Privacy & Cookie Policy - O.L.F.A. S.r.l.

NOTICE FOR THE PROCESSING OF PERSONAL DATA

This Privacy Notice defines which data are collected and how they are used, disclosed, transferred, and/or stored by the company.

This notice is provided pursuant to Articles 13-14 of Regulation (EU) 2016/679 – hereinafter referred to as GDPR – to those who interact with web services accessible electronically from the address: www.olfa.it

This notice is subject to updates, which will be promptly published on the website.

DATA CONTROLLER

The Data Controller of the Data collected by this site is O.L.F.A. S.r.l., with registered office in Rivoli 10098 (TO), Via Biella, 54/A, VAT no. 07641770016, email: info@olfa.it

METHODS OF PROCESSING PERSONAL DATA

The Personal Data provided or acquired will be processed in accordance with the principles of fairness, lawfulness, transparency, and confidentiality pursuant to current regulations.

The Controller processes the Users’ Personal Data by adopting appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.

Processing is carried out via IT and/or telematic tools, with organizational methods and logic strictly related to the indicated Purposes. Among the Personal Data collected by this Website, either independently or through third parties, there are: Cookies, Usage Data, Email, and Name. Additional Personal Data collected may be indicated in other sections of this Privacy Policy or by means of informative texts displayed at the time of Data collection. Personal Data may be entered voluntarily by the User, or automatically collected during use of this Website.

1. DATA COMMUNICATION AND DISCLOSURE

In addition to the Controller, in certain cases, others may have access to the Data:

a) categories of individuals, properly trained for this purpose, involved in the organization of the Website (administrative, commercial, marketing, legal, system administrators);
b) external parties (such as third-party technical service providers, hosting providers, IT companies, communication agencies) also appointed as Data Processors by the Controller pursuant to Art. 28 GDPR. The updated list of Processors, if appointed, may always be requested from the Data Controller;
c) public or private entities that can access the Data in compliance with a legal obligation;
d) entities that perform tasks accessory and instrumental to the Controller’s activity;
e) external entities such as partners in the organization of initiatives and events promoted and/or sponsored by the Controller, to whom the communication of Data is necessary for organizational reasons;
f) subject to the Data Subject’s consent, the entities indicated in point 5), letter g) of this Privacy Policy.

2. DATA VOLUNTARILY PROVIDED BY THE USER

The optional, explicit, and voluntary sending of email, including via the Contact Form or the addresses indicated on this Website, entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other Personal Data included in the email. The User’s consent to provide Data is necessary to be included in the Controller’s databases and for the establishment and proper performance of what is offered by the Controller to its Users, as well as to third parties for the fulfillment of each requested activity. Therefore, failure to provide the Data prevents registration in the Controller’s databases, the conclusion of any contracts, and the execution thereof as well as any other possible activity. Consequently, the failure of the User to provide certain Personal Data may prevent this Website from providing its services. The User assumes responsibility for the Personal Data of third parties published or shared through this Website and guarantees that they have the right to communicate or disclose them, releasing the Controller from any liability toward third parties.

3. PLACE OF PROCESSING

The data are processed at the operational headquarters of the Controller. For more information, you can contact the Data Controller.

4. DURATION OF PROCESSING

As expressly provided by Art. 5, paragraph 1, letter e) of the GDPR, the Data are retained for the time necessary for their Processing in relation to the performance of the service requested by the User or required by the Purposes described in this document.

Specifically:

– Personal Data collected for purposes related to the execution of a contract between the Controller and the User will be retained until the contract has been fully performed;
– Data collected for Purposes attributable to the legitimate interest of the Controller will be retained until such interest is fulfilled. The User may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller;
– Data collected based on the User’s Consent may be retained until such Consent is revoked;
– Data collected for fiscal/administrative obligations will be retained for the time necessary to fulfill the aforementioned purposes and in accordance with the law, and in any case for a period not exceeding that provided by civil legislation;
– Data may be retained by the Controller for a longer period in compliance with legal obligations or by order of an authority;

The User may always request the interruption of Processing or the deletion of Data not related to the performance of the contract.

At the end of the retention period, the Personal Data will be deleted. Therefore, once this period expires, the right of access, deletion, rectification, and the right to Data portability can no longer be exercised.

5. PURPOSES OF THE PROCESSING OF THE COLLECTED DATA

The User’s Data are collected to allow the Website to provide its services, as well as for the following Purposes: Contacting the User, managing addresses and sending email messages, interacting with external platforms, and statistics. In particular:

a) to comply with any type of obligation contemplated and provided for by current laws, regulations, or commercial practices, especially in tax/fiscal matters;
b) to follow up on specific requests made to the Controller by the User through the Website and its communication tools (Contact Form, information request forms, and similar);
c) for informational communications regarding the Controller’s services, following a request for information by email messages or by filling out the Contact Form and other communication tools;
d) for other accessory or related purposes to those mentioned above that fall within the scope of the Website’s activities;
e) for sending promotional and commercial information and offers;
f) for profiling activities for marketing purposes;
g) for transferring the Data to companies and/or third parties with which the Controller collaborates or has entered into agreements, which may use the Data of the Data Subject to send communications and/or informational material related to events they organize or services they provide;

The types of Personal Data used for each purpose are indicated in the specific sections of this document.

For the purposes referred to in point a), the Processing is necessary for the performance of a contract to which the data subject is a party, for the implementation of pre-contractual measures, or to fulfill a legal obligation to which the Data Controller is subject.

For the purposes referred to in points b), c), d), Processing is optional; however, failure to provide one or more Data will make it impossible to respond to your request for information and to use the services offered by the Controller.

For the purposes referred to in points e), f), g), Processing is based on the freely given consent of the data subject.

FURTHER INFORMATION ON PROCESSING

DEFENSE IN COURT

The User’s Personal Data may be used by the Controller in court or in preparatory stages leading to its potential establishment, against abuses in the use of the same or related services by the User. The User acknowledges that the Controller may be required to disclose the Data at the request of public authorities.

NATURE OF THE DATA PROCESSED AND CONSEQUENCES OF ANY REFUSAL

The provision of browsing data by Users, for the purposes stated above, depends on the level of privacy that the User has enabled or disabled through their browser. In some cases, disabling it may affect navigation on this Website. For certain modules of this Website, providing browsing data and/or using technical cookies is mandatory for the proper functioning of the site. Providing some personal data is, in any case, necessary due to the structure of the Website and its procedures. Specifically, by way of example:

• to send messages via the Contact Form, the minimum data requested therein are always mandatory;

If not provided, the procedure cannot be completed.

Any request for other optional Data will be preceded by a specific approval checkbox. The provision of all other Data is optional, depending on the type of information the User wishes to provide to the Website.

EXERCISE OF THE DATA SUBJECT’S RIGHTS

The data subject has the right to exercise the rights provided for in Articles 7, 15-22 of EU Regulation 679/2016.

In particular, they have the right to withdraw their consent at any time and, by simple request to the Data Controller, may request access to Personal Data, receive the Personal Data provided to the Controller, and where possible transmit them to another Data Controller without hindrance (so-called portability), obtain the update, restriction of processing, rectification of Data, and the deletion of those processed in violation of current regulations. They have the right, for legitimate reasons, to object to the Processing of Personal Data concerning them and to the Processing for the purpose of sending advertising material, direct sales, or carrying out market research. They also have the right to file a complaint with the Privacy Authority as the supervisory authority on the protection of Personal Data. The data subject can exercise their rights by contacting the Controller via email at: info@olfa.it

CHANGES TO THIS PRIVACY POLICY

The Data Controller reserves the right to make changes to this Privacy Policy at any time, publicizing them to Users on this page. Therefore, please consult this page frequently, taking as reference the date of the last modification indicated at the bottom. In case of non-acceptance of the changes made to this Privacy Policy, the User must discontinue using this Website and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous Privacy Policy will continue to apply to Personal Data collected up to that moment.

The Data Controller is responsible for this Privacy Policy.

Privacy Notice updated in January 2023

COOKIE POLICY

This Cookie Policy, or extended notice regarding cookies and other tracking tools, concerns the use of Cookies by the website www.olfa.it

The Data Controller of the Data collected by this site is O.L.F.A. S.r.l., with registered office in Rivoli 10098 (TO), Via Biella, 54/A, VAT no. 07641770016, email: info@olfa.it

Cookies are small text files used by websites to make the User’s browsing experience more efficient and that are sent to their browser, where they are stored to be reused by the same Website on the User’s next visit.

Cookies have different functions. Some Cookies are intended to improve the functionality and navigation of this Website (so-called technical or necessary Cookies). Others, instead, are used to monitor users while browsing, record information, and reveal their interests by analyzing their reading habits or hobbies, in order to personalize the advertising shown to them when they open emails, browse social networks, or other web pages (so-called profiling Cookies). Cookies are used to customize content, provide social media features, and analyze traffic.

In their browser, the User can set Privacy preferences not to store Cookies, to delete them after each visit or every time the browser is closed, or even to accept only Cookies from www.olfa.it and not from third parties.

Depending on how long the cookies remain in the browser, they can be distinguished as follows:

Session cookies: temporary cookies that remain on the device until the User leaves the site.

Persistent cookies: cookies that remain on the device for a longer period until they are deleted.

This site uses various types of Cookies

Technical Cookies

Technical cookies are those whose use does not require the User’s consent. These are Cookies used solely for the purpose of transmitting a communication over an electronic communications network or to the extent strictly necessary for the provider of an information society service explicitly requested. On this Website, technical Cookies are used to store the User’s decision on the use of Cookies on the Website itself. The retention period of technical cookies corresponds to the duration of the browsing session on the site.

DELETING OR DISABLING COOKIES

Except for the technical cookies strictly necessary for normal browsing, the provision of Data is left to the will of the User who decides to browse the site after viewing the short notice contained in the appropriate banner and utilizing third-party services that involve the installation of cookies. The User can therefore avoid the installation of Cookies by keeping the banner visible (thus refraining from closing it by clicking the “OK” button), removing the checkmark from some or all of the categories of cookies used by the Site, as well as via the appropriate functions available in their browser.

The User can manage preferences related to Cookies directly in their browser and prevent third parties from installing them.

It is important for the User to know that disabling all Cookies may compromise the functioning of this Site. Each browser has different procedures for managing settings.

To disable third-party cookies, it is also possible to use Your Online Choices, http://www.youronlinechoices.com/it/le-tue-scelte, a web service managed by the non-profit association European Interactive Digital Advertising Alliance (EDAA), which provides information on behavioral advertising based on profiling cookies and allows users to easily opt out of their installation. By deleting all the cookies from your browser or removing them through services such as Your Online Choices, these, if third-party, will generally be disabled, not only within this site.

FURTHER INFORMATION ON PROCESSING

Specific notices

At the User’s request, in addition to the information contained in this Cookie Policy, this Website may provide additional and contextual notices regarding specific services or the collection and processing of Personal Data.

System logs and maintenance

For needs related to the operation and maintenance of this Website, and the possible third-party services used by it, system logs may be collected, i.e., files that record interactions and that may also contain Personal Data, such as the User’s IP address.

Information not contained in this Cookie Policy

Further information concerning the processing of Personal Data may be requested at any time from the Data Controller using the contact information provided.

EXERCISE OF THE DATA SUBJECT’S RIGHTS

Pursuant to Articles 15-22 of European Regulation no. 679/2016, the data subject has the right to obtain confirmation of whether or not personal data concerning them exist, even if not yet recorded, and their communication in an intelligible form.

The data subject therefore has the right to obtain information on:

a) the origin of the personal data;
b) the purposes and methods of the processing;
c) the logic applied if processing is carried out with the assistance of electronic tools;
d) the identifying details of the Data Controller and the Data Processors of Personal Data;
e) the entities or categories of entities to whom the Personal Data may be communicated or who may learn about them as a designated representative in the State’s territory, as processors, or as persons in charge of processing.

The data subject has the right to obtain:

a) the updating, rectification, or, where interested, the integration of Data;
b) the erasure, anonymization, or blocking of data processed in violation of the law, including data that are not necessary to be retained in relation to the purposes for which the data were collected or subsequently processed.

The data subject has the right to object, in whole or in part:

a) for legitimate reasons, to the Processing of Personal Data concerning them, even if relevant to the purpose of collection;
b) to the Processing of Personal Data concerning them for the purpose of sending advertising material, direct sales, or for carrying out market research or commercial communications.

WARNING: The Controller is not responsible for updating all the links included in this Cookie Policy that refer to third-party websites. Therefore, if a link is not working or is not updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites indicated by that link.