Privacy Disclaimer under Article 13 of the Italian Legislative Decree, 30 June 2003, n. 196 and Articles 13-14 of the General Data Protection Regulation UE 2016/679 (GDPR).
ORTON S.r.l. (IMI ORTON), Data Controller of your Personal Data pursuant to art. 4 paragraph 7 of the GDPR , is aware of the importance covered by the Protection of Personal Data and undertakes to respect the rules of conduct set up by the GDPR and the Legislative Decree, N. 196/03 (Code regarding the Protection of Personal Data), and all of currents privacy regulations, which are to guarantee navigation in a secure network, through Personal Data Protection.
ORTON S.r.l. wish to inform you that the currents privacy regulations provides for the protection of persons and other subjects regarding the processing of personal data.
According by the law, the data processing will be based on the principles set out in the GDPR, especially on fairness, lawfulness, transparency and minimization of data and protection of your privacy and your rights.
ORTON does not accept liability of any kind for such websites/social platforms.
The collection and processing of personal data takes place only when necessary to the sections of the website that you are visiting in relation to the execution of services requested by the user (e.g. info request) or when the user decides to communicate his personal data in various ways (e.g. verbally, through the compilation of the appropriate fields where required, via e-mail).
In the case provided by Regulation EU 2016/679 and/or by Italian law, the user’s consent will be required before processing your personal data.
1. The data you provide will be processed by ORTON with methods and procedures necessary to provide the information services you have requested.
This information service may also take place via e-mail or newsletter, to promote our existing initiatives, namely to launch conferences and studies, discussions on issues we are interested in, even when originated by third parties.
The information which we forward only with your consent, may have a commercial character.
The processing of your data may be finalized furthermore to the fulfillment of statutory obligations, tax, accounting and administrative management, arising from any legal relationship that can be established at the time of your navigation on this domain.
2. The treatment will be performed either manually or by means of IT tools, always in compliance with the requirements of article 32 of the GDPR . The personal information collected by this registration may be handled by a processor in charge for the management of the required services and marketing activities.
3. The ICT systems and software used to operate in our website acquire some personal data that are implicitly a consequence of using information protocols on the Internet (for example domain names and IP addresses).
All these data are processed, for the time strictly necessary, only to purpose anonymous statistics about the site and its correct functioning.
Such data could be used by the judicial authorities and by police upon request for the performance of their institutional duties.
The Data Controller does not require and has no interest in collecting and processing data classified by article 9 Regulation EU 2016/679 as "specific" (medical, genetic, biometric, etc.).
4. The providing of the data is optional in order to data identified as “optional fields”, any refusal to provide such data could result in a non-execution of the requested service.
The providing of data is required in order to data identified as “required fields”, any refusal to provide such data will result in a non-execution of the requested service.
User’s data will be processed on the basis of a legitimate interest of the Data Controller , to fulfill a legal obligations or explicit consent by the user, where required.
User’s data may be processed specially to:
a) receive the latest information of our products or services
The processing of user’s data takes place to give the preliminary activities resulting from the request submitted.
The legal basis of such processing is fulfillment of the required services outlined and the compliance with legal obligations.
b) ICT security
The Data Controller also treats through its suppliers (third parties and/or recipients), the user’s personal data strictly necessary and proportionate to ensure network and information security.
The legal basis of such processing is compliance with legal obligations and the legitimate interest of the Data Controller to carry out processing for the purposes to ensure network and information security.
5. The data may be communicated:
- to private and public Companies, subsidiaries and affiliates, private parties, legal entities, exclusively for the purposes related to the provision of the services required.
- to private and public Companies, ORTON’S services provider for the user’s requested services, who will act as independent data controllers of the data provided.
- to private and public Companies provided by law.
6. User’s personal data are archived and retained for the time strictly necessary for the specific purposes for which they are collected and only for the time strictly necessary to fulfill contractual and legal obligations, unless request to delete his personal data.
The personal data will be retained for the entire duration of the treatment and in any case no later than 12 months after its termination.
In the event that a user provides the Data Controller personal data not requested or not necessary for the execution of the requested services, this may not be considered Data Controller of these data, and will provide for their deletion as soon as possible.
Once the processing needs have been completed, personal data are deleted and/or destroyed.
7. The Data Controller is ORTON S.r.l. (IMI ORTON) – Via Larga 6, 20122 - Milano (Italy) – e-mail (certified email) email@example.com
8. The responsible person for the data processing is the Legal Representative of ORTON S.r.l. (IMI ORTON).
The controller and the person responsible for the data processing are not undertaking any liability with respect to false data provided by the user, as well as in the event that the data concerning yourself have been provided by a third person even without your consent or against your will.
9. The processed data may be transferred to EU Countries.
When necessary the transfer of data will take place on the basis of a decision of adequacy or the signature of contractual clauses of data protection approved by the European Commission.
All information about the transfer of personal data to third countries can be requested by contacting the Data Controller at the addresses indicated in paragraph n. 7 above.
10. The data subject can at any time exercise his/her data protection rights pursuant to articles 15-22 of the GDPR 2016/679.
These rights include:
a. Access: the data subject can obtain information relating to the treatment of his/her data and a copy of such data.
b. Rectification: the data subject can request rectification of his/her data when such data is inaccurate or incomplete.
c. Erasure: the data subject can request the erasure of his/her data by withdrawing his/her consent and if there is no other legal ground for the processing.
d. Restriction of processing: the data subject can obtain the restriction of processing in the cases provided by the law (e.i. If he/she contests the accuracy or treatment of the personal data).
e. Objection: the data subject can object to the processing of data if the processing based on the Organizer's legitimate interest for purposes relating to his/her specific situation, unless mandatory reasons exist that override the interest of the data subject (i.e. when the data processing is needed to defend a right of the Organizer in a court of law).
f. Withdrawal of consent: the data subject can withdraw the consent previously given for the purposes of data processing.
The data subject may, at any time, object to the processing of his/her data for marketing purposes and revoke the consent previously given by following the instructions included in each commercial email.
Pursuant to existing law the data subject may also submit a complaint to the Data Protection Authority (Garante per la Protezione dei dati personali), Piazza di Monte Citorio n. 121 – 00186, Rome, Fax: (+39) 06.69677.3785, firstname.lastname@example.org
Your rights in question may be exercised via written communication to the Data Controller.
The exercise of yours rights is free of charge.
11. You can withdraw your consent at any time by sending a written message to the Data Controller at the addresses indicated in paragraph n. 7 above.