Data subjects: Customers and visitors to this company website
OVERMARINE GROUP S.p.A. – with registered office at 234, via Virgilio, 55049 Viareggio (LU) VAT reg. no 02232770467 – a subsidiary of EFFEBI GROUP S.p.A., in the capacity as Controller of your personal data, for the effects and purposes of Legislative Decree no 196 dated 30 June 2003 (‘Personal Data Protection Code’), and of Regulation (EU) 2016/679 (also GDPR), hereby informs you that the aforementioned legislation provides for the protection of individuals and other subjects with regard to the processing of their personal data, and that said processing must be carried out according to principles based on fairness, lawfulness, transparency and the protection of you and your rights.
Your personal data will be processed in accordance with the provisions of the aforementioned laws and regulation, and of the confidentiality obligations prescribed therein. The website referred to is the following:
Website security measures: For the website management, specific security measures have been adopted that aim to guarantee the safe access of users and to protect the information contained in the website against the risk of loss or destruction, even accidental.
For access to the reserved areas of the website, enterprises will be provided, on request, with an ID code and password; these passwords are generated in such a way that they do not contain any references that can easily be traced back to the data subject, in order to prevent any abuse. Users must keep their password in a safe place.
Purpose of data processing your data will be processed, in particular, for the purposes described in the following paragraphs; in relation to legal or contractual obligations, it will be sufficient to examine this policy, for other purposes, the provision of your personal data is optional and if you do not agree to your data being processed this will not compromise the continuation of your relationship and the consistency of the data processing.
In general, data is collected from Users to allow the controller to provide its services, and for the following purposes: to contact the user, send messages by e-mail, interact with social networks, for statistical purposes and for viewing the contents from external platforms.
The types of Personal Data used for each purpose are indicated in the specific sections of this document. The personal data collected through this website refer to:
- Browsing data and use, cookies
- Data provided voluntarily by the user
The Personal Data collected may refer to either the User and/or to third-parties whose data is provided by the User. The User assumes responsibility for the personal Data of third-parties that is published or shared via the website, and guarantees that it has the right to pass on or circulate such data, releasing the Data Controller from any liability towards third-parties.
For the purposes of processing, the Controller may learn of data that is defined as particular, or sensitive or judicial within the meaning of the Privacy Code, when necessary for the purposes specified below, and in particular:
- E-mail address,
- Phone number,
- Name and address and/or billing address,
- Other data provided by you voluntarily (for example, by sending a CV).
Your sensitive data that we process are those strictly related to the obligations, tasks and purposes described above and will be processed in compliance with the indications contained in the relative General Authorisation of the Data Protection Supervisor.
- Browsing data
During the course of normal operations, the IT systems and software procedures to be used for this website acquire certain personal data which have to be transmitted for the communication of Internet protocols. This information is not collected to be associated with identified data subjects, but which, due to its very nature, if elaborated and associated with data held by third parties, might enable the identification of the users. This category of data includes IP addresses or domain names of the computers used by the users who connect to the website, the URI addresses (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the dimensions of the file obtained in reply, the numeric code indicating the status of the request provided by the server (successful error etc.) and other parameters relating to the operating system and the IT environment of the user.
These data are used for the sole purposes of obtaining anonymous statistical information on the use of the website and for checking that it is working properly. The data might be used to verify responsibilities in the event of computer crimes that cause damage to the website.
As practically all websites, our website also uses certain cookies. Cookies are small text files that the websites visited by the user (but also other websites or web servers) sent and register on the user’s computer (or mobile device), and are then sent back to the same websites (or web servers) when they are next visited, thus sending information.
Cookies are now crucial tools as they allow modern websites to function in the best way possible, enabling the maximum personalisation, interaction and fluidity in browsing. They can also be used to monitor the user’s browsing activities and send publicity messages based on these.
Cookies can be:
- session cookies (if they expire when the browser is closed) or permanent (they remain until the expiry of a time-limit, which may last years);
- first-party or third-party cookies (in the latter case, they are set by a website or a web server different from the one the user is visiting at that moment);
- technical cookies (necessary and sometimes indispensable to allow the website to be used in its entirety – or better) or profiling cookies (which serve to create a profile of the user, in order to send him/her publicity messages in line with the preferences shown by the latter during the previous browsing session).
For the Data Protection Supervisor technical cookies are session cookies, cookies required for the website to function properly and – under certain conditions only – analytical cookies; in particular, in the regulation dated 8 May 2014, the Data Protection Supervisor clarified that the latter can be assimilated to technical cookies only if they are used with the aim of optimising the website directly by the website owner, who may collect information in aggregated form on the number of users and on how they visit the website.
For further information on the types of cookies, their characteristics and the way they work, you can visit the websites http://www.allaboutcookies.org, www.youronlinechoices.com, http://cookiepedia.co.uk and the specific, aforementioned Regulation of the Data Protection Supervisor.
- Data provided voluntarily by the user.
Sending of e-mails to the addresses indicated on the website
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website leads to the acquisition of the sender’s address, necessary in order to reply to requests, as well as any other personal data entered in the message.
Compilation of the data collection form (for information requests)
The contacts page of the website allows data subjects to ask for information by entering certain personal data (such as name and surname, the name of their enterprise, e-mail address etc.). These data will be processed both manually and using IT instruments by the personnel of EFFEBI GROUP SpA or by its subsidiaries, who are specifically and exclusively appointed to deal with the users’ requests. The personal data entered on the Form are divided into two categories: mandatory and optional, as shown in the information request procedure. The providing of mandatory data and their relative processing for the purposes indicated above are strictly related to the service requested. All other data collected serve to help EFFEBI GROUP SpA or its subsidiaries to constantly improve its service. We wish to point out that you may exercise at any time, by contacting the Data controller directly, the rights set out in the dedicated section “RIGHTS OF DATA SUBJECTS”.
Registration for the website or newsletters
Publication of photos and videos
How data is processed: Data is processed using appropriate security measures to prevent Personal Data from unauthorised access, dissemination, modification or destruction.
They are processed, in particular:
- using IT instruments, organised in strict relation to the above indicated purposes;
- by entrusting the processing activities to third parties.
All data is processed in compliance with the manners referred to in Section II of the Regulation (EU) 2016/679 and with articles 11, 31 et seq. of Legislative Decree 196/03.
Communications: your data will be stored at our registered office and passed on exclusively to parties in charge of carrying out the services necessary for a correct management of the relationship, with guaranteed protection of the rights of the data subject.
Your data will be processed only by personnel that have been expressly authorised by the Controller and, in particular, by the following categories of people entrusted with the processing:
- Administrative directors/staff (reading, writing, sending notifications, deletion);
- Sales directors/staff (reading, sending notifications);
- IT directors/staff (reading, writing, modification, deletion);
In addition to the controller and the internal members of staff, in certain cases external parties may have access to the Data (such as third-party suppliers of technical services, mail couriers, hosting providers, IT companies, advertising agencies). Your data might be passed onto third parties, in particular to:
- Constitutional bodies or of constitutional importance;
- Consultants and freelance professionals, also in partnership;
- Any legitimate addressee of communications prescribed by law or by regulations.
Dissemination: without prejudice to the absolute prohibition to disseminate data that can suitably reveal your health status, the data may be disseminated according to the manners described above, on:
- this website and/or social network pages connected thereto, limited to photos or videos in which, generally, the data subjects are hardly or partially recognisable, which are collected with the explicit consent of the data subject.
Storage: The data processing connected with the web services of this website will take place on the company premises and taken care of by the technical staff in charge of the processing.
Your personal data will be stored in the manners indicated above, for the minimum time prescribed by law and by the contract, or until the data subject asks them to be deleted. At the time the data is collected, they will be stored in the reference folders on the company’s management system and/or in their paper files. At the time of deletion, it is possible that the data is still kept but anonymised.
Rights of data subjects: The data subjects referred to by the personal data have the right, at any time, to obtain confirmation as to whether or not said data exist and to know the contents and origin thereof, to check their accuracy or ask for them to be supplemented or updated, or rectified.
You also have the right to obtain, from the controller, the deletion, communication, the update, the rectification, the supplementation of your personal data, and in general to exercise all the rights provided for by article 7 of the Personal Data Protection Code and by Section III GDPR, articles 12 to 23, including the right to submit a complaint to the supervisory authority.
Further information on the processing:
The User’s Personal Data may be used by the Controller of the website for its defence before the courts, or in the preliminary phases of a court case, against abuse of the website or the related services on the part of the User.
Specific rules on privacy
Specific rules on privacy might be presented in the pages of the Website in relation to particular services or processing of the Data provided by the User or by the Data Subject.
The User’s Personal Data can be processed with additional methods and purposes linked to the maintenance of the website.
System log files
For necessities linked to functioning and maintenance, this website and any third-party services it uses might collect system log files, in other words files that register interactions – including browsing activities – and which may contain also Personal Data, such as the user’s IP address.
Information not contained in this policy
Further information relating to the processing of Personal Data may be requested at any time from the Data Controller.
Links to third-party websites
The Controller is not responsible for the processing of personal data that is carried out by and through websites reached from this website through links.