Privacy Policy

Privacy Policy

Conexus S.p.A. as the data controller and owner of the website www.conexusspa.com, invites you to read the following Notice in order to inform you about the way in which the website is managed and consequently the way in which the personal data of the users who browse the aforementioned website is processed.

This Privacy Policy has been prepared in full compliance with the rules on the protection of personal data (EU Regulation, no. 679/2016), to help you understand how your personal data are processed by Conexus S.p.A. The possible introduction of new industry regulations and the constant review and updating of the services we offer may result in the need to change the way we process personal data. It is therefore possible that our Privacy Policy undergoes changes over time and we invite you, therefore, to periodically consult this page. Below you can find the date of drafting and any changes made.

The processing of personal data provided is for the sole purpose:

  • execution of the contract;
  • fulfillment of obligations under laws related to the contractual relationship;
  • management of the contract, e.g. relations with agents, representatives, principals and/or contractors;
  • any external professional collaborations for the fulfillment of legal obligations;
  • protection of contractual rights;
  • internal statistical analysis;
  • subject to your specific consent, marketing activities through the sending of promotional and advertising material relating to products or services similar to those covered by the existing business relationship;
  • subject to your specific consent, for “profiling activities”; understood as “any form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s professional performance, economic situation, health, personal preferences, interests, reliability, behavior, location or movements” (art.4 GDPR)

The data processed by Conexus S.p.A. fall into the following types:

Common personal data

  • Personal data (such as, but not limited to, first name, last name, date of birth, residential address, telephone);

Navigation data and Cookies

  • Conexus S.p.A. uses technical and profiling cookies as specified in the Cookie policy.

Personal data will be processed in paper, computerized and telematic form and entered into relevant databases that can be accessed by data processors.

Of the data received Conexus S.p.A. will curate:

  • the exact registration, so that they correspond to what you have declared;
  • The updating of every communication and variation provided by you;
  • the storage in a form that allows your identification for a period of time not exceeding that necessary for the purposes for which the data were collected.

Your data may be used:

  • by staff of Conexus S.p.A. who have been assigned a specific role as data processors, who have been given adequate instructions and who are bound by obligations of confidentiality, with the use of security measures designed to ensure the protection of your confidentiality and to avoid the risks of loss or destruction, unauthorized access, unauthorized processing or processing that does not comply with the purposes mentioned above;
  • by persons authorized to perform such tasks duly instructed and made aware by Conexus S.p.A. that provide specific processing, administrative or instrumental services necessary to achieve the above purposes.

All data processing operations are implemented in such a way as to ensure the integrity, confidentiality and availability of personal data.

Your personal data will not be published, displayed or made available and/or consulted by unspecified parties.

Your data may be communicated to the competent authorities, according to the terms of the law.

In the event of your explicit consent in relation to the purposes described above (marketing and profiling), your personal data will be made visible and stored in a single computer archive for customer relationship management.

Your personal data may be used by third party companies that as Data Processors carry out activities on behalf of Conexus S.p.A.. It is possible to have an updated list of the External Processors designated by Conexus S.p.A. by forwarding your request to the email address conexusspa@pec.it.

Data will be retained for the period of time strictly necessary to achieve the purposes concretely pursued and, in any case, the criterion used to determine the period of retention is based on compliance with the terms permitted by applicable laws and the principles of minimization of processing, limitation of storage and rational management of archives.

Marketing purposes: 24 months from collection, without prejudice to the possibility of modifying and/or revoking your consent at any time.

Profiling purposes: 12 months from collection, without prejudice to the possibility of modifying and/or revoking your consent at any time.

We also inform you that, pursuant to Articles 5 and 89.1 of the Regulations, your personal data may be kept for longer periods of time than specified in the previous paragraph for statistical purposes only, subject to the implementation of appropriate technical and organizational measures required by law to protect your rights and freedoms.

We inform you that as a data subject, you have in addition to the right to lodge a complaint with the Supervisory Authority, the rights listed below, which you can enforce by addressing an appropriate request to the Data Controller and/or the Data Processor, as indicated in point 1.

Art. 15 – Right of access: you can ask for confirmation that a data processing concerning you is or is not taking place, as well as for further clarification about the information in this Policy;

Art. 16 – Right of rectification: you can ask to rectify or supplement the data you have provided to us, if inaccurate;

Art. 17 – Right to erasure (right to be forgotten): you can request that your data be erased, if: they are no longer necessary for our purposes, in case of revocation of consent or your opposition to processing, in case of unlawful processing, or there is a legal obligation to erasure or they refer to individuals under the age of sixteen; revocation: you can revoke your consent at any time, in case it constitutes the basis of processing. Revocation of consent however does not affect the lawfulness of the processing based on the consent carried out prior to the revocation.

Art. 18 – Right to limitation of processing: you may request that your data be processed only for the purpose of storage, -with the exclusion of other processing- for the period necessary to rectify your data, in case of unlawful processing for which you object to the deletion, if you have to exercise your rights in court and the data we retain may be useful to you and, finally, in case of opposition to processing if a verification is underway as to whether our legitimate reasons prevail over yours;
Art. 20 – Right to data portability : you can ask to receive your data, or have it transmitted to another data controller indicated by you, in a structured, commonly used and machine-readable format;
Art. 21 – Right to object : you can object at any time to the processing of your data, unless there are our legitimate reasons for processing that override your own, for example for the exercise or our defense in court;
Art. 22 – Right not to be subjected to automated decision-making, including profiling At any time you may ask to exercise the above rights to Conexus S.p.A. by contacting the email address: conexusspa@pec.it.; Conexus S.p.A. will handle your requests within the timeframe provided by the GDPR.
In addition, we inform you that you have the right to file a complaint against the Italian Supervisory Authority: “Garante per la Protezione dei Dati Personali” in the event that you believe that your rights have been violated by Conexus S.p.A. and/or a third party or in the event that you do not consider Conexus S.p.A.’s response to your requests to be satisfactory.