INFORMATION FOR CLIENTS

Dear Client,
You are part of our company’s assets and it is therefore in our interest to process your data in a transparent way, according to precision and good faith. The aim of this document is to explain how this is done.


The institution responsible for processing your data  is NIPI ITALIA SRL, with a registered office in Lungotevere De’ Cenci 9 00186, Rome and an operational headquarters in Via Padre Ugolino Frasca 14/16 66100 Chieti Scalo. To request more information regarding this processing and to exercise your rights as a client you may write an e-mail to privacy@thindown.it or, if you prefer a written letter, you may send it to theNIPI ITALIA SRL Privacy Office located at VIA PADRE UGOLINO FRASCA 14/16 66100 CHIETI SCALO.


Personal data collected. The data collected has been provided to us directly by you through any of the following methods: by entering it on our website, participating in organized events, or requesting information about us; our products or services (through e-mail, telephone, fax, etc.), asking to be contacted, or when you become a customer (at point of sale, after sales, etc.) Your data may also be acquired from public directories, from third-parties to whom you’ve authorized your information. In any case where data is rightfully collected it is of the owner’s interest or need to fulfill a legal obligation. For more information on the data that is collected through the company website and plug-ins of the various social networks, you can refer to the appropriate documents located at the following address www.thindown.it. The data collected is of a generic nature (name, surname, address, telephone and electronic addresses, etc.) and, in accordance with your consent, may also concern consumer habits, tastes and preferences, which are used for promotional, marketing and profiling purposes. In the case of large-scale clients, data collected may also consist of financial, market and solvency reliability.


How and why your data is processed. Your data is entrusted to people with proven ability and experience, who are instructed to guarantee only the processing of data necessary to achieve the purposes for which it was acquired and it is securely managed through computer systems and paper archives. This information will not be disclosed or transferred outside of the EU but may be transferred to third-parties, only with provided consent, in the event that it is required by law. Your data may be managed by parties outside of our organization but will remain under our control, to guarantee certain activity. Your data will be deleted upon termination of the relationship or if it is specifically requested by you, without prejudice to legal obligations. Your data is obtained and kept due to an ongoing pre-contractual agreement, a contractual relationship, or because you have given explicit consent to do so for promotional, marketing or profiling purposes.


Your rights. It is your right to know what data has been collected, how it is managed, to who it will eventually be sold, to have a digital copy, and to intervene on any requests to block, modify, update and cancel using the contact details indicated in the previous sections of this document. If you are a registered user and you want to cancel your profile, you must log-in with your credentials and select this option. If you have any problems concerning this cancellation you can write to the above mentioned addresses and we will assist you.


If you believe this information is not sufficient, we advise you to consult the policy statement located at the following address www.thindown.it. If the provided information does not satisfy your needs, you may contact us at the previously mentioned addresses for clarification. Even if you are satisfied with our answers, feel free to contact the Guarantor for the Protection of Personal Data through our website at www.garanteprivacy.it at any time.



COMPLETE PRIVACY STATEMENT FOR CLIENTS

Articles 13-14, European Regulation 679/2016 and, where applicable, Article. 13, Legislative Decree 196/2003

(this includes the processing of browsing data and cookies)


The company has its registered office in Lungotevere De ‘Cenci 9 00186, Rome, and its headquarters operating in Via Padre Ugolino Frasca 14/16 66100, Chieti Scalo (CH), holder of the services in accordance to the European Regulation 679/2016 and, as applicable, of the Legislative Decree no. 196/2003, (hereinafter for the sake of brevity, owner)


TO INFORM


the clients of whom personal data is acquired, surrendered by third-parties or conferred by the interested party through various collection channels (e.g. shops, websites, events, requests for information on products and services, etc.). The data collected will be processed in a lawful manner, in compliance with the principles established from community or Italian laws. Purpose and legal basis of the processing. The collection and any other processing of data acquired through the website are carried out by the owner at the company’s premises, in compliance with the security measures and requirements imposed by European Regulation 679/2016 and, where applicable, by Legislative Decree 196/2003, or by any subjects delegated by it (specifically selected and equipped with the necessary professionalism), with manual and computerized procedures, in order to implement specific customer requests, to ensure the correct management of customers during product marketing and sales, as well as after-sales assistance.


In order to meet consumer needs and guarantee customer satisfaction, the processing of data is also aimed at the compilation of statistics anonymously or held under a pseudonym. The Services, at the request of the interested party or after the acquisition of specific consent, may also be carried out through CRM and customer care, to understand the degree of satisfaction, tastes, preferences, and habits of the interested party, to send commercial information or advertising material, for direct marketing campaigns, to participate in games, competitions or premium transactions, for the involvement in events and demonstrations, for the distribution of services, market research and other transactions directly or indirectly attributable to marketing activity.


In the case of large-scale customers, having a current account with the company for mutual remittances, assignments related to orders, deferred payments, data acquisition may also concern statistical processing for the purpose of optimizing stocks or financial assessments including market and solvency reliability. Legal bases for processing is the legitimate interest of the owner to manage the users’ browsing data in order to improve the offer of products and services through the website, the consent given by the interested parties and the obligations related to the pre-contractual and contractual phases of the relationship. It is always possible to request clarification on the legal basis of any service connected to the law, provided from a contract or required to conclude a contract.


Nature of the conferment. The processing of personal data and telephone or electronic contact information is essential to meet an interested party’s’ request and to fulfill obligations deriving from a stipulated contract. The conferment is therefore mandatory. Without sufficient consent or if consent is revoked, it may not be possible to provide service. This is in respect to established agreements or obligations imposed by rules or regulations. Other forms of personal data are collected for the sole purpose of adapting promotional campaigns, offers, production and stocks, as well as general company activity to the interests of our customers. A conferment of this data is not mandatory. Any refusal or withdrawal of consent does not affect the establishment or continuation of the main relationship.


Data transferred by the interested party. Filling out forms on the website or in stores, in order to receive information about our products and services, involves the acquisition of data in the information system of the data controller. This information is protected by an authentication system and can only be accessed by individuals with the appropriate credentials. Communication via e-mail involves storing the e-mail address of the interested party as well as all data present in the message which is considered necessary in order to respond to the request or inquiry that has been made. The owner advises the interested party not to disclose any personal data or information in the contents of the e-mail unless absolutely necessary. Data pertaining to minors. Data pertaining to minors is treated exclusively with the consent of a parent or guardian, within limits imposed by the law.


Communication and dissemination. Data processed through the website is exclusively of a common nature and is not meant to be circulated. The owner of this website does not require and has no interest in detecting and processing classified data such as “particulars” (health, genetics, biometrics, etc.) or “penalties”, without prejudice to obligations of the law. This data may be transferred to third-parties for the fulfillment of obligations deriving from laws or regulations (institutions, law enforcement, judicial authorities, etc.) or for activities directly or indirectly related to the established relationship. By way of example and not thoroughly, the following are cited:


  1. Subjects who need to access user data for purposes related to their relationship with the owner (credit institutions, financial intermediaries, electronic monetary institutions and payment management, debt collection companies, any audit institutions of the customers or carriers, etc.)
  2. Consultants, collaborators and service companies within the limits necessary to carry out the tasks negotiated by the owner
  3. Subsidiary and/or affiliated companies that can access data, strictly within the limits necessary to carry out tasks entrusted by the owner


This data may be communicated to subjects within the European Union, or in countries that guarantee the same level of protection as European Regulation 679/2016 and Legislative Decree 196/2003 where applicable. An updated list of the statement’s data controllers can be found at the company’s headquarters or at www.thindown.it.


An interested party’s data may be communicated to subjects operating out of non-EU countries that have been explicitly permitted by the interested party. In such cases, any data processed within these various countries will be adapted in accordance to restrictive rules that ensure the highest level of protection. They may be transferred to third-parties, even for consideration, if the concerned person has expressed consent for reasons directly or indirectly related to the activity of the owner.


Length of data retention. Data processed by our data controller, without prejudice to legal obligations, shall be kept until specifically requested by the interested party. This data will be periodically and automatically verified in order to guarantee its current state and effective compliance to the services. If the reasons for which it was acquired is no longer valid the data will be deleted, unless it is required to protect user rights in court, for regulatory obligations, or it is explicitly requested by the interested party. At the end of the services and after the cancellation, the rights of the interested party can no longer be carried-out.


Rights of the Interested Party. Interested parties are granted the rights in accordance to Articles 15 to 22 of GDPR 679/2016 and, if applicable, those pursuant to Article 7 of Legislative Decree no. 196/2003. The interested party has the right to revoke consent to the processing of data at any time and request its correction, updates, transformation into an anonymous form, limit its usage, request for portability and eventual cancellation. These rights can be exercised within the limits to which these services are not mandatory due to legal provisions or regulations. Inquiries related to exercising the rights of an interested party can be sent to the following address: privacy@thindown.it . If the interested party is not satisfied with the response provided by the data controller or the data protection officer found at this address, he or she may lodge a complaint with the Personal Data Protection Authority based in Rome at Piazza di Monte Citorio n. 121, www.garanteprivacy.it. Citizens from another country within the European Union have the right to contact the appropriate authorities of their country or of the country where the alleged violation occurred.


INFORMATION FOR EMPLOYEES AND CANDIDATES


The controller of your data is NIPI ITALIA SRL, with a legally registered office in Lungotevere De ‘Cenci 9 00186 ROME and an operational headquarters in Via Padre Ugolino Frasca 14/16 66100 Chieti Scalo (CH) VAT registration number 13046951003. To ask for information in regards to the processing of your data and your individual rights, you may contact us via e-mail at privacy@thindown.it or, send a letter to the Privacy Office of NIPI ITALIA SRL at VIA PADRE UGOLINO FRASCA 14/16 66100 CHIETI SCALO (CH).


Personal data collected. The data processed has been provided to us at the beginning of a work or collaboration relationship, or because you have given us your CV in application for a job or position. The data collected is of a generic nature (including information such as name, surname, address, telephone number, electronic addresses etc.). Particular information (including physical fitness, notable illnesses, adhesion to political parties and/or unions, possible disabilities etc.) will be managed and kept until the relationship between the interested party and the company is terminated. For those who have only provided us with a CV, your information will be managed or kept for a period of 12 months. This information will then be deleted, without prejudice to obligation to the law.


How and why your data is processed. Your data (and only data crucial to the employment process) is entrusted to our Human Resources department and consultants who overlook and manage employee-employer relations. This data is managed by mainly using computer systems. Paper archives are also kept and managed. Both computer and paper archives are adequately protected. If you have applied for a position, your CV is kept for approximately 12 months and destroyed as it is assumed to be not up to date. If you wish to re-apply for a position after this 12 month period, you will be asked to provide us with a new CV. Your data will not be distributed or transferred to third-parties outside of the EU unless it is required by the law or authorities. It may be managed by subjects outside of our organization but will always remain in our control, to guarantee certain activity.


Your rights. It is your right to know what data has been collected, how it is managed, to whom it will eventually be transferred, to have a digital copy, and to intervene on any requests to block, modify, update or cancel using the contact details indicated in the previous sections of this document.


If you believe this information is not sufficient, we advise you to consult the full disclosure which can be found at the following address www.thindown.it. If the provided information does not satisfy your needs, you may contact us at the previously mentioned addresses for clarification. Even if you are satisfied with our answers, feel free to contact the Guarantor for the Protection of Personal Data through our website at www.garanteprivacy.it at any time.


COMPLETE PRIVACY STATEMENT FOR EMPLOYEES AND COLLABORATORS

(OR CANDIDATES FOR A POSITION)

Articles 13-14, European Regulation 679/2016 and, where applicable, Article. 13, Legislative Decree 196/2003 (this includes the processing of browsing data and cookies) The company has its registered office in Lungotevere De ‘Cenci 9 00186, Rome, and its headquarters operating in Via Padre Ugolino Frasca 14/16 66100, Chieti Scalo (CH), holder of the services in accordance to the European Regulation 679/2016 and, as applicable, of the Legislative Decree no. 196/2003, (hereinafter for the sake of brevity, owner)


TO INFORM


its employees, collaborators and potential candidates, whose personal data will be collected through various collection channels. All data collected will be handled in a lawful and just manner, in compliance with principles established by both community and Italian laws.


Purpose and legal basis of the processing. The collection and any other processing of data acquired through the website is carried out by the owner at the company’s premises, in compliance with security measures and requirements imposed by European Regulation 679/2016 and, where applicable, by Legislative Decree 196/2003, or by any subjects delegated by it (specifically selected and equipped with the necessary professionalism), with manual and computerized procedures, to allow correct execution of obligations pertaining to an employment or collaboration relationship. Particularly:


  1. to ensure a just classification of work, salary, taxes, compensation, participation within the company, and to guarantee worker safety
  2. to fulfill legal and contractual obligations, including those deriving from a possible national or decentralized collective contract
  3. to fulfill obligations relating to social security and social services, both mandatory and additional obligations
  4. to fulfill obligations involving State Administration and the Treasury
  5. to fulfill any other commitments involved with the execution of an employment contract


In order to support interpersonal relationships relating to work and the exchange and/or shared knowledge of information amongst colleagues while at the same time guarantee the security of all data processed with respect to the exclusion of individual identity, the company may use employee identification data, including personal photos for employee badges and for the company intranet. Conferment of such data is obligatory and regarded as crucial to employee-employer relations. The legal basis behind this processing of data, in the case of employees and collaborators is established with the existence of an appropriate contract. For potential employees and/or collaborators explicit consent must be expressed, either with the presentation of a CV or completing an application for employment followed by the owner’s legitimate interest in the selection of staff.


The source and nature of the data. Data pertaining to potential employees and/or collaborators, collected through information sent by the interested party directly to the company (including manual and/or electronic CV’s, application forms etc.) is managed by Human Resources personnel who are involved in the selection process of staff. This data is stored for a period of time that does not exceed 12 months, after which this data is deleted or destroyed appropriately as it is considered invalid and out-of-date. As part of the processing mentioned above, it is necessary (and therefore mandatory) to manage the generic data of the interested party and their family members, as well as management of particular data concerning them. This includes cases of disability or exemption, which is appropriate to recognize the state of one’s health, notable illnesses, involvement with specific associations, unions and political parties, religious beliefs, racial or ethnic origins etc. (the follwoing are protected categories according to Law 68/99; destinations of 8 per 1000, subscription to political parties and unions involving a payroll withdrawal, benefits of Law 104/92, etc.) For particular cases involving employees and/or collaborators (cashiers, custodians, overnight security, etc.) the company could request and manage criminal data.


Data pertaining to minors. Data pertaining to minors (for both employees and collaborators) is collected, only if parental or authoritative consent is provided. Such data is collected due to its significance to any employment or business relationship with the company. The purpose behind processing such data could also relate to occasional involvements with things such as internships or other educational programs.


Mandatory and optional elements of the conferment. The processing of the previously mentioned data is essential in order to establish and maintain a relationship between the company and the interested party and is explicitly required by law. Such relationships could not be possible without issued consent or, in any event, revocation. It is necessary to mention that failure to provide sufficient information, or dishonest communication of mandatory information, aside from it being a civil responsibility, could make it impossible to adequately process information and its corresponding results in correlation to the agreed upon contract and/or regulations. Other data, such as optional or discretionary data, may be required for activity that is not directly related to employee-employer relations (such as statistical studies, employment satisfaction surveys, suggestions to improve the workplace, etc.). The contribution of this data is not mandatory and any refusal to provide it does not effect the establishment or maintenance of the principle relationship.


Communication and dissemination. Mandatory data will be processed exclusively for the fulfillment connected to the employee-employer relations and communicated to third-parties only for the execution of activities directly and/or indirectly related to the establishment of the relationship. By way of example and not thoroughly, the following are cited:


  1. Subjects who need to access user data for purposes related to their relationship with the owner (Banks, Financial Institutions, Carriers, etc.);
  2. Consultants and collaborators, within the limits necessary to carry out the task conferred by the owner;
  3. Subsidiaries and/or affiliated companies that can access data, within the limits strictly necessary to carry out additional tasks;
  4. Other companies linked by contracts and commercial agreements with the owner who need to familiarize themselves with employee and collaborator data with whom they will have to operate (e.g. Drivers, deliveries, employees of the offices responsible for contractual relations, etc.)


Additional data may, within the limits of authorized consent, be communicated to subjects operating within the European Union, or in countries that guarantee the same level of protection as required by Legislative Decree no. 196/2003 or, more generally, by Directive CE/95/46.


This data may be communicated to subjects operating in non-EU countries if explicitly permitted by the person concerned.


The processing will be carried out even after the principle relationship has been terminated, respecting legal agreements set forth to regulate the conservation of this information and, where explicitly authorized, may allow for the establishment of future relationships and to guarantee historization of data, which is also in the interest of the employee.


Length of data retention. Data processed by our controller, without prejudice to legal obligations, are kept until the termination of the working or collaboration relationship (with exception to CV’s, which are regulated as previously mentioned) and is periodically verified, manually and automatically, in order to guarantee that the information is up-to-date and compliant to the reasons for which it is being processed. If the purposes for which it is to be processed are no longer valid, the data will be disposed of, unless it is to be processed to protect judiciary rights, regulatory obligations, or requested by the interested party. At the end of this processing and after the cancellation, the rights of the interested party can no longer be exercised.


Rights of the interested party. Interested parties are granted the rights in accordance to articles 15 to 22 of GDPR 679/2016 and, if applicable, those pursuant to Article 7 of Legislative Decree no. 196/2003. An interested party has the right to revoke consent to the processing of data at any time and request its correction, updates, transformation into an anonymous form, limit its usage, and request for portability and eventual cancellation. These rights can be exercised within the limits to which these services are not mandatory due to legal provisions or regulations. Inquiries related to exercising the rights of interested parties can be sent to the following address: privacy@thindown.it . If the interested party is not satisfied with the response provided by the data controller or the data protection officer found at this address, he or she may lodge a complaint with the Personal Data Protection Authority based in Rome at Piazza di Monte Citorio n. 121, www.garanteprivacy.it. Citizens of a different country within the European Union have the right to contact a supervisory authority within their country or that of the country where the alleged violation occurred.


INFORMATION FOR SUPPLIERS


The controller of your data is NIPI ITALIA SRL, with a registered office in Lungotevere De ‘Cenci 9 00186 ROME and an operational headquarters in Via Padre Ugolino Frasca 14/16 66100 Chieti Scalo (CH). To ask for information in regards to the treatment of your data and your consumer rights, you may contact us via e-mail at privacy@thindown.it or, send a letter to the Privacy Office of NIPI ITALIA SRL at VIA PADRE UGOLINO FRASCA 14.16 66100 CHIETI SCALO (CH).


Personal data collected. All data concerning you is part of a pre-contractual relationship or of a contract that has been drawn up and agreed upon. Normally, this data is usually transferred automatically but it may also be acquired by public lists or third-parties in periodic searches for new suppliers. To review the information collected through the company website and the plug-ins from the various social networks used, you can refer to the available document at www.thindown.it. The data collected is of a generic nature which includes information such as name, surname, address, telephone number, electronic addresses etc. This information may also be subjected to statistical processing for the purpose of optimizing stocks or to evaluate financial, marketplace or profit reliability.


Reasons we share personal data. Your data is entrusted to those with the ability and experience to handle such information and these professionals have been instructed to process only data required to achieve the purposes for which they were acquired. This data is securely managed through computer systems and paper archives that are adequately protected. This information will not be disclosed or transferred outside of the EU and will only be transferred to third-parties with your consent in the event that it has been requested by the law or authorities. It can be managed by parties outside of our organization but will always be in our control, to guarantee certain activity. Additional data may be acquired to verify your financial reliability, position on the market and commercial solvency. Data collected will be deleted following the termination of any relationship with our website or if specifically requested by the user, without prejudice to any obligation of the law. Selective data is obtained in accordance to any on-going pre-contractual negotiations and due to this contractual relationship we are authorized to use it.


Your rights. It is your right to know what data has been collected, how it is managed, to whom it will eventually be transferred, to have a digital copy, and to intervene on any requests to block, modify, update and cancel using the contact details indicated in the previous sections of this document. If you are a registered user and you want to cancel your profile, you must log-in with your credentials and select this option. If you have any problems concerning this cancellation you can write to the above mentioned addresses and we will assist you. If you believe this information is not sufficient, we advise you to consult the following policy policy at the following address www.thindown.it. If the provided information does not satisfy your needs, you may contact us at the previously mentioned addresses for clarification and even if you are satisfied with our answers you may contact the Guarantor for the Protection of Personal Data through the website at www.garanteprivacy.it.


COMPLETE PRIVACY STATEMENT FOR SUPPLIERS


Articles 13-14, European Regulation 679/2016 and, where applicable, Article. 13, Legislative Decree 196/2003 (this includes the processing of browsing data and cookies) The company has its registered office in Lungotevere De ‘Cenci 9 00186, Rome, and its headquarters operating in Via Padre Ugolino Frasca 14/16 66100, Chieti Scalo (CH), holder of the services in accordance to European Regulation 679/2016 and, as applicable, of Legislative Decree no. 196/2003, (hereinafter for the sake of brevity, owner)


TO INFORM:


the suppliers of any personal data that is acquired by the company, transferred by third-parties or provided by the interested party through various collection channels. This data will be processed in a lawful manner, respecting the principles set forth by community and Italian laws.


Purpose and legal basis of the processing. The collection and any other processing of data acquired through the website are carried out by the owner at the company’s premises, in compliance with the security measures and requirements imposed by European Regulation 679/2016 and, where applicable, by Legislative Decree 196/2003, or by any subjects delegated by it (specifically selected and equipped with the necessary professionalism), with manual and computerized procedures, to in order to acquire information on potential new suppliers or to implement a contract between the parties. The owner’s true interest is to analyze supplier data in order to optimize production and management of stock, to verify financial reliability, market and commercial solvency. This data may also be managed anonymously or pseudonymized for statistical reasons. At the request of the interested party, this processing can also be used to send information concerning commercial activity aimed at the acquisition of new products and supplies, to participate in events and demonstrations, or for market research of any sort related to the activity of the owner. The legal basis behind this processing is of a legitimate interest to the owner for managing supplier data and to protect these interests the collection of this data is performed with given consent by the interested party and formalities related to contractual agreements. If desired, it is always possible to request clarification on the legal basis of any service.


Nature of the conferment. The processing of personal data and telephone or electronic contact information is essential to meet an interested party’s’ request and to fulfill obligations deriving from a stipulated contract. A conferment is therefore obligatory. Without sufficient consent or if consent is revoked, it may not be possible to provide service. This is in respect to agreements entered or obligations set forth by rules or regulations. Data related to commercial, financial, and credit-worthiness is also required. Other forms of personal data may be collected for the sole purpose of allowing initial participation and for events and demonstrations. Therefore the conferment of this data is not mandatory. Any refusal or withdrawal of consent does not affect the establishment or continuation of the main relationship.


Data transferred by the interested party. The compilation of forms on the website or in stores, in order to present itself as supplier information, involves the acquisition of data in the information system of the data controller. This information is protected by an authentication system and can only be accessed by individuals with the appropriate credentials. Communication via e-mail involves storing the e-mail address of the interested party as well as the data present in the message which is necessary to respond to the request or inquiry that has been made. The owner recommends that the interested party does not disclose any personal data or information in the contents of an e-mail unless absolutely necessary. Data pertaining to minors. Any data pertaining to minors is not processed in the relationship between the owner and the suppliers.


Communication and dissemination. Data processed through the website is exclusively of a common nature and is not meant to be circulated. The owner of this website does not require and has no interest in detecting and processing classified data from regulations such as “particulars” (health, genetics, biometrics, etc.) or “penalties”, without prejudice to obligations of the law.


This data may be transferred to third-parties for the fulfillment of obligations deriving from laws or regulations (institutions, law enforcement, judicial authorities, etc.) or for activities directly or indirectly related to the established relationship. By way of example and not thoroughly, the following are cited:


  1. Subjects who need to access user data for purposes related to their relationship with the owner (credit institutions, financial intermediaries, electronic monetary institutions and payment management, debt collection companies, any audit institutions of the customers or carriers, etc.)
  2. Consultants, collaborators and service companies within the limits necessary to carry out tasks negotiated by the owner
  3. Subsidiary and/or affiliated companies that can access data, strictly within the limits necessary to carry out tasks entrusted by the owner


This data may be communicated to subjects within the European Union, or in countries that guarantee the same level of protection as European Regulation 679/2016 and Legislative Decree 196/2003 where applicable. An updated list of the statement data controllers can be found at the company’s headquarters or at www.thindown.it.


The interested party’s data may be communicated to subjects operating out of non-EU countries thathave been explicitly permitted by the interested party. In each case, any data processed within these various countries will be adapted in accordance to restrictive rules that ensure the highest level of protection. They may be transferred to third-parties, even for consideration, if the concerned person has expressed consent for reasons directly or indirectly related to the activity of the owner.


Length of data retention. Data processed by our data controller, without prejudice to legal obligations, shall be kept until specifically requested by the interested party. This data will be periodically and automatically verified in order to guarantee its current state and effective compliance to the services. If the reasons for which it was acquired are no longer valid the data will be deleted, unless it is required to protect user rights in court, for regulatory obligations, or itis explicitly requested by the interested party. At the end of the services and after cancellation, rights pertaining the interested party can no longer be exercised.


Rights of the interested party. Interested parties are granted rights in accordance to Articles 15 to 22 of GDPR 679/2016 and, if applicable, those pursuant to Article 7 of Legislative Decree no. 196/2003. The interested party has the right to revoke consent permitting the processing of data at any time and request its correction, updates, transformation into an anonymous form, limit its usage, request for portability and eventual cancellation. These rights can be exercised within the established limits to which the concerned services are not considered mandatory in accordance to legal provisions or regulations. Inquiries related to exercising the rights of an interested party can be sent to the following address: privacy@thindown.it. If the interested party is not satisfied with the response provided by the data controller or the data protection officer found at this address, he or she may lodge a complaint with the Personal Data Protection Authority based in Rome at Piazza di Monte Citorio n. 121, www.garanteprivacy.it. Citizens from another country within the European Union have the right to contact the appropriate authorities of their country or of the country where the alleged violation occurred.


INFORMATION FOR THE USERS OF THIS WEBSITE


INFORMATION FOR THE USERS OF THIS WEBSITE This is the webpage for NIPI ITALIA SRL, with a legally registered office located in Lungotevere De’ Cenci 9 00186, Rome, and a headquarters operating in Via Padre Ugolino Frasca 14/16 66100 Chieti Scalo (CH) who is responsible for the processing of data concerning you. For information about this processing of information and to exercise your rights, you may write an e-mail to privacy@thindown.it or if you prefer to contact us in written form, you may address your letter to the private office of NIPI ITALIA SRL located at VIA PADRE UGOLINO FRASCA 14/16 66100 CHIETI SCALO (CH).


Personal Data Collected. When you connect to a website certain data such as your IP address and characteristics associated to your internet browser are inevitably acquired. In addition, websites today are dynamic allowing you to interact via question and answer forums, connect to social networks, and they may track your behaviour and personal interests. All of the above mentioned may be acquired to improve your navigation experience and facilitate the search of products and services. Finally, our website uses a technical element called cookies to assist and improve your browsing experience. If you are a registered user and you have already consented to the processing, such data may be registered, associated to your profile and kept as long as you maintain a relationship with us. Upon the termination of this relationship your data will be deleted, without prejudice to legal obligations.


Reasons we share personal data. When you visit our website, it is as if you are looking in a showcase window- we are able to see what you are doing from the inside. We are interested in what you are looking at and retain this information to improve our offers for products and services via the web. If you are not a registered user, your data will remain anonymous but we are still able to trace your information indirectly. Other forms of data will only be collected explicitly upon given consent. Your information will always be processed by competent professionals who will ensure that the processing of your data is limited to only what is necessary and will be securely managed through computer systems and protected paper archives. Your data will not be disclosed, transferred outside of the EU or passed on to a third party unless it is legally requested by the law or authorities. Your data may be managed by parties outside of our organization but will remain in our control, to guarantee certain activity.


Your rights. It is your right to know what data has been collected, how it is managed, to whom it will eventually be communicated, to obtain a digital copy, and to intervene on any requests to block, modify, update and/or cancel the acquired contact details indicated in the previous sections of this document. If you are a registered user and you want to cancel your profile, you must log-in with your credentials and select this option. If you have any problems concerning this cancellation you can write to the above-mentioned addresses and we will assist you.


If you believe this information is not sufficient, we advise you to consult the provided policy statement. If this information does not satisfy your needs, you may contact us at the above-mentioned addresses for clarification. If you still have doubts, you may contact the Guarantor for the Protection of Personal Data through the website at www.garanteprivacy.it.


COMPLETE PRIVACY STATEMENT FOR THE USERS OF THIS WEBSITE


Articles 13-14, European Regulation 679/2016, as applicable, Article 13, Legislative Decree no. 196/2003 (includes the process of navigation data and cookies) The company has its registered office in Lungotevere De ‘Cenci 9 00186, Rome, and its headquarters operating in Via Padre Ugolino Frasca 14/16 66100, Chieti Scalo (CH), holder of the processing in accordance to the European Regulation 679/2016 and, as applicable, of the Legislative Decree no. 196/2003, (hereinafter for the sake of brevity, owner)


TO INFORM:


the registered and unregistered users who connect to the website www.thindown.it, that all personal data collected by the company, acquired from third parties or through interested parties via the features of this website (working with us, newsletters, competitions and events etc.) will be processed in a lawful and correct manner, respecting the principles established by community and Italian laws.


Data processed. Navigation data: IP address, operating system and browser used for navigation, date and time of visit, pages visited, activities carried-out, location (if the related service is active) and anything else that is made available by your computer, based on security settings.


Personal Data: name, surname, e-mail address, telephone or radiotelephone, fax, physical address, and where available, data on your CV if forwarded to us through the “work with us” section.


Purpose and legal basis of the processing. The collection and any other processing of data acquired through the website is carried out by the owner at the company’s premises, in compliance with the security measures and requirements imposed by European Regulation 679/2016 and, where applicable, by Legislative Decree 196/2003, or by any subjects delegated by it (specifically selected and equipped with the necessary professionalism), with manual and computerized procedures, to provide; the user with a simple and rewarding navigation experience, to collect useful elements in order to improve the products and services offered through the website, to execute specific requests of the interested party, for the pre-contractual and contractual obligations for ordinary administrative, financial and other accounting related tasks, to ensure the proper management of customers during the marketing and sale of products, for after-sales assistance, and for the fulfillment of legal obligations. The services are also aimed at the compilation of statistics anonymously or held under a pseudonym.


The Services, at the request of the interested party or after the acquisition of specific consent, may also be carried out through CRM and customer care, to understand the degree of satisfaction, taste, preferences, and habits of the interested party, for sending commercial information or advertising material, for direct marketing campaigns, for participation in games, competitions or premium transactions, for the involvement in events and demonstrations, for the distribution of services, market research and other transactions directly or indirectly attributable to marketing activity.


The Legal basis under which your data is processed is of a legitimate interest with the owner’s intention to manage the users’ browsing data in order to improve the offer of products and services through the website. Consent is given by the interested parties and any related obligations are established in pre-contractual and contractual phase of the relationship. It is always possible to request clarification on the legal basis of any service connected to the law, provided from a contract or required to conclude a contract.


The source and nature of the data. Data collection may be done through the company’s website, by analyzing navigation activity or completion of fields requesting information. In regards to the registered user, the data controller processes personal data, contact details, telephone and telecommunication data, as well as any banking information used for payments, and other necessary data retrieved in order to meet the requests of the interested party. The data conferral is therefore mandatory, without an agreement or refusal it is not possible to initiate a statement. It is necessary to highlight that any incorrect or insufficient information provided upon request may result in total or partial impossibility to execute the request of the interested party or fulfill any obligations in relation to the commitments undertaken, resulting in possible a non-correspondence to the agreements made or obligations imposed by rules and regulations relating to the processing of data. Other data, however, is collected for the sole purpose of updating promotional campaigns, offers and, in general, business activity, in accordance to the interest of the customer and other subjects involved. Their contribution, however, is not mandatory and any refusal to process or revoke consent does not hinder the establishment or the continuation of the principal relationship.


Data Pertaining to Minors. Children under the age of 16 cannot provide data without the consent of a parent or guardian. The owner will not be responsible for any false statements provided by minors and if the consent is proven false all personal data and information acquired will be immediately disposed of. In any event, consent of a minor to the processing of data is authorized to access information from the information society for children aged 16 or older. Children under the age of 18 can still approve and sign terms of condition and services.


Navigation Data. The IT system and software used for the corporate web portal acquire, during its normal function, some personal data that is included in the use of our products offered via the internet. This information is not stored to identify the subjects’ data but, due to its nature, can, through processing and association with other data managed by third party sources, allow the identification of the user. This category of data includes the IP addresses and domain names of the computer used by the user in order to connect to the site, the URLs (Uniform Resource Locator) of the requested resource, the time of the request, the method used to send the request to the server, the size of the file received, the numerical code used to indicate the status of the response given by the server (performed or error, etc.) and other parameters related to the operating system and the user’s computer. This data is only obtained to create anonymous statistics during the use of the site and to ensure proper operation of the site. Usually, this data is deleted immediately after processing. It can be used and provided to law enforcement agencies and judiciaries to determine responsibility in case of any damage to the site or offenses perpetrated through the network.


Data provided by the user. The compilation of forms that may be present on the site involves the acquisition of data in the system’s memory. This information is protected by an authentication system and are only used by those in possession of the proper credentials. They are also updated and protected appropriately, using the best available methods. Requests for information via e-mail involve storing the user’s e-mail address, which is required in order to respond to the sender’s inquiry. This includes any data stored in the message. The owner suggests that during requests for information or services, customers do not provide personal data or information from third party sources, unless absolutely necessary. Cookies. As with most websites, information regarding navigation is kept for statistical purposes. The collection of this information is due to cookies. A cookie is a small file which is placed onto your computer’s hard drive when it connects to a website. This data is not of a personal nature as it does not allow specific identification of the user. The data collected concerns the geographical location of the service provider, they type of browser used, the user’s IP address, pages visited etc. The information detected allows visibility to the frequency of visitation to a site and the activities carried out while browsing. This way, over time, it is possible to improve the contents of the site and the simplicity of its navigation. Even companiesthat provide content to our site or whose sites are accessible via links, can use cookies when the user selects a provided link. In these cases, the use of cookies is not directly controlled by the owner. Most browsers automatically accept the use of cookies, but you can reject them by adjusting your browser settings. However, if the user inhibits the presence of cookies, some components of the site may not work and some pages may appear incomplete.


Essential technical cookies. These cookies are necessary to ensure correct and smooth operation of the site. They permit; browsing pages, sharing content, storing credentials accessed to allow fast entry to the site and keep preferences and credentials active while browsing to improve the user’s browsing experience or purchasing. Without these cookies, it is not possible to provide, in whole or in part, the services for which users need to access the site.


Statistical cookies. These cookies provide an understanding of how users use the site and allow evaluation to then improve the functioning of the site and create content that may be more appropriate for our users’ preferences. For example, these cookies provide statistics on which pages are most frequently visited, how many users are visiting the site, how much time they spend on a page on average, and how visitors have arrived to the site. With this, it is possible to determine the site’s optimal functions, content which is most preferred by the users and how these elements can improve it’s overall functionality. All of the information collected by these cookies is anonymous and is not linked to the user’s personal data. Third-party profiling cookies. These cookies are used by a third-party and are not directly controlled by the owner. The company cannot provide any guarantees with respect to the usage of this data because the processing is directly operated by an external agent. Cookies from these third-party operators allow us to offer advanced features as well as more information and personalized features. This includes the ability to share content through social networks and create a personalized experience on our site based on preferences that have been expressed through pages visited. If you have an account or if you use the services provided by these third-party controllers, they may be able to identify if the user has visited the company’s website. The use of data collected by these external operators through cookies is subject to the same privacy policies. Third-party profiling cookies are identified by the names of the respective operators and may be deactivated.


Management of cookies. By selecting the “OK” button displayed on the screen prompt, you are authorizing the installation of cookies onto the device being used. You can change this permission by adjusting your browser settings. This will also prevent the installation of third-party cookies and remove previously installed cookies, including those containing cookie preferences. To adjust or change your browser settings you will need to consult the software or application manufacture’s guide. Disabling cookies may result in partial or full malfunctioning of the website.


Third-party sites. This site may periodically contain links to third-party sites or applications (Google Adwords, Analytics, YouTube, Vimeo, etc.) to provide additional information and services to the user. When the user uses these links, he or she leaves the company’s site and accesses other resources that are not under the direct control of the owner. The owner, therefore, is not be responsible for any procedures related to the navigation, security and safety aspects of processing personal data by other sites, even in the presence of co-branding or exposure of the company logo. We recommend a careful read of the security and confidentiality procedures pertaining to the visited site, which could transmit more cookies or read those that already exist on the hard drive containing the users requests or additional personal information acquired.


Newsletter management services. The newsletter is managed by software that uses a database of e-mail addresses to send communication to registered users (through the appropriate section of the site) and which provides a cancellation procedure that the party can independently select, prompted by every communication notice sent via this website.


Interaction with social networks and external platforms. The site, through widgets and buttons, can interact with external platforms and social networks. In this case, information acquired depends on the user settings for these platforms controlled by the user and not the administrator of this site. Buttons such as “Like” on Facebook, “Tweet” on Twitter and “Recommend” on LinkedIn allow you to share pages or topics of the website with the respective social platforms and they acquire the data of the interested party. More information can be acquired on company sites that offer this type of service. This data is not managed by the holder of our website. These widgets and buttons are available only to offer additional services to the person but the site has no control over them.


Communication and dissemination. Data that is processed through the website is exclusively of a common nature and is not meant to be circulated. The owner of this website does not require and has no interest in detecting and processing classified data from regulations such as “particulars” (health, genetics, biometrics, etc.) or “penalties”, without prejudice to obligations of the law.


This data must be transferred to third-parties for the fulfillment of obligations deriving from laws or regulations (institutions, law enforcement, judicial authorities, etc.) or for activities directly or indirectly related to the established relationship. By way of example and not thoroughly, the following are cited:


  1. Subjects who need to access user data for purposes related to their relationship with the owner (credit institutions, financial intermediaries, electronic monetary institutions and payment management, debt collection companies, any audit institutions of the customers or carriers, etc.)
  2. Consultants, collaborators and service companies within the limits necessary to carry out the tasks negotiated by the owner
  3. Subsidiary and/or affiliated companies that can access data, strictly within the limits necessary to carry out tasks entrusted by the owner


This data may be communicated to subjects within the European Union, or in countries that guarantee the same level of protection as European Regulation 679/2016 and Legislative Decree 196/2003 where applicable. An updated list of the statement data controllers can be found at the company’s headquarters.


The interested party’s data may be communicated to subjects operating out of non-EU countries that have been explicitly permitted by the interested party. In any event, data processed within these various countries will be adapted in accordance to restrictive rules that ensure the highest level of protection. They may be transferred to third-parties, even for consideration, if the concerned person has expressed consent for reasons directly or indirectly related to the activity of the owner.


Length of data retention. Data processed by our data controller, without prejudice to legal obligations, shall be kept until specifically requested by the interested party. This data will be periodically and automatically verified in order to guarantee its current state and effective compliance to the services. If the reason for which it was acquired is no longer valid the data will be deleted, unless it is required to protect user rights in court, for regulatory obligations, or it is explicitly requested by the interested party. At the end of the services and after the cancellation, the rights of the interested party can no longer be carried-out.


Rights of the Interested Party. The interested parties are granted rights in accordance to Articles 15 to 22 of GDPR 679/2016 and, if applicable, those pursuant to Article 7 of Legislative Decree no. 196/2003. The interested party has the right to revoke consent to the processing of data at any time and request its correction, updates, transformation into an anonymous form, limit its usage, request for portability and eventual cancellation. These rights can be exercised within the limits to which these services are not mandatory due to legal provisions or regulations. Inquiries related to exercising the rights of interested parties can be sent to the following address: privacy@thindown.it. If the interested party is not satisfied with the response provided by the data controller or the data protection officer found at this address, he or she may lodge a complaint with the Personal Data Protection Authority based in Rome at Piazza di Monte Citorio n. 121, www.garanteprivacy.it.