Privacy policy
Privacy Policy
Treatment
Pursuant to and for the purposes of Articles 13 and 14 of the European Regulation n. 679/2016 and in compliance with Legislative Decree 30.6.2003, n. 196, as amended by Legislative Decree 10 August 2018, n. 101, we wish to communicate that the Users' data collected within the site https://quellilainitaly.com (hereinafter the "Site") will be processed by Otisopse Web Srl, based in Via Guglielmo Melisurgo, 15 - 80133 Naples (of hereinafter the "Company"), as Data Controller, in manual, electronic or electronic paper form. In its capacity as Data Controller, the Company proceeds to save the personal data of Users on a special server located in Italy and to carry out all other processing operations through the personnel in charge for this purpose, or, on the occasion of maintenance operations, through any external agents. The database is accessible only by authorized parties through methods that guarantee its protection and confidentiality, thanks to the adoption of security measures designed to prevent data loss, illicit or incorrect use and unauthorized access. The data is kept for the time necessary to carry out those processing operations carried out in relation to the data of each User, according to his choices, preferences and indications, as well as in relation to the purposes indicated below.
2. Purpose of the treatment
The provision of the User's personal data is necessary for the provision of services by the Company. Therefore, failure to provide, even partial, of the same will make it impossible for the Company to proceed with the provision of the same services requested. It is also specified that the data processing will be used to: i) Allow the sending of informative, commercial, advertising and / or promotional material of the Company's services and products through "automated" contact systems (by way of example SMS and / or e-mail); ii) Collect data and information in general and in particular on the orientations and preferences of consumers in order to obtain a detailed profile of the same, to offer an increasingly efficient and personalized service. iii) Allow consumers to correctly place orders, to ensure, at the same time, that they can be processed in an appropriate manner and in full compliance with the expected processing times; iv) Administrative purposes; v) Follow up on the report (s) and / or request (s) made by the User to Customer Service.
3. Issue of consents
The Company uses the User's data in accordance with the choices that the latter has freely exercised through their consent, at the time of their collection or subsequently, as well as to comply with obligations established by law, by a regulation or by a community directive. In some cases, the data may be processed even in the absence of the User's express consent, such as for example to fulfill a specific request made by the User, to fulfill contractual obligations or, again, in cases where the processing results necessary to protect the rights of the Company in the context of legal proceedings or to comply with any requests made by the competent authorities.
4. Provision of data and release of consents
The provision of data: • for the purposes referred to in points (i) and (ii) of this information, is optional. Failure to provide it does not compromise the correct use of the website; • for the purposes referred to in point (iii) it is optional, but necessary to complete the purchase procedure. Therefore, failure to provide the data compromises the complete use of the website; • for the purposes referred to in point (v) it is necessary to allow Customer Service to properly follow up on the request made by the User. Failure to provide the data makes it impossible for the Customer Service to take charge of the User's request but does not compromise the correct use of the site. The release of consent to the processing: • for the purposes referred to in points (iii), (iv) and (v) no form of consent is required; therefore, the relative use of the services will take place following the simple provision of data; • for the purposes referred to in points (i) and (ii) the issue of consent is always optional and the User is given the opportunity to exercise the choice during registration.
5. Data Controller and Data Processor
The Data Controller of personal data is Otisopse Web S.r.l., with registered office in Via Guglielmo Melisurgo n. 15 - 80133 Naples.
The person in charge of the processing of personal data is Francesco Esposito, electively domiciled for the function at Otisopse Web S.r.l., with headquarters in Via Guglielmo Melisurgo n. 15 - 80133 Naples , by virtue of the deed of appointment of May 2018.
The data may also be communicated by the Company to the companies in charge of shipping the products purchased by the User. The aforementioned companies will process the data only to the extent that it is necessary for the performance of the tasks assigned to them, providing for the subsequent cancellation once completed.
6. Rights of the interested party
The User, with regard to the personal data provided, may exercise, as an interested party in the processing of personal data, he can exercise the following rights provided for by the GDPR and subsequent regulatory changes, by sending a request without formalities to the Data Controller, by writing to the address by e-mail info@otisopse.com
The User will have the right to obtain:
confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in a structured format of common use and readable by an automatic device and the indication:
a) the origin of personal data;
b) the purposes and methods of the processing;
c) the logic applied in case of processing carried out with the aid of electronic tools;
d) the identity of the owner and any data processor as well as the Data Protection Officer (DPO) designated pursuant to Article 37 of the GDPR;
e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representatives in the State, managers or their appointees / authorized;
f) as far as possible, the retention period of the personal data envisaged or, if not possible, the criteria used to determine this period.
The User will also have the following specific rights:
right of access (Article 15 of the GDPR). Right of the interested party to obtain access to their data and to lodge a complaint with the supervisory authority;
right of rectification (Article 16 of the GDPR). Right of the interested party to obtain from the Data Controller the correction of inaccurate personal data concerning him;
right to cancellation - right to be forgotten (Article 17 of the GDPR). The interested party has the right to obtain from the Data Controller the deletion of personal data concerning him without undue delay;
right to limitation of processing (Article 18 of the GDPR). Right of the interested party to obtain a limitation on the processing of the data;
notification obligation (Article 19 of the GDPR). The Data Controller communicates to each of the recipients to whom the personal data have been transmitted any corrections or cancellations or limitations of the processing carried out in accordance with the aforementioned articles. 16, 17 and 18;
right to data portability (Article 20 GDPR). The interested party has the right to receive personal data concerning him provided to the Data Controller and has the right to transmit such data to another Data Controller without impediments by the previous Data Controller and in direct form, where technically feasible;
right to object (Article 21 of the GDPR). Right of the interested party to oppose the processing of his personal data;
profiling (Article 22 of the GDPR). The interested party has the right not to be subjected to a decision based solely on automated processing, including profiling, or which significantly affects his person.
The User will also have the express right to object, in whole or in part and at any time:
a) for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection;
b) to the processing of personal data concerning you for the sole purpose of sending advertising material or for carrying out market research.
Finally, the User will have the right to revoke the consent to the processing of data already given, except for the fact that this may make it impossible to conclude the relevant contract for the requested purchase.
7. Minor Users
The Company is aware that the Website and the services it offers may also be of interest to a minor public. For the above reason, the Company also encourages the registration of parents of registered underage Users: in this way parents have the opportunity to use the same services and to always be aware of the initiatives that the company makes available to sons.
Privacy Policy
Otisopse Web s.r.l, Data Controller, informs you, pursuant to European Regulation no. 679/2016 and in compliance with Legislative Decree 30.6.2003, n. 196, as amended by Legislative Decree 10 August 2018, n. 101, on the purposes and methods of processing your personal and sensitive data.
Privacy is very important to us and we want you to always feel protected. For this we invite you to read the information carefully.
By using our services, you transmit or share some information with us which allow us in some cases to provide the service, in other cases to meet your needs and improve ourselves. In this document we would like to explain to you: 1. what data we use; 2. why and on what legal basis we collect your data; 3. how your data is used; 4. which data are mandatory and which are optional; 5. how long your data are kept; 6. who can have access to your data; 7. to whom your data may be disclosed; 8. where your data can be transferred; 9. what are your rights; 10. who is the Data Controller of your data and who is the Data Protection Officer.
What data do we use?
In Otisopse Web s.r.l. we use various of your personal data (hereinafter "personal data" or "data"), namely:
the data you provide, identifying and non-sensitive such as: name and surname or company name, identity document, social security number, VAT number, address, email, telephone number, bank details and data relating to the Otisopse services you have used. These are the data you provided us when requesting services or products, or even subsequently • data related to your preferences and commercial interests, in particular: the contents, the use of the services, the functionalities used.
Why and on what legal basis do we collect your data?
The data you provide allow us, on the one hand, to carry out all administrative activities relating to your contract and to satisfy your requests, on the other hand, they help us to verify any anomalies deriving from the use of products and services provided by us. .
Specifically, your personal data are processed for the following purposes and legal bases:
a) without your prior consent for the purposes of the service and in particular for:
the execution of the contract or the fulfillment of pre-contractual commitments: - activate, provide, suspend and manage your contract and related services, providing for the related invoicing, sending of service communications and assistance; - provide you with the services of the Otisopse commercial offer: these services include additional and optional services; - improve technical assistance, customer care activities, our services, contents and products through aggregate statistical analysis on an anonymous basis;
the pursuit of a legitimate interest of the Data Controller: - manage complaints and disputes, recover credits, prevent fraud and illegal activities; - exercise the rights and protect the legitimate interests of the Data Controller or of Third Party Controllers, for example the right to defense in court; - send you commercial communications to the email address you provided, if you are already our customer, relating to Otisopse services and products similar to those you have already used. Each email sent will allow you, by clicking on the appropriate link, to refuse further communications transmissions.
the fulfillment of legal obligations: - respect and fulfill the obligations established by laws, regulations, community regulations, orders and requirements of the competent authorities. For example, by law we are required to provide a copy of your identity document and your tax code to the Archives of the Ministry of Economy and Finance and managed by Consap S.p.A. to compare them with the data present in the databases of the Revenue Agency, the Ministry of the Interior, the Ministry of Transport, INPS and Inail, thus verifying their authenticity and thus being able to prevent identity theft fraud in sectors of consumer credit, deferred and deferred payments, electronic and interactive communication services (so-called SCIPAFI).
b) only after you have given your consent, for other non-service purposes, and precisely for:
marketing purposes, i.e. to inform you with ordinary letters, telephone calls, emails, messages on the TV, SMS, MMS, notifications and newsletters of Otisopse's initiatives and offers and to propose Otisopse questionnaires and market research;
profiling purposes, that is: - to analyze, even automatically, your preferences and interests (for example, the use of content and services, including those purchased, the features used, connection times, traffic data , etc.) and propose (by ordinary letters, telephone calls, emails, messages on the TV, SMS, MMS, notifications and newsletters) services, contents, initiatives and offers customized for you; - to analyze, even automatically, your preferences and interests related to the use of Otisopse products and offers and propose you (by ordinary letters, telephone calls,
emails, messages on the TV, SMS, MMS, notifications and newsletters) services, contents, initiatives and offers customized for you; - to analyze, even in an automated way, data relating to the use of Otisopse services - subject to the consent provided during the activation phase of the the service itself - to analyze your preferences and interests and propose (by ordinary letters, telephone calls, emails, messages on the TV, SMS, MMS, notifications and newsletters) services, contents, initiatives and offers customized for you.
How is your data used?
Your personal data are used for collection, registration, organization, storage, consultation, analysis, matching, processing, modification, selection, extraction, comparison of databases (for example for verifying the saleability of the offer), use, interconnection. , crossing, blocking, communication, cancellation and destruction of data. Your personal data are subjected to paper, electronic and automated processing and stored on a database.
Which data are mandatory and which are optional?
Among the information we collect, some are essential for the stipulation and administration of your contract, others help us to offer you a better service, day after day. Particularly:
the provision of your personal data, processed for service purposes, is necessary to subscribe to and use the services of Otisopse; • the provision of your personal data, processed for other purposes, is optional. Failure to provide them does not prevent you from using Otisopse services, but you will not be able to receive our commercial communications and personalized offers.
How long are your data kept?
Otisopse Web stores and uses your personal data for no more than 10 years from the end of the relationship for service purposes and, in any case, for the statutory limitation period, for no more than 13 months from the end of the relationship for marketing purposes. ; for the time of your consent and, in any case, for no more than 36 months from collection, for profiling purposes. Subsequently, your data is anonymized and processed for aggregate and anonymous statistical analysis.
Who can have access to your data?
We care about your privacy and do everything we can to protect you. This is why we share your data only when strictly necessary and only with those who help us to offer you a better service every day. Your data is in fact accessible to: • employees and / or collaborators of Otisopse or of the companies of the Otisopse Group, who contribute to creating, maintaining and improving all Otisopse services in their capacity as persons in charge and / or internal data processors and / o system administrators; • Otisopse Group companies, commercial partners and service providers who carry out outsourced activities on behalf of Otisopse - in their capacity as external data processors - carrying out activities connected, instrumental or supportive to those of Otisopse, for example: management and maintenance content of websites and apps, customer assistance, customer care and call center services, management of information technology systems, editorial services, credit recovery, data processing services for billing, archiving of documentation relating to customer relations , etc.
Who can your data be disclosed to?
Otisopse may communicate your data without your express consent for service purposes: • to the judicial authorities, upon their request; • to the companies of the Otisopse Group and to all other subjects to whom it is necessary to communicate them, by law or by contract, to allow the performance of the purposes described above (such as, for example, credit institutions, professional firms, commercial partners). Otisopse may communicate the data to the companies of the Otisopse Group or its partners to allow the autonomous marketing purposes described above to be carried out: for this purpose, Otisopse will ask you for a specific consent before communication. These subjects will process your data in their capacity as independent data controllers. In any case, we want to reassure you that your data will not be disclosed.
Where can your data be transferred?
Your data may also be transferred outside the European Union to the subjects specified in paragraphs 6 and 7 (including, in particular, to subjects established in the USA and Albania). To protect your data in the context of these transfers, Otisopse adopts appropriate safeguards, including adequacy decisions and standard contractual clauses approved by the European Commission, in accordance with the provisions of Chapter V, Articles 45, 46 and 47, of the European Regulation n. 679/2016.
What are your rights?
Up to now we have talked about how we process your data and how we behave; now we show you what your rights are, in order to always have control over your privacy and information. If the limitations provided for by law do not apply, you have the right, pursuant to art. 15 of the European Regulation n. 679/2016, to: • have confirmation of the existence or otherwise of your data personal, even if not yet registered and request that such data be made available to you in a clear and understandable way; • ask for information and, if necessary, a copy: a) of the origin and category of your personal data: b) of the logic of use, if your information is processed by electronic means; c) the purposes and methods of the processing; d) the identity of the owner and managers; e) the subjects or categories of subjects to whom your personal data may be communicated or who can learn about them; f) the period in which your data is stored or the criteria that are used to determine this period, when possible; g) the existence of an automated decision-making process, including profiling. In this case, you can request the logic used, the importance and consequences envisaged for you; h) the existence of adequate guarantees in case of transfer of your data to a non-EU country or to an international organization; • obtain, without justifiable delay, the updating, modification, rectification of your incorrect data or the integration of your incomplete data, if interested (Article 16 of the European Regulation no. 679/2016 ); • obtain the cancellation, blocking of your data or, where possible, the transformation into anonymous form, pursuant to art. 17 and 18 of the European Regulation n. 679/2016: a) if unlawfully processed; b) if no longer necessary in relation to the purposes for which they were collected or subsequently processed; c) in case of revocation of the consent on which the treatment is based and in case there is no other legal basis; d) in the event that you have opposed the processing and there are no further legitimate reasons to continue using your data; e) if required by law; f) if they refer to minors. The Data Controller, i.e. Otisopse Web s.r.l., may refuse to delete your data in the case of: a) exercising the right to freedom of expression and information;
b) fulfillment of a legal obligation, performance of a task carried out in the public interest or exercise of public authority; c) reasons of public health interest; d) archiving in the public interest, scientific or historical research or for statistical purposes; e) ascertaining, exercising or defending a right in court; • obtain the limitation of processing in the case of: a) dispute of the accuracy of personal data, if you have not preferred to request the modification, updating, modification or correction of your data; b) unlawful processing by the Data Controller, i.e. Otisopse Web s.r.l., to prevent its cancellation; c) exercise of your right in court; d) verification of the possible prevalence of the legitimate reasons of the Data Controller with respect to those of the interested party; • receive, if the processing is carried out by automatic means, without hindrance and in a structured format, commonly used and legible, the personal data concerning you that you have provided us with prior consent or on contract to transmit them to another Data Controller or - if technically feasible - to obtain direct transmission from the Data Controller to another Data Controller (Article 20 of the European Regulation no. 679/2016); • oppose, pursuant to art. 21 of the European Regulation n. 679/2016, at any time, totally or in part: a) for legitimate and overriding reasons, connected to your particular situation, to the processing of personal data concerning you; b) to the processing of personal data concerning you for marketing and / or profiling purposes where carried out (e.g. you can oppose the sending of advertising or direct sales material or the carrying out of market research or commercial communication, through the use of automated call systems without the intervention of an operator, with email and with traditional marketing methods, with telephone and paper mail).
For all the cases mentioned above, if necessary, Otisopse will inform the third parties to whom your personal data are communicated of the possible exercise of rights by you, except in specific cases (e.g. when such fulfillment proves impossible or involves the use of means that are manifestly disproportionate to the protected right).
You can at any time modify and revoke the consent given and exercise your rights, pursuant to and for the purposes of art. 7 of the European Regulation n. 679/2016, by sending a request to Otisopse Web s.r.l. - Legal Affairs, Via Guglielmo Melisurgo n. 15 - 80133 - Naples, or by sending an email to the following email address privacy@otisopse.com
Finally, for the treatments referred to in this statement, you have the right to lodge a complaint with the Guarantor for the Protection of Personal Data (www.garanteprivacy.it).
Who is the Data Controller of your data? Who is the Data Processor? Who is the DPO?
Remember, for any ex requirement, that the Data Controller of your personal data is Otisopse Web s.r.l. with headquarters in Via Guglielmo Melisurgo n. 15 - 80133 - Naples.
The Data Processing Manager is Francesco Esposito, electively domiciled at Otisopse Web s.r.l. with headquarters in Via Guglielmo Melisurgo n. 15 - 80133 - Naples, by virtue of the deed of appointment of May 2018.
The DPO (Data Protection Officer) of the company was not deemed appropriate to appoint him, given the regulatory content on the point of the European Regulation no. 679/2016.
You can contact the Data Processing Manager at the email address privacy@otisopse.com
This information may be subject to any changes, especially in the case of future legislative interventions on the subject.
Treatment
Pursuant to and for the purposes of Articles 13 and 14 of the European Regulation n. 679/2016 and in compliance with Legislative Decree 30.6.2003, n. 196, as amended by Legislative Decree 10 August 2018, n. 101, we wish to communicate that the Users' data collected within the site https://quellilainitaly.com (hereinafter the "Site") will be processed by Otisopse Web Srl, based in Via Guglielmo Melisurgo, 15 - 80133 Naples (of hereinafter the "Company"), as Data Controller, in manual, electronic or electronic paper form. In its capacity as Data Controller, the Company proceeds to save the personal data of Users on a special server located in Italy and to carry out all other processing operations through the personnel in charge for this purpose, or, on the occasion of maintenance operations, through any external agents. The database is accessible only by authorized parties through methods that guarantee its protection and confidentiality, thanks to the adoption of security measures designed to prevent data loss, illicit or incorrect use and unauthorized access. The data is kept for the time necessary to carry out those processing operations carried out in relation to the data of each User, according to his choices, preferences and indications, as well as in relation to the purposes indicated below.
2. Purpose of the treatment
The provision of the User's personal data is necessary for the provision of services by the Company. Therefore, failure to provide, even partial, of the same will make it impossible for the Company to proceed with the provision of the same services requested. It is also specified that the data processing will be used to: i) Allow the sending of informative, commercial, advertising and / or promotional material of the Company's services and products through "automated" contact systems (by way of example SMS and / or e-mail); ii) Collect data and information in general and in particular on the orientations and preferences of consumers in order to obtain a detailed profile of the same, to offer an increasingly efficient and personalized service. iii) Allow consumers to correctly place orders, to ensure, at the same time, that they can be processed in an appropriate manner and in full compliance with the expected processing times; iv) Administrative purposes; v) Follow up on the report (s) and / or request (s) made by the User to Customer Service.
3. Issue of consents
The Company uses the User's data in accordance with the choices that the latter has freely exercised through their consent, at the time of their collection or subsequently, as well as to comply with obligations established by law, by a regulation or by a community directive. In some cases, the data may be processed even in the absence of the User's express consent, such as for example to fulfill a specific request made by the User, to fulfill contractual obligations or, again, in cases where the processing results necessary to protect the rights of the Company in the context of legal proceedings or to comply with any requests made by the competent authorities.
4. Provision of data and release of consents
The provision of data: • for the purposes referred to in points (i) and (ii) of this information, is optional. Failure to provide it does not compromise the correct use of the website; • for the purposes referred to in point (iii) it is optional, but necessary to complete the purchase procedure. Therefore, failure to provide the data compromises the complete use of the website; • for the purposes referred to in point (v) it is necessary to allow Customer Service to properly follow up on the request made by the User. Failure to provide the data makes it impossible for the Customer Service to take charge of the User's request but does not compromise the correct use of the site. The release of consent to the processing: • for the purposes referred to in points (iii), (iv) and (v) no form of consent is required; therefore, the relative use of the services will take place following the simple provision of data; • for the purposes referred to in points (i) and (ii) the issue of consent is always optional and the User is given the opportunity to exercise the choice during registration.
5. Data Controller and Data Processor
The Data Controller of personal data is Otisopse Web S.r.l., with registered office in Via Guglielmo Melisurgo n. 15 - 80133 Naples.
The person in charge of the processing of personal data is Francesco Esposito, electively domiciled for the function at Otisopse Web S.r.l., with headquarters in Via Guglielmo Melisurgo n. 15 - 80133 Naples , by virtue of the deed of appointment of May 2018.
The data may also be communicated by the Company to the companies in charge of shipping the products purchased by the User. The aforementioned companies will process the data only to the extent that it is necessary for the performance of the tasks assigned to them, providing for the subsequent cancellation once completed.
6. Rights of the interested party
The User, with regard to the personal data provided, may exercise, as an interested party in the processing of personal data, he can exercise the following rights provided for by the GDPR and subsequent regulatory changes, by sending a request without formalities to the Data Controller, by writing to the address by e-mail info@otisopse.com
The User will have the right to obtain:
confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in a structured format of common use and readable by an automatic device and the indication:
a) the origin of personal data;
b) the purposes and methods of the processing;
c) the logic applied in case of processing carried out with the aid of electronic tools;
d) the identity of the owner and any data processor as well as the Data Protection Officer (DPO) designated pursuant to Article 37 of the GDPR;
e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representatives in the State, managers or their appointees / authorized;
f) as far as possible, the retention period of the personal data envisaged or, if not possible, the criteria used to determine this period.
The User will also have the following specific rights:
right of access (Article 15 of the GDPR). Right of the interested party to obtain access to their data and to lodge a complaint with the supervisory authority;
right of rectification (Article 16 of the GDPR). Right of the interested party to obtain from the Data Controller the correction of inaccurate personal data concerning him;
right to cancellation - right to be forgotten (Article 17 of the GDPR). The interested party has the right to obtain from the Data Controller the deletion of personal data concerning him without undue delay;
right to limitation of processing (Article 18 of the GDPR). Right of the interested party to obtain a limitation on the processing of the data;
notification obligation (Article 19 of the GDPR). The Data Controller communicates to each of the recipients to whom the personal data have been transmitted any corrections or cancellations or limitations of the processing carried out in accordance with the aforementioned articles. 16, 17 and 18;
right to data portability (Article 20 GDPR). The interested party has the right to receive personal data concerning him provided to the Data Controller and has the right to transmit such data to another Data Controller without impediments by the previous Data Controller and in direct form, where technically feasible;
right to object (Article 21 of the GDPR). Right of the interested party to oppose the processing of his personal data;
profiling (Article 22 of the GDPR). The interested party has the right not to be subjected to a decision based solely on automated processing, including profiling, or which significantly affects his person.
The User will also have the express right to object, in whole or in part and at any time:
a) for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection;
b) to the processing of personal data concerning you for the sole purpose of sending advertising material or for carrying out market research.
Finally, the User will have the right to revoke the consent to the processing of data already given, except for the fact that this may make it impossible to conclude the relevant contract for the requested purchase.
7. Minor Users
The Company is aware that the Website and the services it offers may also be of interest to a minor public. For the above reason, the Company also encourages the registration of parents of registered underage Users: in this way parents have the opportunity to use the same services and to always be aware of the initiatives that the company makes available to sons.
Privacy Policy
Otisopse Web s.r.l, Data Controller, informs you, pursuant to European Regulation no. 679/2016 and in compliance with Legislative Decree 30.6.2003, n. 196, as amended by Legislative Decree 10 August 2018, n. 101, on the purposes and methods of processing your personal and sensitive data.
Privacy is very important to us and we want you to always feel protected. For this we invite you to read the information carefully.
By using our services, you transmit or share some information with us which allow us in some cases to provide the service, in other cases to meet your needs and improve ourselves. In this document we would like to explain to you: 1. what data we use; 2. why and on what legal basis we collect your data; 3. how your data is used; 4. which data are mandatory and which are optional; 5. how long your data are kept; 6. who can have access to your data; 7. to whom your data may be disclosed; 8. where your data can be transferred; 9. what are your rights; 10. who is the Data Controller of your data and who is the Data Protection Officer.
What data do we use?
In Otisopse Web s.r.l. we use various of your personal data (hereinafter "personal data" or "data"), namely:
the data you provide, identifying and non-sensitive such as: name and surname or company name, identity document, social security number, VAT number, address, email, telephone number, bank details and data relating to the Otisopse services you have used. These are the data you provided us when requesting services or products, or even subsequently • data related to your preferences and commercial interests, in particular: the contents, the use of the services, the functionalities used.
Why and on what legal basis do we collect your data?
The data you provide allow us, on the one hand, to carry out all administrative activities relating to your contract and to satisfy your requests, on the other hand, they help us to verify any anomalies deriving from the use of products and services provided by us. .
Specifically, your personal data are processed for the following purposes and legal bases:
a) without your prior consent for the purposes of the service and in particular for:
the execution of the contract or the fulfillment of pre-contractual commitments: - activate, provide, suspend and manage your contract and related services, providing for the related invoicing, sending of service communications and assistance; - provide you with the services of the Otisopse commercial offer: these services include additional and optional services; - improve technical assistance, customer care activities, our services, contents and products through aggregate statistical analysis on an anonymous basis;
the pursuit of a legitimate interest of the Data Controller: - manage complaints and disputes, recover credits, prevent fraud and illegal activities; - exercise the rights and protect the legitimate interests of the Data Controller or of Third Party Controllers, for example the right to defense in court; - send you commercial communications to the email address you provided, if you are already our customer, relating to Otisopse services and products similar to those you have already used. Each email sent will allow you, by clicking on the appropriate link, to refuse further communications transmissions.
the fulfillment of legal obligations: - respect and fulfill the obligations established by laws, regulations, community regulations, orders and requirements of the competent authorities. For example, by law we are required to provide a copy of your identity document and your tax code to the Archives of the Ministry of Economy and Finance and managed by Consap S.p.A. to compare them with the data present in the databases of the Revenue Agency, the Ministry of the Interior, the Ministry of Transport, INPS and Inail, thus verifying their authenticity and thus being able to prevent identity theft fraud in sectors of consumer credit, deferred and deferred payments, electronic and interactive communication services (so-called SCIPAFI).
b) only after you have given your consent, for other non-service purposes, and precisely for:
marketing purposes, i.e. to inform you with ordinary letters, telephone calls, emails, messages on the TV, SMS, MMS, notifications and newsletters of Otisopse's initiatives and offers and to propose Otisopse questionnaires and market research;
profiling purposes, that is: - to analyze, even automatically, your preferences and interests (for example, the use of content and services, including those purchased, the features used, connection times, traffic data , etc.) and propose (by ordinary letters, telephone calls, emails, messages on the TV, SMS, MMS, notifications and newsletters) services, contents, initiatives and offers customized for you; - to analyze, even automatically, your preferences and interests related to the use of Otisopse products and offers and propose you (by ordinary letters, telephone calls,
emails, messages on the TV, SMS, MMS, notifications and newsletters) services, contents, initiatives and offers customized for you; - to analyze, even in an automated way, data relating to the use of Otisopse services - subject to the consent provided during the activation phase of the the service itself - to analyze your preferences and interests and propose (by ordinary letters, telephone calls, emails, messages on the TV, SMS, MMS, notifications and newsletters) services, contents, initiatives and offers customized for you.
How is your data used?
Your personal data are used for collection, registration, organization, storage, consultation, analysis, matching, processing, modification, selection, extraction, comparison of databases (for example for verifying the saleability of the offer), use, interconnection. , crossing, blocking, communication, cancellation and destruction of data. Your personal data are subjected to paper, electronic and automated processing and stored on a database.
Which data are mandatory and which are optional?
Among the information we collect, some are essential for the stipulation and administration of your contract, others help us to offer you a better service, day after day. Particularly:
the provision of your personal data, processed for service purposes, is necessary to subscribe to and use the services of Otisopse; • the provision of your personal data, processed for other purposes, is optional. Failure to provide them does not prevent you from using Otisopse services, but you will not be able to receive our commercial communications and personalized offers.
How long are your data kept?
Otisopse Web stores and uses your personal data for no more than 10 years from the end of the relationship for service purposes and, in any case, for the statutory limitation period, for no more than 13 months from the end of the relationship for marketing purposes. ; for the time of your consent and, in any case, for no more than 36 months from collection, for profiling purposes. Subsequently, your data is anonymized and processed for aggregate and anonymous statistical analysis.
Who can have access to your data?
We care about your privacy and do everything we can to protect you. This is why we share your data only when strictly necessary and only with those who help us to offer you a better service every day. Your data is in fact accessible to: • employees and / or collaborators of Otisopse or of the companies of the Otisopse Group, who contribute to creating, maintaining and improving all Otisopse services in their capacity as persons in charge and / or internal data processors and / o system administrators; • Otisopse Group companies, commercial partners and service providers who carry out outsourced activities on behalf of Otisopse - in their capacity as external data processors - carrying out activities connected, instrumental or supportive to those of Otisopse, for example: management and maintenance content of websites and apps, customer assistance, customer care and call center services, management of information technology systems, editorial services, credit recovery, data processing services for billing, archiving of documentation relating to customer relations , etc.
Who can your data be disclosed to?
Otisopse may communicate your data without your express consent for service purposes: • to the judicial authorities, upon their request; • to the companies of the Otisopse Group and to all other subjects to whom it is necessary to communicate them, by law or by contract, to allow the performance of the purposes described above (such as, for example, credit institutions, professional firms, commercial partners). Otisopse may communicate the data to the companies of the Otisopse Group or its partners to allow the autonomous marketing purposes described above to be carried out: for this purpose, Otisopse will ask you for a specific consent before communication. These subjects will process your data in their capacity as independent data controllers. In any case, we want to reassure you that your data will not be disclosed.
Where can your data be transferred?
Your data may also be transferred outside the European Union to the subjects specified in paragraphs 6 and 7 (including, in particular, to subjects established in the USA and Albania). To protect your data in the context of these transfers, Otisopse adopts appropriate safeguards, including adequacy decisions and standard contractual clauses approved by the European Commission, in accordance with the provisions of Chapter V, Articles 45, 46 and 47, of the European Regulation n. 679/2016.
What are your rights?
Up to now we have talked about how we process your data and how we behave; now we show you what your rights are, in order to always have control over your privacy and information. If the limitations provided for by law do not apply, you have the right, pursuant to art. 15 of the European Regulation n. 679/2016, to: • have confirmation of the existence or otherwise of your data personal, even if not yet registered and request that such data be made available to you in a clear and understandable way; • ask for information and, if necessary, a copy: a) of the origin and category of your personal data: b) of the logic of use, if your information is processed by electronic means; c) the purposes and methods of the processing; d) the identity of the owner and managers; e) the subjects or categories of subjects to whom your personal data may be communicated or who can learn about them; f) the period in which your data is stored or the criteria that are used to determine this period, when possible; g) the existence of an automated decision-making process, including profiling. In this case, you can request the logic used, the importance and consequences envisaged for you; h) the existence of adequate guarantees in case of transfer of your data to a non-EU country or to an international organization; • obtain, without justifiable delay, the updating, modification, rectification of your incorrect data or the integration of your incomplete data, if interested (Article 16 of the European Regulation no. 679/2016 ); • obtain the cancellation, blocking of your data or, where possible, the transformation into anonymous form, pursuant to art. 17 and 18 of the European Regulation n. 679/2016: a) if unlawfully processed; b) if no longer necessary in relation to the purposes for which they were collected or subsequently processed; c) in case of revocation of the consent on which the treatment is based and in case there is no other legal basis; d) in the event that you have opposed the processing and there are no further legitimate reasons to continue using your data; e) if required by law; f) if they refer to minors. The Data Controller, i.e. Otisopse Web s.r.l., may refuse to delete your data in the case of: a) exercising the right to freedom of expression and information;
b) fulfillment of a legal obligation, performance of a task carried out in the public interest or exercise of public authority; c) reasons of public health interest; d) archiving in the public interest, scientific or historical research or for statistical purposes; e) ascertaining, exercising or defending a right in court; • obtain the limitation of processing in the case of: a) dispute of the accuracy of personal data, if you have not preferred to request the modification, updating, modification or correction of your data; b) unlawful processing by the Data Controller, i.e. Otisopse Web s.r.l., to prevent its cancellation; c) exercise of your right in court; d) verification of the possible prevalence of the legitimate reasons of the Data Controller with respect to those of the interested party; • receive, if the processing is carried out by automatic means, without hindrance and in a structured format, commonly used and legible, the personal data concerning you that you have provided us with prior consent or on contract to transmit them to another Data Controller or - if technically feasible - to obtain direct transmission from the Data Controller to another Data Controller (Article 20 of the European Regulation no. 679/2016); • oppose, pursuant to art. 21 of the European Regulation n. 679/2016, at any time, totally or in part: a) for legitimate and overriding reasons, connected to your particular situation, to the processing of personal data concerning you; b) to the processing of personal data concerning you for marketing and / or profiling purposes where carried out (e.g. you can oppose the sending of advertising or direct sales material or the carrying out of market research or commercial communication, through the use of automated call systems without the intervention of an operator, with email and with traditional marketing methods, with telephone and paper mail).
For all the cases mentioned above, if necessary, Otisopse will inform the third parties to whom your personal data are communicated of the possible exercise of rights by you, except in specific cases (e.g. when such fulfillment proves impossible or involves the use of means that are manifestly disproportionate to the protected right).
You can at any time modify and revoke the consent given and exercise your rights, pursuant to and for the purposes of art. 7 of the European Regulation n. 679/2016, by sending a request to Otisopse Web s.r.l. - Legal Affairs, Via Guglielmo Melisurgo n. 15 - 80133 - Naples, or by sending an email to the following email address privacy@otisopse.com
Finally, for the treatments referred to in this statement, you have the right to lodge a complaint with the Guarantor for the Protection of Personal Data (www.garanteprivacy.it).
Who is the Data Controller of your data? Who is the Data Processor? Who is the DPO?
Remember, for any ex requirement, that the Data Controller of your personal data is Otisopse Web s.r.l. with headquarters in Via Guglielmo Melisurgo n. 15 - 80133 - Naples.
The Data Processing Manager is Francesco Esposito, electively domiciled at Otisopse Web s.r.l. with headquarters in Via Guglielmo Melisurgo n. 15 - 80133 - Naples, by virtue of the deed of appointment of May 2018.
The DPO (Data Protection Officer) of the company was not deemed appropriate to appoint him, given the regulatory content on the point of the European Regulation no. 679/2016.
You can contact the Data Processing Manager at the email address privacy@otisopse.com
This information may be subject to any changes, especially in the case of future legislative interventions on the subject.