PRIVACY RULES

In accordance with current legislation on the protection of personal data, as well as the General Data Protection Regulation of April 27, 2016 (Regulation (EU) No. 2016/679) of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, hereinafter the “GDPR”, which applies from May 25, 2018, strict rules and conditions are imposed on companies when they process the personal data of their customers in order to protect their privacy.
Through this privacy agreement, Nazzo Strategy SLU intends to provide its customers with clear and precise information regarding the processing of their personal data. The privacy statement also defines the various measures that Nazzo Strategy SLU has put in place to guarantee the security and confidentiality of the personal data collected from all its customers and partners.

DATA PROCESSING RESPONSIBILITY

The “data controller” of your personal data is the following legal entity, hereinafter referred to as “Nazzo Strategy SLU”:
Nazzo Strategy SLU, whose registered office is located at Carrer L’Aigüeta 19, planta 1a, despatx 4, AD500 Andorra La Vella and whose business number is L720940Z.
On the other hand, in certain cases, Nazzo Strategy SLU processes personal data as a processor for its customers. In this case, the privacy policy of the customer concerned applies and not this privacy statement.

PRIVACY PROTECTION RESPONSIBILITY

Any questions regarding the processing of personal data can be sent to the following address: mj@nazzo.ad.
Each of our customers can also contact their project manager at any time for any questions regarding the processing of their personal data and the exercise of their rights under the GDPR.

LEGAL BASIS FOR DATA PROCESSING

Nazzo Strategy SLU may only process your personal data in the following situations (Art. 6 of the GDPR):
For the purposes of the execution and fulfillment of the service contract concluded between the customer and Nazzo Strategy SLU;
When processing is necessary for the proper functioning of the company, based on the legitimate interest of Nazzo Strategy SLU;
For the purpose of satisfying the legal obligations to which Nazzo Strategy SLU is subject (notably in matters of taxation, accounting, contractual liability, etc.);
If you have given your consent.

5. DATA PROCESSING OBJECTIVES

Syslink srl processes your personal data, in electronic form or otherwise, for the following legitimate purposes:
Information requests, offers, and prospects: The primary purpose of this collection is to be able to respond to your requests for information about our products and services (price requests, quote requests, general information requests).
Communications to customers as part of the execution of the contract: We may use your information to communicate with you and consider this communication as an integral part of our service. We may use your email address and postal address to inform you of news, organizational changes, or to communicate any information that may have an impact on the communication tools we manage for you.
If you do not wish to receive these offers, you can always unsubscribe by clicking on the “Unsubscribe” link at the bottom of each email.

6. CUSTOMER RIGHTS

Nazzo Strategy SLU undertakes to take the necessary technical and organizational measures to guarantee the security of the processing of each of its customers’ personal data (Art. 32 of the GDPR law).

7. Right of access (Art. 15 of the GDPR)

Nazzo Strategy SLU grants each customer the right to access their own personal data and the right to obtain or make a copy of it, in accordance with Article 15 of the GDPR.

8. Right to rectification (Art. 16 GDPR)

Nazzo Strategy SLU recognizes the possibility for its customers to request the rectification of erroneous data and to request the completion of what needs to be completed.
Nazzo Strategy SLU will notify the relevant processor of the changes, if applicable.

9. Right to be forgotten (Art. 17 of the GDPR) and right to restrict processing (Art. 18 of the GDPR)

Nazzo Strategy SLU undertakes, to the extent that this right is provided for in Article 17 of the GDPR, to proceed with the deletion of its customers’ personal data, particularly in the following cases:
The data is no longer necessary for the purposes for which it was collected or processed;
The customer withdraws their consent or objects to the processing and there is no other legal basis for the processing or no overriding legitimate reason for the processing in accordance with Article 17 of the GDPR;
The personal data has been processed unlawfully.
Nazzo Strategy SLU also undertakes to limit the processing of data, to the extent that this right is provided for in Article 18 of the GDPR, particularly in the following cases:
The accuracy of the data is contested by the customer and the data controller needs time to verify the accuracy of the personal data;
The processing is unlawful and the customer does not request the deletion of their personal data but a limitation of its use;
The data controller no longer needs the personal data for the purposes of processing, but it is still necessary for the establishment, exercise, or defense of legal claims;
The customer has objected to the processing.

10. Notifications

Nazzo Strategy SLU undertakes to inform each recipient to whom personal data has been communicated of any rectification or deletion of personal data, or any limitation of processing, unless such communication proves impossible or requires a disproportionate effort.

11. Right to data portability (Art. 20 of the GDPR)

The copy of personal data may, under certain conditions, be transmitted in a structured, commonly used, and digital format to the customer themselves or to another data controller if this data is already digitized, if transmission is technically possible, and if the customer has made the request in writing.
In the aforementioned cases, the right to erasure of data remains unchanged.

12. Right to object (Art. 21 and 22 of the GDPR)

Nazzo Strategy SLU wants to listen to the customer and their right to object at any time, for reasons related to their particular situation, under the conditions defined in Article 21 of the GDPR, to the processing of their personal data.
In this event, Syslink srl will analyze the possibility of immediately ceasing the processing of personal data, unless legitimate and compelling reasons for the processing prevail over the interests, rights, and freedoms of the customer concerned, or for the establishment, exercise, or defense of legal claims.

13. Timeframe

Any request under points 6 to 13 will be effective within one month of receipt of the request.

14. Exercise of rights

The aforementioned rights may be exercised, subject to compliance with legal conditions, by writing to Nazzo Strategy SLU at the following email address: mj@mazzo.ad.