GDPR Privacy Regulation
European General Data Protection Regulation
What is the GDPR?
The objective of the GDPR is to regulate the processing of personal data concerning natural persons. The processing of personal data must be carried out in a lawful, correct and transparent manner.
The collection of data must be carried out for specific, explicit purposes. Finally, the controller must keep the data for a period of time not exceeding the achievement of the purposes for which they are processed.
Netsons services are GDPR compliant.
We have always managed, organised and stored your personal data in order to guarantee your security and inform you transparently about the purposes of the treatments performed.
Clear purpose
We treat your personal data to provide the services purchased.
We treat personal data in Italy.
Your personal data resides in Italy.
Your Data Privacy
Personal data, stored in our IT systems (hosting, email box etc.), are handled in a confidential manner. Only you have control of this data.
ISO Certified Company
ISO 9001:2015 Certification
ISO 14001:2015 Certification
ISO/IEC 27001:2013 Certification
ISO/IEC 27017:2015 Certification
ISO/IEC 27018:2014 Certification
Security Measures
We have adopted technical and organizational security measures aimed at protecting your personal data.
Respect for your rights
At any time you can exercise the rights recognized by the GDPR.
Discover our services with features that comply with GDPR
-
SSL Certificate
The security protocol that protects personal data from unauthorized access.
(Further reading: GDPR - art. 32, paragraph 2)
-
Daily Backup
We perform backups every day to prevent accidental data loss and ensure their availability.
(Further reading: GDPR - art. 5, paragraph 1, letter f / art. 32, paragraph 1, letter b)
-
Operating Systems Update
In order for personal data to be secure, we constantly update operating systems.
(Further reading: GDPR – art. 5, paragraph 1, letter f)
-
Malware Detection
A constant 24/7 monitoring to detect any vulnerabilities and resolve them immediately.
(Further reading: GDPR - art. 32, paragraph 1, letter d)
-
SMTPS, POP3S, IMAPS
We only use email protocols encrypted by SSL certificate.
(Further reading: GDPR - art. 5, paragraph 1, letter f)
-
AntiVirus and AntiSpam
We minimize the risk of vulnerabilities caused by viruses, malware, and phishing that are sent through the mail.
(Further reading: GDPR - art. 5, paragraph 1, letter f)
-
SSL Certificate
The security protocol that protects personal data from unauthorized access.
(Further reading: GDPR - art. 32, paragraph 2)
-
Daily Backup
We perform backups every day to prevent accidental data loss and ensure their availability.
(Further reading: GDPR - art. 5, paragraph 1, letter f / art. 32, paragraph 1, letter b)
-
Operating Systems Update
In order for personal data to be secure, we constantly update operating systems.
(Further reading: GDPR – art. 5, paragraph 1, letter f)
-
Malware Detection
A constant 24/7 monitoring to detect any vulnerabilities and resolve them immediately.
(Further reading: GDPR - art. 32, paragraph 1, letter d)
-
SMTPS, POP3S, IMAPS
We only use email protocols encrypted by SSL certificate.
(Further reading: GDPR - art. 5, paragraph 1, letter f)
-
AntiVirus and AntiSpam
We minimize the risk of vulnerabilities caused by viruses, malware, and phishing that are sent through the mail.
(Further reading: GDPR - art. 5, paragraph 1, letter f)
-
Redundant Infrastructure
The entire Cloud infrastructure is completely redundant to ensure service continuity.
(Further reading: GDPR - art. 32, paragraph 1, letter b)
-
Redundant Network
Continuity and stability of connection thanks to the redundancy of the network.
(Further reading: GDPR - art. 32, paragraph 1, letter b)
-
Redundant Storage
Increased data security thanks to redundant storage on SSD disks.
(Further reading: GDPR - art. 32, paragraph 1, letter b)
-
Redundant Network
Continuity and stability of connection thanks to the redundancy of the network.
(Further reading: GDPR - art. 32, paragraph 1, letter b)
-
Snapshot
Ability to create copies of the Cloud Vps virtual machine.
(Further reading: GDPR - art. 32, paragraph 1, letter c)
-
Redundant Storage
Increased data security thanks to redundant storage on SSD disks.
(Further reading: GDPR - art. 32, paragraph 1, letter b)
-
Monitoring Included
Constant and proactive monitoring allows you to keep the status of services under control.
(Further reading: GDPR - art. 32, paragraph 1, letter c)
-
Redundant Infrastructure
The entire Cloud infrastructure is completely redundant to ensure service continuity.
(Further reading: GDPR - art. 32, paragraph 1, letter b)
-
ISO 27001
Our WebFarm is located in Italy at Via Caldera 21 at the M.I.X. of Milan and is ISO 27001 certified.
(Further reading: GDPR - art. 32, paragraph 1)
-
Monitoring Included
Constant and proactive monitoring allows you to keep the status of services under control.
(Further reading: GDPR - art. 32, paragraph 1, letter c)
-
Redundant Network
Continuity and stability of connection thanks to the redundancy of the network.
(Further reading: GDPR - art. 32, paragraph 1, letter b)
Quick Answers
Netsons is the data controller of the personal data (demographics) of its customers collected at the time of registration. The customer is the owner of the personal data stored on Netsons' computer systems through the services provided. These data are managed guaranteeing the utmost confidentiality. Indeed, Netsons: - Respects the obligation not to use the data for purposes other than those declared in the privacy policy. - Manages the customer's data only when strictly necessary from a technical point of view or at the customer's express request.
Any information that identifies or makes a physical person identifiable directly, through demographic data (e.g. name and surname), images, etc. or indirectly through an identification number (e.g. tax code, IP address, etc.).
The Data Controller is the physical, legal, public administration or entity that processes personal data on behalf of the Data Controller.
The processing is any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data (collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, etc.).