Pursuant to article 13 of EU Regulation 2016/679- GDPR
According to (EU) Regulation 2016/679, this page sets out the terms and procedures for the processing of personal data of the users consulting our website at: www.nextapartners.it
- Identity and contact details of the data controller
Data Controller is NEXTA società tra avvocati S.r.l. (hereinafter referred to as “the Controller”), VAT reg. no. 10503900960, with registered office in Milan, Via U. Visconti di Modrone no. 7.
The Controller can be contacted by email at privacy@nextapartners.it, or by telephone at 02/50041265.
- Scope of personal data processing
We will process all personal data provided (whether directly or indirectly) while using our website or following contacts established with NEXTA (e.g. by email, telephone, etc.)
Specifically, we will process:
- Personal data identifiers (without limitation: name, surname, company name, address, tax ID, VAT registration number, email, telephone number – hereinafter “personal data” or even “data”);
- Navigation data which is not directly provided, whose transmission is linked to the use of Internet communication protocols. This category of data includes IP addresses or domain names of PCs or mobile devices used when connecting to our website, addresses of requested resources in URI (Uniform Resource Identifier) notation, time of request, data concerning the current (approximate) position of the device in use and other information concerning its operating system and IT environment. This data is only used for statistical purposes (and is therefore anonymized) and to verify the proper operation of our website, but could even be used to assess liability in case of alleged IT offences against our Website;
- Data collected by means of cookies or similar technologies: please see our cookie policy on this website for further information.
- Purpose and legal basis for data processing
Personal data provided by users shall be exclusively processed for the following purposes:
- Checking the proper operation of services offered through our website.
- Handling receipt of messages sent to Nexta’s contact addresses, also through the contact form made available on our website, and thus processing all personal data included in such messages.
- Performing the appointment / consultancy agreement (which form the legal basis for data processing)
- Satisfying the obligations set forth by law, EU regulations and other provisions implemented by legal as well as supervisory and control authorities (e.g. invoicing, accounting and tax recording requirements).
Your express consent is not required in case of personal data processing for the purposes under a) b) c) d) above (article 6, letters b – f of the GDPR).
- Mandatory or optional submission of personal data and impact of denial to provide personal data
Personal data required for the purposes under a) b) c) d) above shall be mandatorily provided to enable processing requests filed by the user, performing any appointment and, thereafter, fulfilling law requirements the data controller is subject to. Your denial to provide such data, in whole or in part, would therefore prevent the Controller from establishing and operating the relationship and thus supplying the service required.
- Personal data processing procedures
Your personal data will be processed in accordance with the procedures set out in article 4 of the Italian Privacy Code and article 4, no. 3) of the GDPR, and specifically: collection, recording, organization, storage, consulting, processing, rectification, selection, comparison, use, interconnection, freezing, communication, erasure and destruction of data. Data processing shall take place in accordance with principles of fair practice, lawfulness and transparency and can be also carried out by automatic means designed to store, manage and transmit such data and shall take place by means of proper devices which can ensure safety and privacy of data through proper procedures designed to avoid loss, unauthorized access, unlawful use and disclosure of such data.
Processing is directly performed by the Controller’s organization and/or its agents which are specifically appointed and instructed, save as provided at point 6 below.
- Communication, Disclosure and Transfer of Data
Personal data may be to the following categories of persons, subject to the limitations that are strictly connected to obligations, duties and purposes hereinabove and in compliance with the regulations in force on this matter:
- Persons which are due to receive such disclosure in order to fulfil or claim for the fulfilment of specific obligations provided by laws, regulations and/or EU provisions;
- Banking institutions used by the data controller for its payment transactions, as well as the persons operating within their organizations, as far as administrative and accounting operations and confirmation of the completion of payment transactions are concerned only;
- Independent individuals and/or companies, professionals appointed by the Controller for consultancy purposes or assistance in the performance of its business, particularly: lawyers, statutory auditors, tax advisors, auditors, supervisory authorities, certification agencies, shipping agents, IT and security consultants, etc. These persons, if any, shall operate in a capacity as independent data processors and shall receive specific instructions on the procedures for data processing from the Controller, pursuant to article 28 of the GDPR;
A full and updated list of data processors outside the organization of the data controller can be consulted following request to be filed with the Controller at the following address: privacy@nextapartners.it
Management and storage of personal data shall take place on the Controller’s servers in the European Union. Personal data shall not be transferred outside the European Union.
It is however understood that, should the servers be moved within Italy and/or the European Union and/or to non-EU countries, such move shall in any case be carried out in compliance with articles 45 and ff. of the GDPR. This being the case, the Controller hereby assures that the transfer of data to non-EU countries would in any event take place in compliance with the applicable laws and that it would enter into agreements ensuring an adequate level of protection and/or implementing the standard contractual clauses provided by the European Commission, if necessary.
Personal data will in no case be generally disclosed.
- Personal data retention period
According to the provisions of article 5, para. 1, letter e) of EU Regulation 2016/679, personal data collected by us shall be retained and stored in a format allowing identification of the data subjects for a span of time not exceeding the achievement of the purposes the data are processed for. In any event, the data controller shall operate to minimize data processing.
- Navigation data and Cookie policy
IT systems and software procedures implemented to operate this website normally acquire certain personal data, which are thereafter implicitly transmitted when using Internet communication protocols. Collected information are not associated to identified data subjects because of their own nature, but could allow the identification of users through processing and association with data held by third parties. All our activities are regulated by strict ethical principles: we are committed to protect the privacy of our website visitors. This is the reason why the way we detect and store data is tightly linked to the conditions of use of our website and relevant services.
This website uses technical cookies to ensure the proper operation of procedures and improve user experience of online apps.
Cookies are small text files that websites visited by users send to their devices, where they are stored and thereafter retransmitted to these same websites during a subsequent visit. So-called “third-party” cookies, instead, are set up by a website other than the one the user is visiting. The reason is that each website may contain items (images, sounds, specific links to web pages of other domains, etc.) stored on servers other than the server of the visited site.
The user can decide whether to use (unnecessary) cookies or not through the banner.
Additional information on the cookies in use are available in the “cookie policy” section.
- Rights of the data subject
All users are recognized the rights provided under articles 15 and ff. of the GDPR and specifically:
- Right to ask for the confirmation that your own personal data exist;
- Right to get information concerning purpose of data processing, categories of personal data, addressees or categories of addressees to which the data was or will be disclosed, and the retention period, when possible;
- Right to obtain rectification and erasure of data;
- Right to obtain restriction of processing;
- Right to obtain data portability, i.e. to receive personal data from a data controller in a structured, commonly used format that can be read from an automatic device, and to transmit it to another data controller without impediments;
- Right to object to data processing at any time, and even in case of processing for direct marketing purposes;
- Right to object to automated individual decision-making, including profiling.
- Right to ask the data controller to access personal data and rectify and erase such data or to restrict processing of your own data or to object to its processing, as well as the right to data portability;
- Right to revoke consent at any time, without prejudice to the lawfulness of data processing based on consent granted before revocation;
- Right to lodge a complaint with a supervisory authority.
Please address any communication concerning the exercise of your rights under articles 15 and ff. of the GDPR, queries or information concerning processing of your personal data and implemented security measures as follows:
NEXTA società tra avvocati S.r.l.
VAT reg. no. 10503900960,
Via U. Visconti di Modrone 7, Milan
Email: privacy@nextapartners.it
Tel. 02/50041265
- POLICY AMENDMENTS
This policy is subject to amendments. We recommend to refer to the latest updated version at all times.
Latest policy update: 22/12/2020