Titolare del Trattamento

Titolare del Trattamento è Nooter Eriksen S.r.l. con Sede legale in MILANO (MI), Corso Europa, 7

, e sede operativa in Cardano al Campo al Campo (VA), Via A. Volta 50.

Codice fiscale e n.iscr. al Registro Imprese: 02222190023

Special information for the prevention of contagion from Covid-19

Dear visitor, with reference to the existing Covid-19 emergency, according to current regulations, we inform you that before accessing our offices or factories, a body temperature check will be performed and some data on the state of health, the possible outcome of swabs, etc. as required by the health authorities.

The reference legal base is identified in:
–     reasons of public interest: implementation of the anti-contagion safety protocols pursuant to art. art. 1, no. 7, lett. d) of the Prime Ministerial Decree of 11 March 2020, in particular Shared Protocol of 14 March 2020, Protocol of 24 April 2020 and subsequent additions and amendments
–     legal obligation: art. 32 Constitution; art. 2087 c.c .; Legislative Decree 81/2008 (in particular art. 20)

The purposes of the treatment are:
–     prevention from COVID-19 infection
–     protection of the health of people in the company
–     collaboration with public authorities and in particular health authorities

The data will be processed and stored until the end of the state of emergency, as defined by the competent authorities and will be deleted if they are no longer needed.

Failure to provide data will prohibit access to company premises. You can consult the owner’s data, the contact details of the DPO, your rights, in the complete information that follows.

Personal data processed

“Data” means information relating to natural persons, treated by the Company for the stipulation and execution of the contractual relationship with its suppliers-customers, such as those of the legal representative of the supplier-customer who signs the contract in the name and for account of the latter, as well as of the employees / consultants of the supplier-client, involved in the activities referred to in the contract. In the latter case, the source from which the Data originates is the supplier-customer.

Authorized Subjects for Treatment

The Data may be processed by company employees, collaborators, company departments responsible for the aforementioned purposes, which have been expressly authorized for processing by the Owner and who have received adequate operating instructions.

Provision of Data

The provision of data is mandatory for the conclusion of the contract and / or for its execution, or for the provision of the services requested by the interested party. The refusal to provide the Data may therefore not allow the establishment of the contractual relationship and / or fulfill the consequent obligations.

Data Recipients

The Data may be disclosed to external parties acting as data controllers, for simplification purposes, supervisory and control authorities and bodies and, in general, individuals, public or private, entitled to request Data such as Revenue Agency and / or Guard of Finance, or to Banking Institutions for obtaining credit facilities.

The Data may be processed, on behalf of the data controller, by external subjects designated as data processors, who perform specific activities on behalf of the data controller, for example, accounting, tax and insurance, dispatch of correspondence, management of receipts and payments, etc ..

ransfer to non-EU countries

Where necessary, Personal Data may be transferred abroad to countries outside Europe whose level of protection and data has been deemed adequate by the European Commission pursuant to art. 45 of the GDPR or after signing the standard contractual clauses (Standard Contractual Clauses) adopted / approved by the European Commission pursuant to art. 6, 2, lett. c) and d) with the reference supplier or after the other guarantees pursuant to art. 46 and 47 of the DPR. A copy of these warranties can be obtained by sending a request by mail to the address Privacy.NESRL@ne.com

Rights of the interested party

By contacting the Office via e-mail at Privacy.NESRL@ne.com  , the interested party can request from the Company access to the Data concerning him, the correction of inaccurate Data, the integration of incomplete Data, the deletion of Data, the imitation of the processing in the cases provided for by art. 18 GDPR, as well as opposing the processing carried out for the legitimate interest of the owner.

Furthermore, if the treatment is based on consent or the contract and is carried out with automated tools, the interested party has the right to receive the Data in a structured format, commonly used and automatically readable, as well as, if technically feasible, to pass them on to another holder without impediment.

The interested party has the right to revoke the consent given at any time for marketing purposes and to object to the processing of the Data processed for the same purposes. The possibility remains for the interested party who prefers to be contacted for the aforementioned purpose exclusively through traditional methods to express his opposition only to receiving communications through automated means.

Complaint to the Control Authority

The interested party has the right to lodge a complaint with the competent control authority in the Member State in which he habitually resides or works or of the State in which the alleged violation occurred.

The Control Authority designated in Italy is the Guarantor for the Protection of Personal Data, with headquarters in Rome, Piazza Venezia n. 11.

The methods of making a complaint and protecting one’s rights are indicated on the Guarantor’s website.



Nooter Eriksen S.r.l., although it believes that it does not fall within the category of subjects held, pursuant to art. 37 paragraph 1 of the GDPR, the appointment of a DPO (Data Protection Officer) or RPD (Data Protection Officer), as a choice of greater accountability and guarantee of maximum protection of the rights of the interested parties, has also provided for the designation of a DPO pursuant to art. 37 paragraph 5 of the GDPR, in the person of Ing. Lodovico Mabini, consultant and trainer specialized in privacy and personal data protection. For every need, we indicate according to the art. 37 paragraph 7 of the GDPR the contact details of our DPO, Ing. Lodovico Mabini:

Indirizzo Email


Posta Elettronica Certificata




Purpose of the Treatment

Legal Basis of Treatment

Data Retention

Purposes related to the establishment and execution of the contractual relationship between the supplier / customer and the Company.

Execution of the contract for the Data of the legal representative of the Supplier / customer.

Legitimate interest in the data of the employees / consultants of the supplier / customer, involved in the activities referred to in the contract.

Contract duration and, after termination, the ordinary limitation period of 10 years.

In the case of litigation, for the entire duration of the same, until the terms of availability of the appeal actions are exhausted..

Implementation of administrative and accounting requirements – such as accounting and treasury management, as well as invoicing (for example, verification and registration of invoices), in accordance with the requirements of current legislation.

Need to fulfill a legal obligation to which the Company is subject.

If necessary, to ascertain, exercise and / or defend the Company’s rights in any location.

Legitimate interest..

Marketing purposes, ie sending commercial / promotional communications, through automated contact, e-mail, and traditional methods, traditional obstacles to the Company’s products / services, detection of the degree of supplier satisfaction, market research and statistical analysis.

Consent of the interested party: the Customer or the legal representative or company representative of the Client Company (optional and revocable at any time).

Until the revocation of consent; in any case, 24 months from the performance of the consent for purchase data only.