1. The Site
The main purpose of the Site is to present the services and products of the Company and provide users with detailed information.
2. Data processed
Data provided voluntarily by the user. The Company may collect the following personal data provided voluntarily by the user:
- name and surname of the user
- his/her email address
- other information provided by the user through the contact form.
Browsing data. The browsing data includes all data collected automatically through the Site and relate, for example, to the types of actions performed on the Site by users and how they use the Site. Furthermore, we can automatically record the IP address (meaning the univocal address that identifies the user's device on the internet), which is automatically identified by our server. Browsing data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, and they are deleted immediately after they are processed. These data could also be used to establish responsibility in case of any computer-related crimes against the Site or to protect our rights.
3. Purpose and legal basis of the processing
|A. The Company processes the user's personal data to provide the service and/or product requested by the user, to respond to or satisfy a user's request, including assistance services, creation of an account, to ensure and manage participation in initiatives, events or promotions for which the user has chosen to register.||A. The Company processes the data for these purposes to execute a contract and/or pre-contractual procedures adopted following the request of the user.|
|B. The Company processes the user's personal data to send the user promotional information regarding services and/or products of the Company and/or third parties, to send invitations to events of the Company and/or third parties and to carry out market surveys using automated tools (e.g. via email) and non-automated tools (paper mail, telephone calls by an operator) without prejudice to the possibility for the user to oppose the sending of such communications at any time and the possibility to select the tools through which he/she can be contacted.||B. The Company processes the data for these purposes only with the prior consent of the user given at the time of the collection of personal data for said purposes.|
|C. The Company processes the user's personal data for communication to our business partners for their marketing activities through automated tools (e.g. via email) and non-automated tools (paper mail, telephone calls by an operator) in their role as independent data controllers. The user has the right to withdraw his/her consent at any time.||C. The Company processes the data for these purposes only with the prior consent of the user given at the time of the collection of personal data for said purposes.|
|E. The Company processes the user's personal data to fulfill obligations deriving from the law, regulations or EU legislation.||E. The Company processes the data for these purposes to fulfill a legal obligation.|
4. Nature of the conferment of data and consequences of refusal
The conferment of data for the purposes set out in point 3.A and 3.E is necessary and a refusal by the user implies the impossibility for the Company to perform its contractual obligations and provide the user with the functionalities, services and the information requested as specified above. The conferment of data for the purposes referred to in paragraph 3.D is automatic and implicit in Internet transmission protocols.
Conferment of data for the purposes referred to in paragraph 3.B and 3.C is optional and any refusal by the user will not have any consequences on the performance of the services or the features and provision of information requested through the Site.
5. Recipients of the data
Third parties in compliance with a legal obligation or to protect the rights of the Company. The users’ personal data can be communicated to institutions, law enforcement agencies, judicial, administrative, or regulatory bodies, in the context of a legal or administrative procedure, or in order to fulfill a legal obligation or protect our rights, including in court of law.
Third parties in the case of corporate operations. The users’ personal data can be communicated in case of events such as mergers, sale of companies (or of a business branch) or other extraordinary operations by which the Company may need to share information with potential buyers or counterparties and the related consultants.
Third-party business partners. With the user's consent, we can communicate the users’ personal data to our business partners to pursue the purposes referred to in point 3.C.
6. Data of minors
The Company does not collect or intentionally store personal data of individuals under the age of 18, nor does it intentionally allow such minors to use the Site.
Users under the age of 18 are requested not to register on the Site and not to provide personal data.
7. Transfer abroad
8. Data retention
We retain the users’ personal data only for the time strictly necessary to provide the services or to achieve the purposes for which the data were collected and in compliance with legal obligations. For example, we retain the personal data necessary for the exercise of our defense rights in the event of legal disputes such as personal data relating to a contract or the provision of a service, up to a maximum of 10 years from the termination of the supply of the service and/or supply of the product, according to the limitation period set out in the Italian Civil Code.
After this period, personal data are deleted or rendered anonymous.
After this period, the data are deleted or rendered anonymous.
9. Data security
The Company undertakes to protect the security of the users’ personal data and complies with the security provisions of the applicable law in order to avoid any loss, illegitimate or illegal use of the data and unauthorized access to the same. In addition, information systems and computer programs are configured in such a way as to minimize the use of personal and identifying data, which are used only when necessary for the specific purposes from time to time pursued as indicated in this policy. The Company uses multiple advanced security technologies and procedures to promote the protection of the users' personal data. For example, personal data are stored on secure servers located in places with controlled access. Users can help the Company to update and maintain their personal data by communicating any changes, such as for instance their e-mail address.
10. Privacy rights
The Data Protection Officer (DPO) can be contacted via this form, by selecting in the Privacy section the Data Protection Officer (Nexi Payments), Data Protection Officer (SIApay), Data Protection Officer (SIA Central Europe) or Data Protection Officer (New SIA Greece) field.