With this informative report Nest Italy S.r.L., with registered office in Via dei Contrari 10/3 – 44121 Ferrara (FE), Tax Code and VAT number: 02069670384, mail [email protected] as the Data Controller of personal data (hereinafter simply “Data Controller”) – wishes to inform you about the processing of the personal data you will provide through the navigation on this Website https://nestitaly.com/it/ (hereinafter simply “Website”).
For any clarification, information, exercise of the rights listed in this statement, please contact:
mail: [email protected]
address for sending registered mail: Via dei Contrari 10/3 – 44121 Ferrara (FE).
The Legislative Decree 196/2003 as amended by Legislative Decree 101/2018 and the EU REG. 2016/679 establish the rules to protect and safeguard individuals with regard to the processing of their personal data and this information is drafted in accordance with the new legislative dictate.
The information may be subject to change following the introduction of new rules, so please visit this section periodically for updates.
The information on Privacy that you are reading is exclusively related to the Website and the Owner is not responsible for the management of personal data carried out by third party websites linked through the Cookie section, or through any window-links on the Homepage.
According to the law, the processing of personal data is based on principles of correctness, lawfulness, transparency, accuracy, limitation of purpose and storage, minimization, data integrity, protection of user privacy and protection of your rights.
The Owner is committed to complying with the above principles and, to this end, informs you that – except for those treatments for which the law provides for your explicit consent – by browsing this website, uploading or providing personal data, you accept and agree to be bound by the terms and conditions of this policy. Your consent to the processing of data – where given by you – may be revoked at any time by contacting the above addresses.
If you are under 16 years of age, Your consent is legitimate only if given or authorized by the person holding parental responsibility over You, in accordance with the provisions of Art. 8 EU Reg. 2016/679. For data subjects who are on Italian territory, consent is legitimate, under the same conditions as above, even for the subject who has reached the age of 14 years.
In any case, we want to give you some information on the concept of processing of personal data and the people who handle them.
PERSONAL DATA PROCESSED and TREATMENT
HOLDER OF THE TREATMENT
RESPONSIBLE FOR THE TREATMENT
MODALITIES OF TREATMENT
PLACE OF TREATMENT AND SCOPE OF CIRCULATION OF DATA
PURPOSE OF TREATMENT
LEGAL BASIS FOR DATA PROCESSING
PERIOD OF DATA RETENTION
RECIPIENTS OF PERSONAL DATA
DISSEMINATION OF DATA
TRANSFER OF DATA
1. PERSONAL DATA PROCESSED AND TREATMENT
For “personal data” we mean all the information that could allow directly or indirectly the identification of users.
Such information may be, for example, your name, address, e-mail address and telephone number, or even the IP address of the device you use, your browsing preferences or information about your lifestyle or hobbies and interests as well as your online shopping preferences, billing address, delivery addresses, website access activities and product information displayed on the website.
The personal data processed are those provided voluntarily by the user (e.g. common data such as identification data, your phone or email address) and those collected by tracking technologies (cookies). The Owner treats these data in compliance with applicable regulations.
“Processing of personal data” means any operation or set of operations, carried out with or without the help of automated processes and applied to personal data or set of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction.
2. DATA CONTROLLER
The “data controller” is the natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data.
With regard to this Website, the data controller is the company as above specified and identified, and for any clarification or exercise of rights that you may contact him at the following email address: [email protected].
3. DATA CONTROLLER
The “data controller” is the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller.
With respect to Your personal data provided while browsing this Website, the Data Controller has appointed Google Analytics as data processor, pursuant to and for the purposes of Art. 28 EU Reg. 2016/679.
More information is available at the following email address: [email protected].
4. METHODS OF TREATMENT
On this Website, the data are collected electronically and processed through operations carried out mainly with the aid of electronic instruments, ensuring the use of appropriate measures for the security of the processed data and ensuring their confidentiality. In particular, the data processing is done by minimizing the use of sensitive personal data.
Your personal data will be processed by collaborators and / or employees of the owner as managers or processors, within their functions and in accordance with the instructions given by the owner.
5. PLACE OF TREATMENT AND CIRCULATION OF DATA
The processing of personal data related to the services of the Website takes place at the above mentioned Controller and is carried out only by authorized personnel.
Your personal data may be communicated to Judicial Authorities and Police Forces only in cases where this is required by law and used by the Owner for the purpose of any defense of his rights in court, where strictly necessary.
The data collected will not be disclosed. However, for the effective execution of the requested service, some data will be shared with external parties, appointed as data controllers under Art. 28 Reg. EU 2016/679, called to perform specific tasks on behalf of the company (eg: Web agency, professionals, etc.). The Owner undertakes to protect the security of personal data by adopting all the necessary computer and physical measures to protect the personal data provided. No security system guarantees this protection with absolute certainty, therefore, except in cases of liability for negligence, the owner is not responsible for the fact made by third parties who illegally access the systems without the necessary authorizations.
6. PURPOSE OF THE TREATMENT and TYPE OF DATA PROCESSED
To provide the Services through the Website (collectively “Service Provision”), and in particular:
to respond to Your requests for information related to the Controller’s business or the services and products displayed on the Website;
Allow you to register and access your personal area and modify your personal data, including the recovery of your password;
allow you to submit a request for the purchase of products and services or booking, and proceed to send the purchased goods or any confirmation of acceptance of your requests;
manage the organizational and administrative aspects related to the sale (including the management of your payments made on the Site);
send you the newsletter if you have requested it as a service by subscribing to it;
manage your online application if you have decided to submit it voluntarily and spontaneously;
provide you with any other service or information you request and that is available to the Owner.
The data processed are common data (such as contact data, email address, billing data, payment data).
For the treatment of common data of third parties released through the compilation of the form, the Owner will treat these data in compliance with the applicable legislation, assuming that they are referred to you or third parties who have expressly authorized you to give them on the basis of a suitable legal basis that legitimizes the processing of data in question. Compared to these assumptions, you stand as autonomous owner of the treatment, assuming all the obligations and responsibilities of the law. In this sense, confer on the point the widest indemnity with respect to any dispute, claim, request for compensation for damages from treatment, etc.. that should reach the owner by third parties whose personal data have been processed through the form. The data processed are common data. The Owner invites the user not to insert sensitive data (regarding one’s own health condition, whether physical or psychological, political or religious orientation, etc.) if not strictly necessary for the purposes of requesting information or purchasing products;
send you marketing communications, promotions and advertising, including through the email address entered in the newsletter and / or fields of compilation (Purpose of “Marketing”). The data processed are common data;
send you marketing communications via email regarding products and services similar to those you have purchased through the Site, or for the management of technical and analytical cookies on the Site (“Soft Spam”). The data processed are common data;
Send you commercial communications in line with your preferences (“Profiling”). The data processed are common data (contact data).
Monitor statistically in aggregate the attendance at the site (“Analysis”). The data processed are common data;
to comply with legal obligations that require the Data Controller to collect and/or further process certain types of personal data (“Compliance” purposes). The data processed are common personal data;
to prevent or detect any abuse in the use of the Website, or any fraudulent activity and thus allow the Data Controller to protect itself in court (Purpose of “Prevention of Abuse and Fraud”). The data processed are common personal data.
7. LEGAL BASIS FOR DATA PROCESSING
The legal basis for the processing of personal data provided by you through navigation is:
Provision of the Service: the fulfillment of obligations of a contractual or pre-contractual nature ex art. 6 co 1 lett. b) GDPR. The processing for this purpose is necessary in order to provide you with the requested service (e.g. request information about the products or services of the Owner, make requests for reservations or purchase products or services online). It is not compulsory to provide the personal data requested, however, failure to do so will make it impossible to provide the requested service. With regard to the email address entered in the contact form, it is not mandatory to provide your data (email address), however, failure to indicate the email address does not allow subscription to the newsletter. You can always – and at any time – revoke your subscription by unsubscribing from the newsletter using the appropriate link at the bottom of the newsletter or by writing to [email protected];
Marketing: consent pursuant to art. 6 co 1 lett. a) GDPR. The activity is also carried out through the newsletter (if the service is active) with promotional content. It is not compulsory to give your consent for the purpose of Marketing, and you can always revoke it at any time without any consequences (except that of not receiving any more marketing communications) by writing to [email protected];
Soft Spam: the legitimate interest ex art. 6 co 1 lett. f) GDPR of the Owner in sending you commercial information about products and services similar to those already purchased and therefore in line with your interests. You can object to this treatment at any time by writing to [email protected] without any consequences (except that of not receiving any more promotional communications);
Analysis: the legitimate interest ex art. 6 co. 1 lett. f) GDPR of the Owner;
Compliance: the fulfillment of a legal obligation ex art. 6 co 1 lett. c) GDPR. The processing for this purpose is necessary for the Controller in order to comply with legal obligations under the legislation, including sectoral legislation, including tax, fiscal or other obligations.
Prevention of Abuse and Fraud: the legitimate interest ex art. 6 co 1 lett. f) GDPR. The processing for this purpose is intended solely to allow the Owner to prevent and/or identify any fraudulent activities committed through the Website and therefore protect itself in court.
8. PERIOD OF DATA RETENTION
The data processed to fulfill legal obligations will be kept until the fulfillment of the same, and in any case for the period of time necessary to demonstrate the fulfillment; the data processed to fulfill contractual purposes until the fulfillment of the same and, if a contract is concluded or there have been pre-contractual negotiations, for ten years from the conclusion of the same in order to allow any judicial or extrajudicial protection as well as the demonstration of proper fulfillment of the obligations contractually assumed. The data processed for the purposes of marketing and profiling until the withdrawal of consent by the person concerned. The data contained in the curricula will be kept for one year and then deleted.
With regard to the activity of commercial communications of soft spam by email and for the management of technical and analytical cookies, the data will be kept until the possible opposition of the person concerned, to be exercised in the manner indicated below, or for treatments based on consent, until the revocation of the same. The data processed for the purposes of Compliance for the period of time indicated by the specific legislation.
The data processed for the purposes of Prevention of Abuse and Fraud for the time strictly necessary to allow the owner to defend himself in court.
9. RECIPIENTS OF PERSONAL DATA
The personal data you provide may be disclosed to the Owner and / or those responsible for treatment eventually appointed.
Any other categories of recipients who may become aware of your personal data during or after the execution of the contract are:
the subjects who process the data in execution of specific legal obligations;
external consultants and professionals who provide functional services, deriving from or connected to the above-mentioned purposes (e.g. marketing or recruiting activities), identified in writing and to whom specific written instructions have been given with reference to the processing of personal data;
subjects with whom it is necessary to interact in order to carry out the requested services (e.g. hosting providers, credit institutions);
persons authorized by the Owner to process personal data necessary to carry out activities closely related to the provision of services, who are committed to confidentiality or have an adequate legal obligation of confidentiality (eg employees of the Owner);
in general, to all those public and private subjects for whom communication is necessary for the correct and complete fulfilment of the indicated purposes;
subjects or entities to whom it is mandatory to communicate data for the purposes of compliance, prevention of abuse and fraud, or by order of the authority.
10. DISCLOSURE OF DATA
Unless you specifically request in writing, or specific order of the A.G./legislative obligation, the personal data you provide are not subject to disclosure.
11. TRANSFER OF DATA
In order to provide certain services, personal data may be transferred to third party organizations or countries, where the servers of the hosting or suppliers are located.
If this happens, the Owner ensures that your personal data is processed by these recipients in accordance with applicable legislation, including European and Italian legislation to which we are subject. Where required by European data protection law, the transfer of Your Data outside the European Union will take place on the basis of appropriate safeguards (such as European Union standard contractual clauses for the transfer of data between countries within the EU and countries outside the EU) and/or other legal bases under EU law.
More information is available from [email protected].
On the site may be present Plugins of Social Networks (e.g. Pinterest, Facebook, Instagram, LinkedIn etc.) that allow/permit the sharing of content on your social profiles if you decide to share by clicking on the relevant Plugin.
USER RIGHTS ACCORDING TO EU REG. 2016/679
Chapter III of EU REG. 2016/679 lists the user’s rights.
Therefore, the Data Controller intends to inform you of the existence of specific rights, including the right to obtain from the Data Controller confirmation, or not, of the existence of your personal data (i.e. access), their provision in an intelligible form, as well as their rectification, or cancellation, or to limit their treatment in whole or in part or oppose for legitimate reasons to the same and / or revoke consent to treatment at any time (subject to the consequences referred to in paragraph 5 above), or to request the portability of their data with regard to data subject to specific consent, or even the updating. As an “interested party” you also have the right to request the transformation into anonymous form, the limitation or blocking of data processed in violation of the law, you can also complain about the unauthorized processing of your data to the Guarantor for the Protection of Personal Data in the manner published on the site of that authority (see http://www.garanteprivacy.it/). You have the right to know the origin of the data, the purposes and methods of treatment, the logic applied to the treatment, the identity of the owner and the persons to whom the data may be communicated.
Requests relating to the exercise of the aforementioned rights may be addressed to the Data Controller, at the addresses indicated above, without formalities or, alternatively, using the model provided by the Guarantor for the Protection of Personal Data available on the Site: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924.
Similarly, in case of violation of the legislation, you have the right to file a complaint with the Guarantor for the Protection of Personal Data, as the authority responsible for monitoring the treatment in the Italian State. The template for submitting a complaint to the Privacy Guarantor can be found at:
To exercise one or more of the above rights, you can contact us at the following email address: [email protected].
INFORMATION ON COOKIES
What are cookies?
Cookies are small strings of code that sites you visit send to your terminal equipment (usually to your browser: Google Chrome, Internet Explorer, Mozilla Firefox, etc.), where they are stored in order to be retransmitted each time the same user visits the same sites or accesses them again.
Why are they useful?
How do I select or disable cookies?
By changing your browser settings, cookies can be restricted or blocked. To manage cookies, please refer to the instructions provided by your browser by following the paths below (for the most common browsers):
If you use multiple browsers, you will need to follow the cookie deletion process for each browser. If you use different devices (such as smartphones or tablets), you will need to refer to your device settings to uninstall cookies.
It should be noted that if you choose to block the receipt of cookies this may compromise or prevent the proper functioning of the Website as some cookies are strictly necessary for navigation.
How many types of cookies are there?
Cookies are classified into different types:
in relation to DURATION, the cookie can be “session” (automatically deleted when the browser is closed) or “persistent” (active until its expiry date or when it is deleted by the user);
in relation to PROVENANCE, the cookie may be a “first party” cookie (sent to the browser directly from the Site you are visiting) or a “third party” cookie (sent to the browser from other sites and not from the Site you are visiting);
in relation to the PURPOSE, the cookie can be “technical” or “profiling”. A “technical” cookie is a navigation, essential, performance, process or security cookie; a “technical” cookie is also a functionality cookie, a language preference, a session status cookie; finally, a “technical” cookie is a first-party or third-party statistical-analytical cookie with IP masking, without data cross-referencing. For the installation of “technical” cookies do not need your prior consent. A “profiling” cookie is a third party statistical-analytical cookie that uses the entire IP address; a “profiling” cookie is also an advertising, advertising, tracking or conversion cookie. The installation of “non-technical” cookies requires your prior consent.
What cookies does this Site use?
The Website uses “technical” cookies, without the use of which certain operations would be very complex or impossible to perform. Technical cookies do not require your prior consent to install or read information.
These are strictly necessary technical cookies that allow you to navigate effectively on the Website and take advantage of its essential features, such as allowing the storage of previous actions. By blocking the use of these cookies Your browsing experience may be impaired and some essential services may not be provided.
The Website also uses technical so-called functionality cookies to improve your browsing experience.
On the pages of the Website there are buttons and widgets of Social Networks to facilitate interaction with social platforms and the sharing of content directly from the pages of this Website.
In particular, on the pages of this Website there are Instagram sharing buttons in order to improve the user’s browsing experience by sharing content on Social Networks.
The management of information collected by third parties is governed by the relevant information to which you should refer for any clarification. The data controller is not responsible for the operation on its site of third-party cookies/plugins.
The technical “analytical” cookies used in this website do not determine the processing of personal data (such as name and surname of the user, or IP address) because the data is collected in aggregate form for statistical purposes only and the owner of the site has adopted appropriate tools to reduce the power of identification of analytical cookies used (for example, by masking significant portions of IP address).
Cookie type and owner
Technical name of the cookies
Functioning and purpose
This cookie performs analytical activity in an aggregated statistical format.
E.g. At the end of the session
For a complete analysis of the cookies installed, please refer to the cookie banner present at your first access and always accessible by activating the navigation in unknown.
Third party cookies:
The Website also uses third party cookies that you can accept by clicking on “Accept” in the banner present when you first open the site.
The third party cookies used on the Website are not directly controlled by the Owner and consequently, to deactivate them or for further information, you must follow the procedures indicated below at the following links:
Google Analytics: https://www.google.com/policies/privacy/partners/
Alternatively, you may also express your preferences by visiting: http://www.youronlinechoices.com/it/le-tue-scelte.
Cookies on the Site: