1. Purpose and scope of application
This document represents the information pursuant to and for the purposes of art. 13, Reg. EU/679/16, as well as the Italian legislation in force, with which we share with interested parties the policies decided by the owner of the processing of your personal data following access to the site www.nethive.it or other sites owned by the same owner. (see par. 3.1)
2. Data Controller
The Data Controller is Nethive SPA, with registered office in Via Vincenzo Stefano Breda 26, 35010 – Limena (PD), Tel. 049 7442600, e-mail: firstname.lastname@example.org (hereinafter referred to as “Data Controller” or “Company“).
3. Data Processing
3.1 Purposes of Data Processing
Operation of the pages of the Websites owned by the Owner, and provision of related services (for example: responding to any requests for contact via the forms on the website), or activities deriving from the existing contract, and monitoring of the proper functioning of the institutional website www.nethive.it or the following other Websites (hereinafter “Sites”).
- Auralyze: https://auralyze.io
- HiveFlow: https://www.hiveflow.io
- SocialHive: https://www.socialhive.it
- HiveDns: https://www.hivedns.it
- Rights of the Owner: if necessary, to ascertain, exercise or defend the rights of the Owner in judicial and/or extrajudicial proceedings.
- Sending promotional material and commercial communications and carrying out market research by the Owner with automated methods of contact (such as SMS, e-mail) and traditional (such as telephone calls with operator), following the completion of the “Form” on the Websites, if authorized by you.
- Sending newsletters: if requested and authorized by You by registering for such service.
3.2 Legal Basis of Processing
3.2.1 Functioning of the pages of the Websites and provision of related services
This purpose of processing when applied and after authorization if necessary, is legitimized by the execution of pre-contractual measures or the contract of which You are a party (ex art. 6 paragraph 1, letter b) of the GDPR).
3.2.2 Generic marketing activities of the Owner
This processing purpose, when applied and subject to authorization is legitimized by the legitimate interest of the Controller (pursuant to Art. 6(1)(f) of the GDPR).
3.2.3 Sending newsletters
This processing purpose when applied and after authorization is legitimized by the execution of pre-contractual measures or the contract of which You are a party (pursuant to Art. 6 paragraph 1, letter b) of the GDPR).
3.2.4 Rights of the Owner
This processing purpose is legitimized by the legitimate interest of the Controller (pursuant to Article 6(1)(f) of the GDPR).
3.3 Personal Data Processed
3.3.1 Website navigation/operation data
The computer systems, telematics and software procedures used to operate the Websites acquire during their normal operation some data whose transmission is implicit in the use of web communication protocols. This category of data includes, for example, IP addresses, the date and time of access, the pages visited (URI/URL), the numerical code indicating the status of the response given by the server, the method used to submit the request to the server, the names of the devices used to connect to the site and other parameters relating to the user’s operating system and computer environment.
3.3.2 Data voluntarily provided
In some sections of the Owner Nethive SPA’s Websites, there are “Forms” to get in touch with the Owner, where some personal data are requested, such as: name, surname, e-mail, and there is also a “Your request” field where you can voluntarily provide other data and information. If previously authorized, we may use your contact data to send you newsletters, or marketing activities of our services.
3.3.3 Location Data
The Websites may collect, with your specific permission, location data (approximate) provided by Your IP address.
3.3.4 Content sharing data via Social Networks
Each of the Websites may include plugins and/or buttons in order to allow content sharing on Social Networks (e.g. Facebook, Twitter, LinkedIn, YouTube, Instagram) if used by You.
3.4 Personal Data Retention Period
3.4.1 Operation of the Websites’ pages
Personal data is kept for the time necessary to provide the services referred to in the digital channels.
3.4.2 Generic marketing activities of the Owner
Personal and contact data are kept until you opt-out, while data relating to the details of promotional and commercial activities carried out will be kept for 10 years from the collection of each data.
3.4.3 Sending newsletters
Personal and contact data are kept until you opt-out, while data relating to the details of the communications shared will be kept for 10 years from the collection of each data.
3.4.4 Rights of the owner
Your personal data are kept for the duration of the complaint and / or extrajudicial and / or judicial proceedings until the exhaustion of the terms of availability of judicial remedies and / or appeals.
3.5 Obligation to provide data and opposition to generic marketing of the Owner
Except for the purposes of marketing or sending newsletters, for which your consent is free, prior and explicit and revocable at any time, the provision of data for further purposes and for the operation of the pages of the websites is necessary. Failure to provide your data for the purposes for which it is necessary, will make it impossible for the Owner to allow optimal navigation and to use the features and services of the website offered by the Owner. The revocation of consent does not affect the lawfulness of processing based on the consent before revocation.
3.6 Recipients of the Data
The data may be processed by external parties operating as data controllers such as, by way of example, the Public Authorities that make an express request to the Data Controller for administrative or institutional purposes, in accordance with the provisions of current national and European legislation, as well as persons, companies, associations or professional firms that provide assistance and consultancy, which, as external parties, are designated as Data Processors pursuant to art. 28 of the GDPR. Your personal data may be processed, if you give your explicit consent, by third parties to whom the data are communicated for the purposes of points 3.2.2 and 3.2.3. Personal data will not be disclosed in any case.
3.7 Subjects authorized to process
Your data may be processed by the employees of the business functions of the Owner and/or the Data Processors assigned to the pursuit of the purposes indicated above, who have been expressly authorized to the processing and who have received adequate operating instructions.
3.8 Data Security
Your personal data will be processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected and in accordance with the principle of necessity and proportionality, avoiding the processing of personal data when the operations can be achieved through the use of anonymous data or by other means. We have adopted specific security measures to prevent the loss of personal data, illegal or incorrect use and unauthorized access, but please do not forget that it is essential, for the security of your data, that your device is equipped with tools such as antivirus constantly updated and that the provider who provides the Internet connection, ensures the safe transmission of data through firewalls, spam filters and similar measures.
3.9 Content Sharing via Social Networks
Our websites and services may contain links to other websites, applications and services operated by third parties (Facebook, Twitter, LinkedIn, Instagram). The information practices of other services or social media platforms that host our profiles or pages are governed by their privacy policies, which you should review to better understand their privacy practices.
3.10 Data Transfer to Non-EU Countries
Data may be transferred abroad to countries outside the European Union, and in particular to Switzerland and the United States. However, prior verification was carried out of the adoption of standard contractual clauses (Standard Contractual Clauses) adopted/approved by the European Commission pursuant to art. 46, par. 2, lett. c) and d) of the GDPR or the binding rules for the company pursuant to art. 47 of the GDPR or, in the absence thereof, under one of the derogatory measures pursuant to art. 49 of the GDPR.
3.11 Rights of the Data Subject – Complaint to the Supervisory Authority
By contacting the Data Controller by e-mail at email@example.com, you may request access to the data that concern you, their cancellation, the rectification of inaccurate data, the integration of incomplete data, the limitation of processing in the cases provided for by art. 18 GDPR. In addition, in the event that the processing is based on your consent or on the contract and is carried out with automated tools, you may request the portability of your data and to receive them in a structured, commonly used and machine-readable format, as well as, if technically feasible, to transmit them to another owner without hindrance. As a Data Subject, you have the right to revoke your consent at any time, as well as to object to the processing of your data, for reasons related to your particular situation, in cases of legitimate interest of the Controller. The Data Controller shall refrain from processing, except for legitimate reasons that override the interests, rights and freedoms of the data subject, or for ascertaining, exercising or defending a right in court. You have the right to lodge a complaint with the competent supervisory authority in the Member State in which you normally reside or work or in the State in which the alleged infringement occurred.
4. Changes and Updates
This Policy may be subject to changes and/or additions, including as a result of the applicability of the GDPR and future changes and/or updates to the law. The updated policy is constantly available on the Owner’s website.