NAMIRIAL INFORMATION TECHNOLOGY

Support Portal

Privacy Policy

DATA PROCESSING HOLDER

NAMIRIAL S.P.A
VIA CADUTI SUL LAVORO, 4
60019 SENIGALLIA (AN)
P.I. IT02046570426

 


 

TYPES OF DATA COLLECTED

Among the Personal Information collected by this Application, either independently or through third parties, there are: Cookies, Usage Data, email address, first name, last name, phone number and various types of Data.

Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data are collected.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Application.

All the Data required by this Application are mandatory and, in the absence of their provision, it may be impossible for this Application to provide the service. In cases where this Application indicates some Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the service or on its operation.

Users who have doubts about which data are mandatory, are encouraged to contact the owner.

Any use of Cookies – or other tracking tools – by this Application or by third party service providers used by this Application, unless otherwise specified, is intended to provide the service requested by the User, in addition to the additional purposes described in this document and in the Cookie Policy, if available.

The User assumes the responsibility of the Personal Data of third parties published or shared through this Application and guarantees to have the right to communicate or disseminate them, freeing the Owner from any liability to third parties.

 


 

METHOD AND PLACE OF THE TREATMENT OF DATA COLLECTED

Method of treatment
The Data Controller processes the Personal Data of Users by adopting appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
Processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may have access to the Data subjects of the persons involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (as suppliers of third party technical services, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.

Place
The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, please contact the owner.

Times
The Data are processed for the time necessary to perform the service requested by the User, or required by the purposes described in this document, and the User can always ask for the interruption of treatment or deletion of data.

 


 

PURPOSE OF DATA PROCESSING COLLECTED

The Data concerning the User is collected to allow the Owner to provide its services, as well as for the following purposes: Saving and managing backups, Analytics, Displaying content from external platforms, Registration and authentication, SPAM protection, Social interaction external networks and platforms, Remarketing and behavioral targeting and Contacting the User.

The types of Personal Data used for each purpose are indicated in the specific sections of this document.

 


 

SCOPE OF COMMUNICATION AND POSSIBLE DIFFUSION

The data of customers and customers can be communicated to public administrations or public service when the application for participation in procedures for the selection of the contractor is presented, for the purpose of awarding contracts or concessions for the supply of goods or services, as required by the legislation on public procurement, for purposes of technical qualification.

The data relating to the contract and service activity can be communicated to commercial consultants for administrative and accounting purposes and to lawyers for possible management of disputes.

The data, with the exception of those of a sensitive and judicial nature, may be disclosed to those (private or public administration), even outside the European Union, in its legitimate interest and taking advantage of a right expressly attributed to it by specific legislation in force. subject, requires an assessment of the identity of the service provider provided by Namirial® SpA for investigative purposes or in any case for the protection of one’s own legitimate interest.

The data may also be communicated or made accessible to the subsidiaries and / or affiliates of Namirial® SpA, to other parties involved in the maintenance of IT systems as well as to the parties involved in specific processing phases, as managers of Namirial ® SpA, whose names can be verified at the request of the interested parties.

The data may also be disclosed to police bodies or judicial authorities for the purpose of ascertaining or suppressing crimes committed by users of electronic services, where necessary.

The data are not subject to disclosure, except for the data of companies and companies for commercial reference purposes.

 


 

PARTICULAR TREATMENTS FOR THE VERIFICATION OF CUSTOMER IDENTITY

In addition, we inform you that Namirial has adopted a system of audio-video recording called “Video Secure Identity” (in the abbreviation “ViSI”), which is used for the identification of the interested party and for the registration of consent, in order to correctly execute requests for the conclusion of contracts for the supply of goods or for the execution of services at a distance, without the necessary physical presence.

The data recorded through the ViSI system, in order to issue digital signature certificates and / or PEC boxes, are stored in digital format for a period of 20 years, in accordance with the provisions of art.32, co.3 , letter j) of the d. lgs. 82/2005 and s.m.i. (Digital Administration Code).

As for the “PEC” service, we inform the holders of certified mailboxes that is mandatory by Namirial, as service provider, registration and retention of traffic data for purposes of investigation and prosecution of offenses , excluding however the contents of the communications. Traffic data may be communicated to the judicial authorities and to the police for the purposes mentioned above.

 


 

DETAILS ON THE PROCESSING OF PERSONAL DATA

Personal Data is collected for the following purposes and using the following services:

Mailing list or newsletter
By registering with the mailing list or the newsletter, the User’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional information, relating to this Application may be transmitted. The email address of the User could also be added to this list as a result of registration to this Application or after making a purchase.

  • Personal Data collected: surname, email address and first name


Contact by phone
Users who provided their telephone number may be contacted for commercial or promotional purposes related to this Application, as well as to satisfy requests for support.

  • Personal Data collected: telephone number


Contact form
By filling out the contact form with their Data, the User consents to their use to respond to requests for information, quotes, or any other kind indicated by the form header.

  • Personal Data collected: surname, email address, first name and various types of Data


Interaction with social networks and external platforms
This type of services allows you to make interactions with social networks, or other external platforms, directly from the pages of this application. The interactions and information acquired by this Application are in any case subject to the User’s privacy settings related to each social network. In the event that an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, the same collect traffic data relating to the pages in which it is installed;


+1 button and Google+ social widgets (Google Inc.)
The +1 button and Google+ social widgets are services for interacting with the Google+ social network, provided by Google Inc.

  • Personal Data collected: Cookies and Usage Data
  • Place of processing: USA – Privacy Policy


Like button and Facebook social widgets (Facebook, Inc.)
The “Like” button and Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc.


YouTube social button and widgets (Google Inc.)
The button and the social widgets of YouTube are services of interaction with the YouTube social network, provided by Google Inc.

  • Personal Data collected: Usage Data
  • Place of processing: USA – Privacy Policy


Protection from SPAM
This type of service analyzes the traffic of this application, potentially containing personal data of users, in order to filter it from parts of traffic, messages and content recognized as SPAM


Google reCAPTCHA (Google Inc.)
Google reCAPTCHA is a protection service from
Use of the reCAPTCHA system is subject to Google’s privacy policy and terms of use

  • Personal Data collected: Cookies and Usage Data
  • Place of processing: USA – Privacy Policy


Registration and authentication
By registering or authenticating the User allows the Application to identify it and give it access to dedicated services. Depending on the following, the registration and authentication services may be provided with the help of third parties. If this happens, this application will be able to access some data stored by the third party service used for registration or identification.


Google OAuth (Google Inc.)
Google OAuth is a registration and authentication service provided by Google Inc. and connected to the Google network.

  • Personal Data collected: various types of Data as specified in the privacy policy of the service.
  • Place of processing: USA – Privacy Policy


Remarketing and behavioral targeting
This type of service allows this Application and its partners to communicate, optimize and serve advertisements based on the past use of this Application by the User. This activity is carried out by tracking Usage Data and the use of Cookies, information that is transferred to the partners to whom the activity of remarketing and behavioral targeting is connected. In addition to the options for the opt-out offered by the following services, the User can opt for the exclusion from the reception of cookies related to a third party service, by visiting the opt-out page of the Network Advertising Initiative.


Remarketing with Google Analytics for display advertising (Google Inc.)
Google Analytics for display advertising is a remarketing and behavioral targeting service provided by Google Inc. that links the tracking activity carried out by Google Analytics and its Cookies with the Adwords advertising network and the Doubleclick Cookie.

  • Personal Data collected: Cookies and Usage Data
  • Place of processing: USA – Privacy Policy


Facebook Remarketing (Facebook, Inc.)
Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. which links the activity of this Application with the advertising network Facebook.


Saving and managing backups
This type of services allows saving and management of backups of this application on external servers managed by the service provider. These backups may include both the source code and the contents thereof and the data provided to this Application by the User.


Backup to Google Drive (Google Inc.)
Google Drive is a backup rescue and management service provided by Google Inc.

  • Personal Data collected: various types of Data as specified in the privacy policy of the service.
  • Place of processing: USA – Privacy Policy


Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.


User ID extension for Google Analytics (Google Inc.)
Google Analytics on this Application uses a function called User ID. This allows a more accurate tracking of Users by assigning each one a unique ID for various sessions and devices, but in such a way as not to allow Google to personally identify an individual or permanently identify a specific device. The User ID extension also allows you to connect Data from Google Analytics with other User Data collected by this Application. The Opt Out link provided below will disable the tracking for the device you are using, but does not exclude additional tracking activities made by the Owner. To deactivate the latter, contact the owner via the contact email address.

  • Personal Data collected: Cookie.
  • Place of processing: USA – Privacy Policy – Opt Out


Google Analytics with anonymized IP (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network. This integration of Google Analytics makes your IP address anonymous. Anonymisation works by shortening the IP address of the Users within the borders of the member states of the European Union or in other countries participating in the agreement on the European Economic Area. Only in exceptional cases, the IP address will be sent to Google’s servers.


Google Analytics (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network


Google Tag Manager (Google Inc.)
Google Tag Manager is a statistical service provided by Google Inc

  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: USA – Privacy Policy


Tracking conversions of Google AdWords (Google Inc.)
Google AdWords Conversion Tracking is a statistics service provided by Google Inc. that links data from the Google AdWords ad network with actions taken within this Application

  • Personal Data collected: Cookies and Usage Data
  • Place of processing: USA – Privacy Policy


Tracking conversions of Facebook Ads (Facebook, Inc.)
Tracking conversions of Facebook Ads is a statistics service provided by Facebook, Inc. that connects data from the Facebook ad network with the actions performed within this Application.

  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: USA – Privacy Policy


Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this application and interact with them. In the event that a service of this type is installed, it is possible that, even if the Users do not use the service, the same collect traffic data relating to the pages in which it is installed.


Google Fonts (Google Inc.)
Google Fonts is a service of visualization of styles of character managed by Google Inc. that allows this Application to integrate such contents within its pages.

  • Personal Data collected: Usage Data and various types of Data as specified in the privacy policy of the service
  • Place of processing: USA – Privacy Policy

Google Maps widget (Google Inc.)
Google Maps is a map visualization service managed by Google Inc. that allows this application to integrate such contents within its pages.

  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: USA – Privacy Policy


YouTube Video Widget without cookies (Google Inc.)
YouTube is a video content display service managed by Google Inc. that allows this application to integrate such content within its pages. This widget is set so that YouTube does not save information and cookies about Users on this Application, unless they play the video.

  • Personal Data collected: Usage Data.
  • Place of processing: USA – Privacy Policy


YouTube Video Widget (Google Inc.)
YouTube is a video content display service managed by Google Inc. that allows this application to integrate such content within its pages.

  • Personal Data collected: Cookies and Usage Data
  • Place of processing: USA – Privacy Policy


Video Vimeo (Vimeo, LLC)
Vimeo is a video content visualization service managed by Vimeo, LLC that allows this application to integrate such contents within its pages.

  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: USA – Privacy Policy


Cookie Policy
This application uses cookies. To learn more and for detailed information, you can consult the Cookie Policy.

 


 

ADDITIONAL INFORMATION ABOUT TREATMENT


Defense in court

The User’s Personal Data may be used by the Owner in court or in the stages leading to his possible establishment for the defense against abuse in the use of this Application or related services by the User.
The User declares to be aware that the Data Controller may be required to disclose the Data at the request of the public authorities.


Specific information

At the request of the User, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific services, or the collection and processing of Personal Data.


System logs and maintenance

For needs related to operation and maintenance, this Application and any third party services used by it may collect System Logs, which are files that record the interactions and which may also contain Personal Data, such as the User IP address.


Information not contained in this policy

More information in relation to the processing of Personal Data may be requested at any time to the Data Controller using the contact information.


Exercise of rights by Users

The subjects to whom the Personal Data refer have the right at any time to obtain confirmation of the existence or otherwise of the same with the Data Controller, to know its content and origin, to verify its accuracy or request its integration , the cancellation, updating, rectification, transformation into anonymous form or blocking of Personal Data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, to their processing. Requests should be addressed to the Data Controller.
This Application does not support “Do Not Track” requests.
To know if any third-party services used support them, the User is invited to consult their respective privacy policies.


Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to Users on this page. Please therefore consult this page often, referring to the date of the last modification indicated at the bottom. In case of non-acceptance of the changes made to this privacy policy, the User is required to cease using this Application and may request the Data Controller to remove his Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to Personal Data collected until then.


Exercise of the rights of the interested party

The interested party has the right to request, at any time, the modification of the structures governed by this paragraph through the exercise of the rights referred to in the following paragraph


The rights of the interested party

The interested party may exercise the rights referred to in articles 16 to 22 of the European regulation 679/16


Art 16 – Right of rectification

The data subject has the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.


Art 17 – Right to cancellation

  1. The data subject has the right to obtain from the data controller the deletion of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay if one of the following reasons exists:
  • personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed; 4.5.2016 EN Official Journal of the European Union L 119/43;
  • the interested party revokes the consent on which the processing is based in accordance with Article 6 (1) (a) or Article 9 (2) (a) and whether there is no other legal basis for the processing;
  • the interested party opposes the processing pursuant to Article 21 (1) and there is no legitimate overriding reason to proceed with the processing or opposes the processing pursuant to Article 21 (2);
  • personal data have been processed unlawfully;
  • personal data must be deleted to fulfill a legal obligation under Union or Member State law to which the controller is subject;
  • the personal data have been collected in relation to the information society service offer referred to in Article 8 (1). 2.
  1. The controller shall, if he / she has made personal data public and is obliged, pursuant to paragraph 1, to delete it, taking into account the available technology and implementation costs, shall take reasonable steps, including technical measures, to inform the data controllers who are processing personal data of the request of the person concerned to delete any link, copy or reproduction of his personal data. 3.

Paragraphs 1 and 2 shall not apply to the extent that treatment is necessary:

  • for the exercise of the right to freedom of expression and information;
  • for the fulfillment of a legal obligation requiring treatment under Union law or the law of the Member State to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of public authority as the data controller is invested;
  • for reasons of public interest in the public health sector in accordance with Article 9 (2) (h) and (i) and Article 9 (3);
  • for the purposes of archiving in the public interest, for scientific or historical research, or for statistical purposes in accordance with Article 89 (1), insofar as the right referred to in paragraph 1 risks rendering impossible or seriously affecting the achievement of the objectives of this treatment;
  • for the assessment, exercise or defense of a right in court.


Art 18 – Right to limit the processing

  1. The data subject has the right to obtain from the data controller the limitation of processing when one of the following hypotheses occurs:
  • the interested party disputes the accuracy of personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
  • the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
  • although the data controller no longer needs it for processing purposes, personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
  • the interested party objected to the treatment pursuant to Article 21 (1), pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party
  1. If the processing is restricted pursuant to paragraph 1, such personal data shall only be processed, except for storage, with the consent of the data subject or for the establishment, exercise or defense of a right in court. or to protect the rights of another natural or legal person or for reasons of significant public interest of the Union or of a Member State. L 119/44 EN Official Journal of the European Union 4.5.2016 3. A data subject which has obtained a processing restriction pursuant to paragraph 1 shall be informed by the controller before the limitation is revoked.


Art 19 – Right to obtain notification from the data controller in cases of rectification or cancellation of personal data or cancellation of the same

The controller shall inform each of the recipients to whom the personal data have been transmitted of any correction or cancellation or limitation of the processing carried out in accordance with Article 16, Article 17 (1) and Article 18, unless proves impossible or involves a disproportionate effort. The data controller informs the recipient of these recipients if the data subject requests it.


Art 20 – Right to portability

  1. The data subject shall have the right to receive personal data concerning him / her provided to a data controller in a structured, commonly used and readable form by automatic device and has the right to transmit such data to another data controller without impediments on the part of the data controller to whom he has provided them if:
  • processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) or on a contract within the meaning of Article 6 (1) (b) ;
  • the treatment is carried out by automated means.
  1. In exercising its rights relating to the portability of data in accordance with paragraph 1, the data subject shall have the right to obtain direct transmission of personal data from one controller to another, if technically feasible.
  2. The exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to Article 17. This right does not apply to the treatment necessary for the performance of a task carried out in the public interest or in connection with the exercise of official authority as the data controller is invested. 4. The right referred to in paragraph 1 must not affect the rights and freedoms of others.


Art 21 – Right of opposition

  1. You have the right to object at any time, for reasons connected with your particular situation, to the processing of your personal data pursuant to Article 6, paragraph 1, letters e) of), including profiling on the basis of these provisions.

The data controller refrains from further processing personal data unless he demonstrates the existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or the defense of a right in court.

  1. If personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him / her for such purposes, including profiling in so far as it is related to such marketing direct.
  2. If the data subject objects to processing for direct marketing purposes, personal data are no longer processed for these purposes. 4.5.2016 EN Official Journal of the European Union L 119/45
  3. The right referred to in paragraphs 1 and 2 shall be explicitly brought to the attention of the interested party and shall be presented clearly and separately from any other information at the latest at the time of the first communication with the data subject.
  4. In the context of the use of information society services and without prejudice to Directive 2002/58 / EC, data subjects may exercise their right to object by automated means using technical specifications.
  5. Where personal data are processed for the purposes of scientific or historical research or for statistical purposes in accordance with Article 89 (1), the data subject shall have the right to object to the processing of personal data for reasons connected with his particular situation concerning him, unless the treatment is necessary for the execution of a task of public interest


Art 22 – Right to refuse the automated process

  1. You have the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning yourself or which significantly affects your person.
  2. Paragraph 1 shall not apply where the decision:
  • is necessary for the conclusion or execution of a contract between the data subject and a data controller;
  • is authorized by the law of the Union or of the Member State to which the controller is subject, which also specifies appropriate measures to protect the rights, freedoms and legitimate interests of the data subject;
  • is based on the explicit consent of the person concerned.
  1. In the cases referred to in paragraph 2 (a) and (c), the controller shall implement appropriate measures to protect the rights, freedoms and legitimate interests of the data subject, at least the right to obtain human intervention from the holder treatment, to express their opinion and to challenge the decision.
  2. The decisions referred to in paragraph 2 shall not be based on the particular categories of personal data referred to in Article 9 (1), unless Article 9 (2) (a) or (g) applies, and adequate measures to protect the rights, freedoms and legitimate interests of the data subject are not in force.

In this sense, the data subject is allowed to access his / her data for:

  • Verify its veracity;
  • Change them if they become inaccurate;
  • Integrate them also with a supplementary declaration;
  • Request cancellation;
  • Limit the treatment;
  • Oppose to treatment;
  • The data controller is obliged to respond without undue reason.


Data cancellation

NAMIRIAL S.P.A., in compliance with the corresponding right of access to the interested party, has prepared procedures for which the interested parties can request the cancellation without unjustified delay of personal data or the limitation of the processing of personal data concerning them for the following reasons:

  • Because the data are no longer necessary for the purposes for which they were collected
  • Because the interested party has revoked the consent
  • Because the interested party opposes the treatment
  • Because the data is treated illegally

 


 

DEFINITIONS AND LEGAL REFERENCES


Personal Data (or Data)
It constitutes personal data any information relating to a natural person, identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.

Usage Data
This information is collected automatically by this Application (or by third-party applications that this Application uses), including: IP addresses or domain names of the computers used by the User that connects with this Application, the addresses in Uniform Resource Identifier (URI) notation, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (success, error, etc. ) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details relating to the itinerary followed within the Application, with particular reference to the sequence of pages consulted, to the parameters related to the operating system and to the IT environment you.

User
The individual who uses this application, which must coincide with the interested party or be authorized by him and whose personal data are being processed.

Interested
The natural or legal person to whom the Personal Data refers.

Data Processor (or Manager)
The natural person, legal person, public administration and any other body, association or body appointed by the Data Controller to process Personal Data, as prepared by this privacy policy.

Data Controller (or Holder)
The natural person, legal entity, public administration and any other body, association or body to which they are responsible, even together with another owner, decisions regarding the purposes, methods of processing personal data and the tools used, including the profile of the security, in relation to the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.

This Application
The hardware or software tool through which the Personal Data of Users are collected.

Cookie
Small portion of data stored in the User’s device.

Legal references
Notice to European Users: this privacy statement has been prepared in fulfillment of the obligations under Art. 10 of the Directive n. 95/46 / EC, as well as the provisions of Directive 2002/58 / EC, as updated by Directive 2009/136 / EC, concerning Cookies.

 

[v. 1.2018.05.22]