Legal Notice and Data Protection Policy

Home / Legal Notice and Data Protection Policy

Information pursuant to Art. 13 Decree Law 196/2003 and Art. 7,12,13,14 EU Regulation 679/2016 and consent for the collection, processing and protection of personal and sensitive data

Dear Customer,

Pursuant to Art. 13 of Decree Law 196/03 and following the entry into force of EU Regulation no. 679/2016, the processing of the data provided by you will be based on the principles of correctness, lawfulness, transparency, limitation on purpose, minimisation of data, accuracy, limitation on storage, integrity and confidentiality, thus protecting your rights.

In particular, any data liable to reveal racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organisations of a religious, philosophical, political or trade union character, as well as personal data liable to reveal state of health and sexual orientation, or legal data, may be subject to processing only with the written consent of the person concerned and the specific indication of the purpose of the processing.

Pursuant to Art. 13 of Decree Law 196/2003 and Art. 5, 6, 13 of EU Regulation no. 679/2016, we inform you that:

  • The data is processed in the context of our commercial activity and for accounting and tax purposes, as well as for those of marketing, for which we ask you to express your consent.
  • Your data will be collected on the instructions provided by you
  • The data will be processed in the following ways:
    • Hard copy
    • Computerised
  • The data collected:
  • Will not be disclosed to any other parties, nor will it be circulated.
  • May be communicated to parties to which is granted the right to access the data under the law; to authorised internal parties and to external parties which perform functions related to the execution of our activities (system administrators, consultants, accountants)
  • The data will be kept on our premises in compliance with the provisions of Decree Law 196/2003 and EU Regulation 679/2016 for the time required by law for accounting and tax purposes
  • The Data Controller is NIU’ S.R.L. based in Udine, V.le Palmanova 464
  • Refusal to provide your data will make it impossible for the Data Controller to carry out the activity
  • At any time you may exercise your rights vis-a-vis the Data Controller, pursuant to Art. 13 of Decree Law 196/2003 and Art. 12 to 23 of EU Regulation 679/2016 which we show below:
  • Right to obtain confirmation of the existence, or otherwise, of your personal data, even if not yet registered, and communication of the same in intelligible form.
  • Right to obtain the indication of the origin of the personal data, the purposes and methods of the processing; of the logic applied to processing carried out with the help of electronic equipment; of the identifying details of the Data Controller, Data Processors and the representative designated pursuant to Article 5 (2) of Decree Law 196/2003; of the parties or categories of party to which the personal data may be communicated or which may come to know it as designated representative in Italy, processor or appointee.
  • Right to obtain the updating, correction or, when desired, the addition of data; the deletion, transformation into anonymous form or blocking of data processed unlawfully, including that for which there is no need for storage for the purposes for which the data was collected or subsequently processed; the certification that the preceding operations were made known, including their contents, to those parties to which the data was communicated or disclosed, except where this is discovered to be impossible or involves a commitment of resources clearly disproportionate to the protected right.
  • Right to object, in whole or in part, for legitimate reasons, to the processing of your personal data, even where pertinent to the purpose of its collection; and the right to limit acceptance of the processing.
  • Right to obtain from the Data Controller the deletion of your data with no unjustified delay: if the data is no longer needed for the purposes for which it was collected or processed; in case of withdrawal of the consent provided and in the absence of a reason to process the data; in case of opposition to the processing and in the absence of a legitimate reason to carry out the processing; in case of unlawful processing of the data; in the event of an obligation of deletion to comply with a legal obligation; if the data was collected for the provision of information society services.
  • Right to obtain all your personal data from the Data Controller, if processed in automated fashion, in a structured format, in common use, readable by automatic and interoperable device, so that it can be easily transmitted to another service provider or another Data Controller.


What is a cookie?

A cookie is a text file no bigger than 4k that a website asks your browser to store on your computer or mobile device. This allows the website to “remember” your actions or preferences over a period of time.

Most browsers support cookies however users can set their browsers to decline them and can also delete them whenever they like.

What are they used for?

Websites mainly use cookies:

  • to identify users
  • to remember the user’s custom preferences
  • to help complete a task without having to re-enter information when browsing from one page to another or when visiting the site again sometime later

Cookies can also be used for online behavioral target advertising and show adverts relevant to something that the user searched for in the past.

How are they used?

The web server supplying the webpage can store a cookie on the user’s computer or mobile device. An external web server that manages files included or referenced in the webpage is also able to store cookies. All these cookies are called http header cookies. Another way of storing cookies is through JavaScript code contained or referenced in that page.

Each time the user requests a new page, the web server can receive the values of the cookies it previously set and return the page with content relating to these values. Similarly, JavaScript code is able to read a cookie belonging to its domain and perform an action accordingly.

What are the different types of cookies?

A cookie can be classified by its lifespan and the domain to which it belongs. By lifespan, a cookie is either a:

  • session cookie which is erased when the user closes the browser or
  • persistent cookie which remains on the user’s computer/device for a pre-defined period of time.

As for the domain to which it belongs, there are either:

  • first-party cookies which are set by the web server of the visited page and share the same domain
  • third-party cookies stored by a different domain to the visited page’s domain. This can happen when the webpage references a file, such as JavaScript, located outside its domain.




Where to find information about controlling cookies
Internet Explorer http://support.microsoft.com/kb/278835
Chrome https://support.google.com/chrome/answer/95647?hl=en-GB
Firefox http://support.mozilla.org/en-US/kb/Clear%20Recent%20History
Safari http://support.apple.com/kb/PH5042
Opera http://www.opera.com/browser/tutorials/security/privacy/