European legislation on the protection of personal data

GDPR – General Data Protection Regulation, EU Reg. 2016/679

The privacy policy of NSI SRL concerns the collection, use, and safeguarding of personal information that may be acquired during each approach of your customers to our services: when you visit our website, you buy our products or call our sales and service offices.

The processing of your personal data (when requested) is carried out by NSI SRL on the basis of EU REGULATION 2016/679 GDPR.

Your privacy is a priority for us who constantly strive to protect it, in line with the values ​​we pursue. We collect your personal information because it helps us to offer you a higher level of performance: they allow us to provide you with practical access to our products and services, to focus on the categories that interest you most and finally to keep you updated on our latest products, special offers, and events of possible utility.

In accordance with the commitment and care that NSI SRL dedicates to the protection of personal data, we inform you about the methods, purposes, and scope of communication and dissemination of your personal data and your rights, in accordance with Art. 13 of the GDPR.

1. Data controller and methods of treatment.

The Data Controller is NSI SRL with registered office at Via Vittorio Emanuele II, 1, 25122 Brescia, Italy to which the interested party may, at any time, contact for the exercise of the rights referred to in EU Regulation 2016/679 (so-called GDPR).

Personal data will be processed with automatic and/or manual procedures for the purposes specified above which, as mentioned, can be exclusive of a commercial, fiscal, administrative and information nature, in line with contractual requirements, with the fulfillment of all obligations. legal that derive from it and with the will to arrive at more effective management of commercial relations. In order to improve our service to you, the information you provide us will, therefore, be used to communicate news, offers, and promotions of your interest, unless you express your will to oppose this treatment.

2. Purpose and legal basis of the processing

NSI SRL processes the personal data of natural persons, legal persons, individual companies and / or freelancers (« Interested ») for the following purposes:

for the management, provision of the various services and for the relative assistance;
for the processing of statistical and market analyses;
for sending communications relating to services and initiatives proposed by the site operator;
for sending information relating to business-to-business and business-to-consumer services and any promotions and / or services presented on the site.

3. Persons authorized to process

The data are processed not only by NSI SRL and by all its collaborators, but also by external companies and partners committed to providing and guaranteeing the continuity of services and managing information systems. The subjects may also be partner companies or companies attributable to the group, as well as management companies of the marketing platforms and systems connected to the management of the information acquired. All those who can get in touch for shipping, accounting, financial, administrative and legal activities are authorized subjects.

4. Non-personal and aggregate technical navigation data collected

The computer systems for the use of this website acquire some data that cannot be properly defined as personal, whose transmission is however implicit in the use of internet communication protocols. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. Among these data, IP addresses are the only data which, although not associated with directly identified interested parties, can by its very nature, through processing and association with data held by third parties, allow users to be identified. Where possible our company, as required by law, has prepared anonymization and masking in the collection of the IP address as specified below. However, the data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site, except for this possibility, at present the data of the web IP do not persist for more than 3 months.

5. Consent and type of data processed voluntarily provided by the user

The consent to the processing of data is freely and voluntarily provided by the user through the web forms through specific approval for the various purposes and recorded for verification by the authorities or for a request by the interested party. The interested party has the right to withdraw his consent at any time. Consent can also be requested in writing if particular actions require it, otherwise what is expressed in the IT methods described above applies. The data are those provided, also collected as an addition to previously collected data in order to keep them up to date.

6. Cookies and profiling and tracking data

For the extended information on the use of technical and profiling/tracking cookies for marketing purposes, please refer to the extended privacy at the following link https://www.nsimplant.it/privacy-policy/

7. Purpose of data processing

The data is collected for the purposes of providing the services, for the processing of requests received, for marketing communications or for any analyzes and for the transfer to authorized third parties. All the authorizations requested are diversified by type of purpose in the various collection modules, with a clear indication of the data processed and their purposes. Each type of data processing collected requires specific authorization based on the purpose expressed above. The authorization requests differ, in the collection phase, according to the different purposes of data processing as specified below:

A. Processing of mandatory data for the provision of the service. [obligatory]

This is a mandatory consent to allow us to provide the requested services. By processing, we can also mean the transfer of data to third-party companies for purposes of managing information and providing services in order to guarantee greater security and control over the data and activities covered by the services provided. It also includes communications about the various needs related to the provision of services such as sending deadlines, payments, invoices, technical and service communications, notices and information on the status of systems, sending service notes, data recovery in case of accidental loss, backup. The withdrawal of the authorization, although possible, prevents the possibility of further providing the service. The data can also be transferred to third parties residing outside the European Union in the condition provided for in article no. 27 paragraph 2 paragraph (a), in which the establishment of a DPO (Data Protection Officer) or representative of the treatment is not envisaged.

B. Treatment for marketing purposes. [optional]

It concerns an optional consent on marketing purposes related to products and/or services purchased or of interest. It provides for the authorization to send emails, SMS, and communications also via other IT and paper means of advertising. The data will be processed internally for communications by NSI SRL about the activities expressed above. The data could be transferred and/or provided to third-party companies or external interested parties both for the management of the communications themselves and for related marketing, investigation and/or survey activities, and for further purposes. Processing by third-party companies may concern activities aimed at helping the management of improvement analyzes on performances and conversions. At any time it is possible to withdraw or rectify the consent.

8. Methods and duration of data processing

The data are collected in full compliance with current legislation. In particular, the collection phase of the same takes place through encryption with SSL security certificate. The data are stored on cloud storage with backup and redundancy and kept for the period necessary for the provision of the related services and activities. The disks on which the data is stored are encrypted. The data processed may be periodically checked for correctness. In these cases, the interested party will receive communication of adjustment of his data present in our archives. Physical access to servers is protected with anti-intrusion systems and access control to data rooms. The data are also geographically replicated for greater protection from accidental cancellation due to natural disasters or physical thefts of the same. There is a register of the logs of the data and consents provided and of the authorizations granted during the insertion and management of data and information related to these authorizations. The aim is to quickly identify the activities related to the data management of the individual users concerned. The data is stored securely and any unauthorized access is limited to a minimum with the implementation of all the security activities required by the technology. In any case of access, the data subjects will be promptly informed and the data, in the case of accidental cancellations, immediately restored.

9. Rights of the interested party regarding the processing of data

The interested party can at any time request the correction, integration or total cancellation of the data. These requests can be made directly to the contact details on the website www.nsimplant.it. The interested party may also request the revocation of authorizations for the processing for different purposes. If the revocation concerns the mandatory purpose of data processing for the provision of services, the same can no longer be provided and can be suspended without refunds. It is possible to request, always in accordance with the provisions of the legislation, a copy of the data processed and the purposes of the processing. You can start a complaint at [email protected] or directly to the Guarantor of Personal Data or one of the supervisory authorities in the event of defaults that go against what is provided for by the GDPR legislation.

All data entered on the site through the forms, managed and processed for the purposes required for quotes, assistance, newsletters and in general contact, also sent by email on or domains of our company or attributable to it, or through third party systems and in any case sent to us, are processed in compliance with the legislation of the Privacy Guarantor of the EU regulation 2016/679 GDPR for the processing of personal data.