(EU Regulation 2016/679, art. 13 – “General data protection regulation” – GDPR)
This page contains all information regarding the processing of the personal data of those visiting this website, in compliance with art. 13 of the General Data Protection Regulation – hereinafter GDPR.
1 – Data Controller
The Data Controller is Naval Interior S.r.l. registered office in C.da Fargione – (Zona Industriale Modica/Pozzallo) – 97015 Modica (RG) – VAT Number 01101400883 – Phone: +39 (0932) 777903 – Email: firstname.lastname@example.org
2 – Personal data processed by the Data Controller
The Data Controller collects and processes from its website all navigation data and other data given spontaneously by the user to offer a better service and a satisfying navigational experience.
The software we utilise and relevant IT systems collect all personal data required for the use of internet communication protocols and the normal and correct use of this website.
The aforementioned data is not collected to associate specific users to their data, but – due to their nature – they may allow us to identify the user if processed and crossed with other data held by third parties.
Examples of the data above are IP addresses, time of the request, the numeric response code of the server, the user’s operating system or their browser, as well as other parameters created by the IT systems that may be used.
Data voluntarily given by the user
This type of data are given voluntarily by the user, e.g. by filling in a contact form on the website, sending an email or calling one of the phone numbers to ask for information.
3 – Data processing: purpose and legal basis
The Controller shall take all measures required to avoid unauthorised access, dissemination, amendment or destruction of personal data. All collected data shall be processed using methods and procedures necessary to supply the services required or for further purposes for which we have been given a clear authorisation.
Your navigation data will be used only to achieve anonymous statistical information on how the website is used, to solve possible navigation mistakes, for IT security purposes and to verify the website works correctly. The data may also be used to establish responsibilities and track down the authors of illegal actions against this website. The legal basis for processing the data is the Controller’s legitimate interest and – in case of requests by the Authorities – legal requirements.
The personal data voluntarily supplied by the user will be used only to fulfil your requests or execute pre-contractual and/or contractual duties linked to your request. The legal basis for your personal data is the Controller’s duties linked to data processing and execution of the duties linked to pre-contractual and/or contractual requirements. Personal data collected in specific areas of the website for specific services different from those indicated in this document are subject to the user’s explicit authorisation for each privacy law clearly indicated from time to time.
4 – Data processing methods
Your data is collected only for specific, clear and legitimate purposes, mainly via IT systems and sometimes on paper. In order to process the data collected on the website, the Controller uses servers located in the European Union and IT systems located in the Controller’s headquarters. Your data will not be transferred abroad.
Specific technical and organisational methods are used to guarantee a suitable level of security for your data, prevent an illegal use of your data and not allow unauthorised dissemination, loss or access.
5 – Duration of data processing and storage
All data sent by the user shall be processed for the time necessary to execute the services required and shall be stored for a further 12 months in order to fulfil all administrative and legal duties.
6 – Failure to provide data
Data provision, but for navigational data necessary for IT and telecommunications protocols is free and not compulsory for users via any of the methods indicated on the website (contact form, email, phone numbers, etc.). Nonetheless, failure to authorise the processing of your data will not allow us to fulfil your present or future requests.
7 – Subjects authorised to access your data
The data you will supply will not be used by any subject not involved in the execution of your requests.
All collected data can be processed by the relevant company’s employees to fulfil your requests (i.e. administration staff, customer service, system administrators).
The data might be however communicated to third parties if the user has given his/her specific optional authorisation.
8 – Users rights
According to article 12 of the GDPR, the party concerned has the right to ask the data Controller to access, amend or erase their data, limit or not allow their processing as well as transfer them.
In particular, the user has the right to:
- know whether the Controller holds and/or processes their personal data and to access their data or even have a copy of them (Art. 15 – Right of access);
- rectify incorrect or incomplete personal data (Art. 16 – Right to rectification);
- erase the personal data held by the Controller for any of the reasons foreseen by the GDPR (Art. 17 – Right to erasure);
- ask the Controller to process only some personal data for any of the reasons foreseen by the Regulation (Art. 18 – Right to restriction of processing);
- request and receive all their personal data processed by the Controller in a structured format, commonly used and readable by any automatic device or request to send the data to another Controller without any impediment (Art. 20 – Right to data portability);
- refuse partially or completely to processing the data for sending advertising material or for market research purposes (so called consensus) (Art. 21 – Right to object);
- refuse partially or completely to the automatic or semi-automatic processing of the data for profiling purposes (so called Consensus).
- If the user feels the processing of their personal data made on this website violates the provisions of the GDPR, they have the right to lodge a complaint to the Authority, in compliance with art. 77 of the Regulation or to appeal to the appropriate judicial authorities (art. 79 of the Regulation).
The party concerned may assert their rights at any time without any formality by contacting the data Controller as indicated in point 1 of this document
9 – Cookie
10 – Updates
Last update: November 03, 2021