2.Identifying details of the data controller and processor:
Omnia Salute & Servizi Srl – Via Pietro Gobetti n. 2 – 63839 Servigliano (FM)
Mrs. Tirabassi Monia
Tax code and Vat number: 02246540443
Tel: 0734 710137 – Email: firstname.lastname@example.org
3.Type of data processed
4.Cookies and browsing data
Cookies can also be classified as follows:
- “Session” cookies, which are deleted immediately when the browser is closed;
- “Persistent” cookies, which remain in the browser for a certain period of time. They are used, for example, to recognize a device logging onto a website in order to make the logging operation easier for the user;
- “Proprietary” cookies, which are generated and managed directly by the operator of the Website on which the user is browsing;
- “Third-party” cookies, which are generated and managed by parties other than the operator of the Website on which the user is browsing;
5.Cookies used on the website
This Website uses the following types of cookies:
- Proprietary, session, and persistent cookies required to allow the browsing of the Website for internal security reasons and system administration purposes;
- Third-party, session and persistent cookies required to allow the user to utilize the multimedia features of the Website such as images and videos; 3) third-party, persistent cookies are used by the Website to send statistical information to Google Analytics, from which Omnia Salute & Servizi can carry out statistical analysis of the hits/visits to the Website. The cookies are only used for statistical purposes and the information is collected in aggregate form. Using a pair of cookies, one persistent and one session (expiring when the browser is closed), Google Analytics will also save a record of the start time and end time of the visit to the Website. It is possible to prevent Google from recording this data via cookies and subsequent processing of data by downloading and installing a browser plug-in from the following address: http://tools.google.com/dlpage/gaoptout?hl=it
- Third-party, persistent cookies used by the Website to include in its pages the links of several social networks (Facebook, Twitter e Google+). Selecting one of these links, enables the user to publish the contents of the site’s webpages on the personal pages of the respective social-networks.
6.How to disable cookies in your browser
The cookies present in the websites can be disabled by downloading specific software such as Ghostery for the browser in use (https://www.ghostery.com) that disactivates each cookie. Another solution is to activate the “private browsing’ mode: it’s a function that allows to navigate the web without leaving trace of the browsing data in the browser.
Alternatively it’s possible to disable/delete cookies through the browser’s control panel.
7.Storage of personal data
Personal data is stored and processed on the proprietary systems owned by Omnia Salute & Servizi and managed by Omnia Salute & Servizi, or by third-party technical services providers; for more details please see the section below: “Accessibility of personal data”. Your data is only processed by authorized personnel, including personnel responsible for extraordinary maintenance.
8.Purposes and methods of data processing
Omnia Salute & Servizi may process the user’s personal and sensitive data for the following purposes: use of the services and the functions on the Website, the management of enquiries and comments from users, the sending of newsletters, the management of job applications received via the Website etc. Furthermore, with the specific optional consent of the user, Omnia Salute & Servizi may process their personal data for marketing purposes, i.e. it may send out promotional and/or business communications about the Company’s services, to the addresses provided, either using traditional means (post, ordinary telephone calls etc.) or using automated means (online communications, fax, email, text, apps for mobile devices such as smartphones or tablets, social network accounts such as Facebook or Twitter, automated telephone calls etc.) Personal data is processed either in printed form or online, and will be stored on the company’s information systems in accordance with Regulation (EU) 2016/679, and also in accordance with the security and confidentiality requirements, based on the principles of fairness and legality. In compliance with Regulation (EU) 2016/679, the data will be kept and stored for 5 years.
9.Data quality and security
Omnia Salute & Servizi will protect the security of the user’s personal data and will respect the security provisions of the applicable laws, to prevent the loss of data, its unauthorized use or unauthorized access, with particular reference to the Technical Specifications regarding minimum security requirements. Furthermore, the information systems and computer programs used by Omnia Salute & Servizi are configured in such a way as to minimize the use of personal and identifying data; such data is only processed to fulfill specific purposes in each case. Omnia Salute & Servizi uses multiple advanced security technologies and procedures to keep users’ personal data secure; for example, personal data is stored on secure servers located in protected areas with controlled access. Users can help Omnia Salute & Servizi to keep their personal data up-to-date by giving notice of any changes of address, qualifications or contact details, etc.
10.Scope of communication and access to data
The user’s personal data may be discolsed to:
- anyone who has the right to access the data by law;
- our staff and collaborators, in connection with their duties;
- any individual and/or legal entity, public and/or private body if necessary or functional to the fulfillment of our activities, in the ways and for the purposes illustrated above:
11.Provision of personal data
The user is required to provide certain personal data to allow the Company to deal with correspondence and queries or to contact the user to follow up a request. This type of data is marked with an asterisk [*] and in such a case it must be provided to allow the Company to follow up a request that cannot be fulfilled otherwise. Conversely, the provision of data not marked with an asterisk is optional: failure to provide it will not have any consequences for the user. The provision of personal data by the user for marketing purposes, as specified in the section “Purposes and methods of data processing” is optional, and the refusal to provide it will not have any consequences. Consent given for marketing purposes extends to the sending of communications using automated or traditional means, as listed above.
12.Rights of the data subject
12.1 Art. 15 (right of access) and Art. 16 (right to rectification) of Regulation (EU) 2016/679
The data subject has the right to obtain confirmation from the data controller as to whether or not their personal data is being processed and, in such case, the right to obtain access to that data and to the following information:
a) the purposes of processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
d) the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
f) the right to lodge a complaint with a supervisory authority;
h) the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
12.2Right as set out in Art. 17 of Regulation (EU) 2016/679 – Right to erasure («right to be forgotten»)
The data subject has the right to obtain from the data controller the erasure of his or her personal data without undue delay, and the data controller is obligated to erase that data without undue delay, for one of the following reasons:
a) the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2) of Regulation (EU) 2016/679, and where there is no other legal ground for the processing;
c) the data subject objects to the processing pursuant to Article 21(1) of Regulation (EU) 2016/679 and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of Regulation (EU) 2016/679;
d) the personal data has been unlawfully processed;
e) the personal data has to be erased for compliance with a legal obligation in European Union or Member State law to which the controller is subject;
f) the personal data has been collected in relation to the offer of information society services referred to in Article 8(1) of Regulation (EU) 2016/679.
3 Right as set out in Art. 18 – Right to restriction of processing
The data subject may obtain a limitation of the data processing, from the Data Controller, in one of the following cases:
a) the data subject disputes the accuracy of the personal data, for the period required by the data controller for checking such accuracy;
b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of its use instead;
c) the controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defense of legal claims;
d) the data subject has objected to processing pursuant to Article 21(1) of Regulation (EU) 2016/679, pending verification whether the legitimate grounds of the controller override those of the data subject.
4 Right as set out in Article 20 – Right to data portability
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data has been provided.
13.Revocation of consent to processin
The data subject may revoke consent to the use of his or her personal data by sending a registered letter to the following address: Omnia Salute & Servizi via Pietro Gobetti, 2 – 63839 Servigliano (FM), Italy together with a photocopy of ID card. The letter should be worded as follows: <>. After this, your personal data will be removed from our archives as quickly as possible. If you require more information about the use of your personal data, or wish to exercise your rights under Article 7, you can send a registered letter to the following address: Omnia Salute & Servizi via Pietro Gobetti, 2 – 63839 Servigliano (FM), Italy.