Not a Chimera Srl, in accordance with the requirements of the EU Regulation No. 2016/679 – GDPR, has adopted its own Privacy Organizational Model that continues to focus on the security of personal data and respect for the right to Privacy.
Our goal is to provide all the information necessary to make navigation within the site transparent and secure. It is important, therefore, to read the contents of this document carefully and in case you do not share we recommend that you do not continue browsing.
Products sold by Not a Chimera Srl can be purchased only by the registered user.
The user, when registering and during the purchase of services, agrees to communicate his personal data correctly and up to date.
In case the User purchases the services on behalf of third parties, he/she stands as an autonomous owner of the personal data of third parties. In this case, the User assumes all legal obligations and responsibilities.
Therefore, the User undertakes to provide Not a Chimera Srl with ample indemnity with respect to any dispute, claim, request for compensation for damages from processing that may be received by Not a Chimera Srl from the subjects whose personal data are referred to.
Personal data collected through the website reachable at https://www.brunopignattelli.com/ are processed as data controller by:
Name: Not a Chimera Srl
Registered office: Via Monte Bianco 36 Milan
Email: [email protected]
PEC: [email protected]
PURPOSE OF PROCESSING
Personal data collected on the website are processed by nsai srl for the following purposes:
- managing the registration procedure and access to the reserved area;
- operational, technical and administrative management of the services purchased by the User;
- respond to requests for assistance or information, sent through the established communication channels fulfill legal, accounting and tax obligations;
- carry out direct marketing via e-mail for products similar to those purchased;
- security and prevention of fraudulent conduct.
In compliance with the provisions of Article 6 of the GDPR nsai srl carries out processing on the basis of:
- consent to the processing;
- execution of a contract;
- fulfillment of a legal obligation;
- pursuit of the legitimate interest of the data controller.
DURATION OF PROCESSING
Personal data are retained for the duration of the contractual relationship and, in the case of revocation and/or other termination of the aforementioned relationship, for the terms established by law for the fulfillment of, for example, civil and tax obligations. For marketing purposes, data will be retained until consent is revoked or for the period established by legislation or Measures issued by the Control Authority.
With reference to investigation and repression of crimes, personal data related to traffic are kept by Not a Chimera Srl for six years after their generation. Data are also processed for ordinary business processing related to the provision of the service (e.g.: for documentation purposes in case of invoice dispute or payment claim, for fraud detection, to perform analysis on behalf of customers), by virtue of the provisions of the regulations. In this case, data are stored with stringent security measures applied in accordance with the law and subsequently deleted.
TRANSFERS OF PERSONAL DATA
As part of the sale of the product Not a Chimera Srl – may transfer the personal data of applicants for registration to accredited Partner entities. In these cases, given that the transfer of data is necessary to complete the sale of the product, the transfer of data may also take place outside the European Economic Area.
COMMUNICATION AND DISSEMINATION OF DATA
Your Personal Data may be shared for the purposes specified above with: professional firms that provide assistance and advice in accounting, administrative, legal, tax, financial matters and subjects with whom it is necessary to interact for the provision of Services:
Subjects that provide the service of payment by credit card, (Paypal etc.) or other services instrumental to those provided by Not a Chimera Srl.
Subjects delegated to carry out technical maintenance activities.
Judicial authorities for purposes of repression and investigation.
The hardware infrastructure used is from Nsai srl., to deliver its services is located within the data center residing in France ISO 27001 certified so as to ensure maximum security.
In implementation of the principle of transparency, the user may request all information regarding the processing of his personal data as well as exercise the rights recognized by the GDPR and specified in Articles 15 – 23. In particular, he/she will be able to request:
- access to your Personal Data;
- he rectification or erasure of the same or to object to their processing in the cases provided for in Article 20 of the Regulations;
- the limitation of the processing in the cases provided for by Article 18 of the Regulation, as well as to obtain in a structured, commonly used and machine-readable format the data concerning you (portability), in
- the cases provided for by Article 20 of the Regulation.
You will be able to exercise YOUR rights independently by managing your data and preferences in the privacy center present in your Customer Area. In any case, any requests can be sent via the online form.