The data controller
This policy applies to the website http://www.newdigimatic.com/ (the 'Site'). The Data Controller of the processing of personal data (hereinafter also simply "data") is New Digimatic srl, Fiscal Code 06155950584 and VAT number 01502341009, with registered office in via Zoe Fontana 220, 00131, Rome, in the person of its legal representative (hereinafter the "Data Controller" or the "Company"). The Controller provides the following information pursuant to Articles 13 and 14 of the EU Regulation 679/2016 ss.mm.ii. (hereinafter, the "GDPR") and the international, European and Italian laws concerning the processing of personal data, in each case to the extent that they are applicable from time to time, together with their respective amendments, additions and reforms (collectively, together with the GDPR, the "Applicable Privacy Legislation").
Purpose and legal basis of processing
As explained in greater detail in the sections that enable users to join - by releasing their personal data - the services reserved for users of the Site, the data of the users concerned are processed on the basis of the requests expressly made by them, from time to time, through the Site. In particular, all data collection and subsequent processing activities are aimed at pursuing the following purposes:
- sharing of content on the Site;
- customer relationship management;
- generic request for information;
- allow users access to certain reserved pages of the Site. In this case, users may be asked to enter their data for registration purposes, and processing will be carried out on the basis of a specific information notice on the processing of personal data and subject to the specific consent of the person concerned, requested, on a case-by-case basis, through specific pages and/or areas of the Site;
- commercial information activities for services provided by the Controller and/or other companies linked to it;
- purposes related to obligations under applicable laws or regulations, as well as provisions issued by competent supervisory and control authorities/bodies.
The Controller shall not use the data provided for purposes other than those related to the service, among those listed above, to which the user concerned has subscribed, or only within the limits indicated from time to time in any further specific information accompanying the different and particular service requested by the user.
Who we let process the data
For purposes related to the provision of the service to which the user has subscribed, the data will be made available to third parties, specifically, consultants who assist the Data Controller in fulfilling user requests (e.g. tax firms), who will act, as the case may be, as autonomous data controllers or as data processors pursuant to Article 28 of the GDPR. The data will also be transmitted to third parties to whom the communication of the data is necessary to comply with laws or regulations.
The personal data will be made available to persons expressly authorised by the Data Controller and appointed for this purpose as authorised processors, who carry out processing activities that are indispensable for the pursuit of the purposes indicated above; the categories of persons in charge of processing are those in charge of administration, communication, accounting, and technical maintenance of the information systems, depending on the specific request forwarded by the user concerned through this site.
Unless the specific information notice states otherwise, personal data will not be disseminated or transferred to countries outside the territory of the European Economic Area.
How we process data
All processing performed within the Site will be carried out
- in the manner and procedures strictly necessary to fulfil the user's requests, by means of the operations or set of operations indicated in Article 4(1)(2) of the GDPR;
- with the aid of electronic or otherwise automated tools, but also with paper/manual tools. In this regard, please note that the data are stored in paper files located at the Data Controller's premises and in electronic files located both at the same premises and at servers controlled by the Data Controller and in any case located in the European Economic Area.
The data will be processed with logic related to the purposes for which they were collected and in compliance with the Applicable Privacy Law for the purposes indicated above or specified from time to time in any further information presented to the user.
Personal data will be processed for the time strictly necessary to pursue the purposes for which they are collected.
Types of data processed and optionality of conferment
Both data that are strictly necessary to follow up any user requests and optional data that are not strictly necessary to process the request will be processed.
The data subject's refusal to provide his or her personal data or to give consent to processing where required:
- in the case of data that are strictly necessary to follow up any user requests, will make it impossible for the Controller to fulfil those requests;
- in the case of optional provision of data, it will make it impossible to provide at least part of the services requested or to carry out commercial information activities with regard to the services rendered by the Data Controller and other companies connected to it.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, and is deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the Site: except for this possibility, at present, data on web contacts do not persist for more than seven days.
Data provided voluntarily by the user
The personal data normally required for the use of the Site's services are personal and contact details. The optional, explicit and voluntary sending of electronic mail to the addresses indicated on the Site entails the subsequent acquisition of the sender's address, which is necessary to reply to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the Site set up for particular services on request or for registration to reserved areas of the Site. Data belonging to particular categories under Article 9 of the GDPR are not normally processed;
Cookies and other technologies for reading/storing information on the user's terminal
Cookies may be 'temporary' (or session cookies, as they are deleted at the end of the connection) or 'permanent' (they remain stored on the user's hard disk, unless the user deletes them).
For further information on the types of cookies used by the Site and the features that enable or disable them, please refer to the Cookies Policy, which can be found here.
Rights of data subjects
With regard to the personal data processed by the Controller, users of the Site may exercise their rights under the Applicable Privacy Law within the limits provided therein, and in particular:
- ask the Data Controller to confirm the existence of their personal data, the origin of such data, the logic and purposes of the processing, the categories of subjects to whom the data may be communicated, as well as the identification details of the data controller and data processors;
- request access to personal data, their transformation into anonymous form, their blocking, rectification, integration or deletion, or the restriction of their processing;
- oppose processing in the cases provided for by the applicable Privacy Law;
- exercise the right to portability;
- revoke consent (where this is the necessary legal basis for the processing) at any time without affecting the lawfulness of the processing based on the consent given before revocation;
- file a complaint with the Garante per la Protezione dei Dati Personali, following the procedures and instructions published on the Authority's official website at garanteprivacy.it .
For the purpose of exercising the rights of the users concerned, as well as for any communications, requests or reports concerning data privacy, please send an email to email@example.com.
Any rectification or cancellation or restriction of processing carried out at the request of the user concerned - unless this proves impossible or involves a disproportionate effort - shall be communicated by the Controller to each of the recipients to whom the personal data were transmitted. The Controller may inform the user of these recipients if the user so requests.