Privacy & Cookies Policy
OPIS is committed to ensuring that the processing your Personal Data is in compliance with Regulation (EU) 679/2016 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (“GDPR“) and any other applicable data national laws.
OPIS has appointed a Data Protection Officer (“DPO”) who can be contacted by email anytime at email@example.com.
Categories of Personal Data
When you navigate in our website, OPIS may collect the following information about you:
- Name, Surname, information concerning your organization and job title/position;
- Contact information including address, email address and phone number;
- Information concerning your online activities on our website such as information about your devices, browsing actions and usage patterns;
- Demographic information such as postcode;
- Any other Personal Data contained in the content you submit to us through our online contact form.
Purposes of Processing and Legal Basis
The Company intends to use your Personal Data, collected through the website, for the following purposes.
- to reply to any request you sent us through our online contact form and to provide you with the requested services and information, to propose projects and collaborations based on your request (“Service and Information”). The processing for this purpose is necessary to provide the service and for the performance of the contract. The provision of your Personal Data for this purpose is optional, however, failure to provide them would imply the inability to initiate the requested Services provided through the websites or to respond to requests.
- to fulfil any legal obligations which required the Company to collect or further process certain types of Personal Data (“Compliance”). When you provide Personal Data, they must indeed be processed according to the applicable regulations, which could entail their retention and disclosure to the Authorities for accounting, tax, or other obligations.
Furthermore, OPIS may process anonymous or aggregated data to 1) develop and improve our products and services; 2) Internal record keeping based on OPIS legitimated interest (“Internal record”)
Categories of recipients of data
For the purposes listed above we may communicate your Personal Data to third parties such as affiliates of the OPIS Group or third parties service providers duly appointed as Data Processors by OPIS or to persons authorized by OPIS to process the Personal Data required for carrying out activities strictly related to the provision of the services, who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality.
Transfers of Personal Data
Your personal data might be transferred to third parties located outside the European Union where data protection and legal requirements may not be equivalent to those in your jurisdiction. In this respect when your personal data are transferred in countries which are not part of the EU, transfers can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission.
You might request information concerning safeguards adopted for transfer to non EU Countries, including contractual agreements put in place, by contacting the DPO at the address specified above.
Your personal data will not be retained for a period of time exceeding what necessary for the purposes for which they have been collected and processed, in accordance with the Data Protection Laws. Particularly:
– Personal Data processed for Service and Information purposes will be kept by the Company for the period deemed strictly necessary to fulfil such purposes. In any case, as these Personal Data are processed for the provision of the Services, the Company will retain them for a longer period of time, particularly as may be necessary under applicable law to protect the Company’s interests against possible claims relating to the Services.
– Personal Data processed for the Compliance purpose will be retained by the Company for the period provided for by specific legal obligations or applicable law.
– the logs of proxy are retained for 1 year before being automatically deleted by the system.
Data Subjects Rights
In accordance with the law, you are entitled to obtain from the Company:
- access to your personal data;
- rectification of inaccurate date;
- erasure of personal data that the Company no longer has a legal ground to process;
- restriction of the processing of your personal data by the Company in accordance with applicable law.
Right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data carried out by the OPIS in pursuit of its legitimate interest. Any requests to object should be submitted by email to the following address: firstname.lastname@example.org
If you seek to exercise one of the above rights, OPIS will have the duty to verify your entitlement to those rights and will send you its feedback generally within one month.
If you believe your personal data has been unlawfully processed pursuant to the GDPR you have the right to file a complaint with the supervisory authority through the channels available on the dedicated website www.garanteprivacy.it , or to seek a remedy through the courts.