Privacy Policy

DISCLAIMER TO CLIENTS AND SUPPLIERS IN ACCORDANCE WITH ART. 13 OF THE UE REG. 679/2016 (GDPR):

Dear Sir/Dear Madam, The Data Controller OMCG s.r.l., VAT IT00226360139, based in Olginate (LC) - Via Moronata n.46, in the person of its legal representative pro tempore;

Hereby informs you that the following personal data concerning your person will be processed:

  • common data, including: identification data (name, surname, address, VAT, Tax Code)
  • personal data necessary to execute the contract or to implement contractual and pre-contractual measures and contact details (email, PEC address, landline and mobile telephone numbers)
  • fiscal data (related to invoicing, payments, collection, and compliance with legal obligations and for the supply of goods and services).

 

Processing methods: The personal data relating to you will be contained in paper documents and / or files, as well as in digital archives processed concerning you and treated in accordance with the principles oflawfulness, relevance, transparency and fairness to the necessary extent for the execution of the relations arising from contracts or pre-contractual measures that concern you.

 

Lawfulness, relevance, transparency and correctness: the processing of personal data of the interested parties is performed: in compliance with the principles of necessity and lawfulness and correctness of the data processed and collected, informing the interested parties in advance and appropriately, requesting prior consent from the interested party unless the treatment is justified by other conditions of legitimacy.

 

Purpose: The processing of your personal data is aimed at fulfilling the obligations deriving from the Contract and the Law to implement pre-contractual measures and the execution of contracts for the purchase of goods and services, for the pursuit of tax obligations and for the pursuit of the legitimate interests of the data controller or third parties.

 

Consequences: In the event that you do not consent to the processing of personal data concerning you, you are informed that it will be impossible to proceed with the conclusion of the contract or the execution of pre-contractual measures.

 

Additional purposes: In the case you give specific consent, your contact details may also be optionally used for the forwarding of commercial communications in your favour. In this case, you are still free not to give consent.

 

Your rights as concerned party: Pursuant to the regulations in force and within its limits, you may exercise all faculties and rights provided for and governed by Chapter III of the EU Regulation 2016/679 (GDPR) and, in particular, you are entitled to:
(i) the right to transparency on the methods of processing;(ii) the right to receive specific information about your data processed;
(iii) the right to access to your personal data held, the correction of data or their cancellation;
(iv) the right to limit the processing of your own personal data;
(v) the right to receive "notifications" regarding the events referred to in the previous points, the "portability" of personal data (where possible), the opposition to the processing for specific and documented reasons;
(vi) the right to propose a complaint to the Guarantor Authority and be informed about the existence of possible violations of data concerning you (Data Breach);
(vii) the right to the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the revocation.

 

How to exercise your rights as concerned party: The rights granted by the law to the interested party and, in particular, the one of accessing, updating and deleting the personal data provided must be exercised by filling out the form provided for in Annex A of this disclaimer, available from the Data Controller.
All rights granted by the Law can always be exercised free of charge at the Data Protection Referee designated by the Data Controller prior submitting the duly completed form to GIOVANNI GNECCHI, engineer, gdpr.privacy@omcg.com.

The response to the requests of the interested parties takes place in the term of 30 days from the receipt of the request of the concerned party, duly presented. Alternatively, in the upper term of 90 days giving prior notice to the interested party in the event which, to ensure full compliance, it is necessary to carry out operations of particular complexity or to resort to another justified reason.

The reply is performed in an electronic form and the concerned party will receive a response via email to the address given during the filing of the request.

 

Recipients or categories to which personal data can be transmitted: Companies or external persons (identified as data processors) that carry out activities strictly connected and exploitable to the management of the business relationship such as: Credit Institutions, our Business Partners, Credit Recovery Companies, Credit Insurance Companies, Business Information Companies.

 

Time of conservation and communication of personal data processed: your personal data will be processed for the time necessary for:

  • the execution of existing contracts, contractual measures,
  • the exercise of a legitimate interest of the Data Controller (for example the recovery of credit in your favour)
  • the fulfilment of tax obligations, for which the same data will be communicated and processed by our trusted accountant or by the Public Authority.

 

Contact Data of the Data Protection Referee: you are informed that you will be able to assert your right as concerned party to data processing at this email address: gdpr.privacy@omcg.com
Related to our Data Protection Referee prior completion of the form available at the Company together with the I.D. (Identity Document).

 

NOTE: the authorization to process particular / sensitive data is not necessary when these are not processed.

In the event that the supplier processes data of customers, common or specific, on behalf of the Data Controller, as part of a deal by providing a management service processing data of Customers / Concerned Persons of the Data Controller making the disclosure, it is necessary to regulate the relationship with the most suitable contractual model as established by the GDPR.