Privacy

Data Protection and Privacy Notice

Further on, you are provided with the privacy statement, in accordance with Article 13 of Legislative Decree 196/2003 "Italian Data Protection Code", regarding the processing of personal data of users who consult the www.nexi.it website and interact with Nexi web services. The privacy statement also takes into account Recommendation no. 2/2001 that the European data protection authorities have adopted for identifying the minimum requirements for collecting personal information online. The privacy statement only concerns the Nexi website and is not valid for other Nexi websites or websites that may be consulted through our links. This privacy statement, together with the cookies policy, constitutes the "Privacy Policy" of the Nexi website and may be subject to updating.

1. Personal Data Collected
Computer systems and software procedures for the operation of this website acquire, during their normal operation, certain data whose transmission is automatic in the use of Internet communication protocols and are not associated with users that are identified data subjects. Specifically, these are data about IP addresses or domain names of computers used by users who connect to the website and other technical information sent automatically by the server management programs. These data are used for the purpose of connection only. Aside from what has been specified for browsing data, you are free to provide your personal information contained in the relevant electronic application forms in the sections of the website prepared for special services on request. Amongst other thing, please note that failure to provide data may make it not possible to obtain the requested service.

2. Methods and Purposes of Processing
Any data acquired may be processed using automated tools for browsing purposes on this website and are retained only for the time strictly necessary for achieving the purposes for which they have been collected. Systems are equipped with the appropriate and necessary security measures for preventing data loss, misuse, or unauthorised access. As part of the customised services for its users, Nexi uses tools such as "cookies". A cookie is a short text string that is sent to your browser and optionally stored on your computer (alternatively on your smartphone or any other device used for accessing the Internet) whenever you visit a website. The cookie stored on your computer may not retrieve any data from your hard drive, pass on computer viruses or be used to identify and use your e-mail address. Each cookie is unique in relation to the browser and device which you use to access the Nexi corporate website. Some of functions performed by cookies may also be delegated to other technologies; for the purpose of this policy, the term "cookie" means all cookies and all similar technologies. To find out more about cookies used by Nexi and how to manage them in your browser, you may consult the relevant policy by clicking here.

3. Data Subject Rights
Users to whom personal data refer, whenever collected, have the right at any time to obtain confirmation of the existence or non-existence of such data and to know its subject matter and source, to verify its accuracy or to ask for it to be supplemented or updated or rectified, in accordance with Article 7 of the Italian Data Protection Code, or "Privacy Code". These rights may be exercised by sending a written notification to Nexi Payments S.p.A., Customer Service, Corso Sempione 55, 20149 Milan, Italy, or by sending an e-mail to the address c.satisfaction@nexi.it or by calling Nexi Customer Service.

4. Data Controller and Data Supervisor
Processing regarding the web services of this website is handled by Nexi employees, who have been appointed agents and/or Supervisors for processing or by any external parties that may be appointed for occasional maintenance operations or technical management of the website. No data deriving from the web service is disclosed or disseminated.
Co-Data Controllers for processing are: Nexi S.p.A., with registered offices in Corso Sempione 55, 20149 Milan, Italy and Nexi Payments S.p.A., with registered office in Corso Sempione 55, 20149 Milan, Italy. The Data Supervisor appointed is the pro tempore Manager of Operations, domiciled for this purpose at the central office of Nexi Payments S.p.A., who you may contact by writing to the following e-mail address: c.satisfaction@nexi.it, or by contacting Nexi Customer Service.

The privacy statement is provided in accordance with Article 13 of Italian Legislative Decree 196/2003 ("Privacy Code") regarding the processing of personal data of customers who contact Customer Service.

1. Personal Data Collected
The Customer Service Operation Systems and Procedures acquire some customer-related data from phone contact. This category includes the caller's number (if not hidden), the browsing data in the IVR tree (actions/keystrokes that the customer uses for accessing the various services), the duration of the call and – only in the cases expressly provided – with notice to the data subject that the voice call may be recorded.

2. Processing Methods and Purposes
Data are processed for the purpose of obtaining anonymous statistical information on the use of the service and for monitoring its correct operation. With regard to the voice recording of calls, please note that they may be recorded for security purposes and for the purpose of enhancing the service; therefore, the continuation of calls after having listened to the disclosure concerning the recording of calls will be deemed as you having given your consent to the processing of the personal data you provide to the operator. Call recording takes place using an automated system that records incoming and outgoing calls. Call records are retained with restricted access and they are never available to anyone who is not expressly authorised; they may be listened to, upon specific request, by expressly authorised personnel only.

3. Data Subject Rights
Users to whom personal data refer, whenever collected, have the right at any time to obtain confirmation of the existence or non-existence of such data and to know its subject matter and source, to verify its accuracy or to ask for them to be supplemented or updated or rectified, in accordance with Article 7 of the Italian Data Protection Code ("Privacy Code"). These rights may be exercised by sending a written notification to Nexi Payments S.p.A., Customer Service, Corso Sempione 55, 20149 Milan, Italy or by sending an e-mail to the e-mail address: c.satisfaction@nexi.it or by calling Nexi Customer Service.

4. Data Controllers and Data Supervisors
Co-Data Controllers are: Nexi S.p.A., with registered offices in Corso Sempione 55, 20149 Milan, Italy and Nexi Payments S.p.A., with registered office in Corso Sempione 55, 20149 Milan, Italy. The Data Supervisor appointed is the pro tempore Manager of Operations, domiciled for this purpose at the central office of Nexi Payments S.p.A., who you may contact by writing to the following e-mail address: c.satisfaction@nexi.it, or by contacting Nexi Customer Service.

In accordance with Article 13 of Legislative Decree no. 196 of 30 June 2003 (hereinafter also referred to as the "Code"), Nexi Payments S.p.A. (hereinafter also "Nexi"), as Data Controller, hereby informs you of the following:

1. Type and source of personal data subject to processing
1.1 Personal data held by Nexi are those provided by filling out the application form for issuing the Card and, as resulting from its uses at banks and affiliated merchants, both Italian and foreign, where you may use the Card.
1.2 It may also happen that, in relation to specific transactions or services required (e.g. payment of membership fees to unions, political parties, religious associations, philanthropic associations, etc. and taking out of additional insurance cover for the credit card), Nexi comes into possession of data that the law defines as "sensitive" (that is, identifying racial or ethnic origin; religious, philosophical or other beliefs; political opinions; membership of political parties, trade unions, associations or religious, philanthropic, political or trade union organisations; as well as being able to identify the state of health and sexual orientation of the data subject).

For their processing, the law requires consent to be given in a specific and written manner, by filling in the relevant field on the card application form. In the absence of such consent, Nexi Payments S.p.A. will not be able to perform the agreement and issue the requested Card.

2. Purposes of Processing
2.1 Personal data collected will be processed for the following purposes:

  • For performing Nexi's contractual and pre-contractual obligations and managing customer relationships (for example: pre-contractual credit card application tasks, card issue, payment service management and subsequent data processing activities for administrative and accounting purposes)
  • For performing legal compliance (for example: anti-money laundering legislation, usury laws, the Interbank Register of Bad Cheques and Payment Cards, etc.), as well as with EU legislation and provisions issued by competent Authorities for issuing such provisions by law and by Supervisory and Regulatory Bodies
  • Monitoring and prevention of fraud risk and credit risk

The providing of data and their processing by Nexi Payments S.p.A. for these purposes, required for managing the contractual relationship or for compliance with regulatory obligations, is mandatory and does not require explicit consent; failure to provide such data l means that Nexi will be unable to establish and manage a contractual relationship.

2.2 For the purpose of enhancing the service to its customers, Nexi may also use the personal data provided for the following activities:

  • Information, promotion of other similar products and services delivered by Nexi or third-party services that may be used via the card (for example, paying utility standing orders), market research via messages sent using institutional channels (paper account statements, paper mailings).

You may object to the above-mentioned activities by sending a written notification to Nexi Payments S.p.A., Customer Service, Corso Sempione 55, 20149 Milan, Italy, or by sending an e-mail to the e-mail address: c.satisfaction@nexi.it, or by calling Nexi Customer Service.

2.3 Also for enhancing the service to its customers, Nexi may:

  • Promote Nexi products and services or third-party products and services via traditional contact modes (for example: paper mail, operator telephone contact) and automated means (e.g. fax, SMS, e-mail, etc.); such activities may be carried out directly by Nexi or by agents of Nexi.
  • Promote Nexi products and services and those of third-party partners via personalised communications based on your personal profile; these activities may be performed directly by Nexi or agents of Nexi using traditional modes of contact (for example: paper mail, operator telephone contact) and automated means (such as: fax, SMS, e-mail, etc.).
  • Use the data to conduct market research or customer satisfaction surveys on the quality of the services rendered and the activity carried out by Nexi; such investigations may be conducted using traditional modes of contact (for example: paper mail, operator telephone contact) and automated means (such as: fax, SMS, e-mail, etc.); These activities may be carried out directly by Nexi or agents of Nexi.
  • Disclose your personal data to third-party companies for the purpose of directly offering their products and services.

For such activities and notifications, it is possible to manifest your consent or non-consent by filling in the relevant fields in the card application form. Such consents are optional and may always be revoked, by sending a written notification to Nexi S.P.A. - Customer Service - Corso Sempione 55 - 20145 Milan, or by sending a message to the following e-mail address: c.satisfaction@nexi.it, or via your personal area on the www.nexi.it website.

3. Data Processing Methods
In relation to all the above purposes, data processing will be performed in such a way as to ensure security and confidentiality and it may be performed by means of manual, computer and data transmission tools, for recording, organising, retaining, processing, modifying, selecting, mining, comparing, using, interconnecting, blocking and disclosing said data.

4. Categories of persons to whom your data may be sent
4.1 For the pursuit of the purposes described in sub-section 2 above, personal data will be processed by Nexi employees who have been specifically appointed as Data Supervisors or Agents charged with processing.
4.2 In addition, Nexi, like all large companies, for some activities, is required to disclose your personal information to third parties belonging to the following categories:

  • Other companies in the Group of which Nexi is part; including, but not limited to, such infra-group disclosure in relation to activities related to money laundering and prevention of terrorist financing (under Legislative Decree no. 231 of 21 November 2007, as amended) or for administrative and accounting purposes, as defined under the Code.
  • Persons performing services for the collection of card hardcopy application forms
  • Persons operating in banking, financial and insurance services
  • Persons performing services for the processing of transactions instructed by the customer; printing, sending, enveloping, transport and handling of communications to customers
  • Persons performing record-retention of the documentation regarding exchanges with customers
  • Persons providing services for the management of Nexi information systems.
  • Persons performing control, audit and certification of the activities implemented by Nexi
  • Persons engaged in debt collection
  • Companies managing international and national systems for the control of fraud against banks and financial intermediaries
  • Issuer and acquirer companies belonging to the international Visa and Mastercard circuits for managing any enquiries/complaints
  • International Visa and Mastercard circuits, owners of their respective trademarks
  • Companies performing customer support (e.g. Call centres)
  • Authorities and supervisory and regulatory bodies (e.g. Bank of Italy, FIU, etc.)
  • Judicial authorities and bodies
  • Firms or companies engaged to provide assistance and advice.

4.3 The parties belonging to the above categories operate independently as Data Controllers or operate as Data Supervisors (external), appointed for this purpose by Nexi.
4.4 Nexi, in the case the data subject is the holder of an additional card, may disclose personal data to the holder of the main card, on account of the material indivisibility of the relationship underlying said cards.
4.5 Finally, Nexi sends data for compiling card statements to the bank c/o where the expenses were charged; the bank operates as an independent Data Controller.
4.6 A list of the outside Data Supervisor companies responsible for specific processing and a list of other in-house Data Supervisors will be kept updated at Nexi offices and will be sent to customers on request.

5. Transfer of data abroad
Personal data subject to processing may be transferred abroad within and/or outside the European Union, always in compliance with the rights and guarantees provided under legislation in force.

6. Data Subject rights
6.1 The Data Subject may obtain confirmation of the existence of his or her personal data in Nexi's databases from Nexi; he or she may also request that the personal data be made available in an intelligible form, know the origin of the data and the rationale used for processing; the Data Subject may obtain deletion, transformation into anonymous form or the blocking of data processed in breach of current legislation regarding the protection of personal data, as well as updating, rectification or, if applicable, data integration; finally, the Data Subject may oppose, for legitimate reasons, the processing itself.
6.2. These rights may be exercised by sending a written notification to Nexi Payments S.p.A., Customer Service, Corso Sempione 55, 20149 Milan, Italy, or by sending an e-mail to the e-mail address: c.satisfaction@nexi.it, or by calling Nexi Customer Service.

7. Data Controller and Data Supervisor
The Data Controller is Nexi Payments S.p.A., having its registered office in Milan, Corso Sempione no. 55; the contact Data Supervisor appointed is the Manager of Operations, domiciled for this purpose at the central office of Nexi Payments S.p.A., whom you may contact by writing to the following e-mail address: c.satisfaction@nexi.it, or by calling Nexi Customer Service.

CODE OF ETHICS AND GOOD CONDUCT FOR INFORMATION SYSTEMS MANAGED BY PRIVATE ENTITIES REGARDING CONSUMER CREDIT. RELIABILITY AND PUNCTUALITY OF PAYMENTS - INFORMATION NOTICE
(Italian Official Journal no. 300 of 23 December 2004)
How we use your data
(Article 13 of the Personal Data Protection Code; Article 5 of the code of ethics regarding credit information systems)

Dear Customer,
For granting you the requested financing, we will use some of your personal data. This is information that you provide us or we obtain by consulting a number of databases. Without this information, which we require for assessing your creditworthiness, it may not be possible to issue you the credit card. This information will be retained at Nexi; some data will be disclosed to large databanks set up for assessing credit risk managed by private companies and which may be consulted by many parties. This means that other banks or financial institutes which you may contact for another loan, credit card, etc. or for buying consumer goods on instalments may know that you have recently applied to us for a credit card, if you have other loans or financing in progress, and whether you duly make repayments.
Whenever you punctually make repayments, the retaining of this information by databanks requires your consent. In case of late payments or missed payments or, in the case a loan has been taken out for your business or professional activity, your consent is not required.
You are entitled to know your personal data and to exercise various rights relating to their use (rectification, updating, deletion, etc.).
For any requests regarding your data, please use the template form provided on the website: www.garanteprivacy.it, forwarding it to our company:
Nexi Payments S.p.A., registered office: Corso Sempione, 55 - 20149 Milan - data transmission address: www.nexi.it - Customer Service addresses/contact details listed in the Card Information Sheet or which you can find at: www.nexi.it "Contacts" section – Info line, reserved for non-customers: 199-13.10.10 – switchboard: 02-3488.1. and/or the companies listed below, to which we will disclose your data:
1 - Experian Information Services S.p.A.
2 - CTC - Consorzio per la Tutela del Credito (Italian Credit Protection Consortium)

You will find their contact details and other explanations below.

We keep your data at our company for all requirements for managing your loan and for legal compliance.
For the purpose of better assessing credit risk, we disclose data (personal details also concerning any co-debtor, type of agreement, credit amount, repayment method) to credit information systems, which are governed by the relevant Code of Ethics and Good Conduct (published in the Italian Official Journal, General Series, no. 300 of 23 December 2004, available on the website: www.garanteprivacy.it). The data are also made available to various banking and financial operators, for which the various categories are shown below.
Your data is updated periodically with information gained over the relationship (payment performance, residual debit exposure, account status). In the context of credit information systems, your data will be processed according to the organisation, comparison, and processing procedures strictly necessary for pursuing the above-mentioned purposes and, specifically, for extracting your information, in an unambiguous manner, from credit information systems. This processing will be performed using computer, data-transmission and manual tools that ensure security and confidentiality, even when using remote-communication techniques.
Your data is subject to special statistical processing for allocating you a credit score or a rating on your creditworthiness and solvency, taking into account the following main types of factors: number and features of the existing credit accounts, payments performance and history of existing or closed accounts, any existence and the features of new credit applications and history of closed credit accounts. Some additional information may be provided to you in the event your credit application is rejected.

The credit information systems we use are managed by:
1. Experian Italia S.p.A., having its registered office in Rome, Via C. Pesenti no. 121/123, 00156 Rome; useful contact information: Consumer Protection Service (In-house operator handling feedback to consumers), Via C. Pesenti no. 121/123, 00156 Rome - Fax: 199.101.850. Tel: 199.183.538, website: www.experian.it (Consumer Area)/CREDIT INFORMATION SYSTEM TYPE: positive and negative performance/ PARTICIPANTS: banks, financial intermediaries and other parties that, in the course of a commercial or professional activity, grant deferred payment of accounts receivable for goods or services (with the exception, however, of debt recovery companies) / DATA RECORD-RETENTION TIMES: These times are reduced to those shown in the table below, according to the times provided under the provisions of the code of conduct/USE OF AUTOMATED CREDIT SCORING SYSTEMS: yes/OTHER: Experian Italia S.p.A. also performs, in any form (including the use of automated credit scoring systems) and in compliance with applicable provisions, the processing of data originating from public records, lists, deeds or documents, accessible by the general public. The data processed by Experian Italia S.p.A. may be disclosed to Experian Ltd, with business address in Nottingham (UK), which, in its capacity as Data Supervisor, provides operational support services for said processing.
The full list of Data Supervisors, as well as any further information regarding processing performed by Experian Italia S.p.A., is available at: www.experian.it.
2. CTC - Consorzio per la Tutela del Credito (Italian Credit Protection Consortium) with registered address in Viale Tunisia 50 - 20124 Milan; useful contact information: tel. +39 0(2)66710235-29, fax +39 (0)267479250, www.ctconline.it/ CREDIT INFORMATION SYSTEM TYPE: positive and negative performance/PARTICIPANTS: banks, financial companies, leasing companies/RECORD-RETAINMENT TIMES: these times are reduced to those shown in the table below, in accordance with the provisions of the Code of Conduct/USE OF AUTOMATED CREDIT SCORING SYSTEMS: YES.

You have the right to access your data at any time. Please contact Nexi S.p.A., Customer Service, for replies to the requests referred to in Article 7 of the Code or credit information systems operators, using the above-mentioned contact details.

Similarly, you may ask for your data to be corrected, updated or inaccurate or incomplete data to be supplemented or for your data to be deleted or blocked in the case of processing breaching the law or object to their use for legitimate reasons to be specified in the request (Article 7 of the Code, Article 8 of the Code of Ethics).

Data record-retention times in credit information systems:

loan applications: 6 months, whenever required by the application processing procedure or 1 month in the case of rejecting an application or withdrawal; payment default exceeding two repayments or two months on past-due payments then repaid: 12 months for the settlement
later past-due payments also on transactions: 24 months from settlement
negative events (i.e. late payment, serious default, delinquent payments) not rectified: 36 months from the time of contractual account due date or from the time where the last update was required (in the case of subsequent agreements or other events relating to repayment)
accounts with positive performance history (no late payments or other negative events): 36 months from the time of the account ceasing to be in force or expiry of agreement.

In accordance with Article 13 of Legislative Decree no. 196 of 30 June 2003, (hereinafter also referred to as the "Code"), Nexi Payments S.p.A. (hereinafter also "Nexi"), as Data Controller, hereby informs you of the following:

1. Type and source of personal data subject to processing
1.1 Personal data held by Nexi are those provided by you on filling out the application form for issuing the Card and, resulting from its use at banks and affiliated merchants, both Italian and foreign, where you may use the Card.
1.2 It may also happen that, in relation to specific transactions or services required (e.g. payment of membership fees to unions, political parties, religious associations, philanthropic associations, etc. and taking out of additional insurance cover for the credit card), Nexi will hold data that the law defines as "sensitive" (that is, identifying racial or ethnic origin, religious, philosophical or other beliefs, political opinions, membership of political parties, trade unions, associations or religious, philanthropic, political or trade union organisations, as well as being able to identify state of health and sexual orientation of the data subject).

For their processing, the law requires consent to be given in a specific and written manner, by filling in the relevant field on the card application form. In the absence of such consent, Nexi Payments S.p.A. will not be able to perform the agreement and issue the requested Card.

2. Purposes of Processing
2.1 Personal data collected will be processed for the following purposes:
• performance of Nexi's contractual obligations and managing customer relations (for example: Card issue, Payment Services Management and subsequent processing of data for administrative and accounting purposes)
• legal compliance (for example: anti-money laundering law, usury law, Interbank Register of bad cheques and payment cards, etc.), regulations and EU legislation, as well as provisions issued by the Authorities permitted by law and by the Regulatory and Supervisory Bodies
• monitoring and Prevention of risk of fraud and credit risk.

The providing of data and their processing by Nexi Payments S.p.A. for these purposes, as required for managing the contractual relationship or for compliance with regulatory obligations, is mandatory and does not require explicit consent; failure to provide such data will mean that Nexi will be unable to establish and manage the contractual relationship.

2.2 For the purpose of enhancing the service to its customers, Nexi may also use the personal data provided for the following activities:
• information, promotion of other similar products and services delivered by Nexi or third-party services that may be used via the card (for example, paying utility standing orders), market research via messages sent using institutional channels (paper account statements, paper mailings).

You may object to the above-mentioned activities by sending a written notification to Nexi Payments S.p.A., Customer Service, Corso Sempione 55, 20149 Milan, Italy, or by sending an e-mail to the address c.satisfaction@nexi.it, or by calling Nexi Customer Service.

2.3 Also for enhancing its service to its customers, Nexi may:

  • Promote Nexi products and services or third-party products and services via traditional contact modes (for example: paper mail, operator telephone contact) and automated means (e.g. fax, SMS, e-mail, etc.); such activities may be performed directly by Nexi or by agents of Nexi.
  • Promote Nexi products and services and those of third-party partners via targeted communications based on your personal profile; these activities may be carried out directly by Nexi or agents of Nexi using traditional modes of contact (for example: paper mail, operator telephone contact) and automated means (such as: fax, SMS, e-mail, etc.).
  • Use the data to conduct market research or customer satisfaction surveys on the quality of the services rendered and the activity carried out by Nexi; such investigations may be conducted using traditional modes of contact (for example: paper mail, operator telephone contact) and automated means (such as: fax, SMS, e-mail, etc.); These activities may be carried out directly by Nexi or agents of Nexi.
  • Disclose your personal data to third-party companies for the purpose of directly offering their products and services.
  • Disclose to the Bank to which the card application has been made and/or the Bank at which standing order instructions for the payment of charges have been provided, information on the transactions executed with the Card, for the purpose of allowing the Bank to make direct offers of its own products or services.

For such activities and notifications, it is possible to manifest your consent or non-consent by filling in the relevant fields in the card application form. Such consents are optional and may always be revoked, by sending a written notification to Nexi Payments S.P.A. - Customer Service - Corso Sempione 55 - 20149 Milan, or by sending a message to the following e-mail address: c.satisfaction@nexi.it, or via your personal area on the www.nexi.it. website.

3. Data Processing Methods
In relation to all the above purposes, data processing will be performed in such a way as to ensure security and confidentiality and it may be carried out by means of manual, computer and data transmission tools, for the purpose of recording, organising, retaining, processing, modifying, selecting, mining, comparing, using, interconnecting, blocking and disclosing said data.

4. Categories of persons to whom your data may be transmitted
4.1 For the pursuit of the purposes described in sub-section 2 above, personal data will be processed by Nexi employees who have been specifically appointed as Data Supervisors or Agents charged with processing.
4.2 In addition, Nexi, like all large companies, for some activities, is required to disclose your personal information to third parties belonging to the following categories:
• Other companies in the Group to which Nexi belongs; including, but not limited to, such infra-group disclosure may be made with reference to activities related to money laundering and the prevention of terrorist financing (referred to in Legislative Decree no. 231 of 21 November 2007, as amended) or for administrative and accounting purposes, as defined in the Code.
• Persons performing services for the collection of paper card application forms
• Persons performing banking, financial and insurance services
• Persons performing services for processing transactions instructed by customers; business printing, enveloping, transport and handling of notifications to customers.
• Persons engaged in record-retention and storage of documentation relating to dealings with customers.
• Persons providing services regarding the management of the Nexi information system.
• persons engaged in the control, audit and certification of the activities performed by Nexi
• Persons engaged in debt recovery.
• Private entities managing information systems relating to consumer credit, creditworthiness and credit performance scores (for example: CRIF S.p.A., Experian Italia S.p.A., CTC). For further details, please refer to the Bank's information notice, to which an application for the card has been made, which is the Data Controller for processing purposes.
• companies managing international and national management systems for the monitoring of fraud against banks and financial intermediaries
• issuer and acquirer companies belonging to the international Visa and Mastercard circuits handling any enquiries/complaints
• international Visa and Mastercard circuits, owners of the respective trademarks
• companies engaged in customer service (e.g. Call centres)
• supervisory and regulatory bodies (e.g. Bank of Italy, FIU, etc.)
• judicial authorities and bodies
• firms or companies providing assistance and advice.
4.3 The parties belonging to the above categories operate independently as Data Controllers or operate as Data Supervisors (external), appointed for this purpose by Nexi.
4.4 Nexi, in the case the data subject is the holder of an additional card, may disclose personal data to the holder of the main card, on account of the material indivisibility of the relationship underlying said cards.
4.5 Finally, Nexi transmits data for compiling card statements to the bank c/o where the expenses were charged; the bank operates as an independent Data Controller.
4.6 A list of the outside Data Supervisor companies responsible for specific processing and a list of other in-house Data Supervisors will be kept updated at Nexi offices and will be sent to customers on request.

5. Transfer of data abroad
Personal data subject to processing may be transferred abroad within and/or outside the European Union, always in compliance with the rights and guarantees provided under legislation in force.

6. Data Subject rights
6.1 The Data Subject may obtain confirmation of the existence of his or her personal data in Nexi's databases from Nexi; he or she may also request that the personal data be made available in an intelligible form, know the origin of the data and the rationale used for processing; the Data Subject may obtain deletion, transformation into anonymous form or the blocking of data processed in breach of current legislation regarding the protection of personal data, as well as updating, rectification or, if applicable, data integration; finally, the Data Subject may oppose, for legitimate reasons, the processing itself.
6.2. These rights may be exercised by sending a written notification to Nexi Payments S.p.A., Customer Service, Corso Sempione 55, 20149 Milan, Italy, or by sending an e-mail to the address c.satisfaction@nexi.it, or by calling Nexi Customer Service.

7. Data Controller and Data Supervisor
The Data Controller is Nexi Payments S.p.A., having its registered office in Milan, Corso Sempione no. 55, 20149; the contact Data Supervisor appointed is the Manager of Operations, domiciled for this purpose at the central office of Nexi Payments S.p.A., whom you may contact by writing to the following e-mail address: c.satisfaction@nexi.it, or by calling Nexi Customer Service.

In accordance with prevailing data protection legislation, Nexi Payments S.P.A. (hereinafter also “Nexi”), as Data Controller, hereby informs you that, during the process of registering in the personal account area and the card activation process, you will be asked to provide certain information (personal details and card data) required for these purposes.
Specifically, by providing your e-mail address and your mobile phone number, security services will be activated for you (SMS Alert Service, 3D Secure Service), helping you protect your card and online purchases.
We also inform you that you will be asked to provide some personal information (such as: job/profession, type of business, the main place of business, etc.) required by Nexi for national and EU legal compliance (money laundering legislation).
These personal data are required for the above purposes and refusal to provide said information will make it impossible to conclude the registration process to the account personal area of the website and activate your card.
Nexi also offers you the opportunity to be periodically updated on the business initiatives of Nexi and its business partners or to receive targeted communications based on your personal profile and to be contacted for market surveys.

For these purposes, during the registration process and on activating your card, you will be asked to give your express and specific consent.
This consent may be changed/updated at any time, also indicating your preferred contact method, by writing to the following e-mail address: c.satisfaction@nexi.it, or by calling Customer Service, or through the personal area site operators on www.nexi.it.

In relation to all purposes described above, data will be processed for the purpose of ensuring security and confidentiality, and it may be performed using electronic and manual tools.

In accordance with Article 7 of Legislative Decree 196/2003, you may request, at any time, which of your personal data have been recorded, obtain deletion, transformation or the blocking of data processed in breach of the law. In addition, you may request correction and updating of your data.
These rights may be exercised by sending an e-mail to: c.satisfaction@nexi.it or by calling Nexi Customer Service.

The Data Controller is Nexi Payments S.p.A., with registered office in Corso Sempione 55 , 20149 Milan; The appointed Data Supervisor is the Manager of Central Operations, who may be contacted by sending an e-mail to the following address: c.satisfaction@nexi.it, or calling Nexi Customer Service.

A list of the outside Data Supervisor companies responsible for specific processing and a list of other in-house Data Supervisors will be kept updated and will be sent to customers on request.

The privacy policies regarding the offering of products and services are available as downloads in the relevant transparency page tables.

Need help?
Need help?