Privacy Policy pursuant to arts. 13 and 14 of GDPR 679/2016

Privacy Policy pursuant to arts. 13 and 14 of GDPR 679/2016

(General Data Protection Regulation)

Dear Visitor,

We submit to your attention our privacy policy pursuant to the European Regulation on the Protection of Personal Data EU REG. 679/2016 of 27 April 2016, which came into force on 25 May 2018 (General Data Protection Regulation – GDPR), in connection with the use of the contact data that you supplied by compiling our form “contact” (hereinafter, the “Personal Data”) available in our company website www.nireos.com.

The Controller of your personal data is NIREOS S.r.l., with registered office in Via G. Durando – 20158 Milano no. 39, VAT no. 10359960969, registered in the Trade Register of Milano, email info@nireos.com (hereinafter, “NIREOS” or the Controller).

Purposes and legal basis for processing your data: your Personal Data, collected according to the modalities described above, will be processed for the purposes and by virtue of the legal basis given below:

Purposes: meet your contact request

Legal basis for data processing: data processing is necessary in connection with your contact request

Personal Data disclosure – dissemination modalities: your Personal Data may be transferred as described below.

Recipients of Personal Data: third parties who supply services relating to the activities of the Controller, and with whom our company has entered into specific agreements to ensure compliance with the provisions set out in the GDPR.

Storage periods: your Personal Data will be deleted after 12 months.

Your rights as a data subject:

We inform you that, at any time, as long as the conditions provided for in the GDPR are met, you can exercise your rights to (a) have access to your Personal Data (to determine its origin, and the purposes and aims for which is it processed, the subjects your data is communicated to, the storage period or the criteria adopted to determine such period), (b) request that your data be rectified, (c) that your data be deleted (“oblivion”) if no longer necessary, incomplete, erroneous or obtained in violation of the law, (d) ask that the processing of your data be restricted to part of your information; (e) receive your Personal Data in a format in common use and machine-readable.

You also have the right to object to the processing of your Personal Data. All the abovementioned rights may be exercised by sending a written request addressed without formalities to the Controller, at the contacts given above in paragraph 1.

If you feel we have not met your requests satisfactorily, you can lodge a complaint with the Personal Data Protection Guarantor (http://www.garanteprivacy.it/) according to the modalities provided for in the applicable regulations.