1. Scope of data communication and dissemination
Your data will be processed for the following purposes related to the fulfilment of legislative or contractual obligations:
• legally mandatory fulfilments regarding personal data processing (Privacy);
• purposes related to safety in the workplace; Your data will also be used for the following purposes, necessary for the pursuit of the legitimate interest of the Data Controller.
• company informatory purposes; The processing of the data needed in order to fulfil those obligations is required to ensure a correct management of the relationship and conferring said data is mandatory in order to attain the purposes indicated above. The Data Controller also specifies that should any of the mandatory information not be communicated, or be incorrectly communicated, this may make it impossible for the Data Controller to guarantee the congruity of the relative processing.
2. Type of data subject to processing
Following the consultation of this website, data relative to identified or identifiable persons can be processed. Please note that the processing performed by way of the various sections of the website shall not involve sensitive or judicial data.
2.1 Browsing data
As is now common practice in Internet, this website uses statistical analysis tools supplied and managed by third parties that can collect and “track” certain browsing data.
The third party tools used in this website are as follows:
- Google Analytics (provided by: Google Inc. 1600 Amphitheatre Parkway - Mountain View CA 94043, USA)
2.3 Data provided voluntarily by the user, sent to the email addresses published on the various pages of the website
The optional, explicit and voluntary sending of emails to the addresses indicated on this website will lead to the subsequent acquisition of the sender’s address, necessary in order to respond to the requests, in addition to any other personal data contained in the message.
2.4 Data related to specific services available on request
Specific summarised notes will be gradually shown or viewed in the pages of the sections of the website set out for particular services available on request.
3. Nature of the data conferral and consequences of refusal to confer data
Without prejudice to the provisions specified for browsing data automatically collected by the system, the user is free to decide whether to provide the personal data requested in the forms of the offered services located on the pages in the sections of the website. Refusal to do so will have no consequences, except, obviously, to make it impossible for the user to access any services that may be offered or to obtain more detailed information about the activities of Oikos SPA a socio unico.
4. Processing methods
Your personal data can be processed in the following ways:
• temporary processing, performed with a view to rapidly aggregating or anonymising the data;
• processing performed with electronic computers;
• manual processing performed using paper records; All processing shall be carried out in compliance with the methods described in Articles 6 and 32 of the GDPR in line with the adequate security measures envisaged therein. Your data will only be processed by people expressly authorised by the Data Controller to do so, and in particular, by the following categories of operators:
• OIKOS SPA management;
• OIKOS SPA office; The personal data will be processed both manually, in paper form, and using IT and digital tools, for the period of time required to fulfil the purposes for which they were collected.
Personal browsing data and data conferred by sending email messages to the addresses on the website will not be disseminated. The personal data provided by user who send requests for information to the various email addresses on the website, used only to provide the requested responses or services, will only be communicated to third parties if required for this purpose. Specific security measures are in place to prevent the loss, unlawful and/or inappropriate use of the data and any unauthorised accesses to the same. In any case, the user is informed that the transmission of data via Internet can never be considered completely safe. It is the browser’s responsibility to verify the accuracy of their personal data and, if necessary, have these corrected, updated or, in any case, modified during the processing.
5. Scope of data communication and dissemination.
The data conferred will be processed for the above-indicated purposes by people appointed to do so by the Company responsible for the processing. The conferred data will not be disseminated.
6. Rights of the Data Subject
EU Regulation 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22
The Data Subject shall have the right to obtain confirmation as to whether or not personal data concerning them exists, regardless of whether it has already been recorded, and the communication of such data in intelligible form. The Data Subject shall have the right to be informed of:
- the source of their personal data; - the purposes and methods of the processing;
- the logic applied to the processing, if the latter is carried out with the help of electronic means;
- the data identifying the Data Controller, Data Supervisors and the representative designated as per Article 5 paragraph 2;
- the entities, or categories of entity, to whom or which the personal data may be communicated, and may come to know said data in their capacity as designated representative(s) in the State’s territory, or as Data Supervisors or persons in charge of the processing. The Data Subject shall have the right to:
- have their data updated, corrected or, where interested therein, integrated;
- have their data erased, rendered anonymous or blocked in cases regarding data that have been processed unlawfully, including data which does not require to be retained for the purposes for which it has been collected or subsequently processed;
- obtain certification to the effect that the operations as per letters a) and b) have been notified, also with reference to their contents, to the entities to whom or which the data was communicated or disseminated, unless this requirement proves impossible or involves a clearly disproportionate effort compared with the right that is to be protected.
- data portability.
The Data Subject shall have the right to object, in whole or in part:
- on legitimate grounds, to the processing of personal data concerning them, even though it may be relevant to the purpose of the collection;
- to the processing of personal data concerning them, where this is carried out for the purpose of sending advertising materials or direct selling, or else for the performance of market research or commercial communication.
7. Data retention
Please note that, in compliance with the principles of lawfulness, fairness and transparency, purpose limitation and data minimisation set forth by Article 5 of the GDPR, the period for which your data will be retained will be:
- established as a period of time lasting for up to 5 years from the first record of the data entering the Company, through reception.
8. Data Controller
The Data Controller, pursuant to the Law, is OIKOS SPA subject to the Management and Coordination of OIKOS HOLDING SPA in the figure of its pro tempore legal representative, Via Cherubini 2 - 47043 Gatteo Mare (FC) | T +39 0547681412 | email: firstname.lastname@example.org and email@example.com, VAT no. IT01970010409. Please indicate in the subject line of the communication that this is a request for the cancellation of data in relation to privacy and to revoke the consent granted for sensitive data.
This note can be integrated, either verbally or in writing, with additional elements and indications, to meet, as effectively as possible, any requirement for information you may have regarding “Privacy” and to comply with any new laws or amendments to existing laws.