Personal data processing policy (Arts. 13 and 14 of Regulation (EU) 2016/679 for the www.omso.it website owned by OMSO S.p.A.
The intention of this report concerning the OMSO S.p.A. personal data privacy policies is to give an accurate description of how the portal user's personal data is processed.
The policy does not apply to other websites that may be visited through our links.
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Usage data: information collected automatically by this Application (or by the third party applications used by this Application), including: IP addresses or the dominion names of the computers operated by a user who accesses this Application, Uniform Resource Identifier (URI) addresses, the time of the request, the method used to transmit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), the country of provenance, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example, the time spent on each page) and details regarding the itinerary followed within the Application, with particular reference to the sequence of the pages visited, the parameters of the operating system and the user's IT environment.
User: The person who uses the services in this website, even only for browsing (corresponds to the data subject).
Data subject: the natural person to whom the Personal Data refer.
Data controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
This Application or Platform or website: the hardware or software tool used to collect users' Personal Data.
OMSO S.p.A. (hereinafter also “Organisation”) with registered and operations office in Via Adige 11/e, 42124, Reggio Emilia (RE) - VAT No. 024087550350, as the Controller of your personal data pursuant to Italian Leg. Dec. 196/03 and Regulation (EU) 2016/679 relating to the “protection of natural persons with regard to the processing of personal data and the free flow of these data”, hereby informs you that the processing of your data shall be based on the principles of correctness, lawfulness, transparency and the protection of your privacy and rights.
DATA CONTROLLER REPRESENTATIVE
A Data Controller representative is not envisaged within this Organisation given that it is not necessary in accordance with the Regulation itself.
DATA PROTECTION OFFICER
A Data Protection Officer (DPO) is not envisaged within this Organisation given that it is not necessary in accordance with the Regulation itself.
PURPOSES OF DATA PROCESSING
Your personal data is processed for a variety of purposes but their common aim is to meet your requirements. Processing will take place only with your prior consent.
“CONTACTS” for requesting information about new products and/or services
“AFTER SALES" service for receiving information via email by completing the mandatory fields: name surname telephone email
Please take note that the optional, explicit and voluntary transmission of electronic mail to the addresses given in the website, for example by using the "CONTACTS" or AFTER SALES service, by its very nature entails the subsequent acquisition of personal data; For this reason, when making queries or requests for services, we invite our users to neither include the names or other personal data of third parties that are not strictly necessary, nor special and/or judicial data in accordance with Arts. 9 and 10 of Regulation (EU) 2016/679.
Please take note that the optional, explicit and voluntary transmission of electronic mail to the addresses given in the website or, for example, by using the "CONTACTS" service, by its very nature entails the subsequent acquisition of personal data. For this reason, when making queries or requests for services, we invite our users to neither include the names or other personal data of third parties that are not strictly necessary, nor special and/or judicial data in accordance with Arts. 9 and 10 of Regulation (EU) 2016/679.
LAWFULNESS OF PROCESSING
With reference to the lawfulness of the identified processing, this Organisation specifies here below the legal bases on which it is founded:
For the purposes described at Point 4 a) and b) of this policy, the processing of your personal data is possible only and exclusively with your prior and specific consent (Art. 6, paragraph 1, a) of the Regulation).
Processing is carried out with the adoption of security, technical and organisational measures that are adequate for processing as described in Art. 32 of the Regulation. All data are processed with the use of IT systems and, possibly, with specific hard-copy databases. We use a wide range of technologies and advanced security procedures to ensure that personal data are protected from the aforementioned risks
RECIPIENTS OF PERSONAL DATA
The recipients of personal data for the purposes described above shall be only and exclusively the Organisation's Data Controller, employees and direct collaborators for the sole purpose of implementing the service requested by the user, unless disclosure is subject to legal obligations or is strictly necessary for the fulfilment of requests by the user.
For the correct operation of the service, processing related to the web and hosting services of these dominions is conducted by APVD srl - - Via Brianza,1 - 41012 Carpi (MO)– VAT No. 02262250364. APVD srl was appointed by this Organisation (pursuant to Art. 28 of Regulation (EU) 2016/679) as the Data Processor for website hosting and operation, which guarantees the application of all the security measures necessary for the protection of data pursuant to Art. 32 of the Regulation.
TRANSFER OF DATA TO THIRD COUNTRIES
It is not envisaged that your data will be transferred to third countries or an international organisation outside the European Union (Arts. 44-49 of the Regulation). The data are stored at a centre located in Italy.
PERSONAL DATA CONSERVATION PERIOD
Personal data are not stored for longer than is necessary to carry out the processing of the specific data described here, unless shorter or longer conservation periods are envisaged in accordance with the laws in force.
For the processing purposes described at Point 4 a) and b) of this policy, and only on your prior specific consent, your personal data shall be conserved for the duration of any service requested or the resulting contractual relationship. If this contact leads to a formal contractual relationship, your data shall be conserved in accordance with the legal obligations and regulations in force with regard to maintaining accounting, fiscal and administration records.
RIGHTS OF THE DATA SUBJECT
You have the right to request from the Data Controller access to, cancellation, disclosure, alteration, rectification, integration,limitation and portability of personal data, knowledge of infringements or object to the processing of the same, and, in general, you may exercise all the rights envisaged by Art. 13 and subsequent of Regulation EU 2016/679. The following is a complete list your rights as per Art. 13 of Regulation EU 2016/679.
Requests regarding the exercise of data subject rights must be made to OMSO S.p.A., registered and operations office in Via Adige,11/e, , 42124, Reggio Emilia (RE) Tel. 0522 382696 - Fax: 0522-301618 –, or to: email@example.com.
RIGHT TO WITHDRAW
You have the right at any time to withdraw your consent to the processing of your personal data referred to at Point 4 a) and b) of this policy, by contacting firstname.lastname@example.org, unless subsequent to your requests for information, contractual relationships have been established. In this case, the right to withdraw shall be subject to legal, regulatory and contractual obligations.
You have the right to lodge a complaint with the competent supervisory authority, the “Italian Privacy Guarantor”, if you believe that your rights regarding the protection of personal data are at risk.
POSSIBLE CONSEQUENCES OF REFUSAL TO RESPOND
With regard to the purpose described at Point 4 a) and b) of this policy, the communication of personal data by users is voluntary and NOT "mandatory" (e.g. request for information by using the "CONTACTS" or AFTER SALES service).
AUTOMATED DECISION-MAKING PROCESS
Your data will not be inserted in any automated decision-making process.
The Data Controller uses social buttons on this website. Social buttons are digital link buttons that directly connect to the Social Network platforms configured in each button. By clicking on these links you can interact directly with the Data Controller's accounts (social pages). The operators of the Social Networks to which the buttons are linked are independent data controllers. More information about the privacy policies for each of the Social Network platforms and on the method of managing and disabling the relevant cookies is available in the Social Networks' platforms
Cookies are texts that are installed in the hard disk of a computer only after authorisation. If consent is given, the text is downloaded into a small file.
Operating like security filters, Cookies enable access to the service offered and allow Web applications to send information to individual users.