Privacy Policy

Data subjects: Customers and visitors to this company website

OVERMARINE GROUP S.p.A. – with registered office at 234, via Virgilio, 55049 Viareggio (LU) VAT reg. no 02232770467 – a subsidiary of EFFEBI GROUP S.p.A., in the capacity as Controller of your personal data, for the effects and purposes of Legislative Decree no 196 dated 30 June 2003 (‘Personal Data Protection Code’), and of Regulation (EU) 2016/679 (also GDPR), hereby informs you that the aforementioned legislation provides for the protection of individuals and other subjects with regard to the processing of their personal data, and that said processing must be carried out according to principles based on fairness, lawfulness, transparency and the protection of you and your rights.

Your personal data will be processed in accordance with the provisions of the aforementioned laws and regulation, and of the confidentiality obligations prescribed therein. The website referred to is the following:

www.mangustayachts.com

Website security measures: For the website management, specific security measures have been adopted that aim to guarantee the safe access of users and to protect the information contained in the website against the risk of loss or destruction, even accidental.

For access to the reserved areas of the website, enterprises will be provided, on request, with an ID code and password; these passwords are generated in such a way that they do not contain any references that can easily be traced back to the data subject, in order to prevent any abuse. Users must keep their password in a safe place.

Amendments to this Privacy Policy: The data controller reserves the right to make amendments to this Privacy Policy at any time, duly notifying the Users on this page and guaranteeing, in any case, the same protection of their personal data. For this reason, please consult this page frequently, taking the date of the latest update indicated at the bottom of the page as a reference.

Legal references: this privacy policy is drawn up in fulfilment of the obligations prescribed by the Regulation (EU) 2016/679, by article 10 of Directive no 95/46/EC, and by Directive 2002/58/EC, as updated by Directive 2009/136/EC, regarding the use of Cookies.

Purpose of data processing: your data will be processed, in particular, for the purposes described in the following paragraphs; in relation to legal or contractual obligations, it will be sufficient to examine this policy, for other purposes, the provision of your personal data is optional and if you do not agree to your data being processed this will not compromise the continuation of your relationship and the consistency of the data processing.

In general, data is collected from Users to allow the controller to provide its services, and for the following purposes: to contact the user, send messages by e-mail, interact with social networks, for statistical purposes and for viewing the contents from external platforms.

The types of Personal Data used for each purpose are indicated in the specific sections of this document. The personal data collected through this website refer to:

1. Browsing data and use, cookies
2. Data provided voluntarily by the user

The Personal Data collected may refer to either the User and/or to third-parties whose data is provided by the User. The User assumes responsibility for the personal Data of third-parties that is published or shared via the website, and guarantees that it has the right to pass on or circulate such data, releasing the Data Controller from any liability towards third-parties.

For the purposes of processing, the Controller may learn of data that is defined as particular, or sensitive or judicial within the meaning of the Privacy Code, when necessary for the purposes specified below, and in particular:

1. E-mail address,
2. Phone number,
3. Name and address and/or billing address,
4. Other data provided by you voluntarily (for example, by sending a CV).

Your sensitive data that we process are those strictly related to the obligations, tasks and purposes described above and will be processed in compliance with the indications contained in the relative General Authorisation of the Data Protection Supervisor.

1. Browsing data
   During the course of normal operations, the IT systems and software procedures to be used for this website acquire certain personal data which have to be transmitted for the communication of Internet protocols. This information is not collected to be associated with identified data subjects, but which, due to its very nature, if elaborated and associated with data held by third parties, might enable the identification of the users. This category of data includes IP addresses or domain names of the computers used by the users who connect to the website, the URI addresses (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the dimensions of the file obtained in reply, the numeric code indicating the status of the request provided by the server (successful error etc.) and other parameters relating to the operating system and the IT environment of the user.

These data are used for the sole purposes of obtaining anonymous statistical information on the use of the website and for checking that it is working properly. The data might be used to verify responsibilities in the event of computer crimes that cause damage to the website.

Cookies
As practically all websites, our website also uses certain cookies. Cookies are small text files that the websites visited by the user (but also other websites or web servers) sent and register on the user’s computer (or mobile device), and are then sent back to the same websites (or web servers) when they are next visited, thus sending information.

Cookies are now crucial tools as they allow modern websites to function in the best way possible, enabling the maximum personalisation, interaction and fluidity in browsing. They can also be used to monitor the user’s browsing activities and send publicity messages based on these.

• session cookies (if they expire when the browser is closed) or permanent (they remain until the expiry of a time-limit, which may last years);
• first-party or third-party cookies (in the latter case, they are set by a website or a web server different from the one the user is visiting at that moment);
• technical cookies (necessary and sometimes indispensable to allow the website to be used in its entirety – or better) or profiling cookies (which serve to create a profile of the user, in order to send him/her publicity messages in line with the preferences shown by the latter during the previous browsing session).

For the Data Protection Supervisor technical cookies are session cookies, cookies required for the website to function properly and – under certain conditions only – analytical cookies; in particular, in the regulation dated 8 May 2014, the Data Protection Supervisor clarified that the latter can be assimilated to technical cookies only if they are used with the aim of optimising the website directly by the website owner, who may collect information in aggregated form on the number of users and on how they visit the website.

For further information on the types of cookies, their characteristics and the way they work, you can visit the websites http://www.allaboutcookies.org, www.youronlinechoices.com, http://cookiepedia.co.uk and the specific, aforementioned Regulation of the Data Protection Supervisor.

2. Data provided voluntarily by the user.

The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website leads to the acquisition of the sender’s address, necessary in order to reply to requests, as well as any other personal data entered in the message.

The contacts page of the website allows data subjects to ask for information by entering certain personal data (such as name and surname, the name of their enterprise, e-mail address etc.). These data will be processed both manually and using IT instruments by the personnel of EFFEBI GROUP SpA or by its subsidiaries who are specifically and exclusively appointed to deal with the users’ requests. The personal data entered on the Form are divided into two categories: mandatory and optional, as shown in the information request procedure. The providing of mandatory data and their relative processing for the purposes indicated above are strictly related to the service requested. All other data collected serve to help EFFEBI GROUP SpA or its subsidiaries to constantly improve its service. We wish to point out that you may exercise at any time, by contacting the Data controller directly, the rights set out in the dedicated section “RIGHTS OF DATA SUBJECTS”.

Using the registration forms or dedicated contacts, the website allows data subjects to send their request to subscribe to our newsletters, together with certain data (such as name, surname and e-mail address). This data will be processed by EFFEBI GROUP SpA or its subsidiaries for purposes connected with the activities of sending publicity messages and messages regarding events. The personal data entered on the Form are divided into two categories: mandatory and optional, as shown in the information request procedure. The data will be processed using IT and online instruments in a manner strictly connected with the purposes indicated above. The data will be processed until the explicit consent thereto is revoked, and will be subsequently deleted, unless otherwise directed by the data subject. The providing of data is optional. Data will not be disseminated and will be processed exclusively for the above purposes by specially appointed personnel. You as a data subject will be asked, after the above has been evaluated, to confirm that you have read through this privacy policy and to provide us with your consent to process the data (by e-mail confirmation and placing a flag in the space provided at the foot of the data collection form). The data subject may exercise, at any time, the rights acknowledged by the current legislation on data protection, by contact the Data Controller.

The website and/or social media pages connected to it, allow the data subjects to view their own photos and videos, collected on the occasion of events, projects, photographic services or work carried out on the creation of vessels. This data will be processed by EFFEBI GROUP SpA or its subsidiaries for purposes connected with the presentation of products or projects and the organisation of events. The data will be processed using IT and online instruments in a manner strictly connected with the purposes indicated above. The data will be processed until the explicit consent thereto is revoked, and will be subsequently deleted, unless otherwise directed by the data subject. The providing of data is optional. It is possible to ask for them to be deleted from this website and the company archives. The data will be disseminated only on this website and will be processed exclusively for the above purposes by specially appointed personnel. You as a data subject will be asked, after the above has been evaluated, to confirm that you have read through this privacy policy and to provide us with your consent to process the data (by means of an explicit request during the registration of photos and videos, in the case of events that are not considered public). The data subject may exercise, at any time, the rights acknowledged by the current legislation on data protection, by contact the Data Controller.

How data is processed: Data is processed using appropriate security measures to prevent Personal Data from unauthorised access, dissemination, modification or destruction.

They are processed, in particular:

• using IT instruments, organised in strict relation to the above indicated purposes;
• by entrusting the processing activities to third parties.

All data is processed in compliance with the manners referred to in Section II of the Regulation (EU) 2016/679 and with articles 11, 31 et seq. of Legislative Decree 196/03.

Communications: your data will be stored at our registered office and passed on exclusively to parties in charge of carrying out the services necessary for a correct management of the relationship, with guaranteed protection of the rights of the data subject.

Your data will be processed only by personnel that have been expressly authorised by the Controller and, in particular, by the following categories of people entrusted with the processing:

• Administrative directors/staff (reading, writing, sending notifications, deletion);
• Sales directors/staff (reading, sending notifications);
• IT directors/staff (reading, writing, modification, deletion);

In addition to the controller and the internal members of staff, in certain cases external parties may have access to the Data (such as third-party suppliers of technical services, mail couriers, hosting providers, IT companies, advertising agencies). Your data might be passed onto third parties, in particular to:

• Constitutional bodies or of constitutional importance;
• Consultants and freelance professionals, also in partnership;
• Any legitimate addressee of communications prescribed by law or by regulations.

Dissemination: without prejudice to the absolute prohibition to disseminate data that can suitably reveal your health status, the data may be disseminated according to the manners described above, on:

• this website and/or social network pages connected thereto, limited to photos or videos in which, generally, the data subjects are hardly or partially recognisable, which are collected with the explicit consent of the data subject.

Storage: The data processing connected with the web services of this website will take place on the company premises and taken care of by the technical staff in charge of the processing.

Your personal data will be stored in the manners indicated above, for the minimum time prescribed by law and by the contract, or until the data subject asks them to be deleted. At the time the data is collected, they will be stored in the reference folders on the company’s management system and/or in their paper files. At the time of deletion, it is possible that the data is still kept but anonymised.

Rights of data subjects: The data subjects referred to by the personal data have the right, at any time, to obtain confirmation as to whether or not said data exist and to know the contents and origin thereof, to check their accuracy or ask for them to be supplemented or updated, or rectified.

You also have the right to obtain, from the controller, the deletion, communication, the update, the rectification, the supplementation of your personal data, and in general to exercise all the rights provided for by article 7 of the Personal Data Protection Code and by Section III GDPR, articles 12 to 23, including the right to submit a complaint to the supervisory authority.

The User’s Personal Data may be used by the Controller of the website for its defence before the courts, or in the preliminary phases of a court case, against abuse of the website or the related services on the part of the User.

Specific rules on privacy
Specific rules on privacy might be presented in the pages of the Website in relation to particular services or processing of the Data provided by the User or by the Data Subject.

Maintenance
The User’s Personal Data can be processed with additional methods and purposes linked to the maintenance of the website.

System log files
For necessities linked to functioning and maintenance, this website and any third-party services it uses might collect system log files, in other words files that register interactions – including browsing activities – and which may contain also Personal Data, such as the user’s IP address.

Information not contained in this policy
Further information relating to the processing of Personal Data may be requested at any time from the Data Controller.

Links to third-party websites

The Controller is not responsible for the processing of personal data that is carried out by and through websites reached from this website through links.

Interested Parties: Suppliers and potential Suppliers (natural persons)

OVERMARINE GROUP S.p.A. – with registered office at 234, via Virgilio, 55049 Viareggio (LU) VAT reg. no 02232770467 – a subsidiary of EFFEBI GROUP S.p.A., in the capacity as Controller of your personal data, for the effects and purposes of Legislative Decree no 196 dated 30 June 2003 (‘Personal Data Protection Code’), and of Regulation (EU) 2016/679 (also GDPR), hereby informs you that the aforementioned legislation provides for the protection of individuals and other subjects with regard to the processing of their personal data, and that said processing must be carried out according to principles based on fairness, lawfulness, transparency and the protection of you and your rights.

Your personal data will be processed in accordance with the provisions of the above regulations and the confidentiality obligations contained therein.

Purpose of the processing: in particular, your data will be processed for purposes related to the performance of the following tasks, concerning legislative or contractual obligations:

1. Performance of taxation and accounting statutory obligations
2. Any after-sales activities
3. Management of litigations
4. Management of business and organisational relationships with the supplier
5. Planning of activities
6. Invoicing History

The processing of functional data for the performance of such obligations is necessary for the correct management of the relationship and their provision is mandatory to implement the aforementioned purposes. The Data Controller also states that a failure to communicate or the incorrect communication of any of the mandatory information may result in the Controller being unable to ensure the adequacy of the processing.

For the purposes of the above processing, the Controller may become aware of data defined as “ordinary” and “special”, namely “sensitive” and “legal” data, in accordance with the Privacy Law, and in particular:

1. Email address
2. Telephone number
3. Personal details and billing information
4. Information on judicial proceedings

Your sensitive data subject to processing are only those strictly relevant to the obligations, tasks or purposes described above and will be processed in compliance with the directions contained in the relevant General Authorizations of the Supervisory Authority.

Subject to your consent (which is required at the time of collection of data), your personal data may also be used for the following purposes:

• Sharing of personal details, pictures and/or videos on the company website or on other advertising material.

Your provision of data is optional with regard to the above purposes, and any refusal of consent to the processing of data will not affect the continuation of the relationship or the adequacy of the processing, except for the impossibility to serve the customer in the best possible way. These data are used to optimise the administrative and commercial relationship and for any dispatch of promotional material. It is appropriate to point out that most of the processing operations are not subject to the obligation to acquire consent pursuant to Art. 24 of Legislative Decree no. 196/2003 and art. 7 of the GDPR.

Moreover, pictures or videos may be acquired during exhibitions or events managed by the Data Controller, also upon request for verbal consent. The persons in charge will ensure that those who expressly refused the consent are not included in the recorded images, as shown in the appropriate form, if applicable.