Privacy Policy

  1. Treatment

Pursuant to and for the purposes of Articles 13 and 14 of European Regulation No. 679/2016 and in accordance withThe Dec. Legislative Decree no. 196 of 30.6.2003, as amended by Dec. Legislative Decree no. 101 of 10 August 2018We wish to inform you that the Users' data collected within the https://quellilainitaly.com website (hereinafter the "Site") will be processed by Otisopse Web S.r.l., with registered office in Via Guglielmo Melisurgo, 15 - 80133 Naples (hereinafter the "Company"), as the Data Controller, in manual, paper, computer or telematic form. In its capacity as Data Controller, the Company proceeds to save the Users' personal data in a special server located in Italy and to carry out all other processing operations through the staff appointed for this purpose, or, during maintenance operations, through any external agents.The database is accessible only by authorized parties through methods that ensure the protection and confidentiality, thanks to the adoption of security measures designed to prevent data loss, illicit or incorrect use and unauthorized access.The data are kept for the time necessary to carry out those processing operations carried out in relation to the data of each user, depending on his choices, preferences and indications, as well as in relation to the purposes listed below.

2. Purpose of treatment

The provision of the User's personal data is necessary for the provision of services by the Company. Therefore, failure to provide, even partially, the same will make it impossible for the Company to proceed with the provision of the same services requested. It is also specified that the processing of data will be used to: i) Allow the sending of information, commercial, advertising and/or promotional material of the services and products of the Company through "automated" systems of contact (by way of example SMS and / or e-mail); ii) Collect data and information in general and in particular on consumer trends and preferences in order to obtain a detailed profile of the same, to offer an increasingly efficient and personalized service. iii) Allow consumers to place orders correctly, to ensure, at the same time, that they can be processed properly and in full compliance with the processing time; iv) Administrative purposes; v) Follow up on the report(s) and / or request(s) made by the User to Customer Service.

3. Granting of consents

The Company uses the User's data in accordance with the choices that the latter has freely exercised through its consent, at the time of their collection or subsequently, as well as to comply with obligations under the law, a regulation or a Community directive. In some cases, the data may also be processed without the express consent of the User, such as to comply with a specific request made by the User, to comply with contractual obligations or, again, in cases where the processing is necessary to protect the rights of the Company in the context of legal proceedings or to comply with any requests made by the competent authorities.

4. Granting of data and issuing of consents

The provision of data:for the purposes referred to in points (i) and (ii) of this information notice, is optional. Failure to provide this information does not compromise the correct use of the website; - for the purposes referred to in point (iii) is optional, but necessary to complete the purchase procedure. Therefore, failure to provide data compromises the complete use of the website; - for the purpose referred to in point (v) is necessary to enable Customer Service to properly respond to the request made by the User. Failure to provide data makes it impossible for Customer Service to take charge of the User's request but does not compromise the proper use of the site.Issuing of consent to processing:- for the purposes referred to in points (iii), (iv) and (v) no form of consent is required; therefore, the use of the services will take place following the simple provision of data; - for the purposes referred to in points (i) and (ii) the release of consent is always optional and the User is given the opportunity to exercise the choice during registration.

5. Data Controller and Data Processor

The Data Controller is Otisopse Web S.r.l., with registered office in Via Guglielmo Melisurgo n. 15 - 80133 Napoli.

The person responsible for the processing of personal data is Francesco Esposito, who is domiciled for the function at Otisopse Web S.r.l., with registered office at Via Guglielmo Melisurgo n. 15 - 80133 Naples, by virtue of the deed of appointment of May 2018.

The data may also be communicated by the Company to the companies in charge of shipping the products purchased by the User.The above companies will process the data only to the extent necessary for the performance of the tasks assigned to them, providing for the subsequent cancellation once completed.

6. Rights of the data subject

The User, with regard to the personal data provided, may exercise, as an interested party in the processing of personal data, may exercise the following rights provided by the GDPR and subsequent amendments to regulations, by sending a request without formality to the Data Controller, by writing to the email address info@quellilainitaly.com

  1. The User shall have the right to obtain:

confirmation of the existence or not of personal data concerning him, even if not yet recorded, and their communication in a structured format of common use and readable by automatic device and indication:

  1. (a) the origin of the personal data;
  2. b) the purposes and methods of the processing;
  3. c) the logic applied in case of processing carried out with the help of electronic instruments;
  4. d) the identification details of the data controller and of any data controller and of the Data Protection Officer (DPO) designated pursuant to Article 37 GDPR;
  5. e) the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representatives in the State's territory, data processors or their authorised representatives;
  6. (f) as far as possible, the expected period of retention of personal data or, if not possible, the criteria used to determine that period.

 

  1. The User will also have the following specific rights:
  • right of access (Art. 15 GDPR). Right of the data subject to obtain access to his/her data and to complain to the supervisory authority;
  • right of reply (Art. 16 GDPR). Right of the interested party to obtain from the Data Controller the rectification of inaccurate personal data concerning him/her;
  • right to cancellation - right to be forgotten (Art. 17 GDPR). The interested party has the right to obtain from the Data Controller the cancellation of personal data concerning him without undue delay;
  • right to limitation of treatment (Art. 18 GDPR). Right of the data subject to obtain a limitation of data processing;
  • notification obligation (Art. 19 GDPR). The Data Controller shall inform each of the recipients to whom the personal data have been transmitted of any corrections or cancellations or limitations to the processing carried out in accordance with the aforementioned Articles 16, 17 and 18;
  • right to data portability (Art. 20 GDPR). The interested party has the right to receive the personal data concerning him provided to the Data Controller and has the right to transmit such data to another Data Controller without hindrance by the previous Data Controller and directly, where technically feasible;
  • right to object (Art. 21 GDPR). Right of the interested party to oppose the processing of his personal data;
  • profiling (Art. 22 GDPR). The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, or which significantly affects him or her.

 

  1. The User will also have the express right to object, in whole or in part and at any time:
  1. a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of collection;
  2. b) to the processing of personal data concerning you for the sole purpose of sending advertising material or for carrying out market research.

 

  1. Finally, the User will have the right to revoke the consent to the processing of the data already given, except that this may make it impossible to conclude the relevant contract for the purchase requested.

 

 

7. Minor Users

The Company is aware that the Website and the services it offers may also be of interest to a minor public.For the above reason, the Company also encourages the registration of parents of registered minors: in this way, parents have the opportunity to use the same services and to be always aware of the initiatives that the company makes available to children.

Privacy Policy

Otisopse Web s.r.l, Data Controller, informs you, pursuant to European Regulation no. 679/2016 and in accordance with Dec. Legislative Decree no. 196 of 30.6.2003, as amended by Dec. Legislative Decree no. 101 of 10 August 2018, on the purposes and methods of processing your personal and sensitive data.

Privacy is very important to us and we want you to feel protected at all times. For this reason, we invite you to read the information carefully.

By using our services, you transmit or share with us certain information that allows us in some cases to provide the service, in other cases to meet your needs and to improve us. In this document we would like to explain to you: 1. what data we use; 2. why and on what legal basis we collect your data; 3. how your data is used; 4. what data is mandatory and what data is optional; 5. how long your data is stored; 6. who can have access to your data; 7. to whom your data can be disclosed; 8. where your data can be transferred; 9. what your rights are; 10. who is the Controller of your data and who is the Data Protection Officer.

  1. What data do we use?

In Otisopse Web s.r.l. we use several of your personal data (hereinafter "personal data" or also "data"), namely:

the data you provide, identifiable and non-sensitive such as: name and surname or company name, identity document, tax code, VAT number, address, email, telephone number, bank details and data relating to the Otisopse services you have used. These are the data you have provided us with when requesting services or products, or even later - data related to your preferences and business interests, in particular: content, use of services, features used.

  1. Why and on what legal basis do we collect your data?

The data you provide allows us, on the one hand, to carry out all administrative activities relating to your contract and to meet your requirements, on the other hand, help us to verify any anomalies arising from the use of products and services provided by us.

Specifically, your personal data are processed for the following purposes and legal bases:

a) without your prior consent for the purposes of the service and in particular for:

  • the performance of the contract or the performance of pre-contractual obligations: - activate, provide, suspend and manage your contract and related services, providing for the related billing, sending service communications and assistance; - provide you with the services of the Otisopse commercial offer: these services include additional and optional services; - improve technical assistance, customer care, our services, content and products through aggregated statistical analysis on an anonymous basis;
  • the pursuit of a legitimate interest of the Holder: - manage complaints and disputes, recover credits, prevent fraud and illegal activities; - exercise the rights and protect the legitimate interests of the Owner or Third Party Owners, such as the right of defense in court; - send commercial communications to the email address you provide, if you are already our customer, relating to services and products of Otisopse similar to those you have already used. Each email sent will allow you, by clicking on the appropriate link, to refuse further transmissions of communications.
  • comply with and fulfil the obligations provided for by laws, regulations, community regulations, orders and prescriptions of the competent authorities. For example, by law we are required to provide a copy of your identity document and your tax code to the Archives of the Ministry of Economy and Finance and managed by Consap S.p.A. to compare them with the data present in the databases of the Inland Revenue, the Ministry of the Interior, the Ministry of Transport, the INPS and the INAIL, thus verifying their authenticity and being able to prevent fraud from identity theft in the areas of consumer credit, deferred and deferred payments, electronic and interactive communication services (so-called SCIPAFI).

b) only after you have given your consent, for other purposes than service, and precisely for:

  • marketing purposes, i.e. to inform you with ordinary letters, telephone calls, emails, television messages, SMS, MMS, notifications and newsletters of Otisopse initiatives and offers and to propose questionnaires and Otisopse market research;
  • to analyse, even automatically, your preferences and interests (for example, the use of content and services, including those purchased, the functions used, connection times, traffic data, etc.).to analyze, even automatically, your preferences and interests related to the use of products and offers Otisopse and propose to you (with ordinary letters, phone calls, e-mails, messages on television, SMS, MMS, notifications and newsletters) services, content, initiatives and offers customized for you; - to analyze, even automatically, your preferences and interests related to the use of products and offers Otisopse and propose (with ordinary letters, phone calls,

to analyze, even automatically, data related to the use of the Otisopse services - with the prior consent given during the activation of the service itself - to analyze your preferences and your interests and offer you (with ordinary letters, phone calls, emails, messages on the television, SMS, MMS, notifications and newsletters) services, content, initiatives and offers customized for you.

  1. How are your data used?

Your personal data is used for the collection, recording, organisation, storage, consultation, analysis, matching, processing, modification, selection, extraction, database comparison (e.g. to verify the saleability of the offer), use, interconnection, crossing, blocking, communication, cancellation and destruction of data. Your personal data is processed on paper, electronically and automatically and stored in databases.

  1. Which data are mandatory and which are optional?

Among the information we collect, some are indispensable to the stipulation and administration of your contract, others help us to offer you a better service, day after day. Specifically:

  • the provision of your personal data, processed for service purposes, is necessary to subscribe and use the services of Otisopse; - the provision of your personal data, processed for other purposes, is optional. Failure to provide them does not prevent you from using the services of Otisopse, but you will not be able to receive our commercial communications and personalized offers.
  1. How long is your data stored?

Otisopse Web stores and uses your personal data for no longer than 10 years from the end of the relationship for service purposes and, in any case, for the period of prescription required by law, for no longer than 13 months from the end of the relationship for marketing purposes, for the time of your consent and, in any case, for no longer than 36 months from collection, for profiling purposes. Subsequently, your data is rendered anonymous and processed for aggregate statistical analysis and anonymity.

  1. Who can access your data?

We value your privacy and do everything we can to protect you. That's why we share your data only when strictly necessary and only with those who help us to offer you a better service every day. Your data is in fact accessible to: - employees and/or collaborators of Otisopse or of the companies of the Otisopse Group, who contribute to creating, maintaining and improving all the services of Otisopse in their capacity as appointees and/or internal data processors and/or system administrators; - companies of the Otisopse Group, business partners and service providers who carry out activities in outsourcing on behalf of Otisopse - in their capacity as external data processors - carrying out activities connected with, instrumental to or supporting those of Otisopse, for example: management and maintenance of the contents of websites and Apps, customer service, customer care and call center services, management of information technology systems, publishing services, credit recovery, data processing services for billing, archiving of documentation relating to customer relations, etc..

  1. To whom can your data be communicated?

Otisopse may communicate your data without your express consent for service purposes: - to the companies of the Otisopse Group and to all other persons to whom it is necessary to communicate them, by law or by contract, to enable the purposes described above to be carried out (such as, for example, credit institutions, professional firms, business partners). Otisopse may communicate the data to the companies of the Otisopse Group or its partners to enable them to carry out the independent marketing purposes described above: to this end Otisopse will ask for your consent before communication. These subjects will treat your data in their capacity as independent data controllers. In any case, we want to reassure you that your data will not be disclosed.

  1. Where can your data be transferred?

Your data may also be transferred outside the European Union to the entities specified in paragraphs 6 and 7 (including, in particular, entities established in the USA and Albania). To protect your data in these transfers, Otisopse adopts appropriate safeguards, including adequacy decisions and standard contractual clauses approved by the European Commission, in accordance with the provisions of Chapter V, Articles 45, 46 and 47 of European Regulation no. 679/2016.

  1. What are your rights?

Up to now we have talked about how we treat your data and how we behave; now we show you your rights, so that you always have control over your privacy and your information. If the restrictions provided for by law are not met, you have the right, in accordance with Article 15 of European Regulation No 679/2016, to: - have confirmation of the existence or otherwise of your personal data, even if not yet recorded, and request that such data be made available to you in a clear and comprehensible manner; - request information and, where applicable, a copy: a) of the origin and category of your personal data: b) the logic of use, if your information is processed by electronic means; c) the purposes and methods of processing; d) the identity of the owner and managers; e) the subjects or categories of subjects to whom your personal data may be communicated or who may learn about them; f) the period in which your data are stored or the criteria that are used to determine that period, where possible; g) the existence of an automated decision-making process, including profiling. In this case you can request the logic used, the importance and the consequences expected for you; h) the existence of adequate guarantees in case of transfer of your data to a non-EU country or an international organization; - obtain, without a justifiable delay, the updating, modification, rectification of your incorrect data or the integration of your incomplete data, if you are interested (art. 16 of European Regulation no. 679/2016); - obtain the cancellation, blocking of your data or, where possible, the transformation into anonymous form, former Articles 679/2016); - obtain the cancellation, blocking of your data or, where possible, the transformation into anonymous form, former Articles 679/2016. 17 and 18 of European Regulation no. 679/2016: a) if unlawfully processed; b) if no longer necessary in relation to the purposes for which they were collected or subsequently processed; c) if the consent on which the processing is based is revoked and if there is no other legal basis; d) if you object to the processing and there are no other legitimate reasons to continue to use your data; e) if we are required by law; f) if they relate to minors. The Owner, Otisopse Web s.r.l., may refuse to delete your data in the event of: a) exercise of the right to freedom of expression and information;

  1. b) fulfilment of a legal obligation, performance of a task carried out in the public interest or exercise of public authority; c) reasons of public health interest; d) filing in the public interest, scientific or historical research or for statistical purposes; e) ascertainment, exercise or defence of a right in court; - obtaining the limitation of the processing in the case of: a) challenge of the accuracy of personal data, if you have not preferred to request the modification, updating, modification or rectification of your data; b) unlawful processing of the Owner, namely Otisopse Web s.r.l., to receive, if the processing is carried out by automatic means, without hindrance and in a structured format, commonly used and legible, the personal data concerning you that you have provided us with prior consent or on contract to transmit them to another Holder or - if technically feasible - to obtain direct transmission from the Holder to another Holder (art. 20 of European Regulation No 679/2016); - oppose, ex art. 21 of European Regulation no. 679/2016, at any time, in whole or in part: a) for legitimate and overriding reasons connected with your particular situation, to the processing of personal data concerning you; b) to the processing of personal data concerning you for marketing and/or profiling purposes where this is carried out (e.g. you may object to the sending of advertising or direct selling material or to market research or commercial communication, through the use of automated calling systems without the intervention of an operator, by email and using traditional marketing methods, by telephone and paper mail).

For all the cases mentioned above, if necessary, Otisopse will inform the third parties to whom your personal data are communicated of any exercise of rights by you, except in specific cases (eg. when this requirement proves impossible or involves a manifestly disproportionate to the protected right).

You may at any time modify and revoke your consent and exercise your rights, pursuant to and for the purposes of art. 7 of European Regulation no. 679/2016, by sending a request to Otisopse Web s.r.l. - Affari Legali, Via Guglielmo Melisurgo no. 15 - 80133 - Naples, or by sending an email to the following email address privacy@otisopse. com

Finally, for the processing operations referred to in this policy, you have the right to make a complaint to the Guarantor for the Protection of Personal Data (www.garanteprivacy.it).

  1. Who is the owner of the treatment of your data? Who is the Data Controller? Who's the DPO?

Remember, for any need, that the owner of the processing of your personal data is Otisopse Web s.r.l. with headquarters in Via Guglielmo Melisurgo n. 15 - 80133 - Naples.

The Data Processing Manager is Francesco Esposito, who is domiciled at Otisopse Web s.r.l. with registered office at Via Guglielmo Melisurgo n. 15 - 80133 - Naples, by virtue of a deed of appointment dated May 2018.

The DPO (Data Protection Officer) of the company was not considered appropriate to appoint him, given the regulatory content on the point of European Regulation No. 679/2016.

You can contact the Data Controller at privacy@otisopse.com

This information may be subject to change, especially in the event of future legislative action in this area.