PRIVACY POLICY

This Privacy Policy outlines the types of data collected and how such data is used, disclosed, transferred, and/or stored by the company.

This information is provided pursuant to Articles 13-14 of Regulation (EU) 2016/679 – hereinafter GDPR – to those who interact with the web services accessible electronically from the address: www.ombm.it

This Privacy Policy is subject to updates, which will be promptly published on the website.

DATA CONTROLLER

The Data Controller of the data collected by this site is O.M.B.M. SRL with its registered office at Via Antonio Grosso, 33, 10080 Rivara C.SE (TO) VAT ID 00649910015 email: info@ombm.it

METHOD OF PERSONAL DATA PROCESSING

The Personal Data provided or acquired will be processed according to principles of correctness, legality, transparency, and confidentiality as per current regulations.

The Data Controller processes the Personal Data of Users by adopting appropriate security measures to prevent unauthorized access, disclosure, alteration, or destruction of Personal Data.

Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the stated purposes. Among the Personal Data collected by this website, either autonomously or through third parties, are: Cookies, Usage Data, Email, and Name. Additional Personal Data may be indicated in other sections of this Privacy Policy or through informational texts displayed at the time of data collection. Personal Data can be voluntarily provided by the User or collected automatically during use of this website.

1. DISCLOSURE AND SHARING OF DATA

In addition to the Data Controller, in some cases, the data may be accessible to:

a) categories of appointees, specifically trained for this purpose, involved in organizing the website (administrative, commercial, marketing, legal staff, system administrators);
b) external parties (such as third-party technical service providers, hosting providers, IT companies, communication agencies) also appointed as Data Processors by the Controller under Art. 28 GDPR. The updated list of Processors, if appointed, can always be requested from the Data Controller;
c) public or private entities that may access the data by law;
d) entities carrying out ancillary and instrumental tasks concerning the Data Controller’s activity;
e) external parties such as partners in organizing initiatives and events promoted and/or sponsored by the Data Controller where data communication is necessary for organizational reasons;
f) with the prior consent of the data subject, the entities indicated in point 5, letter g) of this Privacy Policy.

2. DATA VOLUNTARILY PROVIDED BY THE USER

The voluntary, explicit, and voluntary sending of emails, including through the Contact Form or the addresses indicated on this website, implies the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other Personal Data included in the email. User consent for the provision of data is required to be included in the Controller’s databases and to establish and correctly perform what is offered to its Users and to third parties for fulfilling the requested activity. Failure to provide such data prevents the registration in the Controller’s databases, the finalization of any contracts, and their execution as well as any other related activity. Therefore, the failure to provide certain Personal Data by the User may make it impossible for this website to provide its services. The User assumes responsibility for third-party Personal Data published or shared through this website and guarantees the right to communicate or disclose them, relieving the Controller of any responsibility toward third parties.

3. LOCATION OF PROCESSING

Data is processed at the operational headquarters of the Data Controller. For further information, contact the Data Controller.

4. DATA RETENTION PERIOD

As expressly provided by Art. 5, para.1, letter e) of GDPR, data is retained for as long as necessary for its processing concerning the requested service or the purposes described in this document.

In particular:

– Personal Data collected for purposes related to contract execution between the Controller and the User will be retained until the execution of such contract is completed;
– Data collected for purposes related to the legitimate interest of the Controller will be retained until such interest is satisfied. Users can obtain more information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller;
– Data collected based on the User’s consent will be retained until such consent is revoked;
– Data collected for fiscal/administrative obligations will be retained for the time necessary to fulfill the purposes mentioned above and as provided by law, and in any case, for no longer than the period dictated by civil law;
– Data may be retained by the Controller for a more extended period in compliance with legal obligations or by order of an authority;

The User can always request the interruption of processing or the deletion of data not connected to the execution of the contract.

At the end of the retention period, Personal Data will be deleted. Therefore, after such a term, the right of access, deletion, rectification, and the right to data portability can no longer be exercised.

5. PURPOSES OF DATA PROCESSING

User data is collected to allow the website to provide its services, as well as for the following purposes: Contacting the User, Managing addresses and sending email messages, Interaction with external platforms, and Statistics. Specifically:

a) to fulfill any obligation provided by current laws, regulations, norms related to commercial uses, particularly in fiscal/tax matters;
b) to follow up on specific requests addressed to the Controller by the User via the Website and its communication tools (Contact Form, information request forms, and similar);
c) for informational communications regarding the Controller’s services, following the information request via email messages or completion of the Contact Form and other communication tools;
d) for other ancillary purposes related to those mentioned above and, in any case, falling within the website’s activities;
e) to send promotional and commercial information and offers;
f) for profiling activities for marketing purposes;
g) for transferring data to third-party companies and/or entities with which the Controller collaborates or has entered into agreements, which may use the User’s data to send communications and/or informational material related to events they organize or services they provide.

The types of Personal Data used for each purpose are indicated in the specific sections of this document.

For purposes under point a), the processing is necessary for contract execution in which the User is a party, for pre-contractual measures, or to fulfill a legal obligation to which the Controller is subject.

For purposes under points b), c), and d), the processing is optional. However, failure to provide one or more data will make it impossible to respond to the User’s request for information and to use the services offered by the Controller.

For purposes under points e), f), and g), the processing is based on the freely expressed consent of the User.

ADDITIONAL INFORMATION ON DATA PROCESSING

LEGAL DEFENSE

The User’s Personal Data may be used by the Controller for legal defense or in the preparatory stages leading to potential establishment due to misuse of the same or related services by the User. The User declares to be aware that the Controller may be required to disclose data upon request by public authorities.

NATURE OF PROCESSED DATA AND CONSEQUENCES OF REFUSAL

The provision of navigation data by Users for the above purposes depends on the level of privacy the User has enabled or disabled via their browser. In some cases, disabling it may compromise the navigation of this Website. For certain modules of this Website, the provision of navigation data and/or the use of technical cookies is mandatory for the proper functioning of the website itself. The provision of certain data is, in any case, necessary for the structure of the Website and its procedures. In particular, by way of example:

• For sending messages via the Contact Form, the minimum required data are mandatory;

If not provided, the procedure cannot be completed.

The possible request for other optional data will instead be preceded by a specific approval checkbox. The provision of all other data is optional, depending on the type of information the User wishes to provide to the Website.

EXERCISING DATA SUBJECT RIGHTS

The data subject has the right to exercise the rights provided for in Articles 7, 15-22 of Regulation (EU) 679/2016.

In particular, they have the right to revoke their consent at any time and, upon simple request to the Data Controller, they can request access to their Personal Data, receive the Personal Data provided to the Controller and, where possible, transmit it to another Data Controller without impediments (so-called data portability), request updates, processing limitations, corrections, and deletion of data processed in breach of the applicable law. They also have the right, for legitimate reasons, to object to the processing of their Personal Data and to processing for the purpose of sending advertising materials, direct selling, or conducting market research. They also have the right to file a complaint with the Privacy Authority as the supervisory authority on Personal Data protection. The data subject can exercise their rights by contacting the Controller via email at: info@ombm.it

CHANGES TO THIS PRIVACY POLICY

The Data Controller reserves the right to make changes to this Privacy Policy at any time by notifying Users on this page. Users are advised to check this page often, taking as reference the date of the last modification indicated below. In case of non-acceptance of the changes made to this Privacy Policy, the User is required to stop using this Website and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous Privacy Policy will continue to apply to Personal Data collected up to that point.

The Data Controller is responsible for this Privacy Policy.

Privacy Policy updated in January 2023

COOKIE POLICY

This cookie policy, or extended information regarding cookies and other tracking tools, concerns the use of Cookies by the website www.ombm.it.

The Data Controller of the data collected by this website is O.M.B.M. SRL with its registered office at Via Antonio Grosso, 33, 10080 Rivara C.SE (TO) VAT ID 00649910015 email: info@ombm.it.

Cookies are small text files used by websites to make the browsing experience more efficient for the User, which are sent to their browser and stored to be reused by the same website on their next visit.

Cookies have different functions. Some cookies aim to improve the functionality and navigation of this Website (so-called technical or necessary cookies). Other cookies are used to track users during navigation, record information, and highlight their interests by analyzing their preferences to customize advertising displayed when opening emails, browsing social networks, or other web pages (so-called profiling cookies). Cookies are used to personalize content, provide social media functions, and analyze traffic.

In their browser, the User can set their privacy preferences to not store Cookies, delete them after each visit or when closing the browser, or even accept only Cookies from www.ombm.it and not from third parties.

Depending on the duration of cookies in the browser, they are distinguished into:

Session cookies: temporary cookies that remain on the device until the User leaves the site.

Persistent cookies: cookies that remain on the device longer until they are deleted.

This site uses various types of cookies.

Technical Cookies

Technical cookies are those whose use does not require the User’s consent. These are cookies used solely to carry out the transmission of a communication over an electronic communications network or as strictly necessary to provide an information society service explicitly requested. On this website, technical cookies are used to store the User’s decision on the use of Cookies on the website itself. The retention period for technical cookies is the duration of the browsing session on the site.

DELETING OR DISABLING COOKIES

Except for the technical cookies strictly necessary for regular navigation, the provision of data is left to the User’s discretion. The User decides to browse the site after viewing the brief information contained in the appropriate banner and using third-party services that involve the installation of cookies. The User can therefore avoid the installation of Cookies by leaving the banner open (thus refraining from closing it by clicking the “OK” button), unchecking some or all categories of cookies used by the site, or through the appropriate functions available in their browser.

The User can manage their cookie preferences directly within their browser and prevent third parties from installing cookies.

It is important for the User to know that disabling all Cookies may compromise the functionality of this Website. Each browser has different procedures for managing settings.

To disable third-party cookies, it is also possible to use Your Online Choices, http://www.youronlinechoices.com/uk/your-ad-choices, a web service managed by the non-profit European Interactive Digital Advertising Alliance (EDAA), which provides information on behavioral advertising based on profiling cookies and allows users to easily opt-out of their installation. By deleting all cookies from their browser or removing them through services like Your Online Choices, these, if third-party, will be inhibited generally, not just within this site’s scope.

ADDITIONAL INFORMATION ON DATA PROCESSING

Specific Information

At the User’s request, in addition to the information contained in this Cookie Policy, this Website may provide additional and contextual information regarding specific services or the collection and processing of Personal Data.

System Logs and Maintenance

For operational and maintenance purposes, this Website and any third-party services used may collect system logs, i.e., files that record interactions and may also contain Personal Data, such as the User’s IP address.

Information not contained in this Cookie Policy

More information regarding the processing of Personal Data can be requested at any time from the Data Controller using the contact information provided.

EXERCISING DATA SUBJECT RIGHTS

Under Articles 15-22 of Regulation (EU) 679/2016, the data subject has the right to confirm the existence of personal data concerning them, even if not yet recorded, and their communication in an intelligible form.

The data subject has the right to obtain information:

a) about the origin of the personal data;
b) about the purposes and methods of processing;
c) about the logic applied if processing is carried out with the help of electronic tools;
d) about the identification details of the Data Controller and Data Processors;
e) about the entities or categories of entities to whom the Personal Data may be disclosed or who may learn about it as appointed representatives in the State’s territory, processors, or persons in charge.

The data subject has the right to obtain:

a) the updating, rectification, or, when interested, the integration of data;
b) the deletion, transformation into anonymous form, or blocking of data processed unlawfully, including data that does not need to be kept for the purposes for which it was collected or subsequently processed.

The data subject has the right to object, in whole or in part:

a) for legitimate reasons to the processing of personal data concerning them, even if relevant to the purpose of collection;
b) to the processing of personal data concerning them for sending advertising materials, direct selling, or conducting market research or commercial communication.

NOTICE: The Data Controller is not responsible for updating all the links in this Cookie Policy, which refer to third-party websites. Therefore, if a link is not functional or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by such links.