Privacy protection is paramount to Novomatic Italia S.p.a..
Specific privacy policies will be provided upon signing in to the Website (if necessary) or upon subscribing to the newsletter service (if available).
Novomatic Italia S.p.a., with registered office in Rome, Via Benedetto Croce n. 122-124, is the data controller.
2. IP ADDRESS
During their normal operation, the computer systems and software procedures used to operate this Website acquire some personal data whose communication is implicit in the use of Internet communication protocols. Such information is not collected to be associated with identified subjects, but by its very nature, it could allow to identify users, through processing operations and associations with data held by third parties. This category of data includes IP addresses or domain names of computers used by users connecting to the website, URI (Uniform Resource Identifier) of the requested resources, time of request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc…) and other parameters regarding the operating system and the user's computer system. The IP address is transmitted on every server request to let the server know where the response must be sent. The Internet Service Provider (ISP) gives the user an IP address as soon as he/she connects to the Internet, and the ISP can retrace which IP address was assigned to which of its customers at any given time. For as long as the IP address is saved, it is theoretically possible to identify the owner of the Internet connection through the ISP. For this reason, we and our statistics providers do not save the IP address permanently but only temporarily for session recognition and for security reasons (for example to ward off hacker attacks). Afterwards, the IP address is deleted, so that any collected data are made anonymous and it is no longer possible to identify the user, not even via the ISP.
Protecting the security and confidentiality of the user’s personal data is of paramount importance to our company.
Novomatic Italia S.p.a. carries out data processing operations in accordance with the provisions of GDPR, as well as in accordance with other area-specific regulations. Pursuant to article 5 of the GDPR, all employees shall process personal data lawfully, fairly and in a transparent manner in relation to the data subject, complying with confidentiality obligations.
4.1. Processing activities
According to the provisions of Article 30 of the GDPR, Novomatic Italia S.p.a. maintains a “record of processing activities”, which must document how data are used and processed by Novomatic Italia S.p.a.. Said record should always be kept up-to-date in accordance with the data protection provisions of Article 30 of the GDPR.
4.2. Special categories of personal data
Novomatic Italia S.p.a. does not process any special category of personal data on its website, as referred to in Article 9(1) of GDPR.
4.3. Guarantee of Data Protection
As a matter of principle, our company will not process the user’s personal data without his or her prior consent and, in any case, will only process them within the framework of the existing contractual relationship with him or her and for the agreed purpose.
If you contact us by using our contact details or through the contact forms available on our website, we will collect and store your data for the sole purpose of responding to your requests (art. 6, par. 1, let. b) of the Regulation). You can choose not to provide this information. However, your failure to provide such data may prevent us from fulfilling your requests.
MARKETING: by ticking the relevant box at the end of the contact form, the user may also consent (art. 130 of Legislative Decree 130/2003; art. 6, par. 1, let. a) of the Regulation) to his/her personal data being processed for marketing purposes (direct sale, direct marketing, market researches, business communications, customer satisfaction surveys), which may include being contacted by email, telephone, text message, WhatsApp and/or post with information, offers and promotions related to our products and services. Failure to consent to the processing of personal data for marketing purposes will in no way prevent the user from navigating the website or obtaining what he/she requests.
In any case, the user may withdraw his/her consent to the processing of personal data for marketing purposes at any time, even for some options only (for example, he/she may choose not to receive e-mails, and yet still receive text messages or other types of communications), by requesting such changes as explained in paragraph 5.10 below. With regard to communications of sales promotions via e-mail, the user may withdraw his/her consent to the processing of his/her e-mail address for marketing purposes also by clicking on the opt-out link in each promotional e-mail.
4.4. Transmission of personal data
Any transmission of personal data to third parties shall only take place with the user’s prior consent, unless otherwise required by law; for example, we may be asked to disclose personal data related to our users to public authorities, as provided for by law.
In particular, you may give your consent (optional) to having the personal data you entered in our contact forms on the Website disclosed to other companies of the Novomatic Group, who will process them for their own marketing purposes and may contact you by email, telephone, text message, WhatsApp and/or post with information, offers and promotions related to their products and services. Any failure to provide such consent will not prevent us from fulfilling your requests. You may withdraw your consent at any time, by contacting us as explained in paragraph 5.10.
Personal data may be accessed by our co-workers and employees in charge of operating and maintaining the website, and by other third parties, who, in their capacity as processors, provide us with computer and consulting services, on the understanding that said parties will have to provide sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the Regulation and ensure the protection of the rights of the data subject.
4.5. Data security
The technologies employed by Novomatic Italia S.p.a. to process the user’s personal data (hardware, software, network, infrastructure) comply with state-of-the-art security measures. Appropriate technical and organisational measures have been adopted so as to meet the requirements of the GDPR.
5. INFORMATION TO BE PROVIDED
In this section you can find our policy regarding the personal data processed within the website and the user’s rights and requests on data protection.
5.1. Categories of personal data
In the website, we will process only personal data that are voluntarily provided by filling in the “Information Request” and “Newsletter” forms.
Novomatic Italia S.p.a. shall process personal data exclusively for the purposes for which the data were voluntarily provided while exercising the right of informational self-determination.
The optional, explicit and voluntary providing of your personal data to the addresses, email addresses or fax numbers available on the website or when calling our telephone numbers entails the subsequent acquisition of such data, which are necessary to respond to your requests on the Website (art. 6, par. 1, let. b) of the Regulation).
You may choose not to provide such data. However, your failure to provide such data may prevent us from fulfilling your requests.
We shall keep the personal data you provided us with upon sending your request for a maximum of 12 months.
5.2. Right of access to personal data
According to the provisions of the GDPR, the data subject shall have the right to receive information, at any time, as to the data processed by Novomatic Italia S.p.a., their source, any recipients to whom the data may be disclosed, and the purposes of the processing. Such information will be given, following a written request from the user, by the relevant office of Novomatic Italia S.p.a., whose contact details may be found at point 5.10. Once all the legal requirements to process the request submitted by the user to access personal data are met, we will respond to the request and grant the user access to personal data within 1 month.
5.3. Right to erasure
According to the provisions of the GDPR, the data subject shall have the right, at any time, to obtain from the controller the erasure of personal data concerning him or her, provided that the request for erasure is not in conflict with any terms on storage imposed by law or with other legal obligations. Once all the requirements needed for the acceptance of the erasure request submitted by the user are met, we will respond to the request and erase the data within 1 month.
5.4. Right to object
According to the provisions of the GDPR, the data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) of the Regulation, including profiling based on those provisions. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
5.5. Right to restriction of processing
According to the provisions of the GDPR, the data subject shall have the right to obtain restriction of processing when certain conditions are met. Once all the legal requirements are met, we will restrict the processing of the user's personal data within 1 month.
5.6. Categories of recipients
Personal data shall not be transferred to recipients in third countries (outside Europe) or to international organisations.
There is no automated decision-making process.
5.7. Right to data portability
The right to data portability is not applicable.
5.8. Withdrawal of consent
According to the provisions of the GDPR, the data subject shall have the right to withdraw his or her consent to the processing of his/her personal data at any time, without giving a reason for doing so. In this case, we will stop processing and erase his/her personal data within 1 (one) month, without prejudice to any storage periods provided for by law.
5.9. Complaints to the competent Authority
According to the provisions of the GDPR and of the Italian law on privacy and personal data protection, the data subject has the right to lodge a complaint with the data protection authority (www.garanteprivacy.it) or any other competent Authority of the Member State of the European Union where he or she lives or works, if he or she considers that his or her rights under the GDPR or the Italian Law on privacy or personal data protection are being infringed.
5.10. More information
Your trust is essential to us. Should you have any further question on how Novomatic Italia S.p.a. processes your personal data and on the rights you have as data subject, please contact Novomatic Italia S.p.a. by writing to the registered office in Via Benedetto Croce n. 122-124 - 00142 Rome or by sending an email to email@example.com.
We have appointed a data processor, who can be contacted by writing to the registered office of Novomatic Italia S.p.a. in Via Benedetto Croce n. 122-124 - 00142 Rome or by sending an email to firstname.lastname@example.org or a certified mail to email@example.com