EU Regulation 679/2016 on the processing of personal data – Art. 13
NTS s.r.l. with registered office in Via Fiorenzo Semini 28 – 16163 – Genoa, CF and P.IVA 01260190994 (hereinafter, “Data Controller”), as the data controller, informs you in accordance with Legislative Decree 196/2003, as amended by Legislative Decree 101/2018 (hereinafter, “Privacy Code”) and Art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the following ways and for the following purposes:
Object of Processing
1.1 Type of data collected
In accordance with EU Regulation 679/2016 on the processing of personal data when you use our services, you agree that our company collects some of your personal data. This policy is intended to tell you what data we collect, why, and how we use it.
1.1.1. Data provided by the user
When you request information or place a pre-order through the contact form on our site, we ask you to provide us with certain data that we need in order to use our services.
These are, by way of example but not limited to, the data we ask you for:
First name, Last name
1.1.2. Data we automatically collect from the website
We collect the following data through the services we use:
technical data: e.g. IP address, browser type, information about your computer, data about the current (approximate) location of the tool you are using;
Purpose of processing
The purpose of data processing will be to carry out the activities listed below.
Personal data are collected on our site in order to:
allow the user to access the site https://www.ntsystem.it,
allow the user to request information,
provide the requested information,
collect statistical information on the use of the site (most visited pages, number of visitors by daily time slot, geographical areas of origin, etc.) and improve its usability for its users.
Receive a resume from a candidate.
Your data may also be processed, subject to your explicit consent, for direct marketing purposes; for these types of processing, please refer to the specific information that will be submitted to you when you provide us with the personal data necessary for the execution of the above promotional activities ( e.g. first name, last name, email, contact information )
3 Methods of processing
The processing of your personal data is carried out by means of the operations indicated in Article 4 No. 2) GDPR and namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subject to both paper and electronic and/or automated processing.
Access to data
Your data may be made accessible for the purposes of art. 2.1 and , subject to your consent for the purposes of art. 2.2 to:
employees and collaborators of the Controller in their capacity as authorized and/or internal data processors and/or system administrators;
to third party companies or other entities (by way of example ICT companies, website providers, etc.) that perform outsourcing activities on behalf of the Data Controller, in their capacity as external data processors.
Communication of data
Without the need for express consent (art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2.1 to Supervisory Bodies or Judicial Authorities, as well as to those subjects to whom the communication is obligatory by law for the fulfillment of the said purposes. These subjects will process the data in their capacity as autonomous data controllers.. Your data will not be disseminated.
Data transfer outside the EU
Data management and storage take place on servers of the Data Controller and/or of Third Party Companies appointed as external data controllers. These servers are located at the Data Controller (in Italy) and in any case within the European Union.
Personal data are not transferred outside the European Union. In any case, it is understood that, should it become necessary, the Data Controller may also transfer personal data to countries outside the EU, guaranteeing as of now that the transfer of personal data outside the EU will take place in compliance with the applicable legal provisions (starting with EU Reg. no. 679/2016) and therefore by entering into, if and to the extent necessary, specific agreements that guarantee an adequate level of protection of personal data or in any case by adopting the standard contractual clauses provided by the European Commission for the transfer of personal data outside the EU.
The data you provide will not be disclosed to third parties.
Nature of data provision and consequences of refusal to respond
Period of data retention
The data collected by the site during its operation are kept for the time strictly necessary to carry out the specified activities. Upon expiration, the data will be deleted or anonymized, unless there are additional purposes for retaining the data, e.g. for security reasons in case of clarifying possible cases of misuse. In such cases, the Data Controller will retain the acquired personal data for as long as necessary to fulfill legal obligations and/or possibly to assert and/or defend a right in the appropriate forums. Data collected in connection with the purpose mentioned in 2.2 will be kept for 2 years from the time of ‘last marketing contact.
Rights of the Data Subject
In your capacity as a data subject, you have the rights under Article 15 GDPR and specifically the rights to:
obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in intelligible form;
obtain the indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic instruments; d) the identification details of the owner, managers and designated representative under Art. 3, paragraph 1, GDPR; e) the subjects or categories of persons to whom the personal data may be communicated or who may become aware of them as designated representative in the territory of the State, managers or agents;
obtain: a) the updating, rectification or, when interested, the integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
object, in whole or in part: a) on legitimate grounds, to the processing of personal data concerning you, even if pertinent to the purpose of collection, b) to the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or mail. It should be noted that the data subject’s right to object, set forth in point b) above, for direct marketing purposes through automated modalities extends to traditional ones and that, in any case, the possibility for the data subject to exercise the right to object even partially remains unaffected. Therefore, the data subject may decide to receive only communications by traditional means or only automated communications or neither type of communication.
Where applicable, it also has the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority.
How to exercise your rights
You may exercise your rights at any time by sending a registered letter with return receipt to NTS s.r.l. at the registered office at Via Fiorenzo Semini 28 – 16163 – Genoa – or by e-mail to firstname.lastname@example.org.
Owner, manager and appointees
The Data Controller is NTS s.r.l. with registered office at Via Fiorenzo Semini 28 – 16163 – Genoa – . The updated list of data processors and persons in charge of processing is kept at the operating headquarters of the Data Controller.