Who are we and what do we do with your personal data?

The Company NOMINATION SRL, Via F.lli Bandiera 22, 50019 Sesto Fiorentino (FI), (hereinafter also referred to as the Data Controller), as data controller, is concerned with the confidentiality of your personal data and with guaranteeing that they are protected from any event that might put them at risk of being breached. 

To this end, the Data Controller implements policies and practices concerning the collection and use of personal data and the exercise of your rights under applicable law. The Data Controller ensures the updating of the policies and practices adopted for the protection of personal data whenever necessary and in any case in the event of regulatory and organisational changes that may affect the processing of your personal data.

The Data Controller has appointed a data protection officer (DPO) whom you can contact if you have any questions about its policies and practices.

You can contact the DPO at nm-gdpr@nomination.com


How does the Controller collect and process your data?

Personal information about you will be processed for:

The processing of your personal data, such as browsing data, e.g., IP address and cookies issued through the browsing of the website www.nomination.com are processed by the Data Controller in order to manage the website and to collect information, including aggregate information. 

Your personal data will not be disseminated or disclosed to unspecified parties in any way.

Disclosure to third parties and recipients 

Your personal data is disclosed mainly to third parties and/or recipients whose activities are necessary for the performance of activities relating to the aforementioned purposes and also to comply with certain legal obligations. Any disclosure that does not fulfil these purposes will be subject to your consent. 

Your data will specifically be disclosed to third parties/recipients for:

  • the provision of the service (e.g., IT service provider);
  • communications to the financial administration and to public supervisory and control bodies of which the Data Controller must comply with specific obligations resulting from the specific nature of the activity carried out; 

The personal data that the Data Controller processes for this purpose are:

  • browsing data (IP address, operating system, login time, browser type)

Reasons for computer security

The Data Controller processes, including through its suppliers (third parties and/or recipients), your personal data (e.g., IP address) or traffic data collected, or obtained, in the case of services displayed on the website to the extent strictly necessary and proportionate to ensure the security and ability of a network or servers connected thereto to resist, at a given level of security, unforeseen events or unlawful or malicious acts that compromise the availability, authenticity, integrity and confidentiality of the personal data retained or transmitted. 

For these purposes, the Data Controller provides procedures for handling data breaches.

What are cookies and what can they be used for?

A "cookie" is a small text file created by certain websites on the user's computer when the user accesses a specific website, for the purpose of storing and transporting information. Cookies are sent by a web server (which is the computer running the website you are visiting) to your browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on your computer; they are then sent back to the website during subsequent visits.

Some operations may not be carried out without the use of cookies, which are therefore technically necessary in some cases. In other cases, the website uses cookies to facilitate and simplify browsing by the user or to allow the user to take advantage of specifically requested services.

Cookies can remain in the system for long periods of time and can also contain a unique identification code. This enables websites that use them to keep track of the user's browsing within the website itself, for statistical or advertising purposes, i.e., to create a customised user profile based on the pages he or she has visited and then show and/or send him or her targeted advertising (so-called Behavioural Advertising).

What cookies are used and for what main purposes

The Data Controller lists below the specific categories of cookies used, their purpose and the consequence of de-selecting them:

Navigation Cookies (Technical) These allow for the safe and efficient operation and exploration of the website 7 days If you do not allow for the use of these cookies you will not be able to navigate and use this website as these cookies are necessary for website use and nevigation and therefore it is not possible to deselect these cookies
Functionality cookies These facilitate browsing and the service provided to the user according to a set of criteria selected by the latter 7 days It would not be possible to retain the choices made by users whilst browsing
Analytics cookies These collect information in aggregate form about users' browsing to optimise the browsing experience and services 7 days It would no longer be possible for the Data Controller to acquire the aggregated information
Profiling cookies These create user profiles in order to send advertisements in line with the user's browsing preferences 12 months Profiling for the purpose of sending promotional messages would not be possible


Third-party cookies 

Third-party cookies, i.e., cookies created by a website other than that which the user is currently visiting, also operate on this website.

Users are specifically informed that the website uses the following services that issue cookies:

- The "Google Analytics" web analysis service provided by Google, Inc. is a web analysis service that uses "cookies" which are deposited on the user's computer to enable the website visited to analyse how users use it. The information generated by the cookie about the use of the website (including the IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of assessing the use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. To consult Google's privacy policy relating to the Google Analytics service and to give your consent to the use of these cookies, please refer to the following website ttps://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

- Google Adwords:  These cookies help to make advertising on Google Adwords more effective. Without these cookies it is more difficult for an advertiser to reach the public they are trying to reach and know how many announcements were displayed and how many times they were clicked. To consult the privacy policy of Google regarding the service Google Analytics, as well as to express your consent to the use of these cookies, please visit the webiste: https://policies.google.com/technologies/ads?hl=it-it ;

- Bing: Microsoft uses cookies to record the number of visitors who have clicked on an advertisement and to record which advertisements have been viewed so that, for example, the same advertisement is not displayed repeatedly.To consult the privacy policy of Google regarding the service Google Analytics, as well as to express your consent to the use of these cookies, please visit the webiste: https://privacy.microsoft.com/it-it/privacystatement ;

- Facebook: We use cookies to show advertisements and recommend companies and other organisations to people who might be interested in their products, services or causes. To consult the privacy policy of Google regarding the service Google Analytics, as well as to express your consent to the use of these cookies, please refer to the websitee https://www.facebook.com/policy/cookies/ ;

- Hotjar: In order to function properly and collect data such as behaviour and heat maps, Hotjar stores proprietary cookies on the user's browser. To consult the privacy policy of Google regarding the service Google Analytics, as well as to express your consent to the use of these cookies, please refer to the website https://www.hotjar.com/legal/policies/privacy/ ;

- LiveHelp: Our website uses first-party, session and persistent cookies to enable safe and efficient browsing and use of the chat service. These cookies are used to memorize the choices you make (language preferences) and to recognize subsequent access to the chat on the part of the user. To consult the privacy policy of Google regarding the service Google Analytics, as well as to express your consent to the use of these cookies, please refer to the website https://www.livehelp.it/it/cookie-policy.

Social buttons

On the website www.nomination.com there are special "buttons" (called "social buttons/widgets") that represent the icons of social networks (e.g., Facebook, LinkedIn, etc.) and other web services (e.g., YouTube, etc.). They allow users who are browsing the Data Controller's website to access the relevant social networks with a 'click'. In this case, the social network and web services acquire the data relating to the user, whereas the Data Controller will not share any browsing information or user data acquired through its website with the social networks and web services accessible through the social buttons/widgets. These services issue 'third-party cookies'. Below are links to the privacy policies of the most commonly used social networks and the websites to which the buttons refer:

Deselecting and activating cookies Review your Cookies settings

What happens if you do not provide your data?

Please note the consequences of deselecting individual cookies as shown in the table above.



How we process your data

The processing of personal data is carried out using computerised procedures by specially authorised and trained internal staff. They are allowed access to your personal data to the extent and within the limits necessary for the performance of the processing activities concerning you. 

The Data Controller periodically checks the means by which your data are processed and the security measures foreseen for them and provides for their constant updating; it also checks, including through the persons authorised to process them, that no personal data are collected, processed, stored or kept that do not need to be processed; it checks that the data are stored with a guarantee of integrity and authenticity and that they are used for the purposes of the processing actually carried out. 

Where we process your data

Data are stored in computer and electronic archives located within the European Economic Area.

Your personal data that is processed for the Data Controller's own profiling purposes may be stored on paper,  in computerized and in telematic archives located outside the European Economic Area, specficially the date related to your profile obatined with the aforementioned profiling cookies.   For more information on the countries outside the E.E.A. involved and the policies in place for the protection of your personal datal, write to privacy@nomination.com.

How long we process your data for

- Cookies:

Please take note of the retention periods for personal data as indicated in the table above. 

- Website browsing:

Personal data are stored for the time necessary to enable the browsing of the website and, in any case, for no longer than 6 months, except in cases in which events occur that require the intervention of the competent Authorities, partly in collaboration with third parties/recipients who are responsible for the IT security of the Data Controller's data, to carry out any investigations into the causes that led to the event, as well as to protect the interests of the Data Controller relating to possible liability relating to the use of the website and its services.

What are your rights?

Essentially, you can, at any time and free of charge and without any specific charges or formalities for your request:

  • obtain confirmation of the processing carried out by the Data Controller;
  • access your personal data and find out their origin (when the data are not obtained from you directly), the purposes and aims of the processing, the data of the persons to whom they are disclosed, the period of retention of your data or the criteria for determining this period;
  • update or rectify your personal data so that they are always accurate and precise;
  • delete your personal data from the databases and/or archives, including backup archives, of the Data Controller in the event, inter alia, that they are no longer necessary for the purposes of processing or if this is assumed to be unlawful and provided that the conditions required by law are met and, in any case, if processing is not justified by another equally legitimate reason;
  • limit the processing of your personal data in certain circumstances, for example, where you have disputed its accuracy, for the period necessary for the Data Controller to check its accuracy. You must also be informed, in a timely manner, when the period of suspension has expired or the cause of the restriction on processing has ceased to exist and the restriction has therefore been lifted;
  • obtain your personal data, if received or processed by the Data Controller with your consent and/or if they are processed on the basis of a contract and by automated means, in electronic format also for the purpose of transmitting them to another data controller.

The Data Controller shall do so without delay and, in any event, no later than one month after receipt of your request. The deadline may be extended by two months, if necessary, taking into account the complexity and number of requests received by the Data Controller. In such cases, the Data Controller shall, within one month of receiving your request, inform you and let you know of the reasons for the extension. To exercise your rights, please write to the following address: privacy@nomination.com

How and when can you object to the processing of your personal data?

For reasons relating to your specific situation, you may object, at any time, to the processing of your personal data if it is based on legitimate interest, by sending your request to the Data Controller at privacy@nomination.com

You have the right to the erasure of your personal data if there is no legitimate reason to do so other than that which gave rise to your request. 

Who can you complain to?

Notwithstanding any other administrative or judicial action, you may lodge a complaint with the competent supervisory authority or with the authority which carries out its duties and exercises its powers in Italy, where you have your habitual residence or work or, if this differs, in the Member State in which the breach of EU Regulation 2016/679 occurred.