any contractual and pre-contractual relationship.
The provision of your data for the purposes referred to points 3), 4), 5), 6), 7) of the art. 3 is optional and requires your express consent. Failure to consent will only entail the following consequences: the inability to send commercial and/or promotional information as well as newsletters for information purposes and the inability to communicate personal data to third parties for marketing purposes.
In any case, if you have given the express consent to authorize the Data Controller to pursue the purposes referred to 

points 3), 4), 5), 6), 7) of the art. 3, you will be able to revoke it at any time without formalities, sending a clear communication about it to the email address privacy@nemsrl.it . Following receipt of your opt-out request, the Data Controller will promptly remove and delete all data from the databases used for processing them for direct and indirect marketing purposes and for sending newsletters and will inform, for the same cancellation purposes, any third parties to whom these data have been communicated. The simple receipt of your cancellation request will automatically count as confirmation of cancellation.

6. Recipients or category of recipients of personal data

Your personal data, for the purposes described above, may be brought to the attention of employees and/or collaborators of the Data Controller and communicated to the following subjects:

  1. Credit institutions for the management of any possible takings and payments deriving from the execution of an agreement;
  2. Couriers and shippers of postal services;
  3. Professional, legal, tax, commercial and organizational consultancy offices;
  4. Third party companies appointed by the Data Controller to execute the obligations assumed by the latter for the fulfilment of data processing based on the purposes referred to points 1) and 2) of art.3;
  5. All subjects (including Public Authorities) who have the right to access data under regulatory and administrative provisions;
  6. Third party companies that provide essential support services to data processing and have direct or indirect access to your data;
  7. Third party companies appointed by the Data Controller to process data based on the purposes referred to points 3), 4), 5), 6), and 7). All collaborators or suppliers, used by the Data Controller for processing your personal data, have been appropriately and legally authorized and empowered on the procedures and purposes of the processing attributed to them and will act in compliance and accordance with this report.

The personal data you have provided, for the purposes described above, may be transferred to business partners for the data processing based on the purposes referred to points 3), 4), 5), 6), 7), of the art.3.
The personal data you have provided and that have been subsequently processed with regard to the management of the service are not subject to disclosure.

7. Data retention time

Your personal data will be kept for the time defined by the relevant legislation, which is specified here below pursuant to art. 13, clause 2, letter a) GDPR:

  1. For the purposes indicated in points 1), 2) of art.3 for the time prescribed by the laws in force and in any case for a period not shorter than 10 (TEN) years and/or until the conclusion of the contractual relationship;
  2. For the purposes indicated in points 3), 5), 6) and 7) of the art. 3 for 3 (THREE) years from the moment of consent to processing;
  3. For the purposes indicated in point 4) of the art. 3 per 1 (ONE) year from the moment of consent to processing;

8. Exercise of rights by the interested party

Pursuant to art. 13, clause 2, letters b) and d), 15, 18, 19 and 21 GDPR we inform the interested party that has the right to:

  1. Access personal data: to know if your personal data have been currently processed or not and, in this case, access to the following information: purposes, data categories, recipients, retention period, right to lodge a complaint with a supervisory authority, right to request the amendment or cancellation or limitation of processing or opposition to the processing itself as well as the existence of an automated decision-making process;
  2. Request of data amendment or cancellation or limitation of their processing; “limitation” means to mark the retained data with the aim of limiting their processing in the future;
  3. Opposition to processing: to oppose to the data processing, for reasons related to your specific situation, for the execution of a task of public interest or for the pursuit of a legitimate interest of the Data Controller;
  4. Data portability: in case of automated processing carried out on the basis of consent or execution of an agreement, you have the right to receive your data in a format of common use, legible by automatic devices; in particular, data will be provided by the Data Controller in format .xml;
  5. Revocation of consent to processing for marketing purposes, both direct and indirect, market research and profiling; the exercise of this right doesn’t prejudice in any way the lawfulness of the processing  carried out before the revocation;
  6. Lodge a complaint pursuant to art. 77 RGPD with the supervisory authority concerned, according to your usual residence, working place or place of violation of your rights; in Italy, the authority concerned is the Guarantor for the protection of personal data. You can find its contact details on the following website http://www.garanteprivacy.it.

You can exercise the aforementioned rights by sending a specific request to the Data Controller via the contact channels indicated in art. 1 of this report.
Requests relating to the exercise of your rights will be processed without undue delay and, in any case, within one month from their receipt; only in cases of particular complexity or high number of requests, the deadline may be extended by a further 2 (TWO) months and data portability;
We inform you specifically and separately, as required by art. 21 GDPR, that, if personal data are processed for marketing purposes, the interested party has the right to object at any time and, if the interested party objects to processing, personal data can no longer be processed for these purposes.
The exercise of rights is not subject to any form constraint and is free. The email address for the exercise of rights is privacy@nemsrl.it