Favicon OMR retina

Privacy Policy

INFORMATIVE PRIVACY EXTENDED

Hereby, the O.M.R. S.r.l. (P.Iva: 03843790019) (hereinafter, also the “Owner” or the “Company“), in the person of the legal representative pro-tempore, with registered office in Borgaro Torinese (TO), Via Tetti dell’oleo – zona ind., 55 (10071), defines the methods of data acquisition of users consulting the web, the current domains reporting to O.M.R. are: encuentratucerradura.com; encuentratucerradura.es; moiaserrature.com; moiaserrature.it; omrserrature.com; omrserrature.it; trovalaserratura.com; trovalaserratura.it; trovaserratura.com; trovaserratura.it (hereinafter, the “Site, in accordance with national law and Articles 13 and 14 of EU Regulation No. 2016/679.

1. OWNER, OBJECT AND PLACE OF PROCESSING

This is a statement made pursuant to applicable national and international laws to those who browse the Site, regardless of the mode and tool used.

Following the authorization for processing, the Data Controller will process the transmitted Data in accordance with the provisions of the Regulations and current national legislation, including any measures of the Supervisory Authority (i.e. Data Protection Authority) where applicable.

Data Subjects’ Data may be transferred to a country other than the country in which the Data Subject is located. For further information about the location of the processing, the data subject can always contact the Data Controller at the references in sections 10 and 12 of the Policy.

The Owner is committed to protecting the privacy of all users of the Site and invites all Users to review the Privacy Policy outlined below.

2. METHODS AND PURPOSES IN THE PROCESSING AND IN THE USE.

2.1. Data subjects’ Data are collected for the purpose of updating Users about commercial offers related to products sold by the Owner.

Data are collected and stored exclusively for the above purposes, either through the Site, and through third party platforms (Vimeo, Youtube, Facebook, Twitter etc.).

Data may be disclosed to employees and trusted associates of the Data Controller located within or outside the country.

Acceptance of this policy legitimizes the data controller to communicate or disseminate collected data to third parties.

In any case, personal data are not disclosed to third parties or disseminated without the prior consent of the person concerned, except in cases expressly indicated by national legislation.

2.2. Any new and different processing of Data will be activated only after the notification of a new information to users and data subjects to obtain their specific consent, where required.

2.3. the Controller shall take all appropriate practical and IT security measures to prevent unauthorized access, modification, disclosure or destruction of data subjects’ data

The processing is carried out in an organizational manner related to the stated purposes and in consultation with the DPO if present or the data controller.

It is always possible to obtain detailed information about the purposes of processing and the Data collected for each purpose by contacting the Data Controller at the references given in sections 10 and 12 of the Policy.

The protocols and standards of Privacy used by the Company for the protection of personal data are based on the following principles:

2.3.1. RESPONSIBILITY IN THE TREATMENT AND IN USE.

The Processing of Data is managed over time by managers identified within the company organization in the figure of Ms. Grasso Lorenza, an internal subject of the company.

In some particular cases, in addition to the Owner, different parties involved in various ways in the organization of the Site (e.g. administrative, sales, system administrators, hosting providers).

In any case, the data subject may always request the updated list of Data Processors from the Data Controller.

2.3.2. TRANSPARENCY IN TREATMENT AND IN USE.

Data are collected and processed according to the principles expressed in this policy.

Prior to the acquisition and/or provision of data, the data subject will have the opportunity to consult theprivacy policy statement and to decide whether or not to give consent to their acquisition and storage.

Consent is required and may be implied even when data have been acquired through automated procedures (cookies technical or profiling).

However, it is always possible for the data subject to request from the Data Controller the concrete legal basis of each processing, specifying, in particular, whether the same is based on law, on a contract, or necessary for the conclusion of a contract.

2.3.3. RELEVANCE IN THE COLLECTION

Data are collected and processed lawfully and fairly. They are recorded only for purposes determined, explicit e legitimate, identified in par. 2 of this document, and for purposes not exceeding the specified purposes.

2.3.4. PRINCIPLE OF VERIFIABILITY

The Data collected are updated, organized e stored so that all interested parties are given the opportunity to know what Data has been collected and recorded, to check its quality and request any correction, integration, deletion for violation of the law or to exercise all the rights referred to in Article 9 of this policy, through the methods provided for in Article 10 of this policy.

2.3.5. SECURITY PRINCIPLE AND MEASURES TAKEN

2.3.5.1. The Data collected and processed are protected with the aim of preventing its unlawful disclosure or alteration through technical and/or computer security measures that are intended to minimize the risks of destruction, loss (including accidental), or access by unauthorized parties.

2.3.5.2. These measures are periodically verified and updated according to technical progress, the nature of the data and the specific characteristics of the processing.

2.3.5.3. Third parties performing support activities of any kind for the provision of services by the Company, in relation to which they perform personal data processing operations, are designated as Data Processors and are required to comply with the security and confidentiality measures of the processing.

2.3.5.4. The information acquired may be disclosed to the following third parties :

– processing clerks

– agents representatives

– home delivery couriers goods

– site maintenance workers

3. TYPE OF DATA AND METHODS‘ OF PROCESSING

3.1. Data collected through the Site and platforms owned by third parties (Youtube, Twitter, Vimeo, Facebook etc..) may include: first name, last name, phone number, email, ip of connection and any other information communicated directly by Users, using the links on the web page, aimed at getting in touch with the company.

In general, the data can be:

(a) Data voluntarily provided by users: I Data collected and processed on the Site are necessary for the provision of services. Consequently, in the event of failure to provide it or failure to give consent, the services requiring its use cannot be provided.

Without the express consent of those concerned to the use of the data provided (e.g. e-mail, landline or cell phone) they will not be used for advertising, direct sales or interactive commercial communication purposes.

The sections of the Site that may be set up for the provision of Data may include specific disclosures.

In case of voluntary sending of e-mail to the addresses of the Holder, the Holder will acquire the references mail Of the sender and any other information that may be contained in the message. This Data will be used in order to be contacted again and with the purpose of making possible the performance of any services requested.

(b) Navigation Data: The Site’s automated procedures acquire some Data, the transmission of which is implicit in the use of Internet communication protocols.

Although this information is not intended to be associated with identified users, by its nature, when associated with other data held by third parties (e.g. internet service providers), could allow users to be identified (e.g. IP addresses, domain names of the PCs used by users connecting to the Site, URL addresses of the requested resources, time of the request, numeric code relating to the status of the response given by the server).

This Data is used for statistical purposes only to verify traffic on the Site and its proper functioning.

The Owner, or designees, shall retain the trace of connections made for a limited period in order to comply with any request from by the judicial authority, legitimated to request it in the phase of ascertaining responsibility in case of computer crimes.

4. COOKIE POLICY

4.1. The Site makes use of cookies. The cookies are portions of code installed within a browser that assist the Owner in providing services according to the purposes described.

The possible use of cookies, where not otherwise specified, is simply for the purpose of providing the Service requested by users, ensuring the usability of the website and making it possible to navigate between the different pages.

Some of the purposes of installing temporary markers may, however, require users’ consent.

For your information, the main categories of cookies Are:

a) cookies technical and aggregate statistics

I cookies technical have the function of allowing the performance of activities strictly related to the operation of a space web. Technical cookies used by the Owner can be divided into the following subcategories:

i. Navigation, which allow users’ browsing preferences to be saved and the browsing experience to be optimized;

i. analytics cookies, which acquire statistical information about how users navigate the site. This information is processed in aggregate and anonymous form;

i. cookies functionality cookies – including third-party cookies, which activate specific features of the Site and are necessary for the provision of services.

Such cookies do not require users’ prior consent for their installation and use.

Other types of cookies Or third-party tools that may make use of them

Some of the services listed below may not require users’ consent and may be operated directly by the Owner, without the need for third parties. If there are services operated by third parties among these tools, they could possibly perform user tracking activities, even without the knowledge of the Owner.

In detail, the cookies used by the Owner are indicated in this link :


http://www.iubenda.com/privacy-policy/972673/cookie-policy?an=no&s_ck=false

Controlling the installation of cookies

In addition to what is stated in this policy, data subjects can manage any preference related to the cookies through their browser, preventing, for example, installation by third parties.

Disabling all cookies, the operation of the Site may be impaired.

You can find information on how to manage cookies in your browser in the appropriate sections on the privacy policy of Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Windows Explorer.

The Owner informs that the User can make use of tools such as. Your Online Choices (http://www.youronlinechoices.com/it/), through which it is possible to manage the tracking preferences of most advertising tools.

The Owner strongly advises interested parties and users of the Site to use this resource in addition to the information provided in this notice.

For any other technical information related to the cookies, in addition to what is stated in this policy, please refer to:

http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/2142939.

5. MODE OF DATA STORAGE

Data, including browsing data, will be retained, in compliance with the GDPR, for only as long as necessary to fulfill the purposes set forth in this policy and that is 2 years where the processing is for initiatives of marketing and/or promotional initiatives, 10 years for different purposes.

6. DATA ACCESS

6.1. The Data processed by the Data Controller may be accessible to employees and collaborators of the Data Controller, in their capacity as persons in charge and/or internal data processors and/or information systems managers. Access to the data by these individuals will take place only if the processing is necessary for the performance of their duties by performing only those operations necessary for the performance of those duties.

6.2. the Data Controller provides for the protection of user information against unauthorized access, unlawful processing, accidental loss, destruction, and damage, and retains such information for the period of time strictly necessary to achieve the purposes for which the data were collected.

7. COMMUNICATION OF DATA

7.1. Without the need for express consent pursuant to Art. 6 lett. b) and c) GDPR), the Data Controller may disclose the Data upon notification of Supervisory Bodies (such as IVASS) or judicial Authorities, as well as to those subjects to whom disclosure is required by law in order to comply with legal obligations, or to assert or defend a right in court. These subjects will process the data in their capacity as autonomous data controllers. The Data will not be disseminated, unless the requested service requires it.

7.2. If necessary, in relation to particular services or products requested, the Data may also be communicated to third parties who perform, as autonomous data controllers, functions closely related and instrumental to the provision of services, since without such communication, these services and products could not be provided.

7.3. Outside of the above, the Data Controller does not transfer personal data to countries outside the EU or international organizations.

8. TRANSFER OF DATA

8.1. Personal data are stored on internal server, owned by the Holder.

8.2. It is in any case understood that the Holder, should it become necessary, will be entitled to move the servers also outside the EU. In this case, the Controller hereby ensures that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the contractual clauses standards provided by the European Commission.

9. RIGHTS OF THE INTERESTED PARTIES

9.1. The data subject has the rights set forth in Article 15 GDPR, namely. to obtain:

i. confirmation regarding the existence or not of personal data concerning you, even if not yet registered, and their communication in intelligible form;

ii. indication:

a) Of the origin of personal data;

b) Of the purposes and methods of processing;

c) Of the logic applied in case of processing carried out with the aid of electronic instruments;

d) of the identification details of the owner, managers and designated representative in accordance with Article 3(1) GDPR;

e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, as managers or appointees;

iii.

a) updating, rectification or, when interested, integration of data;

b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;

c) certification that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the right protected;

of opposing:

iv. in whole or in part:

a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of collection; b) to the processing of personal data concerning you for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and/or through traditional marketing methods by telephone and/or paper mail. It should be noted that the data subject’s right to object, set out in the previous point b) for purposes of direct marketing by automated means is extended to traditional means and that, in any case, the possibility for the data subject to exercise the right to object even partially remains unaffected. Therefore, the data subject may decide to receive only communications by traditional means or only automated communications or neither type of communication.

Please note that data subjects always have the right to object to the processing of their Data for the purpose of marketing direct, without the need to provide any reasons.

Where applicable, it also has the rights set forth in Articles 15-21 GDPR (Right to rectification, Right to be forgotten, Right to restrict processing, Right to data portability, Right to object), as well as the right to complain to the Data Protection Authority.

9.2. Where permitted by law, you may have the right to obtain a copy of the Data in our possession.

9.3. Before responding to any specific request, the User may be asked for optional information, such as:

(i) Identity verification;

(ii) Additional details necessary to best respond to the request.

9.4. The Holder will provide the individual responses within an appropriate time period and, in any event, within the time period required by law. If you wish to exercise this right, you should contact us through the contact details provided in Sections 11 and 13 of the Policy.

10. WAYS OF EXERCISING RIGHTS

Users and data subjects may exercise their rights under EU Regulation 2016/679 at any time and free of charge by alternatively sending:

– a registered mail with return receipt at. Borgaro Torinese (TO), Via Tetti dell’oleo – zona ind., 55 (10071).

– a communication by e-mail to the e-mail address:

omrserrature@pec-cert.it

11. OWNER, MANAGER AND APPOINTEES

The data controller is the O.M.R. S.r.l. (P.Iva: 03843790019), in the person of the legal representative pro-tempore, with registered office in. Borgaro Torinese (TO), Via Tetti dell’oleo – zona ind., 55 (10071).

The updated list of data processors and processors is kept at the registered office of the Data Controller and is knowable through special request made in the manner indicated above.

12. CONTACTS

The processing operations carried out through the Site take place at the operating offices of the Owner, or at any other place where the parties involved in the processing are located.

For more information, you can always contact the Holder.

Any comments, questions, or requests regarding Holder’s use of User information should be forwarded to the email address:

omrserrature@pec-cert.it

Pursuant to Article 11 of this privacy policy, the Data may be processed by persons appointed as data processors both internally and externally, as well as by data processors in charge of the management of the requested service and will be communicated or disclosed to third parties within the limits and for the purposes set forth in the policy.

13. FUTURE CHANGES TO THE PRIVACY POLICY

The possible enactment of new industry regulations, as well as the constant review and updating of user services, may result in the need to vary these arrangements.

It is therefore possible that the privacy policy undergoes, over time, further changes and we therefore invite Data Subjects to periodically consult the specific section of the Site relating to the privacy policy.

For this purpose, the disclosure presents the fund with the date of update.

It should be noted that if the changes affect processing whose legal basis is the consent of the data subject, the Data Controller will re-collect the data subject’s consent where necessary.

14. REDIRECTS TO THIRD PARTY SITES

The Site contains plug-ins of redirection to other platforms or social networks (Youtube, Vimeo, Facebook, Linkedin etc.). Such plug-ins are provided for the convenience of Users and to facilitate the interconnection between different pages, also facilitating the advertising of products sold by the Owner.

The owner has no control over sites other than the one through which she promotes her business and their accessibility to the public.

For this reason, the Owner will not be held responsible for the data that is collected, disseminated and processed by the aforementioned sites, and invites Users to read the respective privacy policies.