Privacy Policy in accordance with art. 13 of EU Reg. 2016/679 on the protection of personal data.

OMPAGRILL S.R.L., VIA G. PUCCINI 9/B, Post code: 36027, ROSA’ (VI), VAT Number: 01795890241, in its capacity as Data Controller, informs you, pursuant to Article 13 of the EU Reg. 2016/679 (General Data Protection Regulation, henceforth “GDPR”), concerning the essential elements of the processing of data carried out and illustrated below.

We would like to point out that our company operates in full compliance with the applicable Italian legislation on the protection of personal data and the GDPR, recognising its absolute importance.

Before proceeding to browse the site, we therefore invite you to carefully read this privacy policy (henceforth referred to only as the “Policy”), as it contains important information on the protection of personal data and the security measures adopted to ensure their confidentiality.

Furthermore, this Policy:

  • shall be deemed to apply only to the website OMPAGRILL.IT(“Site”) while it does not apply to other websites that may be consulted through external links;
  • is to be understood as a privacy policy provided pursuant to art. 13 of the GDPR to those who interact with the Site.

These are the essential elements of the processing carried out.

Personal data processed

Personal data means any information relating to an identified or identifiable natural person with particular reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.

The personal data collected by the Site are as follows:

a) Browsing data: the Site’s computer systems collect certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to identify you, but by its very nature could, through processing and association with data held by third parties, allow you to be identified. The data collected include, for example, the IP addresses or domain names of the devices used to connect to the Site, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to your operating system and computer environment;
b) Data provided voluntarily: through the Site you have the opportunity to voluntarily provide personal data, for example, your name and e-mail address to contact us through the “Contact Us” form or your contact details. We will use these data in compliance with the applicable legislation in force, assuming that they refer to you. In the event that the data refer to a third party, you will act as autonomous data controller for the latter, assuming all legal obligations and responsibilities. In this sense, you hereby grant us the widest possible indemnity with respect to any dispute, claim, request for compensation for damage caused by processing, etc., that we may receive from third parties whose personal data have been processed through your use of the Site in violation of the applicable legislation currently in force.

Purpose and legal basis of processing

Specifically, your personal data is processed for the following purposes and legal bases:

  • viewing and browsing the site (these activities are connected with the correct provision of the various functions requested by you, for security reasons and to ascertain responsibility in the event of hypothetical computer crimes against the Site, as well as to obtain anonymous statistical information on the use of the Site and to check its correct operation); the legal basis of the above purpose is identified in the contract and pre-contractual measures (art. 6.1, letter b, GDPR);
  • activities related to contact management (examples of activities are: filling in the contact form on the website or, more generally, sending an e-mail involving the processing of personal data such as, for example, name, surname, subject; the legal basis of the above purpose is identified in the contract and pre-contractual measures (art. 6.1, letter b, GDPR);
  • activities related to execution of the contract to which you are a party, including the pre-contractual phase (examples of activities are: the provision of a service, the response to a request, the request for contact via the Contact form, etc.); the legal basis for the above purpose is identified in the contract and pre-contractual measures (art. 6.1, letter b, GDPR);
  • statistical research/analysis on aggregated or anonymous data (this is an activity that does not involve the processing of personal data, as it does not involve the identification of the user and serves, for example, to measure the operation of the Site, measure traffic and assess interest);
  • activities connected with the assessment and/or exercise and/or defence of rights (examples of activities are: disputes relating to the correct fulfilment of the contractual relationship, reminders, debt collection); the legal basis for the aforementioned purpose is identified in the legitimate interest (Art. 6.1, f, GDPR);
  • other activities in execution of legal obligations/authorities’ orders (such as, for example, communication to third parties); the legal basis is identified in the legal obligation (Art. 6.1, c, GDPR);
  • maintenance of computer systems and devices (persons in charge of maintaining and repairing the Site may accidentally access Your personal data. These events are entirely sporadic and unforeseeable and, in any case, have no identification purpose and are limited in duration to the performance of the maintenance/repair work); the legal basis of the above purpose is identified in the legitimate interest (art. 6.1, letter f, GDPR).

None of our processing is based on consent. The legal bases on which we operate are: contract, legal obligation and legitimate interest.

We do not carry out processing with automated decision-making processes or profiling.

Specific policies will be published on the pages of the Site set up for the provision of certain services (e.g. contact form).

Data retention times

Your personal data will be stored for the periods of time strictly necessary to achieve the primary purposes as indicated above, and to comply with the provisions of laws.

In particular, for viewing and browsing the site your personal data are deleted after 7 days, unless they are required for the exercise or defence of rights; for activities related to contact management your personal data are deleted when the purpose of contact, reply or correspondence is finally completed, for activities related to the execution of the contract to which you are a party, (including the pre-contractual phase), your personal data will be kept for the entire duration of the contractual relationship and, once the relationship has ended, they will be kept for any need to ascertain/exercise/defend a right, activities related to the ascertainment and/or exercise and/or defence of rights, up to the time allowed by national law to protect its interests (art. 2946 and 2947 Civil Code), without prejudice to further storage in case of interruption of the requirement; for activities in execution of legal obligations/authorities’ orders and for activities of maintenance of computer systems and devices, referring to personal data that we have for the other purposes indicated in this Privacy Policy, the retention times will coincide with those identified from time to time for the aforementioned purposes.

Consent and optional/compulsory nature of providing data.

The processing of your personal data, for the purposes described above, may be carried out without your consent.

The provision of your data, which you undertake to provide us with by contract or by law, is compulsory and constitutes a necessary requirement for the conclusion of the contract and failure to provide them will make it impossible for us to execute the contracts and other related obligations. Any other provision of your personal data (e.g. for sending requests that have not yet been contracted or for navigating the site) is merely optional. The only consequence of not providing optional data will be the impossibility of providing or performing the requested services.

Categories of recipients

Your Personal Data may also be disclosed to third parties for technical and operational purposes strictly related to the purposes set out above and in particular to the following categories of persons:

a. persons necessary for the provision of the services offered by the Site, including, by way of example, the sending of e-mails and the analysis of the operation of the Site, who typically act as our data controllers;

b. entities, professionals, companies or other establishments entrusted by us with the processing related to the fulfilment of contractual, administrative, accounting, insurance and management obligations related to the ordinary performance of our economic activity, including for the purpose of credit recovery;

c. public authorities and administrations for purposes connected with the fulfilment of legal obligations or persons entitled to access such data by virtue of provisions of Community law, regulations or legislation;

d. banks, financial institutions or other entities to which the transfer of such data is necessary for the performance of our company’s business activity in relation to the performance of our contractual obligations towards you;

e. providers of installation, assistance and maintenance services for IT and telematic facilities and systems, as well as all the services functionally connected to and necessary for fulfilment of the contract;

f. persons authorised by us to process data who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality (e.g. employees and collaborators).

Transfer abroad

The Data Controller shall not transfer personal data outside the European Economic Area. The Controller, however, reserves the right to use services in the cloud, in which case the service providers will be selected from those who provide adequate guarantees in accordance with applicable law.

Data processing procedure

Your personal data will be processed both in electronic and paper format.

However, the processing will be carried out mainly with computer tools and in any case with the observance of the minimum precautionary measures of security and data confidentiality. In particular, technical, IT, organisational, logistical and procedural security measures have been implemented to prevent the loss, unlawful or irrelevant use of, and unauthorised access to, data.

Cookies

We do not use cookies, except of a technical nature to ensure correct display and browsing of the site. Technical cookies do not require consent.

Please note that you can configure your browser not to automatically accept cookies.

Below are some instructions for disabling cookies on the most popular browsers:

Rights of the data subject and complaints to the Supervisory Authority

We inform you that you can exercise the following rights with regard to the processing of your personal data:

a. Right to obtain access to your personal data (Art. 15, GDPR): you can contact us to find out if your personal data is being processed and the information required by law on processing;

b. Right of rectification(Art. 16, GDPR): to obtain the correction of your inaccurate personal data or the integration of incomplete data;

c.Right to cancellation/oblivion (Art. 17, GDPR): obtain the cancellation of your personal data, in the cases provided for by law;

d. Right to the limitation of processing (Art. 18, GDPR): to obtain the submission of your personal data to the storage only, with the exclusion of other activities, in the hypotheses provided for by the law;

e.Right to portability (Art. 20, GDPR): to obtain your personal data in a structured format, of common use and readable by automatic devices and also to obtain the direct transfer to another data controller for the processing, in the hypotheses provided for by the law;

f. Right to oppose (Art. 21, GDPR): right to stop further processing of personal data for reasons related to your particular situation, unless our legitimate reasons prevail, in the cases provided for by law;

g. Right to withdraw consent (Art. 7.3, GDPR): right to withdraw consent at any time in cases where processing is based on consent.

To exercise the above rights, you can use the Controller’s contact details provided in this Policy.

The exercise of the rights is not subject to any formal constraint and is free of charge.

We also inform you of your right to make a complaint before the competent authority for personal data protection. We remind you that complaints, according to Art. 77.1 of the GDPR, can be filed by data subjects with the Authority of the place where the data subjects habitually reside, where they work or where the alleged violation occurred. .

Data Controller

The Data Controller is OMPAGRILL S.R.L.

Contact data of the Data Controller:

info@ompagrill.it

  • Telephone: 0424590800
  • postal address: VIA G. PUCCINI 9/B, Post code: 36027, ROSA’ (VI)

Amendments

This Policy has been in force since 25 May 2018. We reserve the right to modify or simply update the content, in part or in full, also due to changes in the applicable legislation. The updated Policy will be promptly published on this Site. We therefore invite you to visit this page regularly to check for any updates.

USE OF THE WEBSITE

Content of the website
The content and configuration of the website are the exclusive property of the company Ompagrill s.r.l. and any use of the same (copying, reproduction, sending to third parties, distribution, etc…) is
expressly forbidden if not previously authorised by the company.

For this reason, the company reserves the right to modify or delete any part of the website without warning, and cannot be bound by information as it was on the website before it was
cancelled and modified.

The data on the site should, therefore, be considered as purely illustrative and cannot be a source of commitment for the company Ompagrill s.r.l., which assumes no responsibility in case of technical inaccuracies and/or typographical errors, or failure to update content. The user of the site is recommended to always contact the headquarters of the company Ompagrill s.r.l. directly in order to ascertain that the information given on the site is up-to-date and/or complete and accurate.

  • OMPAGRILL s.r.l.
  • P.IVA 01795890241