Privacy

Data Controller
The company Nordimpianti System Srl (herein after “Nordimpianti”, “he”, "we", "our" or the "Company"), with headquarter in Via Erasmo Piaggio, 19/A, IT-66100 Chieti (Ch), Italy, available for being contacted at privacy@nordimpianti.com or, by phone, at +39 0871 540 222, as Data Controller of all Nordimpianti data, hereby provides you with the information about how he manages, protects and takes care of your personal data in accordance with Regulation (EU) No. 2016/679 (herein after "Regulation" or "GDPR").


Types of data processed
Nordimpianti, as the Controller, uses personal data to carry out its business activities in the best possible manner.
You may be requested to provided some or all of the following data:
• personal data such as mainly name/surname, tax code, address and contact data or other data that can be directly or indirectly able to be used to identify a person;
• data about the contractual relationship that describes the type of contract, as well as information regarding its execution that is needed in order to fulfill the contract;
• accounting data about the economic relationship, the amounts due and payments made, the related trend in payments and summary accounting status of the relationship;
• data that clarifies the relationship with our organization and makes our collaboration more operationally efficient and effective;
• data about employees and/or collaborators

We and our service providers may also collect other information in a variety of ways, including:
• Through your browser or device
- Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the services (such as the App) you are using. We use this information to ensure that the services function properly.
• Using cookies
- Cookies are pieces of information stored directly on the computer that you are using. Cookies allow us to collect information such as browser type, time spent on the services, pages visited, language preferences and other traffic data. We do not currently respond to browser do-not-track signals.
• Using pixel tags and other similar technologies
- Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the services and response rates.
• Analytics
- We use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the services and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s and YouTube’s practices by going to https://www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout. To view Google’s and YouTube’s privacy policy, please click here.
• IP Address
- Your IP address is automatically assigned to your computer by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses our systems, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other systems. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering the systems. We may also derive your approximate location from your IP address.


Processing purposes
You can expect, if you take advantage of our products and services, that personal data will be processed to fulfill legal obligations, as well as administrative, insurance and tax obligations envisaged under current legislation, to satisfy accounting and commercial needs, and to fulfill in a timely manner the contractual and legal obligations deriving from the contractual relationship with the data subject. The data provided may also be used to contact the data subject in the context of market research relating to the products or services, or in the context of commercial campaigns or offers. For these such, purposes the data subject is free to refuse the consent.
In particular, we manege and process your data mainly for the following purposes:

Purposes where consent is not required
• to allow you to navigate the website nordimpianti.com
some data, such as your IP address, browser or some other data that can be indirectly referred to you, can be read during your connection to our website
- legal basis (Article 6,1,c GDPR): legal obligations in order to comply with the performance of a contract with third parties and for compliance with a legal obligation to which the controller is subject
- consent cannot be denied for navigate the website as some personal data are technically needed and read to let navigation possible according also with legal obligations with national and international Authorities.

• administrative-accounting purposes
in particular for fulfillment of tax or accounting obligations, management of customers (customer/supplier administration, preliminarry activities for quoting services and products or for the conclusion contracts or orders, administration and execution of contracts or orders, shipping and invoicing; checks on reliability and solvency), management of disputes (contractual breaches, warnings, settlements, credit collection, arbitration, judicial disputes)
- legal basis (Article 6,1,b-c GDPR): data are processed in order to comply with contract dutes and/or for compliance with a legal obligation to which the controller is subject
- consent can not be denied if data process is mandatory by law or if it can already potentially produce legal effects or consequences able to involve any rights of involved parties suitable to be preserved by law.

• management of pre-sales and sales activities
we take note about relationship activities with our customers/potential customers (phone calls, meeting, email, etc...); we process data to manage trade fair campaigns (in order to invite customers and potential customers of the same country of the fairs where we attend that are streactly related to their business and where they could have interest in coming in case of planned investments and in order to do emailing follow-up activities after visits, such as replying to any requests, sending offers or simply emailing thankings for visiting)
- legal basis (Article 6,1,b-f GDPR): data are processed in order to take steps at the request of the data subject prior to entering into a contract and/or for the purposes of the legitimate interests pursued by the controller, after troughly valueting if such interests do not override the interests or fundamental rights and freedoms of the data subject which require protection of personal data
- consent could be denied or revoked if data process is not mandatory by law or if it can not already potentially produced legal effects or consequences able to involve any rights of involved parties suitable to be preserved by law, but if denied or revoked, we can not perform or we can not perform anymore your requests.

• internal controls and safeguarding of assets
security, productivity, quality of services, customer satisfaction surveys, safeguarding of assets, video surveillance, access control
- legal basis (Article 6,1,f GDPR): data are processed for the purposes of the legitimate interests pursued by the controller, after troughly valueting if such interests do not override the interests or fundamental rights and freedoms of the data subject which require protection of personal data;
- consent could be denied or revoked if data process is not mandatory by law or if it can not already potentially produced legal effects or consequences able to involve any rights of involved parties suitable to be preserved by law, but if denied or revoked, we can not perform or we can not perform anymore your requests.

Purposes where consent is required
• marketing activities
Nordimpianti could send newsletters or commercial communications as well as advertising on own products and services, or perform marketing campaigns, analyze customers behaviors to enhance products and services provided as well as satisfy your expectations.
- legal basis (Article 6,1,a GDPR): any data used for these purposes can be carried on only with data subject consent, that has to be any freely given, specific, informed and unambiguous.
- please note that the given consent may be easily revoked at any time (in case of emails by clicking on the unsubscribe option in each email sent otherwise sending a request to the Data Controller) , without affecting the legality of the processing carried out until the moment of withdrawal.
• spontaneous application
- legal basis (Article 6,1,a GDPR): any data used for these purposes can be carried on only with data subject consent, that has to be any freely given, specific, informed and unambiguous.
- please note that the given consent may be easily revoked at any time without affecting the legality of the processing carried out until the moment of withdrawal.


Communication, release and transfer of data
As because the Nordimpianti's business is extended worldwide, in order to comply with all matters as regards to subscribed contracts, your data may be communicated or transferred to the following third party subjects, that could be located inside and outside the European Union, that perform activities that are functional to the services or to the production of goods you have requested to us: (a) partners, collaborators and suppliers of materials, products and services with reference to the activities of the following sectors (for example): technology, accounting, administration, law, insurance; (b) subjects and authorities whose right of access to the data is acknowledged by the law and by the regulations or provisions issued by the competent authorities.

Depending on the circumstances, these recipients will process your data as data controllers, as data processors or as persons assigned to process the data. The complete and updated list of the subjects processing data as data processors is available on request to the data Controller, by means of the contact procedures indicated in this Information notice.
All data processed in the EU is protected under the Regulation (EU) No. 2016/679. When data is communicated or transferred to a country outside the EU we verify if the country is covered according to an European Comminsion Adeguasy Decision, otherwise we subscribe an agreement with the third party that respect the Regulation (EU) No. 2016/679 in order to grant the privacy safeguard.


Data processing methods
Your personal data are processed by the Company using electronic and manual systems in compliance with the principles of lawfulness, fairness and transparency envisaged by the applicable regulations relating to the protection of personal data and protecting your privacy by providing technical and organizational safeguards so as to ensure adequate security levels.

Such processing will take place at the Company’s main office and/or at the premises of the external data processors who process the data on behalf of Nordimpianti within and sometimes outside the European Union and, especially, in the United States of America. With reference to transfers outside the European Union towards countries considered by the European Commission as not capable of providing adequate safeguards, the Company shall provide the safety measures that are suitable and adequate for protecting your data. Consequently, any transfer of data to countries located outside the European Union will occur, in any case, in compliance with the appropriate safeguards and suitable for data transfer, such as data protection contract clauses, as per the regulations applicable and in particular articles 45 and 46 of the GDPR.

Should you wish to receive more information regarding the safeguards provided for and to request a copy of such safeguards, please contact the Company at any time through the channels indicated in this Information notice.


Data storage
The data shall be stored for the period of time required to pursue the purposes for which they were collected, as stated in this Information notice. In any case, the following storage periods will be applied with reference to the processing of the data for the purposes indicated in the following:

(i) as regards Contract purposes (art. 6,1,b GDPR) and purposes of Legitimate Interests (art. 6,1,c GDPR ) the data are stored for a period equal to the duration of the supply of services you have requested and for 10 years after that, without prejudice to those cases in which further storage is requested due to disputes, requests from competent authorities or in compliance with applicable regulations;

(ii) as regards Purposes where data are processe carried out only with your consent (art. 6,1,a GDPR), the data are stored for a period equal to the duration of the supply of services requested and for a period of 24 months following the last contract with you, to be intended, among others, as participation in a Company event, use of a product or service supplied by the Company or the opening of a newsletter (all together defined as Last Contract")


Rights of the data subject
With regard to the data processing described in this Information notice, you may exercise at any time the rights indicated in the GDPR (articles 15-21), including the following rights:
• to receive confirmation of the existence of your personal data and to access their content (right of access);
to update, change and/or correct your personal data (right of rectification);
• to ask for the erasure or the limitation of processing of your personal data processed in violation of the law, including those for which storage is not necessary for the purposes for which the data were collected or otherwise processed (right to be forgotten and right of limitation);
• to object to the processing (right of objection);
• to withdraw consent, where given, without prejudice to the lawfulness of the processing based on the consent given prior to withdrawal;
• to lodge a complaint with a supervisory authority (in Italy: Garante per la protezione dei dati personali www.garanteprivacy.it) in the event of violation of the discipline concerning the protection of personal data;
• to receive a copy in electronic format of the personal data concerning you, to transfer them to yourself or to another service provider, in the event that the Company conducts the processing of these data based on your consent or on the basis of the circumstance that the processing is necessary for the supply of the service(s) you requested and the data are processed using automated means (right of data portability).
In order to exercise these rights, you can contact the Data Controller by sending your request to privacy@nordimpianti.com, or by sending a letter to:
Nordimpianti System Srl
Via Erasmo Piaggio, 19/A
IT-66100 Chieti (Ch) – Italy

When contacting the Data Controller, make sure to include your full name, e-mail/mail address and/or phone number to ensure that your request is handled correctly.


Amendments and updates
The foregoing information notice may be subject to change also as a consequence of amendments of and/or additions to the regulations.
Last update: april 2019
Nordimpianti System Srl
  • Via Erasmo Piaggio, 19/A
    66100 Chieti (CH) - Abruzzo | Italy
    T. +39 0871 540222
  • info@nordimpianti.com
  • PI / VAT No. 01276540687
    • @ 2016 Nordimpianti | All Rights Reserved