Privacy notice pursuant to Art. 13 of the Italian Personal Data Protection Code (Legislative Decree No. 196/03) and EU Regulation 2016/679, the General Data Protection Regulation (GDPR)

In keeping with Art. 13 of Legislative Decree No. 196 of 30 June 2003, the Nodo Group hereby informs you that your personal data will be used as follows:

  1. WHAT WE USE YOUR INFORMATION FOR

The Association collects and uses your data for the purposes of:

  • entering personal data records into electronic databases;
  • calculating statistics for internal use;
  • issuing transport documents, invoices, credit notes, and receipts;
  • inviting current and/or potential suppliers to provide quotations/put in tenders for the supply of goods/services;
  • bookkeeping and valued added tax returns
  • managing receipts and payments;
  • distributing information and promotional materials;
  • measuring customer satisfaction and administering questionnaires;
  • completing legally required paperwork
  • communicating with members.
  1. DATA PROCESSING METHODS – PARTIES AUTHORIZED TO HANDLE PERSONAL DATA
    The processing of personal data for the above purposes may be either automated or non-automated, and will comply with all legal obligations of confidentiality and cybersecurity. The data may be processed, on behalf of the Nodo Group, by employees or external companies recruited to assist the Association in conducting its operations and services.
  2. CONSENT
    We need your consent to process your personal data for the purposes listed above.
    If you do not provide consent, this could interrupt or disrupt your relationship with the Association, or prevent us from complying with legal requirements, including tax regulations. Your data will be held at the Association’s operational headquarters, for the length of time mandated by civil and tax-related legislation.
  3. COMMUNICATION OF DATA
    In light of our network of electronic and paper correspondence, your data may be transferred to other countries, including outside of the European Union and may be communicated to:
  • all persons to whom the right of access to such data is recognized under law;
  • our contractors, employees, agents, and suppliers, within the scope of their duties and/or any contractual obligations arising from our business relations with them
  • post offices, shipping agents, and couriers deployed to dispatch documentation and/or materials;
  • all those natural and/or legal persons, public and/or private (legal, business, and tax consultancy firms, judicial offices, chambers of commerce, workers’ unions, employment exchanges, etc.) we need to communicate with in order to conduct our activities, in the manner and for the purposes described above;
  • banking institutions, in relation to handling collection and payments resulting from the performance of our business contracts.
  1. YOUR RIGHTS (Art.7, D. Lgs196/03)
    You have the right to know whether the Nodo Group holds personal data concerning you, even if it has not yet been officially recorded, and this data must be communicated to you in an intelligible form.

As a data subject, you have the right to be informed of:

how the Nodo Group obtained your personal data, the purposes for which it will be used, and exactly how it will be processed;

  • the system used in any electronic processing of your data;
  • the identity of the data controller, data protection officers, and designated data representative under the terms of Article 5, Paragraph 2 of Legislative Decree 196/2003;
  • the subjects or categories of subject to whom your personal data may be transferred, or who may become aware of it in their capacity as designated data representatives within Italy, data protection officers, or data processors.

You have the right to:

  • have your personal data updated, rectified, or, when this is in your interest, supplemented;
  • have your personal data erased, anonymized, or blocked if it has been used in breach of the law, including when the data is no longer needed in relation to the purposes for which it was originally collected or subsequently processed;

You have the right to oppose, fully or partially:

  • for legitimate reasons, the processing of your personal data, even when it is pertinent to the purpose for which it was collected;
  • the use of your personal data to send you advertising or direct sales materials, or for the purposes of market research or marketing communications.
  1. THE ABOVE RIGHTS MAY BE EXERCISED
    via an informal request to the data controller, a data protection officer, or data processor, and a prompt and appropriate reply will be forthcoming. Requests to the data controller or data processor may also be sent via registered letter, fax, or e-mail.
  2. DATA CONTROLLER AND DATA PROCESSOR
    The data controller and data processor is:

IL NODO group Impresa Sociale
c/o Agenzia Mosaico s.r.l.
via San Secondo 31
10128 Torino

  1. Services provided by the Nodo Group

The data controller offers a ticket sales and reservations service for certain events organized by the Nodo Group.

  1. Personal data for the services supplied

When you use our services, or interact with us through them, we may collect your personal information, sometimes on our own behalf, and sometimes on behalf of an event organizer using our services to manage an event. This distinction is important under certain data protection laws and is explained in greater detail below.

Information provided by visitors to the website: We collect personal data from all users when they voluntarily provide such information to our services, such as when registering to access services, contacting Nodo Group with questions, responding to one of our surveys, or browsing or using certain features of certain services. The personal data we collect can include, but is not confined to, your name, address, e-mail address, and other information provided to us by you and/or that enables you to be personally identified. Automatically collected information: we also automatically collect selected technical data sent by your computer, mobile device, and/or browser in order to access our services (“Automatic Data”). Automatic data includes, but is not confined to, a unique identifier associated with your device and/or browser (including, for example, your IP address), features of your device and/or browser, statistics about your activity on our services pages, information on the links you followed to access our services, and data collected via cookies, pixel tags, shared local objects, web storage, and other similar technologies. For more information on how we use cookies and other similar tracking technologies, please see our Cookie Policy. When you register for our services or send your personal data to Nodo Group via another route, we may associate other non-personal data (including non-personal data collected by third parties) with your personal information. In such cases, we treat this combined data as personal data until such time as it can no longer be associated with you or used to identify you.

If you are a member or have registered for an event for the first time, we will collect additional personal information from you for our own internal purposes.

Information provided by you via the website: If you register for a paid event, we will collect financial information from you (e.g., credit card number, expiration date, billing address, etc.), some of which may be personal data.  Nodo Group controls the registration process and the personal data collected during it. When you register for an event or activity, regardless of whether the data supplied concerns yourself or a third party, and regardless of whether it is related to a purchase, registration, or transfer, Nodo Group can use the information you provide.

Information obtained from other sources: We may also collect or receive personal information from third parties, such as external event organizers, other participants in events, data integration from social media or other third parties, the bank that issued your credit card, our payment processing partners, or other third parties.

Use of personal data to deliver services

We collect and process personal data in a manner that is consistent with this Privacy Policy, and in keeping with the applicable data protection legislation. We may use your personal information in the following ways:

Specific reason
If you provide your personal information for a particular reason, we may use it in relation to the purpose for which you provided it. For example, if you contact us by email, we will use the personal information you provided to answer your questions or solve your problem and we will reply to the email address you contacted us from.

Access and use
If you provide us with your personal information to gain access to or use our services or any of their functions, we will use your personal information to give you access to or allow you to use these services or features and to monitor your use of them.

Internal purposes
We may use your personal information for the purposes of the Association, such as, but not confined to, to help us improve the content and functionality of our services, gain a better understanding of our usership, enhance our services, protect our services from infringements, or identify or correct infringements, apply our Terms of Service, manage  your account and provide you with assistance, and in general to manage our services and activities.

Marketing communications
We may use your personal information for marketing and promotion purposes, including for (unlimited) email marketing campaigns targeting other devices (such as tablets, mobile phones, and televisions). This is with a view to informing you about services or events that we believe may be of interest to you, developing promotional or marketing materials, and displaying event content and advertising related to services, including but not confined to, those that we believe may be relevant to you.

Other purposes.
If we intend to use your personal data in a way that does not comply with this Privacy Policy, we will inform you of this intended use before or at the time that your personal data is collected, or we will request your consent after collection but before use.

  1. How we disclose and transfer your personal information.

We do not trade your personal information. We consider this information a vital part of our relationship with you, hence we will not sell your personal information to third parties, including third-party advertisers. However, there are certain circumstances in which we may disclose, transfer, or share your personal information to certain third parties without further notice to you, as set out in this Privacy Policy.

Agents, consultants, and service providers.
We may share your personal information with contractors and service providers who process personal data on behalf of the Nodo Group in order to implement certain functions related to our activities. For example, database service providers, backup and data recovery service providers, email service providers, payment processing partners, hosting companies, and others.

Social media and links to other third-party sites
Facebook plug-ins and links on our website pages. The Nodo Group website may also feature links to Facebook, such as via the Facebook “Like” or “Share” buttons or other social plug-ins. When you interact with these features and links, your browser establishes a direct connection with Facebook servers, and Facebook receives information about your browser and activity, which it might link to your Facebook user account. For more information about how Facebook uses your data, see Facebook’s internal policies.

Legal requirements.
We may disclose your personal information if legally required to do so, for example, for the purposes of responding to a subpoena or request from law enforcement, a court, or government agency (including in response to a request from public authorities based on national security needs or to comply with legal requirements) or in the good faith belief that disclosure is necessary to (a) fulfil a legal obligation, (b) protect or defend our rights, interests ,or property or those of third parties, (c) prevent or identify possible infringements in relation to our services, (d) act in urgent circumstances to protect the personal safety of users of our services or the general public, or (e) protect ourselves from legal liability.

  1. How we store your personal information.
    We may store your personal information ourselves, or alternatively it may be stored by third parties to whom we have transferred it in accordance with terms of this Privacy Policy. We take all the measures that we deem reasonable to protect the personal data sent to us via our services pages from loss, misuse, unauthorized use or access, involuntary disclosure, alteration, and destruction. However, no network, server, database, or transmission via Internet or email is ever completely secure or error-free. Therefore, you need to carefully review what information you decide to send us by email. We recommend that you bear these considerations in mind when disclosing your personal data.
  2. How to update, correct, or delete your personal information.
    You can ask us to correct, update, or delete your personal data that we are storing by sending a request to the email address segreteria@ilnodogroup.it. We will consider and respond to all requests, in compliance with applicable law.
  3. How long we retain your personal data.
    We may retain your personal information for as long as you are registered to use our services. However, we may retain your personal data for a further period, as permitted or required by applicable law. Even if we delete your personal data, it may persist on backup or archival media for an additional period for legal, tax, or regulatory reasons or for legitimate and lawful business purposes.
  4. Limiting the personal data you provide.
    You may browse our services without providing any personal data (apart from automatic data, to the extent that it is considered personal data under applicable law) or while limiting the personal data you provide. If you choose not to provide any personal information or restrict the personal information you provide, you may not be able to use certain features of our services.
  5. Opt-out from electronic communications.

Marketing communications. Compatibly with your preferences concerning marketing, Nodo Group may send you electronic communications with a view to marketing or promoting its services or events if you have registered for our services or purchased a ticket and/or registered for an event mentioned on our services pages. You may “opt out” of receiving these electronic communications by clicking on the “unsubscribe” link at the bottom of the message. You can also manage your email preferences at any time by logging on to the website (or registering and then signing in), and clicking on “Account” and “Email Preferences”.

Communications regarding transactions or responses. Certain electronic communications from the Nodo Group are issued in response to your requests. For example, if you are a user who has registered/paid for an event, we must send you a ticket or confirmation of registration at the time of purchase. You can only stop receiving these types of email by contacting us. By choosing not to receive any electronic communications from us or through our system, you will not receive any further updates on events you have created (including in relation to payment issues) or events you have registered to participate in (including emails with tickets).

  1. Exclusions.

Personal data provided to third parties.
This Privacy Policy does not apply to personal information you provide to other users or visitors to our website via the services pages or other means, including information provided to organizers on the event pages or information you yourself post in any of the public sections of the services pages.

Links to third parties.
This Privacy Policy applies to our services pages only. The services pages may furnish links to other websites that are not operated or controlled by us (“third party sites”). The policies and procedures we have described here do not apply to third party sites. The fact that our services pages link to third party sites does not imply that we support or have reviewed them. You should read the privacy policies of any third-party sites you visit.

  1. Changes to this Privacy Policy.
    Our services and activities may change from time to time. As a result, we may sometimes need to make changes to this Privacy Policy. We reserve the right, at our sole discretion, to update or modify this Privacy Policy at any time (collectively, “changes”). Changes to this Privacy Policy will be posted on the website and the “last updated” date at the top of the page will be modified accordingly. In certain cases, the Nodo Group may be required to provide you with additional notification of such changes, such as by email or via notifications on the service pages.

Please review this Policy periodically and in particular before you provide any personal information. This Privacy Policy was last updated on the date recorded above. Continued use of our services after changes to the Privacy Policy come into effect constitutes acceptance of these changes. If a change to this Privacy Policy is not acceptable to you, you should stop accessing, browsing, or making any other use of our service pages.

  1. Resolving disputes.
    If you have any complaints concerning the Nodo Group’s privacy practices, please send them by e-mail to: segreteria@ilnodogroup.it. We are committed to taking reasonable steps to address your complaint.

Privacy policy last updated 05/05/2021