Newe Srl with headquarters at Via Cave 23 - 28010 Pella (NO), IT, as the Data Controller of personal data according to the EU Regulation 679/2016 applicable from 29/03/2022, General Data Protection Regulation (GDPR), and applicable National Legislation (hereinafter collectively referred to as the "Applicable Regulations"), recognizes the importance of protecting personal data and considers their protection one of the main objectives of its activity. In compliance with the Applicable Regulations, we are providing the necessary information regarding the processing of provided personal data. Therefore, Newe Srl invites you to carefully read this notice as it contains important information about the protection of personal data and the security measures adopted to ensure confidentiality in full compliance with the Applicable Regulations.
Newe Srl informs that the processing of personal data will be based on the principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimization, accuracy, integrity, and confidentiality. Personal data will be processed in accordance with the legal provisions of the Applicable Regulations and the confidentiality obligations provided therein.
DATA CONTROLLER
According to the Applicable Regulations, the data controller is Newe Srl with headquarters at Via Cave 23 - 28010 Pella (NO) IT. In turn, Newe Srl has appointed a Data Protection Officer, available at the address: Via Delle cave 23 Pella Frazione Alzo (NO), for any information regarding the processing of personal data carried out by the Controller, including the request for the list of data processors on behalf of the Controller.
PERSONAL DATA SUBJECT TO PROCESSING
"Personal Data" refers to any information concerning an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity. "Special Categories of Data" refers to personal data suitable to reveal racial or ethnic origin, religious or philosophical beliefs, or union membership, as well as generic and biometric data, data concerning health or sex life, or sexual orientation of the person. "Judicial Data" refers to personal data related to criminal convictions and offenses or related security measures. "Processing" means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
DATA PROCESSING LOCATION
Data processing takes place at the aforementioned Controller's headquarters and at designated third parties.
TYPES OF PROCESSED DATA
The processing concerns personal and identifying data voluntarily provided by the data subject (for example, but not limited to: name, surname, address, VAT number, tax code, landline or mobile phone number, email address, banking details, etc.).
PURPOSE, LEGAL BASIS, AND MANDATORY OR OPTIONAL NATURE OF PROCESSING
The data will be processed for institutional purposes, connected or instrumental to our company's activities, including: A: Administrative and accounting purposes. For the application of provisions regarding personal data protection, administrative and accounting processing includes activities related to organizational, administrative, financial, and accounting matters, regardless of the nature of the data processed. In particular, internal organizational activities, those functional to the fulfillment of contractual and pre-contractual obligations, management of the employment relationship in all its phases, bookkeeping, and application of regulations concerning taxation, trade union, social security, health, hygiene, and workplace safety purposes.
NATURE OF PROVIDING AND REFUSAL
Any refusal to provide data for the purposes mentioned in letter A may prevent the establishment or execution of contractual relationships or the fulfillment of legal obligations by Newe Srl. However, any refusal to provide data for the purposes mentioned in letter B does not prevent the establishment or execution of the contract but prevents the pursuit of the indicated purposes. The data subject can oppose the processing at any time by exercising the rights provided by the Applicable Regulations in the forms and manners indicated in this document.
PROCESSING METHODS - DATA RETENTION
The processing will be carried out in both automated and manual forms, using methods and tools aimed at ensuring maximum security and confidentiality, by individuals appointed as data processors and authorized personnel according to the applicable regulations. The data will be kept for a period not exceeding the purposes for which they were collected and subsequently processed, and in any case during the course of the existing contractual or commercial relationship, except for what is required for administrative/accounting purposes.
SCOPE OF COMMUNICATION AND DISCLOSURE
The data subject to processing will not be disclosed, except with the explicit authorization of the data subject provided after adequate information. However, the data may be communicated to companies contractually linked to the Data Controller and, if necessary, also to subjects inside and outside the European Union, in accordance with and within the limits of the Applicable Regulations.
The data may be communicated to third parties belonging to the following categories:
• Entities that provide services for the management of the information system used by the Data Controller and the telecommunications networks, and who maintain the technological part (including email and newsletter services);
• Freelancers, professionals, or companies within the scope of assistance and consultancy;
• Entities that carry out control, auditing, and certification of the activities performed by the Data Controller;
• Competent authorities for fulfilling legal obligations and/or provisions from public authorities upon their request. The identifying data processed in accordance with company security procedures are not subject to communication, except for express and specific requests made by competent judicial and investigative authorities. Entities belonging to the aforementioned categories function as Data Processors, or operate independently as distinct Data Controllers. The list of data processors is constantly updated and available upon request at the Data Controller's headquarters. Any further communication or disclosure will only occur upon the explicit consent of the data subject. Furthermore, during the ordinary processing activities, personal and identifying data may be accessed and therefore become known to individuals expressly designated by the writer as processing officers, authorized according to their respective profiles.
RIGHT OF ACCESS TO PERSONAL DATA AND OTHER RIGHTS
Finally, we inform you that at any time you may exercise your rights against the Data Controller according to the Applicable Regulations. This includes obtaining confirmation of the existence or otherwise of such data, knowing their content and origin, verifying their accuracy, requesting their integration, updating, or rectification. Under the conditions provided by the Applicable Regulations, you have the right to request erasure, restriction of processing, portability, as well as object to processing for legitimate reasons. Under the conditions provided by the Applicable Regulations, you have the right to lodge a complaint with the supervisory authority.
Kind Regards Signature for Acceptance