This information, prepared in accordance with Legislative Decree. n. 196/2003 (“Codice Privacy”), of the Reg. UE n. 679/2016 (“GDPR”) and the UE Directive n. 2002/58/EC (“e-Privacy”) and subsequent amendments and integrations, describes how Dometic Mobile Power Italy S.r.l. uses and manages the Personal Data of users collected through the websites www.ndsenergy.eu, www.ndsenergy.it, www.ndsenergy.de, www.ndsenergy.uk, www.ndsenergy.fr and www.ndsenergy.nl (“the website”).
Data Controller
The Data Controller is Dometic Mobile Power Italy S.r.l. (“Dometic”, “Controller”), located in Cappelle sul Tavo (PE, Italy) via Giovanni Pascoli n.96/98, VAT number 02065080687, no. Rea PE-150854, a company part of the Dometic Group AB Entrepreneurial Group, no. reg. 556829-4390, Hemvärnsgatan 15, SE-171 54 Solna, Sweden.
For any request related to the processing of Personal Data and to exercise the rights of the data subject, it is possible to send an email to the address [email protected]. The Data Protection Officer is Dr. Sergio Accorona, who can be contacted at the address [email protected].
Types of Data processed
Types of data collected through the website:
- Data provided voluntarily by the user, entered in the contact form or for access to the restricted area (RMA), or through communications sent by e-mail to the addresses indicated on the Website: first name, last name, email address, password and any additional Data sent spontaneously.
- Browsing Data, which are stored in the website’s in server log files: IP address, domain name of the computer used by the user, addresses in Uniform Resource Identifier (URI) notation, date and time of the request to the server, the name of the internet service provider (ISP), the amount of Data Transmitted, the numeric code indicating the status of the response given by the server and parameters related to the user’s operating system and computer environment, web page of origin and exit, the number of clicks, geolocation data.
- Data Collected Through Use of Third-Party Cookies → see the cookie policy.
Purpose and legal basis of processing
Personal Data are processed for:
- responding to a user’s request, providing information in response to contact by the user and processing technical support requests;
- managing customer relations and invoicing;
- fulfil legal obligations, regulations and orders of the Authority;
- statistical purposes.
The processing of Personal Data takes place mainly with the consent of the person concerned, which is requested when accessing the Website.
- Data provided to request information (contact form) and technical support (RMA), as well as data collected for the management of customer relations are processed on the basis of the fulfilment of pre-contractual obligations and/or a contract.
- Billing data are processed pursuant to a legal obligation.
- Data processed for the security of the Website and for the prevention of misuse, as well as Data for the analysis of the website traffic in aggregate and anonymous form, are processed on the basis of the relevant legitimate interest of the Data Controller, respectively, for the security of the Website and users, and the pursuit of its own business purposes.
- Personal Data collected for statistical purposes through third-party cookies are processed on the basis of the explicit consent of the person concerned.
Method and location of processing
Personal Data is processed by manual and automated, computerised and electronic means and may be stored at the Data Controller’s premises and at the datacentres of the hosting service provider (Amazon AWS) and the email service provider (Microsoft 365) located within the EU/EEA. Technical and organisational measures are taken to prevent unauthorised access and to prevent the loss, misuse and alteration of processed Data.
Data Retention
Personal Data are kept for as long as is strictly necessary to perform the activities for which they were collected, for as long as the contract is executed or as long as there is an active user account, unless the data subject exercises his or her rights of revocation and objection; in any case for no longer than 5 years for the fulfilment of any obligations arising from the law. On expiration, the Data will be deleted or anonymised automatically.
Third-party recipients of Personal Data
The Personal Data collected may be shared, within the EU/EEA, with:
- subjects carrying out activities connected or instrumental to the provision of the service requested by the user (e.g. forwarding agents), or performing security checks or site optimisation (such as third-party technical service providers, hosting providers, server providers);
- authorities and public bodies in cases established by law;
- the parent company and with the other companies belonging to the Dometic Group of companies, for internal administrative purposes on the basis of its own legitimate interest.
Data transfer to countries outside the European Union
The Personal Data collected may be transferred to countries outside the EU/EEA in the event that third-party cookies and/or similar technologies (whose owners may be located outside the EEA) are accepted by the user with his/her consent. Such data transfers are based on adequate guarantees in accordance with data protection laws, pursuant to Art. 46 of EU Regulation 2016/679.
User rights
At any time, the user may exercise the following rights under the Data Protection Regulation:
- obtain information on the existence of and access to their Personal Data;
- request that they be updated, rectified, supplemented and transformed into anonymous form;
- request deletion of Data;
- request the restriction of the processing of Data;
- to receive their Data in a structured, commonly used and machine-readable format and, where technically feasible, to have them transferred without hindrance to another data controller;
- object at any time to the processing of his Data when it is carried out on a legal basis other than consent, although the processing carried out prior to the objection will remain valid;
- revoke previously given consent, although the processing carried out prior to the revocation of consent will remain valid;
- submit a claim to the Data Protection Authority.
To exercise their rights, Users may address a request to the Controller’s contact details indicated in this document.
The request can be made free of charge and the Controller will reply as soon as possible, in any case within one month, providing the User with all the information required by law. In the event of a manifestly unfounded or repetitive request, the Controller may request a fee from the data subject or refuse to comply with the request.
Any rectification, deletion or restriction of processing shall be communicated by the Controller to each of the recipients, if any, to whom the Personal Data have been transmitted, unless this proves impossible or involves a disproportionate effort. The Controller shall inform the User of these recipients if the User requests it.
Dometic will inform Data Subjects of any changes to the Policy via the Website or through other usual channels of communication.