Privacy Policy

Data Controller
Nemesi Gemstone
c/o GM International Srl
via Alcide De Gasperi, 16/b
37015 – Domegliara (VR) – Italy
Email: info@nemesigemstone.com

1. Purpose of Data Processing

The website nemesigemstone.com collects and processes personal data of users solely for the following purposes:

  • responding to inquiries sent via contact form or email;

  • managing communications with potential customers or partners;

  • complying with legal obligations or requests from competent authorities;

  • ensuring the technical security and proper functioning of the website.

No marketing, profiling, or newsletter activities are carried out.

2. Types of Data Collected

The data that may be processed include:

  • identification data (name, surname, email address, and optional phone number);

  • technical navigation data (IP address, browser type, language, date and time of visit) automatically collected by the website systems in anonymous form for security and statistical purposes.

3. Legal Basis for Processing

Data processing is based on:

  • the explicit consent of the user (Art. 6, par. 1, lett. a) GDPR);

  • the legitimate interest of the data controller to ensure the site’s security and functionality (Art. 6, par. 1, lett. f) GDPR);

  • compliance with legal obligations (Art. 6, par. 1, lett. c) GDPR), where applicable.

4. Methods of Processing

Data are processed using electronic and telematic tools, in compliance with principles of lawfulness, fairness, and transparency.
Appropriate technical and organizational measures are implemented to prevent unauthorized access, loss, or alteration of data.

No automated decision-making or profiling is performed.

5. Data Retention

Personal data are stored only for as long as necessary to achieve the purposes for which they were collected and, in any case, no longer than 24 months unless otherwise required by law.

6. Data Communication and Disclosure

Data will not be publicly disclosed.
They may be shared with third parties (e.g., technical service providers, hosting providers, maintenance staff) acting as Data Processors under Article 28 of the GDPR, bound by appropriate contractual obligations of confidentiality and compliance.

7. Data Subject Rights

Users have the right to:

  • obtain confirmation of the existence of their data and access it (Art. 15 GDPR);

  • request rectification or erasure (Arts. 16–17 GDPR);

  • request restriction of processing (Art. 18 GDPR);

  • object to processing (Art. 21 GDPR);

  • request data portability (Art. 20 GDPR);

  • lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

To exercise these rights, please contact: info@nemesigemstone.com

8. Data Transfer

Personal data are not transferred outside the European Union.

9. Policy Updates

This Privacy Policy may be updated periodically.
The most recent version is always available on this page.