PRIVACY POLICY FOR ECOMMERCE GDPR

Terms and conditions of use

Last update 02/05/2022

INTRODUCTION

NOVE 25 S.R.L. ("we" or "us" or "our") respects the privacy of our users ("user" or "you"). This privacy policy explains how we collect, use, disclose and safeguard your information when you visit our website www.nove25.net including any related or connected media, media channel, mobile website or mobile application (collectively, the "Site"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Site.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will notify you of any changes by updating the "Last Updated" date of this Privacy Policy. Any changes or modifications will be effective immediately upon posting of the updated Privacy Policy on the Site, and you waive your right to receive specific notice of any such changes or modifications.

You are encouraged to periodically review this Privacy Policy to be informed of updates. You will be deemed to have been made aware of, be subject to, and have accepted the changes to the updated Privacy Policy by your continued use of the Site after the date the updated Privacy Policy is posted.

OBJECT OF PROCESSING AND COLLECTION OF INFORMATION

We may collect information about you in a variety of ways. The information we may collect on the Site includes:

Personal data

Personally identifiable information, such as your name, shipping address, email address and phone number, and demographic information, such as your age, gender, hometown and interests, that you voluntarily provide to us [when you register with the Site www.nove25.net or] when you choose to participate in various Site-related activities www.nove25.net such as online chats and message boards. You are under no obligation to provide us with personal information of any kind, but your refusal to do so may prevent you from using certain features of the Site [and our mobile application].

Derived data 

Information that our servers automatically collect when you access the Site, such as your IP address, your browser type, your operating system, your access times, and the pages you viewed directly before and after accessing the Site. [If you are using our mobile application, this information may also include the name and type of your device, your operating system, your phone number, your country, your "likes" and responses to a post, and other interactions with the application and other users through server log files, as well as any other information you choose to provide].

Financial data

Financial information, such as your payment method information (e.g., valid credit card number, card brand, expiration date) that we may collect when you purchase, order, return, exchange or request information about our services from the Site [or our mobile application]. [We store only very little, if any, of the financial information we collect. Otherwise, all financial information is stored by our payment processor, [Amazon Payments,] [Authornize.Net,] [Google Checkout,] [Paypal,] [SafeCharge,] [Stripe,] [WePay,] [2Checkout,] [Contentsquare] [other], and you should review their privacy policy and contact them directly for answers to your questions].

Facebook authorisations

The Site [and our mobile app] may, by default, access basic information about your Facebook account, including your name, email, gender, birthday, current city, and profile picture URL, as well as other information you have chosen to make public. We may also request access to other permissions related to your account, such as friends, check-ins, and likes, and you may choose to grant or deny us access to each individual permission. For more information about Facebook permissions, please see the Facebook Permissions reference page.

Data from social networks

User information from social networking sites, such as [Apple's Game Center, Facebook, Google+, Instagram, Pinterest, Twitter], including your name, social network username, location, gender, date of birth, email address, profile picture, and public contact information, if you link your account to such social networks. [If you are using our mobile application, this information may also include the contact information of anyone you invite to use and/or participate in our mobile application].

Mobile device data

Device information, such as your mobile device ID, model and manufacturer, and information about the location of your device if you access the Site from a mobile device.

Third-party data 

Information from third parties, such as personal information or network friends, if you link your account to the third party and grant the Site permission to access this information. Data from contests, giveaways and surveys Personal and other information that you may provide when you enter contests or giveaways and/or respond to surveys.

Mobile application information

If you connect using our mobile application:

 - Geolocation Information. We may request access or permission to and track location-based information from your mobile device, either continuously or while you are using our mobile application, to provide location-based services. If you wish to change our access or permissions, you can do so in your device settings.

 - Mobile device access. We may require access or permission to certain features of your mobile device, including [Bluetooth, calendar, camera, contacts, microphone, reminders, sensors, SMS messages, social media accounts, storage,] and other features. If you wish to change our access or permissions, you can do so in your device's settings.

 - Mobile device data. We may collect information about your device (such as mobile device ID, model and manufacturer), operating system, version information and IP address.

 - Push notifications. We may request to send you push notifications regarding your account or the Application. If you wish to opt out of receiving these types of communications, you can disable them in your device settings.

PURPOSES OF DATA PROCESSING USE OF INFORMATION BY THIS WEBSITE.

Having accurate information about you allows us to provide you with a smooth, efficient and personalised experience. In particular, we may use information collected about you through the Site [or our mobile application] to:

 - Administering lotteries, promotions and competitions.

 - Assisting law enforcement and responding to subpoenas.

 - Compile anonymous statistical data and analysis for internal use or with third parties.

 - Create and manage your account.

 - Provide targeted advertising, coupons, newsletters and other information regarding promotions and the Site [and our mobile application].

 - Send you e-mails concerning your account or your order.

 - Enable user-to-user communications.

 - Making and managing purchases, orders, payments and other transactions relating to the Site [and our mobile application].

 - Generate a personal profile about you to make future visits to the Site [and our mobile application] more personalised.

 - To increase the efficiency and functioning of the Site [and our mobile application].

 - Monitor and analyse usage and trends to improve your experience with the Site [and our mobile application].

 - Notify you of updates to the Site [and our mobile application].

 - Offer new products, services, [mobile applications,] and/or recommendations to the user.

 - Carry out other business activities as necessary.

 - Prevent fraudulent transactions, monitor theft and protect against criminal activities.

 - Processing payments and reimbursements.

 - Request feedback and contact you regarding your use of the Site [and our mobile application].

 - Resolving disputes and solving problems.

 - Responding to product and customer service requests.

 - Send you a newsletter.

 - Solicit support for the Site [and our mobile application].

 - [Other].

DISCLOSURE OF YOUR INFORMATION

We may share the information we have collected about you in certain situations. Your information may be disclosed as follows:

By law or to protect the rights

If we believe that releasing information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, or safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation. This includes exchanging information with other entities for fraud protection and credit risk reduction.

Third-party service providers

We may share your information with third parties who perform services for us or on our behalf, including payment processing, data analysis, emailing, hosting services, customer service and marketing support.

Marketing communications

With your consent, or with the opportunity to withdraw consent, we may share your information with third parties for marketing purposes as permitted by law.

Interactions with other users

If you interact with other users of the Site [and our mobile application], those users may see your name, profile picture, and descriptions of your activities, including sending invitations to other users, chatting with other users, liking posts, and following blogs.

Online messages

When you post comments, contributions or other content on the Site [or our mobile applications], your posts may be seen by all users and may be publicly distributed outside the Site [and our mobile application] in perpetuity.

Third-party advertisers

We may use third party advertising companies to serve ads when you visit the Site [or our mobile application]. These companies may use information about your visits to the Site [and our mobile application] and other websites that is contained in web cookies in order to provide advertisements about goods and services of interest to you.

Affiliates

We may share your information with our affiliates, in which case we will require those affiliates to comply with this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies we control or that are under common control with us.

Business partners

We may share your information with our business partners to offer you certain products, services or promotions.

Social media contacts

If you connect to the Site [or our mobile application] through a social network, your contacts on the social network will see your name, profile photo and business description].

Other third parties

We may share your information with advertisers and investors for the purpose of conducting general business analysis. We may also share your information with such third parties for marketing purposes as permitted by law. In particular, Nove 25 S.r.l. makes use of the services of the Contentsquare platform (www.contensquare.com). For this service, the platform, and therefore the reference entity, is appointed as the external data processing manager (as per the appointment provided for by Art. 28 GDPR) and for any information relating to data processing carried out by the platform www.contentsquare.com we suggest you consult the following links: https://contentsquare.com/privacy-center/10-things-to-know-cs-data-processing/. We also specify that contentsquare cookies are considered personal data and an "online identifier" as they include a unique random user ID. This unique random cookie ID remains throughout the processing of customer data and therefore customer data is pseudonymised according to the definitions of the GDPR.

Sale or bankruptcy

If we reorganise or sell all or part of our assets, undergo a merger or are acquired by another entity, we may transfer your information to the successor entity. If we fail or go bankrupt, your information would be an asset transferred or acquired by a third party. You acknowledge that such transfers may occur and that the transferee may refuse to honor the commitments we have made in this Privacy Policy. We are not responsible for the actions of third parties with whom you share personal or sensitive information, and we do not have the authority to manage or control the solicitations of third parties. If you no longer wish to receive correspondence, emails or other communications from the third party, you are responsible for contacting the third party directly.

Cookies and web beacons

[We may use cookies, web beacons, tracking pixels and other tracking technologies on the Site [and our mobile application] to help personalise the Site [and our mobile application] and improve your experience. When you access the Site [or our mobile application], your personal information is not collected through the use of tracking technologies. Most browsers are set to accept cookies by default. You may remove or decline cookies, but be aware that such action may affect the availability and functionality of the Site [or our mobile application]. You may not reject web beacons. However, they may be rendered ineffective by rejecting all cookies or by modifying your web browser settings to notify you each time a cookie is offered, allowing you to accept or reject cookies on an individual basis]. [We may use cookies, web beacons, tracking pixels and other tracking technologies on the Site [and our mobile application] to help customize the Site [and our mobile application] and improve your experience. For more information on how we use cookies, please refer to our Cookie Policy posted on the Site, which is incorporated into this Privacy Policy. By using the Site, you agree to be bound by our Cookie Policy].

Advertising on the Internet

In addition, we may use third-party software to serve ads on the Site [and our mobile app], implement email marketing campaigns, and manage other interactive marketing initiatives. This third party software may use cookies or similar tracking technologies to help manage and optimise your online experience with us. For more information about opting out of interest-based ads, please visit the Network Advertising Initiative opt-out tool or the Digital Advertising Alliance opt-out tool.

Website analysis

We may also partner with selected third party vendors[, such as [Adobe Analytics,] [Clicktale,] [Clicky,] [Cloudfare,] [Crazy Egg,] [Flurry Analytics,] [Google Analytics,] [Heap Analytics,] [Inspectlet,] [Kissmetrics,] [Mixpanel,] [Piwik,] and others], to enable the use of tracking technologies and remarketing services on the Site [and our mobile application] through the use of first-party and third-party cookies, to, among other things, analyze and track users' use of the Site [and our mobile application], determine the popularity of certain content, and better understand online activity. By accessing the Site [and our mobile application], you consent to the collection and use of your information by these third-party vendors. You are encouraged to review their privacy policy and contact them directly for answers to your questions. We do not transfer personal information to these third party vendors. However, if you do not want your information collected and used by tracking technologies, you can visit the third-party vendor or the Network Advertising Initiative Opt-Out Tool or Digital Advertising Alliance Opt-Out Tool. You should be aware that purchasing a new computer, installing a new browser, updating an existing browser, or deleting or modifying your browser's cookie files may also delete certain cookies, plug-ins, or opt-out settings.

THIRD-PARTY WEBSITES

The Site [and our mobile application] may contain links to third party websites and applications of interest, including external advertisements and services, which are not affiliated with us. Once you have used these links to leave the Site [or our mobile application], any information you provide to these third parties is not covered by this Privacy Policy, and we cannot guarantee the security and privacy of your information. Before visiting and providing any information to any third party website, you should inform yourself about the privacy policies and practices (if any) of the third party responsible for that website, and you should take steps to, at your discretion, protect the privacy of your information. We are not responsible for the content or privacy and security practices and policies of third parties, including other sites, services or applications that may be linked to or from the Site [or our mobile application].

SECURITY OF YOUR INFORMATION

We use administrative, technical and physical security measures to protect your personal information. While we have taken reasonable steps to protect the personal information you provide to us, please be aware that, despite our best efforts, no security measure is perfect or impenetrable, and no method of data transmission can be guaranteed against interception or other misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorised parties. Therefore, we cannot guarantee complete security if you provide personal information.

POLICY FOR CHILDREN

We do not knowingly solicit information from children under the age of 13 nor do we market to them. If you become aware of any data we have collected from children under the age of 13, please contact us using the contact information provided below.

CONTROLS FOR DO-NOT-TRACK FUNCTIONS

Most web browsers and some mobile operating systems [and our mobile applications] include a Do-Not-Track ("DNT") feature or setting that you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technological standard has been finalised for the recognition and implementation of DNT signals. As such, we do not currently respond to browser DNT signals or any other mechanism that automatically communicates your choice not to be tracked online. If in the future we adopt a standard for online tracking that we must adhere to, we will inform you of that practice in a revised version of this Privacy Policy./Most web browsers and some mobile operating systems [and our mobile applications] include a Do-Not-Track ("DNT") feature or setting that you can activate to signal your privacy preference not to have your online browsing activities tracked and collected. If you set the DNT signal on your browser, we will respond to those browser DNT signals.

OPTIONS CONCERNING YOUR INFORMATION

[Account information]

You may at any time review or change your account information or close your account:

 - Accessing your account settings and updating your account

 - Contact us using the contact information provided below

 - Other]

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our records to prevent fraud, resolve problems, assist in investigations, enforce our Terms of Use and/or comply with legal requirements].

Nature of the provision of data and consequences of refusal to reply 

Please note that, taking into account the purposes of the processing as illustrated above, the provision of the data necessary for the purposes is free, but their failure, partial or incorrect provision may make it impossible to carry out the activities and pre-contractual and contractual obligations as provided for in the contract of sale and / or supply of products. If the person giving the data is under 13 years of age, such processing is lawful only if and to the extent that such consent is given or authorised by the holder of parental responsibility for whom the identification data and copies of identification documents are acquired.

Treatment modes

The processing of your personal data is carried out by means of the following operations: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The processing will be carried out using manual and/or computerised and telematic tools with organisational and processing logics strictly related to the purposes themselves and in any case in such a way as to guarantee the security, integrity and confidentiality of the data in compliance with the organisational, physical and logical measures provided for by articles 24 and 25 and 32 of the GDPR. The processing of personal data carried out for the sole purpose referred to in point E paragraph 2 (purpose of processing) of this information notice will be carried out in automated form and also on an online platform and consists in the use of such personal data to assess certain personal aspects relating to your natural person, in particular to analyse or predict aspects relating solely to the personal preferences, interests, reliability, behaviour, location of said natural person for the sole purpose of the personalised production of Nove 25 S.r.l.'s jewellery products themselves; the legal basis for processing is consent;

Access to data by employees in charge of data processing

Your data may be made accessible for the exclusive purposes referred to in Articles 2.A) and 2.B) of this statement:

- to employees and collaborators of the Data Controller, auxiliaries and third party employees companies and supply companies and in outsourcing relationship with the owner in their capacity as persons authorised to process and/or internal data processors and/or system administrators;

- to third party companies or other entities (for example, banks,

consultants, insurance companies for the provision of insurance services, etc..) that carry out activities in outsourcing on behalf of the Data Controller, in their capacity as external data controllers.

Data Retention and Transfer

Personal data are stored on servers located in Milan, within the European Union and precisely outside the Data Controller's headquarters and in full compliance with the provisions and requirements necessary for the security and proper location of the data storage units (Data centres). 

The aforesaid location and methods of storage of the data centres may be disclosed only to the data subject whose data is being processed and to the Supervisory Authorities for reasons of national security, public security, defence in court, for the prevention, detection and prosecution of criminal offences, for the protection of the interests and freedoms of others, for the execution of civil actions and for relevant objectives of public and economic interest. Whereas the Data Controller shall process personal data for the time necessary to fulfil the above purposes and in any case for no longer than 5 years from the termination of the relationship for the Purposes of the Invoicing and Corporate Accounting Service;Whereas the Data Controller shall process "special" personal data pursuant to art.9 GDPR EU Regulation no.679/2016 for the time necessary to fulfil the above purposes and in any case for no longer than the termination of the relationship for the pre-contractual Purposes inherent to the phase of mere contractual proposal for the stipulation of a contract for the sale of the product; Personal data shall be retained for the entire duration of the relationship of association and/or mandate and in the case of revocation and/or other termination of the relationship.

Transfer of data to Third Countries and International Organisations 

Please note that the Data Controller does not process data involving the transfer of personal and special data to Third Countries or International Organisations.

Rights of the data subject

Right of access to data pursuant to Articles 15-23 GDPR EU Regulation No. 679/2016 (and subsequent legislative adaptation provisions Legislative Decree 101/2018)

Right of access to data

In your capacity as data subject, you are entitled to the rights under Art. 15 GDPR: -to obtain confirmation as to whether or not personal data concerning you exist, regardless of their being already recorded, and communication of such data in intelligible form; -to obtain information on: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in the event of processing carried out with the aid of electronic instruments; d) the identification details of the data controller, data processors and the representative of the data controller and the persons authorised to process the data; e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of the data in their capacity as designated representative in the territory of the State, data processors or authorised persons;

Right to rectification of data

In your capacity as data subject, you are entitled to the rights referred to in Article 16 GDPR, namely the rights to: 

a) update, rectify or, where interested therein, supplement the data;

Right to erasure of data

In your capacity as data subject, you are entitled to the rights referred to in Article 17 GDPR, namely the rights to:

b)erasure, anonymisation or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;

Right to restriction of processing:

In your capacity as data subject, you are entitled to the rights referred to in Art. 18 GDPR, namely the rights to request the restriction of the use of data solely and exclusively for reasons of public interest, with the consent of the data subject and for the establishment or defence of a legal claim, in cases where the data subject contests the accuracy of the data and the processing, in the case of exercising the right to object to the processing referred to in Art. 21 GDPR and in the other cases provided for in Art. 18 GDPR

Right to portability:

In your capacity as data subject, you are the holder of the rights referred to in Article 20 GDPR EU Regulation No. 679/2016 (and subsequent provisions of legislative adaptation Legislative Decree 101/2018) and precisely the rights to:mandate and, in the case of revocation and/or other termination of the relationship. 

-receive the personal data provided to the Data 

Controller in a structural format or on a commonly used, intelligible and accessible computer medium for any operating system (USB or duly encrypted ZIP file), 

-move without constraints, the information and data sets concerning you from the present Data Controller to another Data Controller chosen by you according to your purposes and in full compliance with the principles of transparency, lawfulness and proportionality of the processing. The right to data portability is without prejudice to other rights.

Right to object to processing:

In your capacity as data subject, you are entitled to the rights referred to in Article 21 GDPR

-to object, in whole or in part:

a) on legitimate grounds, to the processing of personal data concerning you, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning you for any other purpose not relevant to the processing

Right to object to and restrict processing carried out by means of profiling for the exclusive purposes referred to in point E) of paragraph 2 of this notice pursuant to Article 22 GDPR.

It is mentioned that you, in your capacity as data subject, have the right not to be subjected to a decision based solely on profiling (purposes referred to in point E), paragraph 2 of this policy), which significantly affects your person unless such processing is based on your explicit, unequivocal and unconditional consent, exercised in writing and separate from other specific requests for consent

In addition, in the event of the provision of explicit, unambiguous and unconditional consent, exercised in writing to the aforementioned profiling processing (purposes referred to in point E), paragraph 2 of this policy), the data controller shall implement appropriate measures to protect the rights, freedoms and legitimate interests of the data subject, at least the right to obtain human intervention by the data controller, to express his or her opinion and to contest the decision, includingevent that 

theshould eventually become aware of data referred to in art.9 GDPR (special data)

Limitations to the obligations of data controllers and data processors under Article 23 GDPR

The obligations on the part of the Data Controller and the Data Processor to provide this information pursuant to Article 12 GDPR, not to submit to automated procedures pursuant to Article 22 GDPR, and to make the communications referred to in Art.34 GDPR may be waived exclusively upon your consent or for the need to communicate to the Supervisory Authorities for reasons of national security, public security, defence in court, for the prevention, detection and prosecution of crimes, for the protection of the interests and freedoms of others, for the independence of the judiciary, for the execution of civil actions and for relevant objectives of public and economic interest.

Right to withdraw consent: 

In your capacity as data subject, you are entitled to the rights referred to in Article 7 GDPR, namely the right to withdraw consent, where applicable and at any time. 

Withdrawal of consent shall not affect the lawfulness of processing based on the consent given before the withdrawal;

Right to complain to the Privacy Authority: 

As a data subject, you have the rights referred to in Article 13 GDPR, namely the right to lodge a complaint with the supervisory authority.

Methods of exercising rights

You may exercise your rights at any time by sending a request by email to info@nove25.net - PEC info@pec.nove25.net and you may also exercise your rights by contacting the Garante della Privacy, with offices in Piazza Venezia n. 11 - 00187 Rome, Telephone: (+39) 06.696771,Fax: (+39) 06.69677.3785. For general information you can send an e-mail to: garante@gpdp.it

Email and communications

If you no longer wish to receive correspondence, e-mails or other communications from us, you can choose not to receive them:

 - By noting your preferences when you register your account on the Site [or our mobile application].

 - By accessing your account settings and updating your preferences.

 - Contact us using the contact information provided below

If you no longer wish to receive correspondence, e-mails or other communications from the third party, you are responsible for contacting the third party directly. 

CONTACTS

If you have any questions or comments about this Privacy Policy, please contact us at:

NOVE25 s.r.l. Registered office: Via Raffaello Sanzio 19/21 - 20149 Milan Operating office: Via Raffaello Sanzio 19/21 - 20149 - Milan Tax code/VAT number: 04217070962 - REA number: MI-1733121 

PEC info@pec.nove25.net 

info@nove25.net 

 

PRIVACY NOVE25 (commercial activity)

Information on the protection of personal data updated to the New EU Regulation No. 679/2016 (GDPR) (and subsequent provisions of legislative adaptation to the Italian Law 196/2003 as per Legislative Decree 101/2018)

The Data Controller processes:
-personal, identification data (for example, name, surname, company name, address, telephone, e-mail, bank and payment references) hereinafter, "personal data".
- the "particular data" communicated by you on the occasion of the conclusion of contracts for the services of the Owner and as recipient of such data in reference to all the communications made and received in the relationships with the entities and subjects involved in the professional activity of the Owner and the Responsible of the treatment. 

Purposes of the treatment

Your personal data are processed: Pursuant to art 6 EU Regulation No. 679/2016 (and subsequent legislative adaptation provisions Legislative Decree 101/2018) (GDPR). lett. b), e) GDPR), for the following Service Purposes: A)-conclude contracts for the Controller's services:
-fulfill pre-contractual, contractual and tax obligations arising from existing relationships with You in particular;
for the realization, production and sale of high quality jewellery products;
for the insertion in the company's computer databases; for the issue of invoices and credit notes; for the issuance of quotes and quotations to active and/or potential customers;
for the maintenance of ordinary accounting and VAT;
for the management of receipts and payments;
B)-comply with the obligations provided for by law, by a regulation, by the community legislation or by an order of the Authority (such as, for example, anti-money laundering);
C)-exercise the rights of the Owner, for example the right of defence in court;
D)-Subject to your specific consent, in writing, unequivocal and unconditional, inform and promote commercially the products of Nove 25 S.r.l. themselves; the legal basis for processing is consent.
E)-Subject to your specific consent, in writing, unequivocal and unconditional, to carry out a form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to your individual, in particular to analyze or predict aspects relating only to personal preferences, interests, reliability, behavior, location or movements of that individual for the sole purpose of the exclusive realization of personalized jewelry products of Nove 25 S.r.l. themselves; the legal basis of the treatment is consent;

Nature of data conferment and consequences of refusal to answer

We inform you that, taking into account the purposes of the treatment referred to in points A), B) and C) as illustrated above, the provision of data necessary for the purposes is free but their failure, partial or incorrect conferment may have as a consequence the inability to carry out the activities and pre-contractual and contractual obligations as provided by the contract of sale and / or supply of products. Where the person giving the data is under 13 years of age, such treatment is lawful only if and to the extent that, such consent is given or authorized by the holder of parental responsibility for which the identification data and copies of identification documents are acquired.

Treatment modalities

The processing of your personal data is carried out by means of the following operations: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The treatment will be carried out both with manual and/or computer and telematic tools with logics of organization and elaboration strictly related to the purposes and in any case in such a way as to guarantee the security, integrity and confidentiality of the data in compliance with the organizational, physical and logical measures provided for by articles 24 and 25 and 32 of the GDPR. The processing of personal data carried out for the sole purpose referred to in point E paragraph 2 (purpose of processing) of this statement will be carried out in automated form and also on an online platform and consists of the use of such personal data to assess certain personal aspects relating to your natural person, in particular to analyze or predict aspects relating only to personal preferences, interests, reliability, behavior, location of the said natural person for the sole purpose of the sole purpose of the personalized production of goldsmith products of Nove 25 S.r.l. themselves; the legal basis for processing is consent;

Access to data by employees in charge of data processing

Your data may be made accessible for the exclusive purposes of art. 2.A) and 2.B) of this statement: -to employees and collaborators of the Data Controller, the auxiliaries and third party employees companies and supply companies and in an outsourcing relationship with the Data Controller in their capacity as persons authorized to process and/or internal data processors and/or system administrators; -to third party companies or other subjects (by way of example, credit institutions, consultants, insurance companies for the provision of insurance services, etc.) that perform outsourcing activities on behalf of the Owner, in their capacity as external data processors. Data communication Without the need for express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) EU Regulation n.679/2016 (and subsequent provisions of legislative adaptation D.Lgs 101/2018) (GDPR)., the Owner may communicate your data for the purposes referred to in art. 2.A) to Supervisory Bodies, Judicial Authorities, insurance companies for the provision of insurance services, as well as to those subjects to whom communication is mandatory by law for the fulfillment of the said purposes. These subjects will treat the data in their quality of autonomous holders of the treatment. Your data will not be disclosed.

Data storage and transfer

Personal data are stored on servers located in Milan, within the European Union and precisely outside the headquarters of the owner and in full compliance with the provisions and requirements necessary for the security and proper location of data storage units (Data centers). The aforementioned location and storage modalities of the data centers may be disclosed exclusively to the interested party whose data is being processed and to the Control Authorities for reasons of national security, public security, defense in court, for the prevention, detection and prosecution of crimes, for the protection of the interests and freedoms of others, for the execution of civil actions and for relevant objectives of public and economic interest. Whereas the Data Controller will process personal data for the time necessary to fulfill the above purposes and in any case for no longer than 5 years from the termination of the relationship for the Purposes of Billing Service and corporate accounting;Whereas the Data Controller will process "special" personal data referred to in Article 9 GDPR Regulation EU n.679 /2016 for the time necessary to fulfill the purposes referred to above and in any case for no longer than the termination of the relationship for the precontractual Purposes inherent in the phase of mere contractual proposal for the conclusion of the contract of sale of the product; Personal data are stored for the duration of the relationship of association and / or mandate and, in the case of revocation and / or other termination of the relationship.

Transfer of data to Third Countries and International Organizations

It should be noted that the owner does not process data that involves the transfer of personal data and special data to third countries or international organizations. Rights of the interested party Right of access to data in accordance with articles 15-23 GDPR EU Regulation n.679/2016 (and subsequent provisions of legislative adaptation D.Lgs 101/2018)

Rights of the interested party

Right of access to data

In your capacity as data subject, you are the holder of the rights under Art. 15 GDPR: -to obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in intelligible form; -to obtain indication: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic instruments; d) the identity of the owner, managers and the representative of the owner and the persons authorized to process designated e) the subjects or categories of persons to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or authorized to process;

Right to rectification of data

In your capacity as data subject, you are the holder of the rights referred to in art. 16 GDPR and precisely the rights to: a) updating, rectification or, when interested, integration of data; 

Right of cancellation of data

In your capacity as data subject, you are entitled to the rights set forth in art. 17 GDPR and precisely the rights of: b) cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;

Right to limitation of processing:

In your capacity as data subject, you are the holder of the rights referred to in Art. 18 GDPR and precisely the rights to: request the limitation of the use of the data for reasons of public interest only, exclusively and carried out with the consent of the data subject and for the establishment or defense of a right, in cases where the data subject contests the accuracy of the data and the processing, in the case of exercising the right to object to the processing pursuant to art. 21 GDPR and in the other cases provided for in art.18 GDPR 

Right to portability:

In your capacity as data subject, you are the holder of the rights referred to in 'art. 20 GDPR EU Regulation n.679/2016 (and subsequent provisions of legislative adaptation Legislative Decree 101/2018) and precisely the rights to:mandate and, in the case of revocation and / or other termination of the relationship. -receive the personal data provided to the Data Controller in a structural format or on computer support of common use, intelligible and accessible for any operating system (USB or ZIP file duly encrypted), -to move without constraints, the information and data concerning you from the present owner to another owner chosen by you according to your purposes and in full compliance with the principles of transparency, lawfulness and proportionality of the treatment. The right to data portability is without prejudice to other rights.

Right to object to processing:

In your capacity as a data subject, you are entitled to the rights set forth in Art. 21 GDPR -oppose, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if relevant to the purpose of collection; b) to the processing of personal data concerning you for any other purpose not relevant to the processing. 

Right of opposition and limitation to the processing carried out by means of profiling for the exclusive purposes referred to in point E) of paragraph 2 of this notice pursuant to art.22 GDPR.

It is mentioned that you, in your capacity as a data subject, have the right not to be subjected to a decision based solely on profiling (purposes referred to in point E), paragraph 2 of this information notice), which significantly affects your person unless such processing is based on your explicit, unequivocal and unconditional consent, exercised in writing and separate from other specific requests for consent. In addition, in the event of the provision of explicit, unambiguous and unconditional consent, exercised in writing to the aforementioned profiling processing (purposes referred to in point E), paragraph 2 of this policy), the data controller shall implement appropriate measures to protect the rights, freedoms and legitimate interests of the data subject, at least the right to obtain human intervention by the data controller, to express his or her opinion and to contest the decision, including in the event that the data controller should eventually become aware of data referred to in art.9 GDPR (special data) 

Right to withdraw consent:

In your capacity as a data subject, you are the holder of the rights referred to in Art. 7 GDPR and precisely the right to revoke consent, where applicable and at any time. Withdrawal of consent does not affect the lawfulness of the processing based on the consent given before the withdrawal; 

Limitations to the obligations of data controllers and data processors under Art. 23 GDPR

The obligations on the part of the Data Controller and the Data Processor to make this disclosure pursuant to Art. 12 GDPR, not to submit to an automated procedure pursuant to Art.22 GDPR, and to make the communications referred to in Art. 34 GDPR may be waived exclusively upon your consent or for the need to communicate to the Supervisory Authorities for reasons of national security, public safety, defense in court, for the prevention, detection and prosecution of crimes, for the protection of the interests and freedoms of others, for the independence of the judiciary, for the execution of civil actions and for relevant objectives of public and economic interest.

Right to complain to the Guarantor Authority of Privacy:

In your capacity as a data subject, you are the holder of the rights referred to in Article 13 GDPR, namely the right to lodge a complaint with the supervisory authority. 

How to exercise your rights

You may exercise your rights at any time by sending a request by email to info@nove25.net - PEC info@pec.nove25.net and you may also exercise your rights by contacting the Privacy Guarantor, with Headquarters in Piazza Venezia n. 11 - 00187 Rome, Telephone: (+39) 06.696771,Fax: (+39) 06.69677.3785. For general information it is possible to send an e-mail to: garante@gpdp.it

Product added to wishlist
gif_loading_whitex2