INFORMATION
ARTS. 13 AND 14 OF REGULATION (EU) 2016/679
Subjects Concerned: Browsers, service users, and newsletter subscribers
NF TRASPORTI S.r.l., as the Data Controller of your personal data, pursuant to and for the purposes of Regulation (EU) 2016/679 hereinafter ‘GDPR’, hereby informs you that the aforementioned legislation provides for the protection of data subjects regarding the processing of personal data and that this processing will be based on principles of fairness, lawfulness, transparency, and the protection of your privacy and your rights.
To achieve its purposes related to the management of the relationship, the Data Controller needs to acquire personal data, such as, for example, your first and last name, phone or mobile number, email address, and tax code.
Your personal data will be processed in accordance with the legislative provisions of the aforementioned regulation and the confidentiality obligations therein.
Purpose of processing:
Marketing – newsletter service: In particular, your data will be processed, with your free consent, for the receipt of newsletters by entering your email address in the appropriate text box indicating newsletter subscription, or by selecting/checking the box indicating “newsletter subscription” present in a form.
Legal basis: The legal basis for processing is the consent of the data subject.
Consequences of refusal for optional purposes: Providing data is optional for the above purposes, and your possible refusal to process does not compromise the continuation of the relationship or the consistency of the processing itself.
Consequences of failure to provide: The processing of functional data for the fulfillment of these obligations is necessary for the proper management of the relationship, and their provision is mandatory to achieve the above-mentioned purposes. The Data Controller also informs you that any incorrect or missing information of one of the mandatory data, may make it impossible for the Data Controller to ensure the consistency of the processing itself.
Processing methods: The processing is carried out using manual and/or computerized and telematic tools, in such a way as to ensure the security, integrity, and confidentiality of the data in compliance with the organizational, physical, and logical measures provided for by current regulations, to minimize the risks of destruction or loss, unauthorized access, modification, and unauthorized disclosure in accordance with the procedures set out in Arts. 6, 32 of the GDPR.
Recipients: To carry out certain activities, or to provide support for the operation and organization of the activity, some data may be brought to the attention of or communicated to recipients. These entities are distinguished into:
Third parties: (communication to: natural or legal persons, public authorities, service or other bodies that are not the data subject, the data controller, the data processor, and authorized persons responsible for processing) including:
- Companies that manage traditional or computerized postal services
- Any other entities whose data communication is necessary to achieve the above-mentioned purposes.
Data Processors: (the natural or legal person, public authority, service, or other body that processes personal data on behalf of the data controller)
- Providers of IT, web, or other services necessary to achieve the purposes required for managing the relationship.
Within the company structure, your data will be processed only by personnel expressly authorized by the Data Controller, ensuring the adoption of a confidentiality agreement and, in particular, by the following categories of employees:
- Administration;
- Other staff whose processing is necessary for the proper execution of the relationship;
Dissemination: Your personal data will not be disseminated in any way.
Transfer of data to third countries: The data controller does not transfer personal data to non-EU countries. If necessary, data subjects will be informed in advance, and guarantees for the transfer to recipients will be adopted, which depending on the case may be: verification of the existence of adequacy decisions for the recipient country by the Commission, signing of standard contractual clauses, verification of the adoption of any additional measures in implementation of recommendation 01/2020 EDPB. In derogation of these guarantees, for data processing (in reference to Art. 49 of the GDPR), where applicable, the existence of a contract or pre-contractual measures in favor of the data subject or consent to the transfer is verified.
Retention period: Please note that, in compliance with the principles of lawfulness, purpose limitation, and data minimization, pursuant to Art. 5 of the GDPR, the retention period of your personal data is established for a period not exceeding the achievement of the purposes for which they are collected and processed. If a contract is signed, this retention period may end with the termination or withdrawal of the contract; the same data may be retained, where applicable, for an additional period for the management of any disputes, the legal basis for such retention being the legitimate interest of the data controller. The retention period for data processing related to marketing is functional to the purposes pursued by the data controller, and in any case not exceeding 3 years from the last contact or response received.
Data Controller: The Data Controller of the data, pursuant to the regulations, is NF TRASPORTI S.r.l., with legal and operational headquarters at Via Emilia, 4010
47020 – Longiano (FC) – IT, VAT: 04257640401 in the person of its legal representative pro tempore.
By sending an email to the following address info@nftrasporti.com you can request more information regarding the data provided.
EU Regulation 2016/679: Arts. 15, 16, 17, 18, 19, 20, 21, 22, 23 – Data Subject’s Rights
- The data subject has the right to obtain confirmation of whether or not personal data concerning him is being processed, and if so, to obtain access to the personal data;
- The data subject has the right to obtain the indication:
- of the origin of personal data;
- of the purposes and methods of processing;
- of the logic applied in case of processing carried out with the help of electronic tools;
- of the identification details of the data controller, data processors, and the representative designated pursuant to Article 5, paragraph 2;
- of the entities or categories of entities to whom personal data may be communicated or who may become aware of them as designated representative in the State, data processors, or persons in charge.
- The data subject has the right to obtain:
- the updating, rectification, or, when interested, integration of data;
- the deletion, transformation into anonymous form, or blocking of data processed in violation of the law, including those whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
- the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right;
- data portability.
- The data subject has the right to object, in whole or in part:
- for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of the collection;
- to the processing of personal data concerning him for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication.
Complaint: Data subjects, if the conditions are met, also have the right to lodge a complaint with the Supervisory Authority according to the procedures provided. For any further information, and to assert the rights granted to you by the European Regulation, you can contact the data controller at the references provided above.