WEBSITE USER PRIVACY INFORMATION NOTICE
According to EU Regulation n. 679 of 27 April 2016 (the “GDPR“), Nurjana Technologies S.r.l. (the “Company“) provides the following information regarding the processing of personal data (the “Data“) of the users of its website (the “Website“).
A. DATA CONTROLLER
The Controller of the Data of the Website’s Users is the Company.
If you have any question or comment about this notice, please contact us:
- by e-mail, at firstname.lastname@example.org;
- by fax, at the following number: +39 070 240924;
- by mail, at the following address: Via M. Betti 27/29, 09067, Elmas (CA), Italy
B. DATA PROCESSED
The Data processed through the Website are the following:
1) Browsing data
The computer systems and software procedures used to run the Website automatically acquire, during normal operations, some information relating to web browsing, the transmission of which is implicit in the use of internet communication protocols. This information is not collected to be associated with identified data subjects, but by their nature could, through associations and processing with data held by third parties, allow users to be identified. These Data are used only to obtain anonymous statistical information on the use of the Website and to check its correct functioning, to identify anomalies and/or abuses, and are deleted immediately after processing. The Data could be used to ascertain responsibility in case of hypothetical computer crimes against the Website or third parties.
2) Data collected through cookies
Browsing the Website involves receiving cookies, that are short text strings that the visited website sends to the user’s browser (i.e. the program you need to browse), where they are stored before being re-transmitted to the same websites during the subsequent visits.
The user can set his browser to be warned of the presence of cookies and decide whether to accept a specific cookie or to automatically refuse all cookies.
C. LEGAL BASIS, NATURE AND PURPOSES OF THE PROCESSING
The Data of the Website’s users will be processed for the following purposes:
- allow the browsing of the Website, including the aspects related to the security management of the same Website;
- allow the provision of services made available by the Company;
- fulfill any obligations required by applicable laws, regulations or EU legislation, or meet requests from public authorities;
- for the development of statistics, without making possible to trace the Data subject’s identity.
The legal basis for the Data processing for the purposes referred to in point 1) is art. 6.1 f) GDPR, i.e. the legitimate interest of the Company in the proper functionning of the Website.
The legal basis for the Data processing for the purposes referred to in point 2) is art. 6.1.b) GDPR, i.e. the processing is necessary for the execution of a contract of which the data subject is part or the execution of pre-contractual measures adopted on request of the same Data subject.
The legal basis for the Data processing for the purposes referred to in point 3) is art. 6.1.c) GDPR, i.e. the processing is necessary to fulfill a legal obligation to which the Company is subject.
The provision of Data for the purposes referred to in points 1), 2) and 3) is optional, but the failure to provide such Data would make it impossible to activate the services requested.
Instead, the processing referred to in point 4) does not entail the possibility of identifying the data subjects and, therefore, can be freely carried out by the Company. However, the originary Data processing used to derive the statistical indicators is based on the art. 6.1.f GDPR, that is the legitimate interest of the Company in developing statistics related to its operations.
D. DATA COMMUNICATION
The Data can be shared with:
1) subjects that typically act as Data processors pursuant to art. 28 GDPR, i.e. subjects that cooperate with the Company for the pursuit of the abovementioned purposes;
2) subjects, organizations or authorities to which it is mandatory to communicate the Data according with legal provisions or orders of the authorities;
3) persons authorized by the Company, pursuant to art. 29 GDPR, to the processing of Data necessary to carry out activities strictly related to the provision of services, which have an adequate legal obligation of confidentiality.
E. DATA TRANSFER
With regards to the possible Data transfer to Countries not belonging to the European Economic Area, the processing will take place according to one of the methods allowed by the applicable law. It is possible to obtain further information, upon request, by contacting the Company at the contacts listed above.
F. DATA RETENTION
The Data will be kept for the time strictly necessary to achieve the purposes of the processing, by applying the principles of minimization and proportionality. Anyhow:
1) for the processing activities carried out for the provision of services, the Company will keep the Data for the period envisaged and admitted by the Italian legislation for the protection of its interests (Article 2946 of the Italian Civil Code and subsequent amendments);
2) the Data processed to fulfill legal obligations will be kept up to the time required by the specific applicable legal obligation or rule.
More information about the data retention period and the criteria used to determine this period can be requested by contacting the Company at the contacts listed above.
G. DATA SUBJECTS’ RIGHTS
Pursuant to articles 15-22. GDPR, the Data subject has the right to ask the Company to access to his own Data, the correction or deletion of the same Data or to oppose to their processing, to request the limitation of the processing in the cases provided for by art. 18 GDPR, as well as to obtain in a structured format, commonly used and readable by an automatic device, his Data, in the cases provided for by art. 20 GDPR.
Requests should be sent in writing to the Company at the contacts listed above.
However, if the Data subject considers that the processing of his Data is contrary to the applicable legislation, he has always the right to lodge a complaint to the relevant control authority, pursuant to art. 77 GDPR.