(version no.  of 14 January 2022)
The Data Controller wishes to inform herewith all data subjects about the processing of their personal data carried out through the Website and the Cookies used by the Website, underlining the maximum efforts and commitment by the Data Controller to protecting the data subjects’ rights.
Further and more accurate details on the purposes of the processing as well as other useful information are available in the specific privacy policies of the various services.
In any case, the Data Controller guarantees that personal data shall be processed according to the principles of lawfulness, fairness, transparency and protection of the data subject’s privacy and rights.
Data Controller and contact details
Name: Onit Smart S.r.l. – Società Benefit
Tax code: 04600120408
Number of registration in the Companies’ Register of Forlì: 425472
Registered office: Via Dell’Arrigoni 220, Cesena, Italy
Certified email: email@example.com
Tel.: +39 0547 313110
Fax: +39 0547 318021
For any requests about the processing of personal data and the exercise of the data subject’s rights, please use the contact details below
Certified email: firstname.lastname@example.org
Tel.: +39 0547 313110
Fax: +39 0547 318021
Types of data being processed, methods and purposes of processing, storage period and/or criteria for determining storage periods, and legal bases
The following categories of personal data shall be processed: (i) navigation data; (ii) data provided by the data subject; (iii) data obtained through the cookies.
Data shall be processed automatically by the computer systems owned by and/or available to the Data Controller.
(i) Navigation data
The computer systems, the applications and the software procedures used to operate the Website collect, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
Such personal data include: (a) IP address or domain name of the PC and terminal used by the data subject; (b) URI/URL addresses of the requested resources; (c) the time of the request; (d) the method used to submit the request to the server; (e) the size of the file obtained in reply; (f) the numerical code indicating the status of the reply given by the server; (g) the search engine, if any, used to find the link to the Website and then access the Website; (h) other parameters concerning the operating system and computer environment used by the data subject to access and navigate the Website.
(i).1. Purposes of processing
Navigation data under point (i) shall be processed for the following purposes:
(a) allowing users to use the Website;
(b) checking the correct operation of the Website and carrying out the technological maintenance of the Website;
(c) establishing responsibility for any offences committed against the Data Controller through the Website or against the Website itself;
(d) obtaining anonymous aggregate statistical information about the use of the Website.
(i).2. Storage period
Navigation data under point (i) shall be stored for no longer than seven days and shall be cancelled immediately after having been aggregated and anonymised, unless otherwise required by a judicial authority for the detection of any offences.
(i).3. Legal basis
The legal basis for processing the navigation data under point (i) shall consist of the following concurrent and/or alternative criteria: (1) the legitimate interest of the Data Controller, pursuant to as well as within the limits of art. 6, par. 1, point f) of the Regulation, in order to ensure the correct use of the Website and prevent any possible cyber crimes; (2) the consent of the data subject pursuant to art. 6, par. 1, point a) and, if applicable, art. 9, par. 2, point a) of the Regulation; (3) the implementation of pre-contractual measures taken at the data subject’s request or the performance of a contract to which the data subject is party, which functionally require the processing of such data [art. 6, par. 2, point b), of the Regulation] in order to allow users to navigate the Website and access its contents free of charge, unless otherwise specified.
(ii) Data provided by the data subject
The voluntary sending of messages by the data subject to the Data Controller’s contact addresses, also by sending any emails or filling in and submitting any forms to the Data Controller, implies the collection by the Data Controller of the data subject’s contact details as well as other data, if any, provided by the data subject upon sending of the message (e.g. any data provided in the message content). The data subject shall be expressly forbidden to provide through any forms any personal data of a special nature and/or any personal data of third parties.
Pursuant to art. 13 and 14 of the Regulation, it is understood that, if the Data Controller intends to collect personal data for other specific purposes, the Data Controller shall provide the data subject with information on such additional purposes.
(ii).1. Purposes of processing
The processing of the data provided by the data subject (1) is aimed at allowing communication between the data subject and the Data Controller according to the data subject’s needs, including (2) the submission of any requests for additional information with respect to the information available on the Website or (3) the start of negotiations in order to enter into contracts for the supply of the services offered by the Data Controller. Obviously, should the Data Controller carry out any additional and more specific processing through the Website, the Data Controller shall each time provide the data subject with the relevant additional and more specific information on the protection of personal data (e.g. in relation to any requested services or if the Website includes specific processing such as the subscription to a newsletter or the request to send a CV for specific job roles). Should there be a material and actual risk of a dispute or of any offences committed through the above-mentioned means of communication, the data might be processed (4) to defend or to establish a right in court or (5) to allow any necessary investigations to be carried out, including by any competent public authorities.
(ii).2. Storage period
The data provided by the data subject under point (ii) shall be stored for the time strictly necessary to satisfy any communication needs as well as any data subject’s requests, except in the event of any requirements relating to the establishment or defence of legal claims or any dispute (in these cases the storage period shall be the one required for the above defence, taking also into account, if necessary, any evidence requirements, any terms of lapse and statutory limitation, which may also provide for a ten-year period, as well as any necessary investigations to be carried out about any offences, including by any competent authorities). It is also understood that the Data Controller may establish different storage periods within the specific privacy policies provided in relation to any additional specific services provided through the Website or any other purposes, for which the Data Controller shall provide specific and separate information on the protection of personal data, including information on storage periods.
(ii).3. Legal basis
(iii) Data obtained through the Cookies, methods and purposes of processing, storage period, and legal bases
Cookies may be defined (see Cookie Regulation) as «small strings of text which the websites visited by the user send to the user’s terminal (usually to the browser), where they are stored to be retransmitted to the same websites at the next user’s visit. While navigating a website, the user may also receive on his/her terminal cookies sent by other websites or web servers (so-called “third-party cookies”), which may contain some elements (such as images, maps, sounds, specific links to pages of other domains) available on the website that the user is visiting. The user’s browsers usually contain a great quantity of cookies, which sometimes are also very persistent. Cookies are used for several purposes: computer authentication, session monitoring, storage of information on specific settings about the users accessing the server, etc.».
There are different categories of Cookies according to objective (non-persistent technical session or navigation cookies; persistent technical cookies or functional cookies; analytical cookies with or without anonymised IP address; profiling cookies) or subjective classifications (cookies attributable to the website owner or manager, the so-called “editor” or “first-party” cookies; cookies attributable to other subjects, the so-called “third-party” cookies).
In particular, the Website uses the following Cookies for the specified purposes and storage period.