PRIVACY POLICY

Dear User,

Omnys is committed to protecting your privacy.

This privacy policy tells You about the collection, use and disclosure of personal data, with respect to the EU General Data Protection Regulation 2016/679 (referred to as “GDPR”). The terms of this policy apply to all personal data collected by Omnys on the www.omnys.com website.

Data Controller

The Data Controller of such personal data is Omnys S.r.l. having its legal and operational office in Via Frassini, 35 - 36100 Vicenza (Italy) (referred to as “OMNYS” or “Data Controller”).

Data Protection Officer

The Data Protection Officer (referred to as “DPO”) contact points in OMNYS are:
e-mail: dpo@omnys.com
phone: (+39) 0444.521872
address: DPO c/o Omnys Srl, Via Frassini 35 – 36100 Vicenza (Italy)

Data processing methods

Visiting the website does not imply neither collection nor processing of personal data except for navigation data and cookies as described below.

No data collected through the website are disclosed to third parties.

Data retention

Data are stored in and processed through computer systems owned by the Data Controller and managed by OMNYS or other suppliers of technical services; for more information please refer to the following “Rights of the data subject” section.

Cookies

Cookies are small text files created by a server and stored on the device used by you for browsing the website. They allow the website to ensure the User all its functionalities, and improved navigation experience.

Our website only uses SO-CALLED "technical" cookies and does not use SO-CALLED "profiling" cookies.

"Technical" cookies used in this website are as follows:

You can object to the storage of cookies on your device, by configuring the browser you use for navigation: if you use this website without changing your browser settings, we assume that you will receive all cookies used by this website and make use of all of its features.

Security of Personal Data

Omnys is committed to protecting your Data and complies with all privacy regulations in order to avoid data breach, illicit usage or unallowed access to Data.

Rights of the data subject

Art. 15 (Right of access by the data subject), art. 16 (Right to rectification) of the GDPR

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:

a) the purposes of the processing;

b) the categories of personal data concerned;

c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;

d) the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;

e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;

f) the right to lodge a complaint with a supervisory authority;

g) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Art. 17 (Right to erasure (‘right to be forgotten’)) of the GDPR

The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;

c) the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);

d) the personal data have been unlawfully processed;

e) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;

f) the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

Art. 18 (Right to restriction of processing) of the GDPR

The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:

a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;

b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;

d) the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.