PRIVACY POLICY ON THE PROCESSING OF USERS’ PERSONAL DATA OF THE WEBSITE
ARTICLES 13 AND 14 OF REGULATION 2016/679 / EU (HEREAFTER REFERRED TO AS “GDPR”)

Why do I have this notice?

OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. (hereinafter also “Company” or “Owner”) is committed to respecting and protecting your privacy and wishes you feel safe both during the simple navigation of the site and in case you decide to register providing us with your personal data to use the services made available to its Users and / or Customers. On this page, the Company intends to provide information on the processing of personal data related to users who visit or consult the website accessible via www.ai-lati.it  e www.ai-lati.eu (the “Site”). This privacy policy is provided for the Company’s website only, excluding any website that may be accessed through the links (a reference is made to the respective privacy policies on the websites visited). Reproduction or use of pages, materials and information contained within the Site, by any means and on any device, is not permitted without the prior written consent of the Company. Copying and / or printing is permitted for personal and non-commercial use only (for inquiries and clarifications please contact the Company at the addresses below). Other uses of contents, services and information on this site are not permitted.

With regard to the content offered and the information provided, the Company will ensure that the contents of the Website are kept up-to-date and reviewed, offering no guarantee as to the adequacy, accuracy or completeness of the information provided explicitly declining any liability for any errors of omission in the information provided on the Website.

Source – Browsing data

OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. informs you that the personal data you provide and acquired together with the request for information and / or contact, registration on the site and use of services via smartphone or any other device used to access the Internet, as well as data necessary for the provision of these services, including the navigation data and the data used for the purchase of the products and services offered by the Company but also only the so-called “browsing” data of the site by the Users, will be processed in compliance with the applicable legislation. The information systems and software used for running this Web site capture, as part of their routine operation, certain personal data whose transmission is implicit in the use of the Internet, on the basis of the TCP/IP protocol. This information is not collected with the intent of associating it with identified users but, by its nature, it could lead to the identification of visiting users through processing and association with data held by third parties. The data in this category include “IP addresses” or the domain names of the computers used by the users connecting to the site, the URI (Uniform Resource Identifiers) notation addresses of the resources requested, the time of the request, the method used in submitting the request to the Web server, the size of the file obtained in response, the numeric code indicating the status of the response given by the Web server (executed, error, etc.) and other parameters relative to the user’s operating system and system environment. These data are used solely to compile anonymous statistics on the use of the website of YouCo and to verify its correct operation. It is pointed out that the aforementioned data could be used to ascertain responsibility in the case of computer crimes against the Company’s website or to other sites connected to it: except for this eventuality, the data on web contacts do not persist for more than a few days.

Source – Data provided by the user

The Company collects, stores and processes your personal data in order to provide the products and services offered on the Site, and for legal obligations. As regard to some specific Services, Products, Promotions, etc. the Company may process your data for commercial purposes. If that is the case, a specific, separate, optional and always revocable consent will be required with the methods and the contact details indicated below.

The optional, explicit and voluntary sending of emails to the address indicated in the appropriate section of the Website, as well as the filling in of questionnaires (e.g. form), communication via chat, push notification via APP, social networks, call centres, etc., involves the subsequent acquisition of some of your personal data, including the data collected through the use of Apps and related services, necessary to respond to requests. We also point out that when using the mobile connection to access digital content and services offered directly by the Company or by our partners, it may be necessary to transfer your personal data to such third parties. We also point out that you may access the Site or connect to areas where you may be able to publish information using blogs or bulletin boards, communicate with others, for example coming from the Company page on Facebook®, LinkedIn®, YouTube®, and other social networks, review products and offers and post comments or content. Before interacting with these areas, please carefully read the General Conditions of Use considering that, under certain circumstances, the information published can be viewed by anyone with access to the Internet and all the information you include in your publications can be read, collected and used by third parties.

Purposes of processing and legal basis

The data is used for purposes:

  1. strictly connected and necessary to register on the site www.ai-lati.it e www.ai-lati.eu services and / or Apps developed or made available by the Company, the use of the related information services, the management of contact requests or information, for the purchase of products and services offered through the site of ‘Company;
  2. for ancillary activities related to the management of User / Customer requests and sending the feedback that may include the transmission of promotional material;
  3. related to the fulfilment of obligations laid down by EC and national legislation, the protection of public order or the investigation and prosecution of offences;
  4. direct marketing, namely sending advertising material, direct sale, market research or commercial communication products and/or services provided by the company; this activity may also relate to products and services of The Company  and group companies by sending advertising material/information, promotions and/or invitations for the participation in initiatives, events and offers aimed at rewarding customers/users, “traditionally” invited (snail mail and/or calls), or by automated “contact” systems (for example, SMS and/or MMS, automated telephone calls, e-mails, fax, interactive apps), pursuant to art. 130 c. 1 and 2 of Legislative Decree No. 196/03 and amendments;

The provision of data for the purposes referred to in points 1), 2) and 3), connected to a pre-contractual and / or contractual or functional phase to a user request or required by a specific regulatory provision, is mandatory and Failing this, it will not be possible to receive the information and access any services requested; with regard to point 4) of this Information, the consent to the processing of data by the user / customer is instead free and optional and always revocable without consequences on the usability of products and services unless it is impossible for the Company to keep up to date on new initiatives or particular promotions or advantages available to users / customers.

The Company may send commercial communications relating to products and / or services similar to those already provided, pursuant to Directive 2002/58 / EU, using the electronic mail coordinates, or the paper ones, indicated by you on such occasions to which you may oppose with the methods and the contact details below.

Processing methods and criteria, storage times and protection measures

The processing is also performed with the help of electronic or automated means and is carried out by the Company and / or by third parties that the Company may employ for the storage, management and transmission of the data.

Organisation and processing logics will also be applied to your personal data in relation to access and usage logs for online services, for the purposes mentioned above and in a way that ensures the security and confidentiality of the data. The personal data processed will be kept for the time required by the legislation in the applicable time.

More specifically, in the sections of the Web site dedicated to specific services, where the user’s personal data are requested, the data are encrypted through a security technology known as Secure Sockets Layer (SSL). The SSL technology codes the data before they are exchanged (via the Internet) between the user’s processing system and Sopaf’s main systems, thereby making the data indecipherable by non-authorized persons and guaranteeing the confidentiality of the information transmitted. Precisely with reference to the personal data protection aspects, the user / customer is invited, pursuant to art. 33 of the GDPR to report to the Company any circumstances or events from which a potential “breach of personal data (data breach)” may occur in order to allow an immediate evaluation and the adoption of any actions aimed at combating such event by sending a communication to m.latini@ocrim.com or contacting Customer Service. The measures adopted by the Company do not exempt the Customer from paying the necessary attention to the use, where required, of a password / PIN of adequate complexity, which will have to be updated periodically, especially in case the subject has been violated / known by third parties, as well as carefully and make it inaccessible to third parties, in order to avoid improper and unauthorized use.

Areas of communication and data transfer.

For the pursuit of the aforementioned purposes, the Company will be able to communicate and have users’/ customers’ personal data to deal with third parties with whom we have relationships, in Italy and abroad, in the case third parties provide services upon our request. The latter will only provide them with the information necessary to perform the services required, taking all measures to protect your personal data. Your details may be passed to countries outside of the European Economic Area in order to process and arrange for the products and services you request. In this case, the recipients of the data will be imposed security and obligations equivalent to those guaranteed by the Data Controller. In the case of use of services offered directly by Partners we will provide only the data strictly necessary. In any case, only the data necessary for the achievement of the intended purposes will be communicated and, where required, the guarantees applicable to transfers of data to third countries will be applied. We may also disclose personal data to our commercial suppliers, for marketing reasons, in which case will external processors be appointed. In addition, personal data may be disclosed to the competent public bodies and authorities for compliance with regulatory requirements or for ascertaining responsibility in the case of computer crimes to the detriment of the site as well as communicated to, or allocated to, third parties (as responsible or, in the case of providers of electronic communication services, autonomous owners), who provide computerised and services (e.g. websites hosting, management and development) and which the Company uses to carry out technical and organisational tasks and activities that are instrumental to the functioning of the website. The subjects belonging to the above categories operate as separate Data Controllers or as Managers appointed by the Company for this purpose. Personal data may also be known by the Employees/Consultants of the Data Controller, who have been specifically appointed to be in charge of the data processing. A list of the recipients or categories of recipients to whom personal data are communicated is available by writing to the contacts below.

Data subjects’ rights

You can exercise at any time the rights that are recognised by law, in order to

  1. access your personal data, obtaining evidence of the purposes pursued by the Owner, the categories of data involved, the recipients to whom they may be communicated, the applicable retention period, the existence of automated decision-making processes;
  2. allow to correct inaccurate personal data without delay;
  3. obtain, in the cases provided for, the deletion of your data;
  4. obtain the limitation of the treatment or to oppose it, whenever possible;
  5. request the portability of the data that you have provided to the Company, ie receive them in a structured format, commonly used and readable by automatic device, also to transmit this data to another owner, within the limits and with foreseen limits art. 20 of the GDPR;

Furthermore, you can lodge a complaint with the Guarantor for the Protection of Personal Data pursuant to art. 77 of the GDPR.

For the treatments referred to in point 4), the Customer can always revoke the consent and exercise the right to oppose direct marketing (in “traditional” and “automated” forms). Unless otherwise indicated, the opposition shall be taken as referring to both traditional and automated communications.

Data Controller

Data controller, pursuant to art. 4 of the GDPR, is OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A., Via Angelo Massarotti, 76 – 26100 Cremona (CR) VAT number: 00106320195 – Tax code: 00106320195

The rights indicated above may be exercised upon request of the interested party as disclosed by the Customer Service or on the Company’s website or by using the following references: Marta Latini (m.latini@ocrim.com).

The use of the Website, as well as intended for tablets and / or smartphones, by the Customer and / or the User implies full knowledge and acceptance of the content and any indications included in this version of information published by the Company when the site is accessed. The Company informs that this information may be changed without prior notice and therefore recommends a periodic reading.

The Data Controller

OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A.

This privacy statement was updated on October 11, 2018