INFORMATION ON THE PROCESSING OF PERSONAL DATA

PURSUANT TO ART. 13 AND 14 OF THE REGULATION (EU) 2016/679

Data subjects: NETMON APP users

This Privacy Policy relates to the processing of personal data carried out by the NETMON APP, which allows for the configuration of the cellular data network settings for mobile devices (APN).

PERMISSIONS REQUIRED BY NETMON APP

Phone: Netmon APP requires permission to access the status of your phone.
Camera: The Netmon App requires camera access permission to scan QRCodes.
Storage space: Netmon APP requires permission to access space to generate logs.

Data controller

The company using the Netmon service, which establishes the data processing purposes and means.

Data processor

The developer of the NETMON APP as well as the data processor on behalf of the telecommunication provider is ‘TECHNACY S.R.L.’, with registered office and operational headquarters in Via Molveno 5, 48015 Cervia (RA), Italy, tax code and VAT registration number 02399920392. Further information on the privacy policies applied is available on the website www.technacy.it

Purposes of the processing

Configuration of the connection to the Netmon network.
The network configuration is carried out by setting the Netmon’s APN (Access Point Name) on the device.

Available features and data processing

The features of the application differ by device type and version:

Samsung devices (Android version >= 12) and other Android devices: the application suggests the configuration to be applied and leads the user to the device settings for manual APN insertion.
Samsung devices (Android version < 12): the application automatically installs (via Samsung Knox feature) the APN.
Apple devices: the application, upon the user's authorization, downloads the profile containing the APN data to the device. The user must finish installing the profile manually by going to Settings and starting the profile installation.

After having installed the APP, configured the APN and registered to the NETMON network, it will be possible to record the volume of the data traffic consumption relating to a geographical area corresponding to the country where such consumption occurs (both inside and outside the EU), with no indication of the visited websites and no detailed data. Such data shall be associated with the company’s telephone number.

If the Internet connection does not occur through the NETMON’s APN (Wi-Fi, non-NETMON APN), the traffic data shall not be counted. The "Send Logs" feature, subject to required user consent each time, sends logs generated by the Netmon app for verification purposes. The generated file contains only and exclusively data necessary for the operation of the app that cannot be traced back to the end user in any way.

Specifications on the data collected by the APP and transmitted to the NETMON Dashboard

Once the NETMON network is active, the APP regularly checks the Internet connection of the device and sends information on the connection (detectable statuses: ‘apn netmon’, ‘wi-fi’, ‘Netmon unreachable’) as well as on the name of the detected APN, the date and time of the registration of the APP to the NETMON network, and the date of the last synchronisation between the APP and the NETMON network. Such data shall be immediately available on the company’s dashboard.

Ancillary purposes

The information collected shall be also used for ancillary purposes required to ensure the correct operation of the service, such as maintenance, assistance, and data transmission security.

Methods and security of processing

Personal data shall be processed using electronic and telematic means in compliance with the provisions under art. 5 and 32 of the GDPR, adopting appropriate security measures.

Recipients

The personal data resulting from the use of the NETMON network shall only be processed by duly appointed competent subjects or subjects appointed as data processors for the correct management of the service, ensuring the protection of the data subject’s rights. Such subjects include:

Data processors: Telecommunication provider, Technacy, any other IT service providers.
Inside the company: The data shall be processed by staff expressly authorized by the data controller.

Transfer of personal data to third countries

The NETMON service does not transfer any personal data to non-EU countries.

Disclosure

The data subject’s personal data shall not be disclosed in any way.

Storage period

Personal data shall be stored at least up to the end of the contractual relationships as well as for any additional period provided for in the contracts.

Rights of the data subject, if applicable, pursuant to Regulation (EU) 2016/679: Art. 15, 16, 17, 18, 19, 20, 21, 22

1. The data subject shall have the right to obtain confirmation as to whether or not personal data concerning him or her do exist, even if not yet registered, and to be provided such data in an intelligible form.
2. The data subject shall have the right to be informed of:
- a. the source of personal data;
- b. the purposes and methods of processing;
- c. the logic involved in the event of data processed using electronic means;
- d. the identification data of data controller, data processors and designated representative pursuant to art. 5, par. 2;
- e. the entities or categories of entities to which the personal data may be disclosed or which may acquire the personal data as designated representative in the country’s territory or as data processors or as entities in charge of data processing.
3. The data subject shall have the right to obtain:
- a. the update or rectification of personal data as well as to have incomplete personal data completed, if he or she wishes;
- b. the erasure, anonymisation or blockage of personal data being processed in violation of the law, including data which do not need to be stored in relation to the purposes for which they have been collected or subsequently processed;
- c. the confirmation that the entities to which data have been disclosed have been informed of the operations under letters a) and b), including their content, except where the fulfilment of this obligation proves to be impossible or would involve a disproportionate effort with respect to the right being protected;
- d. the data portability.
4. The data subject shall have the right to object, in whole or in part:
- a. to the processing of personal data concerning him or her for legitimate grounds, even if such data are in line with the purposes for which data are collected;
- b. b. to the processing of personal data concerning him or her for direct marketing purposes, for receiving advertising materials or marketing communications or for market researches.

Moreover, the data subject shall have the right, for valid and legitimate grounds, to lodge a complaint with the Italian data protection supervisor (called “Garante per la protezione dei dati personali”) as supervisory authority in compliance with the established procedures. For further information as well as to exercise his or her rights under the EU Regulation, the data subject may contact the data controller using the above contact details.