The privacy and security of your personal data are very important to us.
What is meant by processing personal data?
Any operation or set of operations, performed with or without the aid of automated processes and applied to personal data, such as collection, registration and storage.
Who is the Data Controller of your personal data?
The Data Controller is OPTA S.R.L. in the person of its pro tempore legal representative based in Bologna, via del Monte n. 10 - C.F. and VAT 04297740377.
It is possible to contact the data controller at the email address firstname.lastname@example.org.
What personal data do we collect?
Browsing data when in our website
The software applications used to operate our website acquire some personal data transmitted through secure protocols. This information is not collected in order to identify interested parties, but could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses, browser identifier (user agent), the URI (Uniform Resource Identifier) of requested resources, time of request, the method used to submit the request to the server, the numeric code indicating the status of the response given by the server (for example successful, error) and other parameters related to the operating system and the user's computer environment. This data is used only to obtain anonymous statistical information about the site and to ensure proper operation.
Why do we collect browsing data?
Browsing data are necessary for the use of the web service and are also used to obtain anonymous statistical information on the use of the site and to check its correct functioning.
What personal data do we collect?
Data voluntarily communicated by you
Information collection: we collect information you communicate when you send a communication to our e-mail address for the sole purpose of answering and following up your requests, such as drawing up a quotation.
What is the legal basis that will allow us to collect your data?
The personal data of individuals who in various capacities engage in business and commercial relationships with the company, acquired in the archives, paper and electronic, on the occasion of contractual operations are as follows:
- personal data (e.g. name, surname, tax code, residential address, e-mail)
These data are processed exclusively for the pursuit of corporate purposes, in relation to contractual requirements, including pre-contractual ones, and the consequent fulfillment of contractual and tax obligations, in compliance with the legal requirements and, regarding businesses, only in relation to those entities and individuals for whom current legislation provides for such treatment.
The legal bases of the treatment are therefore the compliance with legal and contractual obligations, the fulfillment of specific requests of the interested party before the conclusion of the contract and the processing of data connected to the management of any complaints or disputes and for the prevention and repression of fraud and any illegal activity.
The provision of data is a necessary requirement for the establishment of the relationship between customer / supplier and Opta S.r.l.; the failure to provide it makes it impossible for the interested party to enter into the relevant contract and / or to continue the existing commercial relationship.
- personal data such as company and personal email addresses.
These data are processed, where consent has been freely granted, for promotional purposes by sending newsletters. The consent can be revoked at any time.
Personal data concerning children
Our website is not aimed at children and does not intentionally collect personal data of people under the age of 18. If we are informed or otherwise discover that a minor's personal data has been incorrectly collected, we will take all reasonable steps to delete that information.
How do we process and/or store your data?
Your data will be processed with computer and paper tools.
Data collection takes place in compliance with the principles of relevance, completeness and non-excess in relation to the purposes for which they are processed.
The personal data provided are processed in compliance with the principles of lawfulness, correctness and transparency, as provided for in Article 5 of the EU GDPR, also with the aid of computer and telematic tools designed to store and manage the data, and, in any case, in such a way to guarantee its security and protect the maximum confidentiality of the interested party.
The data can be processed anonymously for the performance of statistical activities aimed at carrying out the statutory activity.
What security measures do we use to protect your data?
The processing of personal data takes place through IT tools suitable to guarantee the security and confidentiality of the data and so in compliance with the adequate security measures as required by art. 32 GDPR, through secure communication protocols with SSL encryption algorithms.
How long do we keep your personal data?
We keep your data for the time necessary to reply to you.
The personal data contained in contracts and databases will be kept for ten years from the end of the contract.
The accounting records are kept for ten years following the tax period.
Is your personal data passed on to third parties?
Personal data will be processed, in compliance with current legislation on the subject, by employees and collaborators of Opta S.r.l., by virtue of their assignment and on the assumption of the stipulation of a confidentiality agreement with regard to the personal data which has become known in the fulfillment of the assignment received (identified as Authorized to the treatment).
The data provided may be communicated:
a . to some external subjects, identified as Data Processors pursuant to art. 28 of the GDPR and carefully identified and chosen by Opta S.r.l. that undertake and guarantee adequate safety standards in the processing of personal data;
b . to public and/or private entities that are entitled by law or regulation; in particular, these data may be disclosed to social security, welfare and insurance institutions and insurance companies.
In any case, the communication or dissemination of data requested, in accordance with the law, by the Public Security Authority, by the Judicial Authority or by other public subjects for defense, state security and crime detection purposes, is reserved, as well as the communication to the Judicial Authority in compliance with legal obligations, where offenses are identified.
Apart from the aforementioned cases, personal data are not in any way and for any reason communicated or disclosed to third parties.
Finally, the personal data of the interested parties are not transferred to third countries or international organizations.
The list of recipients and external data processors is available to you upon request at email@example.com.
What are the rights relating to your personal data?
In relation to the processing of your personal data, you have the right, as an interested party to the processing, to ask the data controller at firstname.lastname@example.org:
- Access to personal information:
you can ask us to confirm the possession and use of your personal data and to obtain a copy of such data.
- Correct and/or delete personal data:
you can ask us to correct any of your data that is incorrect. We will be happy to modify the aforementioned data after checking its accuracy. You can ask us to delete your data if you think we no longer need to use it for the purpose for which we collected it. You can also ask us to delete your data if you have withdrawn consent to the use of it by us (in the event that we initially asked for your consent) or exercised your right to refuse further legitimate use of your data, or where we have used your data against the law or we were legally required to delete the aforementioned data. In this regard, we may not always be able to satisfy your requests, for example in cases where we need to continue using your data to comply with any legal obligations or where we need to use the aforementioned data to promote or carry on lawsuits or protect us from them.
- Restrictions on the use of personal data:
You can ask us to limit the use of your personal data in certain circumstances, such as:
- in case you think that the data in our possession are not accurate and there is a need to check them;
- in the event that the use of your data by us is illegal but you do not want them to be deleted;
- in cases where the data are no longer necessary for the purposes for which they were collected but are necessary to promote or pursue legal actions or protect us from them;
- in case you have objected to our use of your personal data, but we still have to verify our rights.
We may continue to use your personal data following a request for a limitation of use if we have your consent, if we need it to promote or pursue legal actions or protect ourselves from them, or to protect the rights of another individual. or company.
- Oppose to how we use personal data:
you can object to any use of your data that we have justified on the basis of our legitimate interests, if you believe that your fundamental rights and your freedom in the field of data protection outweigh our legitimate interest in using that information. In case you raise an objection, we may continue to use your data if we can prove that our interests in using your data are legitimate.
- Data transfer requests to other companies:
you can ask us to provide you with your personal data in a structured format, commonly used and readable by the computer, or to transfer the aforementioned data directly to another data controller (e.g. different company). You can exercise this right only in cases where we use your data to fulfill a contract with you or where we have asked for your consent to the use of the data. This right is not applicable to the data we hold in a non-digital format.
- Right to obtain a copy of the security devices used for the transfer of data outside your jurisdiction:
you can ask to obtain a copy, or mention, of the security devices used for the transfer of your data outside the European Union.
Furthermore, we inform you that you have the right to lodge a complaint against the Supervisory Authority, which in Italy is the “Garante per la Protezione dei Dati Personali” (Protection of Personal Data Guarantor).
It is our right to request an identity document if requests are made to exercise the rights described above, to ensure that we disclose personal data only to the people who are entitled to it.
We will not ask for the payment of any additional cost, except in cases where we consider your request to be unfounded, repetitive or excessive. If payment of a possible fee is required, we will inform you before proceeding with your request.
Our goal is to answer all valid requests within a month. However, it may take longer for particularly complicated or multiple requests. In cases where replies take longer than a month, we will send appropriate communication of the expected timing. In order to respond faster, we may ask you to provide further details on your needs or concerns.
We may not always be able to fulfill your requests, for example in cases where these affect our confidentiality obligations towards other people or where the laws allow us to manage the aforementioned requests in a different way.