Privacy Policy

1- Privacy Policy

This document fulfils the function of Privacy Notice pursuant to Article 13 of the "European Data Protection Regulation" referred to in EU Regulation 2016/679 (hereinafter, "Regulation" or "GDPR" - General Data Protection Regulation -).

2 - Data Controller

New Media Agency S.r.l., with registered office in 51039 Quarrata (PT), Via Del Casone 28, and New Media Agency Social S.r.l., with registered office in 51100 Pistoia (PT) Via Mariotti 190, are joint data controllers (hereinafter jointly referred to as the "Data Controllers").

3 - Definition of "personal data

For the purposes of this Privacy Notice, "personal data" - in accordance with Article 4 of the Regulation - shall mean "any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity".

This Privacy Policy applies exclusively to personal data collected through the website (hereinafter, the "Site"). This Privacy Policy does not apply to other websites owned by third parties, which may be accessed through any links on the Site.

4 - Data provided voluntarily by the user

The Data Controllers collect some personal data (name, surname, e-mail address, telephone number, postal address, etc.) voluntarily provided by users of the Site through special registration forms or received directly from the user by e-mail.

5 - Navigation data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the SERVER, the size of the file obtained in response, the numerical Regulation indicating the status of the response given by the SERVER (successful, error, etc.) and other parameters relating to the user's operating system. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, and is deleted immediately after processing. The data could be used to ascertain responsibility in the event of any computer crimes to the detriment of the Site (see point no. 7, letter b).

6 - Use of cookies

The Site uses cookies in accordance with our Cookies Policy

7 - Purpose and methods of processing and legal basis for processing

The above personal data will be processed exclusively in relation to the following:

(a) responses to requests for information or contact;

b) offers of employment or collaboration;

c) in accordance with a legitimate interest of the Data Controllers (e.g. for information security of the Site, statistics, etc.).

In the case envisaged in point (c), the processing of the data must be considered mandatory. 

The Joint Data Controllers protect users' personal data by adopting the security measures provided for in the Regulation.

8 - Optional supply of personal data

With the exception of what is specified for navigation data, as well as in relation to what is indicated in point 7, letter (c), the user has the option of providing or not providing his or her personal data by e-mail. In cases sub (b) and (c) of the above paragraph, failure to provide personal data will make it impossible to send the user the requested information and to consider the offer of employment or collaboration.

9 - Communication and dissemination of personal data

The management and storage of personal data will take place on servers located in EU countries. In any case, the Data Controllers guarantee as of now that any data transfer outside the EU will take place in compliance with the applicable legal provisions and with the Regulation, stipulating, if necessary, agreements that guarantee an adequate level of protection, and/or adopting the standard contractual clauses provided by the European Commission. Except in cases permitted by law, or provided for in this Privacy Policy, personal data will not be communicated or disseminated without your consent.

10 - Period of data retention

The data is processed using automated tools (e.g. using electronic procedures and media) and/or manually (e.g. on paper) for the time strictly necessary to achieve the purposes for which the data was collected and, in any case, in accordance with the relevant regulations in force.

Personal data in the cases referred to in point 7 letters (a) and (b) will be processed for a maximum period of twelve months, unless an employment or collaboration relationship is established, or an assignment is given to the Data Processors, in which case a ten-year retention period shall apply. In the case referred to in point 7 letter (c) for the duration of six months starting from the collection of the data, except in the case of any extensions resulting from judicial authority findings or ongoing investigations. 

11 - Your rights with regard to your personal data

Your rights under the GDPR include the right to:

- to request from the professional access to your personal data and information relating thereto; the rectification of inaccurate data or the integration of incomplete data; the deletion of personal data relating to you (upon the occurrence of one of the conditions indicated in Article 17(1) of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article); the restriction of the processing of your personal data (upon the occurrence of one of the cases indicated in Article 18(1) of the GDPR)

- request and obtain from the professional - where the legal basis of the processing is a contract or consent, and the processing is carried out by automated means - your personal data in a structured, machine-readable format, also for the purpose of communicating such data to another data controller (so-called right to data portability)

- object at any time to the processing of your personal data in the event of special situations concerning you;

- withdraw your consent at any time, limited to cases where the processing is based on your consent for one or more specific purposes and concerns common personal data (e.g. date and place of birth or place of residence), or special categories of data (e.g. data revealing your racial origin, political opinions, religious beliefs, state of health or sex life). Processing based on consent and carried out before the withdrawal of consent, however, remains lawful;

- lodge a complaint with a supervisory authority (Italian Data Protection Authority -

12 - Changes to the Privacy Policy

The Data Controllers may make changes to this Privacy Policy in order to incorporate changes in national and/or Community legislation, or to adapt to technological innovations or for other reasons. Any new versions of this Privacy Policy will be posted on the Site.

The user is kindly requested to read this Privacy Policy and to check it periodically with attention, in order to verify any updates or revisions that may be necessary.

13 - Exercise of rights and request for information

To exercise their rights and for any questions or requests relating to the processing of personal data by the Data Controllers, users may contact us at the following e-mail address: [email protected]