The purpose of this Privacy & Cookie policy is to provide users (“User/Users”) who access the website https://www.ofmom.it/ (“Website”) and interact with the Website and with the services offered through the same, with information on the processing of their personal data, in accordance with Article 13 of EU Regulation no. 679/2016 (“Regulation” or “GDPR”), Legislative Decree no. 196/2003 (the “Privacy Code”) and the applicable privacy regulations.

The data controller is Ofmom S.r.l., with registered office in (20122) Milan (MI), Piazza San Babila 5, Tax Code and VAT number 10365770964, REA MI-2526350, electronic certified e-mail ofmom@pec.it, e-mail privacy@coreegroup.com (“Data Controller” or “Company”).

  1. PRIVACY POLICY
  2. COOKIE POLICY
  3. PRIVACY NOTICE FOR COMPANY’S CONTACTS

***

A. PRIVACY POLICY
  1. For what purposes does the Data Controller process Users’ personal data?
    a) To allow Users to contact the Company via the “Contacts” section and send requests for information to the Data Controller.
    Legal basis for the processing of personal data: handling and proper management of the User’s request to use a service offered on the Website.
    b) For purposes related to the protection of legal rights, the management of complaints and litigation, recovery of debts, the prevention of frauds, including computer frauds and/or illegal activities against Data Controller and/or Website. Legal basis for the processing of personal data: pursuit of a legitimate interest of Data Controller and/or third parties which, according to the evaluations of Data Controller, does not prevail over the fundamental rights and freedoms of the User.
    c) For purposes connected with the fulfilment of legal obligations, regulations, national and/or EU legislation as well as provisions issued by authorities empowered to do so by law.
    Legal basis for the processing of personal data: fulfilment of a legal obligation and/or an order issued by an authority under the law.
    d) Subject to the express and specific consent of the User to be provided by ticking the relevant checkboxes at the bottom of the data collection forms present on the Website, to send to User, via e-mail, communications of a commercial and/or promotional nature and/or informative newsletters, including personalized ones, concerning the products and/or services offered by the Company as well as invitations to events organized by the Company.
    Legal basis for the processing of personal data: consent that the User may decide to freely provide to the Data Controller.
  1. Is the provision of personal data by the User mandatory?
    Yes, it is mandatory with reference to the processing of personal data carried out by the Data Controller for the purposes referred to in letters a), b) and c) of paragraph 1. Failure by the User to provide the data will not allow the latter to contact the Data Controller and make use of the services offered by the Website.
    No, it is not mandatory with reference to the processing of personal data carried out by the Data Controller for marketing purposes (see letter d) of paragraph 1. Failure by the User to provide the data will not allow the User exclusively to receive commercial and/or promotional communications from the Data Controller and to be kept up-to-date on the Company’s activities and events organized by the latter, but it will not prevent the User from contacting the Data Controller and using the services offered by the Website.
  1. To whom are the User’s personal data communicated?
    The Data Controller may communicate the User’s data, for the purposes indicated in paragraph 1, to the following subjects/entities:
    (i) companies, consultants and/or freelance professionals entrusted by the Controller to carry out tasks of a technical or organizational nature relating to the Website or with which the Controller collaborates, for the purposes of the proper provision and operation of its services;
    (ii) persons, companies or professional firms that provide assistance and consultancy to Data Controller, with particular but not exclusive reference to accounting, IT, administrative, legal, tax and financial issues;
    (iii) companies that the Data Controller uses to carry out marketing activities;
    (iv) companies that provide the Data Controller with management, maintenance and hosting services for the Website;
    (v) subjects whose right to access data is recognized by law or by orders of the authorities.
    The subjects belonging to the above categories will use the User’s personal data as independent data controllers or, alternatively, may have access to it as data processors, duly appointed by the Data Controller pursuant to article 28 of the Regulation. These subjects may be established in EU and non-EU countries (and, in particular, in China, as the servers of the Website are located in this country): in the latter case, the Data Controller ensures to have adopted the measures provided for by the Regulation to legitimize the transfer of personal data abroad, including the so-called “Standard Contractual Clauses” approved by the European Commission, and that it has verified that the legislation applicable in the importing country allows personal data to receive a level of protection equivalent to that guaranteed within the European Union.
    User’s data may also be brought to the attention of employees of the Company who will process them in their capacity as persons in charge of processing.
    The list of persons to whom the data are or may be communicated may be requested to the Data Controller by sending an e-mail to privacy@coreegroup.com.
  1. How long are personal data stored?
    (i) Data provided by the User in the event of communications and/or requests for information addressed to the Data Controller: they will be stored for 12 months, after which they will be stored in accordance with the ordinary limitation periods established by the Civil Code or by specific legal provisions, for administrative purposes and/or to assert or defend a right or a legitimate interest.
    (ii) Data provided by the User for marketing purposes: they will be stored until the User requests not to receive such communications anymore.
  1. What are the rights granted to the User under the privacy law?
    The User may exercise, in the cases expressly provided for by law, the rights under article 15 et seq. of the Regulation. In particular, the User has the right to: (i) request confirmation as to whether or not his/her personal data is being processed and ask the Data Controller for access to the information relating to the processing; (ii) request the rectification of inaccurate or incomplete data; (iii) request the cancellation of data; (iv) request the restriction of the processing of personal data; (v) request to receive, in a structured, commonly used and machine-readable format, the personal data concerning him/her and transmit them to another data controller or request direct transmission from one data controller to another, if technically feasible (so called “data portability”); (vi) withdraw at any time the consent provided; (vii) object in whole or in part, for legitimate reasons, to the processing of personal data concerning him/her.
    These rights may be exercised by sending a communication to the following e-mail address: privacy@coreegroup.com.
    Finally, the User has the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it) if he/she considers that the processing of his/her data violates the legislation on the protection of personal data.

 

B. COOKIE POLICY

The Company informs Users that, during navigation and interaction with the services offered on the Website, the Data Controller will collect, by means of cookies and similar technologies, some personal data such as, for example, the pages visited, the links or buttons clicked, the date and time of access and the IP address (“browsing data“).

  1. What is a cookie and what is it used for?

Cookies are usually strings of text that websites visited by the User (so-called “publishers” or “first parties”) or other websites or web servers (“third parties”) place and store – directly, in the case of publishers, and indirectly, i.e., through publishers, in case of “third parties” – on User’s device. The information encoded in cookies may include personal data, such as an IP address, username, unique identifier or email address, but may also contain non-personal data, such as language settings or information about the type of device a person is using to browse the Website.

  1. Categorization

Cookies and, to a large extent, other tracking tools may have different characteristics in terms of time and therefore be considered according to their duration (session or permanent) or from a subjective point of view (depending on whether the publisher acts independently or on behalf of a “third party”).

The classification that responds to the ratio of the legal framework and therefore also to the needs of protection of the individual is based on two macro categories:

technical cookies, which are used for the sole purpose of making it faster and easier for the user to navigate and use the web as, for example, they simplify certain procedures when making an online purchase, when authenticating to restricted areas or when a website automatically recognizes the language usually used. A particular type of technical cookies are the so-called “analytical cookies“, used to collect information, in aggregate form, on the number of users of a website and on how they visit the website, and then to develop general statistics on the service and its use;

– profiling cookies, used to trace specific actions or behavioral patterns recurring in the use of the offered functionalities (patterns) to specific identified or identifiable subjects, in order to group the different profiles within homogeneous clusters of different sizes, so that the owner can, among other things, tailor the provision of the service in an increasingly personalized manner beyond what is strictly necessary for the provision of the service, as well as send targeted advertising messages, i.e. in line with the preferences expressed by the user while browising the web.

  1. What cookies are installed on the Website?

Necessary technical cookies: these cookies contribute to the availability of the Website by enabling basic functionalities, such as navigation on the Website pages and access to protected areas of the Website. The Website cannot operate properly without these cookies; therefore, their use does not require User’s consent. The legal basis of the processing for the use of these cookies is the legitimate interest of the Data Controller to allow Users to correctly browse the Website and to ensure the security of the Website.

 

Name Provider Purpose Expiration Type
viewed_cookie_policy Ofmom.it It is used to store whether the user has consented to the use of cookies or not. It does not store any personal data. 11 months HTTP
cookielawinfo-checkbox-necessary Ofmom.it It is used to store the user’s consent for the necessary cookies. 11 months HTTP
cookielawinfo-checkbox-analytics Ofmom.it The cookie is used to store the user’s consent for cookies in the “Analysis” category. 11 months HTTP
cookielawinfo-checkbox-marketing Ofmom.it The cookie is used to store the user’s consent for cookies in the “Marketing” category. 11 months HTTP
wp-wpml_current_language Ofmom.it Memorize the site’s consultation language. Session HTTP

 

 

Statistics: these cookies help us to process aggregate statistics to understand how Users interact with the Website, to assess the efficiency of the services offered on the Website and to measure traffic. The legal basis of the processing for the use of such cookies is the consent that the User may freely decide to provide to the Company through the banner or by accessing the [cookie_settings” section of the Website.

 

Name Provider Purpose Expiration Type
_ga Google The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. 2 years HTTP
_ga_GMNN1NKWFB Google This cookie is installed by Google Analytics. 2 years HTTP

 

Marketing: these cookies are used to track visitors of the Website. The purpose is to present advertisements that are relevant and engaging for the individuals and therefore of greater value to third party publishers and advertisers. The legal basis of the processing for the use of such cookies is the consent that the User may freely decide to give to the Company through the banner or by accessing the [cookie_settings] section of the Website.

 

Name Provider Purpose Expiration Type
BAIDUID Baidu.com These cookies may be set through our Website by our advertising partners. They may be used by these companies to build a profile of your interests and show you relevant advertisements on other websites. The only personal information used relate to the location of your internet browser and device. If you do not accept these cookies, you will receive less personalized advertising. 1 year HTTP

 

  1. How to disable cookies?

In addition to being able to choose to accept or reject all or part of cookies used by the Website through the mechanisms outlined in this Cookie Policy, you may also delete cookies from the Website through your browser settings.

Most browsers are set up to accept cookies. However, you can configure your browser to restrict the number of cookies accepted or block all cookies by changing your browser settings as follows:

Microsoft Internet Explorer – Click on the “Tools” icon in the top right-hand corner and select “Internet Options”. In the pop-up window, select “Privacy”. Here you can change your cookie settings;

Google Chrome – Click on the “three dots” icon in the top right-hand corner and select “Settings”. Then select ‘Privacy and Security’ and change ‘Privacy’ settings;

Mozilla Firefox – From the drop-down menu in the top left hand corner select ‘Options’. In the pop-up window select “Privacy”. Here you can manage your cookie settings;

Safari – From the drop-down menu in the top right corner select “Preferences”. Select “Security” and here the User can manage cookie settings.

Please note, however, that disabling the use of all cookies on the Website (including technical cookies) will affect some of its functionalities. The website www.allaboutcookie.org contains instructions on how to manage cookies on the most popular browsers.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.


 

 C. PRIVACY NOTICE FOR COMPANY’S CONTACTS

This privacy notice is addressed to all those data subjects who, in the context of formal and/or informal meetings (e.g. trade fairs, meetings, events, etc.), have provided their business card to our Company or to Coree S.r.l., (20122) Milan (MI), Piazza San Babila 5, tax code and VAT 09611020968, REA MI–2102018, pec coreesrl@legalmail.it, e-mail privacy@coree.com (jointly, the “Companies” or “Data Controllers”), asking at the same time to remain in contact with the Companies and to be kept up-to-date about their products and/or services and future events.

The personal data on the business card will be processed by the Companies exclusively for the following purposes: a) allowing the interested parties to stay in contact with our Companies and to be updated, via e-mail, about our products and/or services and our events; b) where necessary, the management of any litigation and/or pre-litigation proceedings, in the event of disputes, judicial controversies and/or transactions and the fulfilment of legal obligations.

The legal basis of the processing for the purposes indicated at letter a) is the legitimate interest of the data subjects – who have expressly requested to remain in contact with our Companies and to be kept up-to-date on our products and/or services and/or future events – and the correct management by the Companies of the aforementioned data subjects’ request.

The legal basis of the processing for the purposes of letter b), on the other hand, is, respectively, a legitimate interest of the Companies – consisting in the management of any litigation and/or pre-litigation proceedings – and the fulfilment of legal obligations.

The provision of personal data by data subjects is entirely optional, but failure to provide such data will not allow them to remain in contact with our Companies and to be kept up-to-date on our products, services and/or future events.

The data provided by you may be disclosed to persons and/or companies that provide services or assistance to the Companies, for example in marketing, IT and legal matters, and to other parties whose right to access personal data is recognized by law. These subjects will use personal data in their capacity as independent data controllers or as data processors and may be established in EU and non-EU countries: in the latter case, the Data Controllers guarantees to have adopted the measures provided for by the Regulation to legitimize the transfer of personal data abroad, including the so-called “Standard Contractual Clauses” approved by the European Commission, and that it has verified that the legislation applicable in the importing State allows personal data to receive a level of protection equivalent to that guaranteed to them within the European Union. The data may also be brought to the attention of our personnel, who will process them in their capacity as persons in charge of processing.

Data subjects’ personal data will be processed until they decide not to receive any more communications from the Companies, by sending an email to privacy@coreegroup.com or privacy@coree.com and indicating their intention.

We inform you that you can exercise, in the cases expressly provided for by the Regulation, the rights under articles 15 et seq. of the Regulation, and, in particular, ask for: access to information relating to the processing of your personal data; the correction of inaccurate or incomplete data; the cancellation of data; the restriction of processing of persona data; to receive, in a structured format, commonly used and readable by automatic device, personal data concerning you and transmit them to another data controller or request for the direct transmission from one data controller to another, where technically feasible (c. d. “data portability” right); object, in whole or in part, for legitimate reasons, to the processing of your personal data. These rights may be exercised directly by sending a communication to the following e-mail address: privacy@coreegroup.com or privacy@coree.com.

If you believe that the processing of personal data provided by you infringes the legislation on the protection of personal data, you also have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

***

This Privacy Policy can be amended at any time, in a visible way to users and data subjects by publishing the change on the Website. We therefore invite you to check these updates through the appropriate section of the Website. If the changes are particularly significant and/or have a high impact on the rights of data subjects, they may be communicated to data subjects also through a different method (e.g., by sending an e-mail to the data subjects).

Last Updated: January 28, 2022