Privacy

Articles 13 and 14 of Regulation 2016/679 / EU (hereafter referred to as "GDPR")

OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. (hereinafter also "Company" or "Owner") is committed to respecting and protecting your privacy and wishes you feel safe both during the simple navigation of the site and in case you decide to register providing us with your personal data to use the services made available to its Users and / or Customers. On this page, the Company intends to provide information on the processing of personal data related to users who visit or consult the website accessible via www.ocrim.com (the "Site"). This privacy policy is provided for the Company's website only, excluding any website that may be accessed through the links (a reference is made to the respective privacy policies on the websites visited). Reproduction or use of pages, materials and information contained within the Site, by any means and on any device, is not permitted without the prior written consent of the Company. Copying and / or printing is permitted for personal and non-commercial use only (for inquiries and clarifications please contact the Company at the addresses below). Other uses of contents, services and information on this site are not permitted. With regard to the content offered and the information provided, the Company will ensure that the contents of the Website are kept up-to-date and reviewed, offering no guarantee as to the adequacy, accuracy or completeness of the information provided explicitly declining any liability for any errors of omission in the information provided on the Website.
Source - Browsing data
OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. informs you that the personal data you provide and acquired together with the request for information and / or contact, registration on the site and use of services via smartphone or any other device used to access the Internet, as well as data necessary for the provision of these services, including the navigation data and the data used for the purchase of the products and services offered by the Company but also only the so-called "browsing" data of the site by the Users, will be processed in compliance with the applicable legislation. The information systems and software used for running this Web site capture, as part of their routine operation, certain personal data whose transmission is implicit in the use of the Internet, on the basis of the TCP/IP protocol. This information is not collected with the intent of associating it with identified users but, by its nature, it could lead to the identification of visiting users through processing and association with data held by third parties. The data in this category include "IP addresses" or the domain names of the computers used by the users connecting to the site, the URI (Uniform Resource Identifiers) notation addresses of the resources requested, the time of the request, the method used in submitting the request to the Web server, the size of the file obtained in response, the numeric code indicating the status of the response given by the Web server (executed, error, etc.) and other parameters relative to the user's operating system and system environment. These data are used solely to compile anonymous statistics on the use of the website of YouCo and to verify its correct operation. It is pointed out that the aforementioned data could be used to ascertain responsibility in the case of computer crimes against the Company's website or to other sites connected to it: except for this eventuality, the data on web contacts do not persist for more than a few days.
Source - Data provided by the user
The Company collects, stores and processes your personal data in order to provide the products and services offered on the Site, and for legal obligations. As regard to some specific Services, Products, Promotions, etc. the Company may process your data for commercial purposes. If that is the case, a specific, separate, optional and always revocable consent will be required with the methods and the contact details indicated below. The optional, explicit and voluntary sending of emails to the address indicated in the appropriate section of the Website, as well as the filling in of questionnaires (e.g. form), communication via chat, push notification via APP, social networks, call centres, etc., involves the subsequent acquisition of some of your personal data, including the data collected through the use of Apps and related services, necessary to respond to requests. We also point out that when using the mobile connection to access digital content and services offered directly by the Company or by our partners, it may be necessary to transfer your personal data to such third parties. We also point out that you may access the Site or connect to areas where you may be able to publish information using blogs or bulletin boards, communicate with others, for example coming from the Company page on Facebook®, LinkedIn®, YouTube®, and other social networks, review products and offers and post comments or content. Before interacting with these areas, please carefully read the General Conditions of Use considering that, under certain circumstances, the information published can be viewed by anyone with access to the Internet and all the information you include in your publications can be read, collected and used by third parties.

Purposes of processing and legal basis

The data is used for purposes:
1) strictly connected and necessary to register on the site www.ocrim.com, services and / or Apps developed or made available by the Company, the use of the related information services, the management of contact requests or information, for the purchase of products and services offered through the site of 'Company; 2) for ancillary activities related to the management of User / Customer requests and sending the feedback that may include the transmission of promotional material; 3) related to the fulfilment of obligations laid down by EC and national legislation, the protection of public order or the investigation and prosecution of offences; 4) direct marketing, namely sending advertising material, direct sale, market research or commercial communication products and/or services provided by the company; this activity may also relate to products and services of The Company and group companies by sending advertising material/information, promotions and/or invitations for the participation in initiatives, events and offers aimed at rewarding customers/users, "traditionally" invited (snail mail and/or calls), or by automated "contact" systems (for example, SMS and/or MMS, automated telephone calls, e-mails, fax, interactive apps), pursuant to art. 130 c. 1 and 2 of Legislative Decree No. 196/03 and amendments; The provision of data for the purposes referred to in points 1), 2) and 3), connected to a pre-contractual and / or contractual or functional phase to a user request or required by a specific regulatory provision, is mandatory and Failing this, it will not be possible to receive the information and access any services requested; with regard to point 4) of this Information, the consent to the processing of data by the user / customer is instead free and optional and always revocable without consequences on the usability of products and services unless it is impossible for the Company to keep up to date on new initiatives or particular promotions or advantages available to users / customers. The Company may send commercial communications relating to products and / or services similar to those already provided, pursuant to Directive 2002/58 / EU, using the electronic mail coordinates, or the paper ones, indicated by you on such occasions to which you may oppose with the methods and the contact details below.
Processing methods and criteria, storage times and protection measures
The processing is also performed with the help of electronic or automated means and is carried out by the Company and / or by third parties that the Company may employ for the storage, management and transmission of the data. Organisation and processing logics will also be applied to your personal data in relation to access and usage logs for online services, for the purposes mentioned above and in a way that ensures the security and confidentiality of the data. The personal data processed will be kept for the time required by the legislation in the applicable time. More specifically, in the sections of the Web site dedicated to specific services, where the user's personal data are requested, the data are encrypted through a security technology known as Secure Sockets Layer (SSL). The SSL technology codes the data before they are exchanged (via the Internet) between the user's processing system and Sopaf's main systems, thereby making the data indecipherable by non-authorized persons and guaranteeing the confidentiality of the information transmitted. Precisely with reference to the personal data protection aspects, the user / customer is invited, pursuant to art. 33 of the GDPR to report to the Company any circumstances or events from which a potential "breach of personal data (data breach)" may occur in order to allow an immediate evaluation and the adoption of any actions aimed at combating such event by sending a communication to m.latini@ocrim.com or contacting Customer Service. The measures adopted by the Company do not exempt the Customer from paying the necessary attention to the use, where required, of a password / PIN of adequate complexity, which will have to be updated periodically, especially in case the subject has been violated / known by third parties, as well as carefully and make it inaccessible to third parties, in order to avoid improper and unauthorized use.

A cookie is a short string of text that is sent to your browser and possibly saved on your computer (alternatively on your smartphone / tablet or any other tool used to access the Internet); this submission generally occurs every time you visit a website. The Company uses cookies for different purposes, in order to offer you a fast and secure digital experience, for example, allowing you to keep the connection to the protected area active while browsing through the pages of the site. The cookie stored on your computer, cannot be used to retrieve any data from your hard drive, pass on computer viruses or to identify and use your e-mail. Each cookie is unique in relation to the browser and device you use to access the Website or use the Company App. Generally, the purpose of cookies is to improve the functioning of the website and the user's experience in using it, even if cookies can also send advertising messages (as specified below). For more information on what cookies are and how they work, please consult the website "All about cookies" http://www.allaboutcookies.org.

Areas of communication and data transfer.

For the pursuit of the aforementioned purposes, the Company will be able to communicate and have users'/ customers' personal data to deal with third parties with whom we have relationships, in Italy and abroad, in the case third parties provide services upon our request. The latter will only provide them with the information necessary to perform the services required, taking all measures to protect your personal data. Your details may be passed to countries outside of the European Economic Area in order to process and arrange for the products and services you request. In this case, the recipients of the data will be imposed security and obligations equivalent to those guaranteed by the Data Controller. In the case of use of services offered directly by Partners we will provide only the data strictly necessary. In any case, only the data necessary for the achievement of the intended purposes will be communicated and, where required, the guarantees applicable to transfers of data to third countries will be applied. We may also disclose personal data to our commercial suppliers, for marketing reasons, in which case will external processors be appointed. In addition, personal data may be disclosed to the competent public bodies and authorities for compliance with regulatory requirements or for ascertaining responsibility in the case of computer crimes to the detriment of the site as well as communicated to, or allocated to, third parties (as responsible or, in the case of providers of electronic communication services, autonomous owners), who provide computerised and services (e.g. websites hosting, management and development) and which the Company uses to carry out technical and organisational tasks and activities that are instrumental to the functioning of the website. The subjects belonging to the above categories operate as separate Data Controllers or as Managers appointed by the Company for this purpose. Personal data may also be known by the Employees/Consultants of the Data Controller, who have been specifically appointed to be in charge of the data processing. A list of the recipients or categories of recipients to whom personal data are communicated is available by writing to the contacts below.

Data subjects' rights

You can exercise at any time the rights that are recognised by law, in order to
a) access your personal data, obtaining evidence of the purposes pursued by the Owner, the categories of data involved, the recipients to whom they may be communicated, the applicable retention period, the existence of automated decision-making processes; b) allow to correct inaccurate personal data without delay; c) obtain, in the cases provided for, the deletion of your data; d) obtain the limitation of the treatment or to oppose it, whenever possible; e) request the portability of the data that you have provided to the Company, ie receive them in a structured format, commonly used and readable by automatic device, also to transmit this data to another owner, within the limits and with foreseen limits art. 20 of the GDPR; Furthermore, you can lodge a complaint with the Guarantor for the Protection of Personal Data pursuant to art. 77 of the GDPR. For the treatments referred to in point 4), the Customer can always revoke the consent and exercise the right to oppose direct marketing (in "traditional" and "automated" forms). Unless otherwise indicated, the opposition shall be taken as referring to both traditional and automated communications.
Data Controller
Data controller, pursuant to art. 4 of the GDPR, is OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A., Via Angelo Massarotti, 76 – 26100 Cremona (CR) VAT number: 00106320195 – Tax code: 00106320195 The rights indicated above may be exercised upon request of the interested party as disclosed by the Customer Service or on the Company's website or by using the following references: Marta Latini (m.latini@ocrim.com). The use of the Website, as well as intended for tablets and / or smartphones, by the Customer and / or the User implies full knowledge and acceptance of the content and any indications included in this version of information published by the Company when the site is accessed. The Company informs that this information may be changed without prior notice and therefore recommends a periodic reading.

Clients' Personal Data Processing Policy

Pursuant to Articles 13 and 14 of Regulation 2016/679 / EU (hereafter "GDPR") OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA (hereinafter "Holder") established in Cremona (CR), Via Angelo Massarotti, 76 - 26100, in its capacity as "Data Controller", informs you that your personal data collected for the purpose of concluding the contract with the Customer / Supplier and / or in the context of execution and / or stipulation of the same will be processed in compliance with the cited legislation, in order to guarantee the rights, fundamental freedoms, as well as the dignity of natural persons, with particular reference to privacy and personal identity. We inform you that if the activities outsourced to you provide for the processing of personal data of third parties, as data controller it will be your responsibility to ensure that you have complied with the provisions of the legislation with regard to the subjects concerned in order to make their processing legitimate on our part.

Origin, purpose, legal basis and nature of the data processed

The processing of your personal data, directly provided by you, is carried out by OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA for the contract with the Customer / Supplier and / or in the context of its execution and / or stipulation.
Furthermore, the processing of personal data of third parties communicated by the Customer / Supplier to the Company is made possible. With respect to this hypothesis, the Customer / Supplier acts as autonomous data controller and accepts the consequent legal obligations and responsibilities, relieving the Company from any objection, claim and / or request for compensation for the damage caused by any processing that should reach the Company from interested third parties.
In compliance with the current legislation on the protection of personal data, the Data will be stored, collected and processed by the Company for the following purposes:
a) fulfilment of contractual obligations, execution and / or conclusion of the contract with the Customer/ Supplier and / or management of any pre-contractual measures;
b) fulfilment of any legal obligations, tax and fiscal provisions deriving from the performance of the business activity and obligations related to administrative and accounting activities;
c) sending, directly or through third parties, suppliers of marketing and communication services, newsletters and communications for the purpose of direct marketing through email, SMS, MMS, push notifications, fax, paper mail, cold calls, in relation to products supplied by other companies pursuant to art. 130 c. 1 and 2 of Legislative Decree. 196/03 (hereinafter "Code");
d) communication of data to third-party companies for the sending of newsletters and communications for marketing purposes through email, SMS, MMS, push notifications, fax, paper mail, cold calls, in relation to products supplied by other companies pursuant to art. 130 c. 1 and 2 of the Code;
e) Publication of customer / supplier’s biometric data on the company's website or on any catalogues / brochures, for promotional purposes.

Processing for the purposes a) and b) above legally based on the articles. 6.1 b), 6.1 c) of the Regulations.

The provision of data for the aforementioned purposes is optional, but any failure to provide the data and the refusal to supply them would make it impossible for the Company to execute and / or stipulate the contract and provide the services requested.
The legal basis for the processing of personal data for the purposes c), d) and e) is art. 6.1.a) of the GDPR as processing are based on consent; it is specified that the Data Controller may collect a single consent for the marketing purposes described herein, in accordance with the General Provision of the Guarantor for the protection of personal data "Guidelines on promotional activities and the fight against spam" of 4 July 2013. The conferment of consent to the use of data for marketing and promotional purposes is optional and if the interested party wishes to oppose the processing of data for marketing and promotional purposes performed with the means indicated herein, as well as revoke the consent given; may at any time do so without any consequence (except for the fact that you will no longer receive marketing communications and your image will no longer be published) by following the instructions in the "Rights of Interest" section of this Notice.
Finally, please note that for processing carried out for the purpose of sending direct advertising material or direct sales or for carrying out market research or commercial communications in relation to products or services similar to those used by the Customer / Supplier, the Company may use the e-mail addresses or personal data according to and within the limits permitted by art. 130, paragraph 4 of the Code and the provision of the Authority for the protection of personal data as of June 19, 2008 even in the absence of explicit consent. The legal basis of data processing for this purpose is art. 6, paragraph 1, let. f) of the GDPR, without prejudice to the possibility of opposing this processing at any time, following the instructions in the "Rights of the Interested Subject" section of this Notice.

Marketing

The data may be disclosed to third parties appointed as data processors in accordance with article 28 of the GDPR and in particular to banks, to companies operating in the insurance field, to service providers strictly necessary for carrying out the business activity, or to consultants of the company, where this proves necessary for fiscal, administrative, contractual or for reasons protected by the current regulations.
Your personal data, or the personal data of third parties in its ownership, may also be disclosed to external companies, identified from time to time, to whom FIMA SRL entrusts the execution of obligations deriving from the assignment received. Only data necessary for the activities requested by them will be transmitted. All employees, consultants, temporary workers and / or any other "natural person" who carry out their activities on the basis of the instructions received from OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA, pursuant to art. 29 of the GDPR, are appointed "persons in charge of processing" (hereinafter also "persons in charge"). To the persons in charge or to the Managers, possibly designated, OCRIM – SOCIETA’ PER L’INDUSTRIAMECCANICA SPA provides adequate operating instructions, with particular reference to the adoption and compliance with security measures, in order to guarantee the confidentiality and security of data.
Precisely with reference to the personal data protection aspects, the Customer / Supplier is invited, pursuant to art. 33 of the GDPR to report OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA any circumstances or events from which a potential "breach of personal data (data breach)" may occur in order to allow an immediate evaluation and the adoption of any actions aimed at combating such event by sending a communication to OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA at the addresses indicated below.
The data will not be disclosed.
The obligation to OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA to communicate data to Public Authorities upon specific request.
The data controller complies with the legislation on irregularity reporting (Legislative Decree 24/2023 - Whistleblowing legislation). As part of this processing, the personal data of the interested parties may be communicated to third parties (subjects designated to manage reports, judicial authorities, law enforcement agencies, other public and private third parties). In the case of reporting subjects, the legal basis for nominative reports is explicit consent; in the case of reported subjects, it is the same as the aforementioned regulation.

Transfer abroad

The transfer of your personal data abroad may occur if necessary, for the management of the assignment received. For the processing of information that will be communicated to these subjects’ equivalent levels of protection for the processing of their staff's personal data will be required. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the regulatory instruments will be applied in accordance with Articles.

Methods, logics of the treatment and storage times

Your data are collected and registered in a lawful and correct manner for the purposes indicated above in compliance with the principles and provisions of art. 5 paragraph 1 of the GDPR.
Data is processed through manual, computer and electronic instruments with a logic strictly correlated to the purposes and, in any case, ensuring the security and confidentiality of the information itself.
Personal Data will be processed by OCRIM - COMPANY FOR THE INDUSTRY MECCANICA SPA for the entire duration of the assignment and also subsequently to assert or protect their rights or for administrative purposes and / or to fulfil obligations arising from the regulatory and regulatory framework pro tempore applicable and in compliance with the specific legal requirements on data retention.

Rights of the Data Subject

In compliance with the limits and conditions established by the legislation on personal data protection regarding the exercise of the rights of data subjects with reference to the subject matter of this Disclosure Paper concerning data processing, as a data subject you have the right to request confirmation on whether your personal data is being processed, access to your personal data, and in relation thereto, you have the right to request rectification, cancellation, notification of corrections and deletions and to those whom any data is transmitted by our company. The limitation of processing in the cases envisaged by the law, the portability of the personal data you provided - in the cases indicated by the law, to oppose the processing of your data and, specifically, you have the right to object to decisions concerning processing you information if based solely on automated processing, including profiling. If you believe that the way your data has been processed is in violation of the rules of the GDPR, you have the right to lodge a complaint with the Guarantor pursuant to Article 77 of the GDPR.
If you wish to request further information on the processing of your personal data or for the possible exercise of your rights, you may contact in writing a Marta Latini (m.latini@ocrim.com).

Information on personal data processing for Suppliers

Pursuant to articles 13 and 14 of EU Regulation 2016/679/UE (hereinafter “GDPR”) OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. (hereinafter “Controller”) with legal offices in Cremona (CR), Via Angelo Massarotti, 76 - 26100, in its capacity as “Data Controller”, hereby informs you that your personal data, collected for the purposes of concluding the Supplier contract and/or to implement and/or stipulate the same, will be processed in compliance with the aforementioned regulations, to guarantee the rights, basic freedom, as well as the dignity of individuals, with particular reference to confidentiality and personal identity. We hereby inform you that whenever the services provided for you require the processing of the personal data of any third parties controlled by you, it will be your responsibility to ensure that you have fulfilled all the requirements of the regulation regarding these data subjects so that processing of their data by us is legitimate.

Source, purposes, legal basis and nature of the data processed

Processing of your personal data, provided directly by you, is carried out by OCRIM – SOCIETA’ PE L’INDUSTRIA MECCANICA S.P.A. for the purposes of concluding the Supplier contract and/or to implement and/or stipulate the same.
Furthermore, it may be necessary to process the third party personal data that have been disclosed by the Supplier to this Company. With regard to this possibility, the Supplier acts as autonomous data controller and takes on the consequent obligations and legal responsibilities, thus relieving this Company from any objection, claim and/or request for compensation for damage, caused by processing, that may be made against the Company by the third parties concerned.
In compliance with current laws on personal data protection, and without the need for express consent from the data subject, the Data will be archived, collected and processed by this Company for the following purposes:
a) to fulfil contractual obligations, to implement and/or stipulate the contract with the Supplier and/or manage any pre-contractual measures;
b) to fulfil any legal obligations and tax requirements resulting from business activities and any obligations linked to administrative and accounting activities.

The legal bases of processing for purposes a) and b) indicated above, are articles 6.1.b) and 6.1.c) of the Regulation.
Providing Data for the aforementioned purposes is voluntary, but failure to provide the Data, or refusal to provide them, means that this Company would not be able to implement and/or stipulate the contract and supply the services requested within it.

Disclosure

The Data may be disclosed to third parties that are appointed to carry out processing pursuant to article 28 of the GDPR and in particular to banks, insurance firms, to suppliers of services that are strictly necessary for carrying out business, or corporate consultants, where this may be necessary for fiscal, administrative or contractual reasons or for requirements that are protected by current legislation.
Your personal data, or the personal data of third parties that you control, may also be disclosed to external companies, duly identified, to which OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A entrusts the fulfilment of obligations resulting from the assignment received and to which will be communicated only the data needed for the activities requested. All the employees, consultants, temporary staff and/or any other “individual” who, authorised to process the data, carry out their activities based on the instructions received from OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A., pursuant to art. 29 of the GDPR, are appointed “data processors” (hereinafter “Processors”). The Processors, or those appointed to be Responsible for processing, are given adequate operating instructions by OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A., with particular reference to the adoption and observance of safety measures, to guarantee the confidentiality and the safety of the data. Specifically in reference to the aspects of personal data protection, the Client is invited, pursuant to art. 33 of the GDPR, to inform OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. of any circumstances or events that may lead to a potential data breach to allow for immediate assessment and adoption of any measures aimed to counteract the event, by sending a communication to OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. at the contacts provided below.
The data will not be disclosed.
Except in the event of a specific request where OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. is obliged to disclose data to the Public Authorities. The data controller complies with the legislation on irregularity reporting (Legislative Decree 24/2023 - Whistleblowing legislation). As part of this processing, the personal data of the interested parties may be communicated to third parties (subjects designated to manage reports, judicial authorities, law enforcement agencies, other public and private third parties). In the case of reporting subjects, the legal basis for nominative reports is explicit consent; in the case of reported subjects, it is the same as the aforementioned regulation.

Transfer of data abroad

Your personal data may be transferred abroad if necessary to carry out the assignment received. For processing of the information and data that may be disclosed to these subjects, levels of protection equivalent to those adopted for the processing of employees personal data will be requested. In any case, only the data needed to pursue the required purposes will be disclosed and the regulatory tools required by Section V of the GDPR will be applied. Furthermore, the Controller may use e-mail, Cloud Backup and other applications that imply transfer of your data abroad. The companies responsible for providing such services will be asked to provide levels of protection that are equivalent to those guaranteed by the Controller.

Processing logic, methods and retention times

Your data are collected and registered in a lawful and correct manner for the purposes described above and in compliance with the principles and requirements of art. 5 c 1 of the GDPR.
Data processing is carried out using manual, IT and telematic means with logic that is strictly related to the actual purposes and, in any case, will guarantee their safety and confidentiality.
Your personal data will be processed by OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. for the entire duration of the assignment and also subsequently to assert or protect its rights or for administrative purposes and/or to fulfil any obligations resulting from the applicable pro tempore regulatory and legal framework and in compliance with the specific requirements of the law on data retention.

Nature of provision

In relation to purposes a) and b) mentioned above, provision of your personal data is essential to complete the assignment undertaken between you and OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. and to allow OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A. to fulfil the obligations of the applicable regulations: failure to provide your data, or refusal to provide them, would make it impossible for the Company to implement and/or stipulate the contract and provide the services requested therein. Therefore, we hereby inform you that processing of your personal data is carried out on the basis of the requirements of art. 6 c. 1 b) of the GDPR.

Rights of the data subject

In compliance with, within the limits of, and under the conditions described in the regulation on personal data protection regarding the exercising of rights of data subjects , as far as the processing covered by this information is concerned, as the data subject, you have the right to ask for confirmation of whether your data are undergoing processing or not, to access the personal data that concern you and in relation to them, you have the right to ask for modification or cancellation, to ask that any parties to which your data have been disclosed by this Organisation be notified of their modification or cancellation, ask for limitation of processing in the cases foreseen by the regulation, the portability of the personal data – provided by you – in the cases specified by the regulation, to oppose processing of your data and, specifically, you have the right to oppose decisions that concern processing if it is based solely on automated data processing, including profiling. In the event that you believe that processing regarding your data breaches the regulations of the GDPR, you have the right to lodge a complaint with the Guarantor pursuant to art. 77 of the GDPR.
If you intend to request further information about the processing of your personal data or exercise any of your rights, you can write to a Marta Latini (m.latini@ocrim.com).

Personal Data Processing Information Contact Form

Pursuant to Articles 13 and 14 of Regulation 2016/679 / EU (hereafter "GDPR") OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA (hereinafter "Holder") established in Cremona (CR), Via Angelo Massarotti, 76 - 26100, in its capacity as "Data Controller", informs you that your personal data provided through the "contact form" will be processed in compliance with the aforementioned regulations, in order to guarantee the rights, fundamental freedom, as well as the dignity of natural persons, with particular reference to privacy and personal identity. We inform you that if the activities outsourced to you provide for the processing of personal data of third parties, as data controller it will be your responsibility to ensure that you have complied with the provisions of the legislation with regard to the subjects concerned in order to make their treatment legitimate on our part.

Origin, purpose, legal basis and nature of the data processed

The processing of your personal data, directly supplied by you, is carried out by OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA for the sole purpose of processing the requests that you send to the company by completing the form, or through further contacts. The processing of personal data of third parties communicated by the User to the Company is possible. With respect to this hypothesis, the User stands as an independent data controller and assumes the consequent legal obligations and responsibilities, relieving the Company from any objection, claim and / or request for compensation for the damage caused by the process that should reach the Company from interested third parties.
In compliance with current legislation on the protection of personal data and without the need for specific consent by the data subject, the Data will be stored, collected and processed by the Company for the following purposes:
a) Processing of requests made by the User.
b) Fulfilment of legal obligations possibly related to the provision of the requested service.
The legal basis of processing for the aforementioned purposes are articles 6.1 b), 6.1 c) of the Regulations.
The provision of data is optional, but failure to provide the data and refusal to provide them would make it impossible for the Company to perform and / or provide the services requested.

Marketing

The data may be disclosed to third parties appointed as data processors in accordance with article 28 of the GDPR and in particular to banks, to companies operating in the insurance field, to service providers strictly necessary for carrying out the business activity, or to consultants of the company, where this proves necessary for fiscal, administrative, contractual or for reasons protected by the current regulations.
Your personal data, or the personal data of third parties in its ownership, may also be disclosed to external companies, identified from time to time, to whom OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA entrusts the execution of obligations deriving from the assignment received. Only data necessary for the activities requested by them will be transmitted. All employees, consultants, temporary workers and / or any other "natural person" who carry out their activities on the basis of the instructions received from OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA, pursuant to art. 29 of the GDPR, are appointed "persons in charge of processing" (hereinafter also "persons in charge"). To the persons in charge or to the Managers, possibly designated, OCRIM – SOCIETA’ PER L’INDUSTRIAMECCANICA SPA provides adequate operating instructions, with particular reference to the adoption and compliance with security measures, in order to guarantee the confidentiality and security of data. Precisely with reference to the personal data protection aspects, the Customer / Supplier is invited, pursuant to art. 33 of the GDPR to report OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA any circumstances or events from which a potential "breach of personal data (data breach)" may occur in order to allow an immediate evaluation and the adoption of any actions aimed at combating such event by sending a communication to OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA at the addresses indicated below.
The Data will not be disclosed.
The obligation to OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA SPA to communicate data to Public Authorities upon specific request.

Transfer abroad

Methods, logics of the treatment and storage times

Your data are collected and registered in a lawful and correct manner for the purposes indicated above in compliance with the principles and provisions of art. 5 paragraph 1 of the GDPR.
Data is processed through manual, computer and electronic instruments with a logic strictly correlated to the purposes and, in any case, ensuring the security and confidentiality of the information itself.
Personal Data will be processed by OCRIM – SOCIETA PER L’INDUSTRIA MECCANICA SPA for the entire duration of the assignment and also subsequently to assert or protect their rights or for administrative purposes and / or to fulfil obligations arising from the regulatory and regulatory framework pro tempore applicable and in compliance with the specific legal requirements on data retention.

Rights of the Data Subject

In compliance with the limits and conditions established by the legislation on personal data protection regarding the exercise of the rights of data subjects with reference to the subject matter of this Disclosure Paper concerning data processing, as a data subject you have the right to request confirmation on whether your personal data is being processed, access to your personal data, and in relation thereto, you have the right to request rectification, cancellation, notification of corrections and deletions and to those whom any data is transmitted by our company. The limitation of processing in the cases envisaged by the law, the portability of the personal data you provided - in the cases indicated by the law, to oppose the processing of your data and, specifically, you have the right to object to decisions concerning processing your information if based solely on automated processing, including profiling. If you believe that the way your data has been processed is in violation of the rules of the GDPR, you have the right to lodge a complaint with the Guarantor pursuant to Article 77 of the GDPR.
If you wish to request further information on the processing of your personal data or for the possible exercise of your rights, you may contact in writing a Marta Latini (m.latini@ocrim.com).

Information on the processing of data acquired through photos/recordings/clips

Pursuant to Articles 13 and 14 of Regulation 2016/679 / EU (hereafter "GDPR") OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA (hereinafter "Holder") established in Cremona (CR), Via Angelo Massarotti, 76 - 26100, in its capacity as "Data Controller", informs you that your personal data will be processed in compliance with the aforementioned regulations, in order to guarantee the rights, fundamental freedom and dignity of individuals, with particular reference to confidentiality and to personal identity. We inform you that if the activities outsourced to you provide for the processing of personal data of third parties, as data controller it will be your responsibility to ensure that you have complied with the provisions of the legislation with regard to the subjects concerned in order to make their treatment legitimate on our part.

Origin, purpose, legal basis and nature of the data processed

The processing of your personal data, directly supplied by you, is carried out by OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA in order to create promotional materials.
Furthermore, the processing of personal data of third parties communicated by you to the Company is made possible. With respect to this hypothesis, you stand as an independent data controller and assume the consequent legal obligations and responsibilities, relieving the Company from any objection, claim and / or request for compensation for damage caused by treatment that should reach the Company from interested third parties.
In compliance with the current legislation on the protection of personal data, the Data will be stored, collected and processed by the Company for the following purposes: a) Publication of photos, clips and recordings for promotional purposes.

The legal basis for processing personal data for the aforementioned purpose is art. 6.1.a) of the GDPR as the processing are based on consent.
The conferment of consent is optional and if the interested party wishes to object to the processing of their data, performed with the means indicated herein, as well as revoke the given consent, may at any time do so without any consequence (except for the fact that his image does not will be published more) following the indications in the "Rights of Interested" section of this Notice.

Marketing

The data may be disclosed to third parties appointed as data controllers pursuant to article 28 of the GDPR and in particular to social media managers; filmmakers, montages and images on printed paper; website managers; companies belonging to the mass media sector such as local television and the press, both generic and specialized; web tv; sponsorship company and event organization; sponsoring companies and sponsored companies that make the dissemination of data online, via print and / or television, through websites, blogs, portals, social media and any other instrument.
All employees, consultants, temporary workers and / or any other "natural person" who carry out their activities on the basis of the instructions received from OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA, pursuant to art. 29 of the GDPR, are appointed "persons in charge of processing" (hereinafter also "persons in charge"). To the persons in charge or to the Managers, possibly designated, OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA provides adequate operating instructions, with particular reference to the adoption and compliance with security measures, in order to guarantee the confidentiality and security of data. Precisely with reference to the personal data protection aspects, the interested party is invited, pursuant to art. 33 of the GDPR, to report to OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA any circumstances or events from which a potential "breach of personal data (data breach)" may occur in order to allow an immediate evaluation and the adoption of any actions aimed at combating such event by sending a communication to OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA at the addresses indicated below.
The Data will not be disclosed.
The obligation to OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA to communicate data to Public Authorities upon specific request.

Transfer abroad

Methods, logics of the treatment and storage times

Your data are collected and registered in a lawful and correct manner for the purposes indicated above in compliance with the principles and provisions of art. 5 paragraph 1 of the GDPR.
Data is processed through manual, computer and electronic instruments with a logic strictly correlated to the purposes and, in any case, ensuring the security and confidentiality of the information itself.
Personal Data will be processed by OCRIM - SOCIETÀ PER L’INDUSTRIA MECCANICA SPA for the entire duration of the assignment and also subsequently to assert or protect their rights or for administrative purposes and / or to fulfil obligations arising from the regulatory and regulatory framework pro tempore applicable and in compliance with the specific legal requirements on data retention.

Rights of the Data Subject

In compliance with the limits and conditions established by the legislation on personal data protection regarding the exercise of the rights of data subjects with reference to the subject matter of this Disclosure Paper concerning data processing, as a data subject you have the right to request confirmation on whether your personal data is being processed, access to your personal data, and in relation thereto, you have the right to request rectification, cancellation, notification of corrections and deletions and to those whom any data is transmitted by our company. The limitation of processing in the cases envisaged by the law, the portability of the personal data you provided - in the cases indicated by the law, to oppose the processing of your data and, specifically, you have the right to object to decisions concerning processing your information if based solely on automated processing, including profiling. If you believe that the way your data has been processed is in violation of the rules of the GDPR, you have the right to lodge a complaint with the Guarantor pursuant to Article 77 of the GDPR.
If you wish to request further information on the processing of your personal data or for the possible exercise of your rights, you may contact in writing a Marta Latini (m.latini@ocrim.com).

Data Controller

The Data Controller, pursuant to art. 4 of the GDPR, is OCRIM – SOCIETA’ PER L’INDUSTRIA MECCANICA S.P.A., Via Angelo Massarotti, 76 – 26100 Cremona (CR) P.IVA: 00106320195 - CF: 00106320195