We would like to inform you that, pursuant to Article 13 of EU Regulation 2016/679 (General Data Protection Regulation – hereinafter referred to as “GDPR 2016/679”), which contains provisions for the protection of individuals and other subjects with regard to the processing of personal data, the personal data you provide will be subject to processing by our Company.

The processing of personal data by the Company will take place in compliance with the aforementioned regulations, specifically according to the principles of lawfulness, fairness, transparency, and protection of confidentiality and rights, with particular reference to integrity, confidentiality, personal identity, and the right to the protection of personal data.

  1. Data Controller and Data Protection Officer

Data Controller: Novae Dimore Immobiliare s.r.l

Registered office: Via Capitolo 1, 95030 Ragalna (CT) Italy

Email address to contact the Data Controller: info@novaedimore.it

  1. Types of Data Processed

The data provided and processed by Novae Dimore Immobiliare s.r.l are common personal identification data provided directly by the data subject.

“Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

The personal data collected fall into the following categories:

  1. personal information submitted through access to the website, via the “Get in touch”, “List your home”, or the "Request Booking" service pages;
  2. contact details submitted via the “Get in touch”, “List your home”, or the "Request Booking" service pages;
  3. additional data entered through the “Get in touch”, “List your home”, or the "Request Booking" service pages;
  4. cookies and browsing data.
  1. Purpose of Data Processing

User Data is collected to allow the Data Controller to provide its Services, specifically to contact the User following a request for information. In detail:

  • CONTACTS: by voluntarily filling in the “Get in touch”, “List your home”, or the "Request Booking" service forms, the User provides such data to the Data Controller and consents to their use in order to communicate and receive the requested information.

Types of personal data: name, surname, email address, phone number, free-form request message, uploaded files;

  • SERVICE DELIVERY: by voluntarily registering on the website, the User provides such data to the Data Controller and gives consent for their use for communication and management of the requested information and products.

Types of personal data: name, surname, tax code, age, residential address, email address, phone number, customer type, order number, order date, order amount, order payment, order status, reviews;

  • NEWSLETTER: by voluntarily registering for the newsletter service, the User provides their personal data to the Data Controller in order to receive periodic, and possibly profiled, updates on products, services, events, promotions, and other relevant information related to the activities of the Data Controller.

Types of personal data: name, surname, email address;

  • COOKIES AND BROWSING DATA: cookies are small text strings that a website can send to the User's device (PC, notebook, smartphone, tablet…) during browsing. The same website that sent them can then read and record the cookies found on the same device to obtain various types of information. This information is not collected to be associated with identified individuals, but by its very nature could, through processing and associations with data held by third parties, allow users to be identified.

Types of personal data: see Cookie Policy.

  1. Methods of Data Processing and Storage

Processing will be carried out in an automated and/or manual form, in accordance with the provisions of Article 32 of GDPR 2016/679 on security measures, by specially appointed individuals and in compliance with Article 29 of GDPR 2016/679. Security measures will be used to ensure the confidentiality of the data subject to whom such data refers and to prevent unauthorized access by third parties and/or unauthorized personnel. The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of personal data.

  1. Legal Basis of the Processing

The personal data indicated on these pages are processed on the basis of the need to carry out pre-contractual and/or contractual measures requested by the data subject, to allow the provision of services offered by the company. For processing that is not strictly necessary for the execution of such measures, the legal basis is the User's explicit consent. In particular, the User gives consent in the following cases:

  1. voluntary and informed subscription to the newsletter via the appropriate checkbox;
  2. configuration and management of Cookie preferences (browsing data) through the dedicated banner or the “Advanced Cookie Settings”, by enabling or disabling specific categories of Cookies.
  1. Location of Data Processing

Data is processed at the operational headquarters of the Data Controller. For further information, the User may contact the Data Controller at the address provided above. The Data Controller reserves the right to transfer such Personal Data to a country other than the one in which the User is located, in any case adopting the necessary security measures to guarantee the confidentiality and integrity of the Personal Data.

  1. Data Retention

Please note that, in compliance with the principles of lawfulness, purpose limitation and data minimization (pursuant to Article 5 of GDPR 2016/679), the retention period for personal data is established for a period not exceeding the achievement of the purposes for which they are collected and processed, and in any case in accordance with the time limits established by law.

When processing is based on the User's consent, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. In addition, the Data Controller may be required to retain the Personal Data for a longer period to comply with a legal obligation or an order from an authority. 

At the end of the retention period, the Personal Data will be deleted. Therefore, after this period, the right of access, deletion, rectification and the right to data portability can no longer be exercised.

  1. Scope of Communication and Disclosure

Your data, which is the subject of processing, will not be disclosed and may be communicated to companies or collaborators contractually linked to Novae Dimore Immobiliare s.r.l. The data collected will not be disclosed; however, in relation to the purposes mentioned above, they may be communicated to third parties belonging to the following categories of recipients:

  1. public bodies to which the data must be communicated by law (social security and welfare agencies, tax offices, etc.);
  2. public or private entities where the communication is necessary or functional to the performance of our activity;
  3. our consultants within the limits necessary to carry out their professional duties on behalf of our company.

Persons who collaborate with Novae Dimore Immobiliare s.r.l and have access to the personal data provided by customers and collaborators are appointed by the Data Controller as Data Processors, with specific instructions on the conduct and security measures they are required to observe in order to maintain the collaboration. If these conditions are not met or are deemed insufficient by the Data Controller, it reserves the right to terminate the ongoing collaboration.

  1. Transfer of Data to Non-EU Countries

The Data Controller does not transfer personal data to non-EU countries; however, it reserves the right to use cloud services and, in such case, service providers will be selected from those who provide adequate guarantees as required by Article 46 of GDPR 2016/679.

  1. Data Subject's Rights

At any time, the data subject may exercise, by contacting the Data Controller at our office or by sending an email to the address above, pursuant to Articles 15-22 of GDPR 2016/679, the right to:

  • request confirmation of the existence or not of personal data concerning them;
  • obtain information on:
    • the origin of the data
    • the purposes of the processing
    • the categories of personal data
    • the recipients or categories of recipients to whom the personal data has been or will be communicated
    • the retention period;
  • obtain:
    • data rectification
    • data deletion
    • restriction of processing
    • data portability, i.e., receiving it from the Data Controller in a structured, commonly used, and machine-readable format, and transmitting it to another Data Controller without hindrance;
  • object:
    • to the processing at any time, including processing for direct marketing purposes;
    • to an automated decision-making process concerning individuals, including profiling;
  • lodge a complaint with the Supervisory Authority (Privacy Guarantor).
  1. Information Not Contained in This Policy

Further information regarding the processing of Personal Data may be requested from the Data Controller at any time using the contact details provided.

A DPO (Data Protection Officer) has not been appointed, as it is not mandatory for the company’s activities.

  1. Changes to the Privacy Policy

The Data Controller reserves the right to modify, update, add, or remove parts of this privacy policy at its discretion and at any time. The data subject is required to periodically check for any changes. To facilitate this verification, the policy will contain the date of its latest update.