Privacy Policy
Premise
This information describes how to manage the site www.orsanaitalia.it with reference to the processing of personal data of users who consult it and to those who interact with web services accessible electronically starting from the address www.orsanaitalia.it , corresponding to the official page of the company Orsana Italia srl
This information is provided only for the site www.orsanaitalia.it and not for other websites that may be consulted by the user via links.
Definitions
For the purposes of an easy understanding of these Regulations, some of the definitions contained in art. 4 of EU Regulation 2016/679:
- “ personal data ”: any information relating to an identified or identifiable natural person. The natural person is considered identifiable who can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, physiological, genetic, psychic, economic, cultural or social;
- “ treatment “: any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data such as collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation , cancellation or destruction;
- “ data controller “: the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of data processing personal;
- “ data processor “: the natural or legal person, public authority, service or other body that processes personal data on behalf of the Data Controller;
- “ recipient “: the natural or legal person, public authority, service or other body that receives communication of personal data, whether it is a third party or not; (Those public authorities who may receive communications in the context of a specific investigation in accordance with European Union law are not considered recipients).
- “ supervisory authority “: the independent public authority established by a member state pursuant to art. 51 GDPR;
- “ profiling “: any form of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning the professional performance, economic situation, health, personal preferences, interests, reliability, behavior, location or travel of that natural person;
- “ pseudonymisation “: the processing of personal data in such a way that they can no longer be attributed to a specific data subject without the use of additional information, provided that the same are stored separately and subject to to technical and organizational measures such as to ensure that the data are not attributed to an identified or identifiable natural person;
- “ consent of the interested party “: any manifestation of the free, specific, informed and unambiguous will of the interested party, with which the same expresses his / her consent, by means of an unequivocal positive declaration or action, which the personal data concerning him are processed;
- “ personal data breach “: the security breach that accidentally or unlawfully involves the destruction, loss, modification, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed.
Data Controller and Data Protection Officer
Data Controller: Orsana Italia s.r.l. (VAT number 01257371219), with registered office in Via San Martino della Battaglia 31, Rome (RM), Italy, which can be contacted at info@orsanaitalia.it
Type of data processed
The computer systems and software procedures used to operate this website acquire, during their normal operation, the following personal data whose transmission is implicit in the use of Internet communication protocols:
- the addresses of websites from which access was made;
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
Cookies
Please refer to the cookies policy available at the following link ( Cookies Policy )
Purpose and legal basis of the processing
The navigation data are processed for our legitimate interest in guaranteeing the security of the sites, checking their correct functioning and obtaining statistics in relation to their use (Article 6, paragraph 1, letter f) of the GDPR).
Return commercial information on the products requested through the contact form on the site.
Methods of data processing
The personal data collected will be processed through the use of computer systems and stored both on computer media and on paper, according to the principles of correctness, loyalty and transparency provided for by the applicable legislation on the protection of personal data and protecting your confidentiality and its rights through the adoption of suitable technical and organizational measures to ensure a level of security appropriate to the risk.
Personal data are processed for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The data provided is not subject to profiling activities except in anonymous mode and only for the data necessary for the maintenance of the site and to improve the user’s browsing experience.
Recipients of Personal Data
The data will be processed exclusively by competent and duly appointed subjects for the performance of the services necessary for a correct management of the relationship, with a guarantee of protection of the rights of the interested party.
In particular, the data may be disclosed to third parties duly appointed by public and / or private entities in compliance with legal obligations.
Personal data may also be communicated by the Data Controller to persons authorized by them for processing. No data deriving from the web service is disclosed.
Place of processing
The treatments connected to the web services of this site take place at the registered office of the company Orsana Italia s.r.l. and are only handled by personnel appointed for this purpose, or by any external managers of maintenance operations, appropriately designated.
No data deriving from the web service is communicated or disseminated.
The personal data provided by users who submit requests to send information material are used only to perform the service or provision requested and will never be disclosed to third parties unless specifically requested.
Transfer of Personal Data
The data controller does not transfer or intend to transfer personal data to recipients in third countries or to international organizations
Rights of the interested party
At any time, the interested party may exercise, in relation to the data processing described, the rights provided for by the applicable legislation on the protection of personal data, including the right to:
- receive confirmation of the existence of their personal data and access their content ( access rights );
- update, modify and / or correct your personal data ( right of rectification );
- request the cancellation or limitation of the processing of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or otherwise processed ( right to be forgotten and right to limitation );
- oppose the treatment based on legitimate interest ( right to object );
- revoke the consent, without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
- to lodge a complaint with the Supervisory Authority in case of violation of the rules on the protection of personal data;
- receive a copy of the data in electronic format concerning him made for the personnel selection service and request that such data be transmitted to another data controller ( right to data portability ). < / li>
To exercise these rights you