Persuant to art. 13 of the European Regulation 2016/679 (the “Privacy Regulation”, ONFRAME SRL wants to inform all users and/or visitors on www.on-frame.com (respectively the “Users” and the “Website”), about the use of personal data, log files and cookies gathered through the same Website.
The Personal Data Controller is ONFRAME SRL (C.F. e P.IVA 04236430981) with legal office in Castelmella (BS), e-mail info@on-frame.com, (hereinafter referred to as the “Data Controller”).
a) Automatically
– User’s browsing data:
Computer systems and software procedures used to operate this website collect, during their normal functioning, some personal data the transmission of which is implicit in the use of internet communication protocols.
Such data is necessary for the use of the web services and it is also processed to:
• obtain statistic information about the use of the services
• monitor the correct functioning of the offered services.
Browsing data is retained for no longer than 180 days (except in case of verification of a possible crime from the Juridical Authority).
b) Notified by the customer
– Data notified by the user:
The optional, explicit and voluntary sending of data through different compile forms on the website requiring the acquisition of the sender’s data is necessary to fulfill the contact’s requests, provide products or services and to assign credentials.
c) Through cookies
The website uses cookies, for which please refer to the extended information “privacy cookie”.
The requested and provided personal data is necessary to allow access to the website and to use the following services:
Service type: access to the Reserved Area/download
Collected personal data type: registries, access credentials, contacts.
Purpose: to allow access to exclusive material dedicated to registered subjects (reserved area).
Legal basis: contract execution.
Retention time: until request of cancellation from Reserved Area.
Service type: contacts area for products/services
Collected personal data type: registries, contact data (for example e-mail, telephone numbers…).
Purpose: to gain users’ references through compilation of specific forms in order to satisfy requests for informative/commercial contact.
Legal basis: contract execution and legitimate interest.
Retention time: 24 months from the contract acquisition or renewal or until revocation.
Service type: to use the e-commerce service;
Collected personal data type: registries, contact data (for example e-mail, telephone numbers…), bank/financial data
Purpose: to execute a CONTRACT FOR THE PURCHASE OF PRODUCTS/SERVICES (e-commerce).
Legal basis: contract execution.
Retention time: until statutory obligations are fulfilled.
Service type: newsletter service;
Collected personal data type: registries, e-mail contact data
Purpose: to count subscribers by sending a periodical newsletter about activities relating to the company (NEWSLETTER).
Legal basis: consent.
Retention time: until revocation of consent.
Data processing with the above-mentioned purposes will be carried out owing to the Privacy Policy and to all the specific regulations.
Data will be mainly processed with IT tools under the authority of the Data Controller, by subjects specifically in charge, authorized and instructed to process data pursuant to Articles 28 and 29 of the Privacy Policy. Please notice that proper security measures are also taken accordingly to art. 5 and 32 of the Provacy Policy to avoid leakage of data, illicit or incorrect use and non-authorized access.
The provision of data is optional but in case of missing provision it will not be possible to use any service offered by our website.
Within the EU data can be communicated, in full respect of what is stated in the Privacy Regulations, to the following subjects:
• To Financial Administration and to other Public Authorities, when it is required by law or upon their request;
• To external structures, subjects and companies which are used by the Owner to perform connected activities that are instrumental or consequent to the execution of the website services;
• To financial institutions with purposes being instrumental to the possible purchase of goods/services whenever there is an e-commerce area.
Information that has been automatically collected by the website can also be transferred to extra EU ubicated Third Parties’ cloud servers, whenever the processing is necessary to execute website services. The legal basis of such processing is art. 49, paragraph 1, lett. B of the Privacy Regulations.
Through the Website data is processed in compliance with the applicable law and using adequate security measures in accordance with the regulation in force and pursuant to art. 5 and 32 of the Privacy Regulations.
In this regard, by the way, we confirm the adoption of proper security measures aiming to stop non-authorized accesses, theft, divulgation, non-authorized alteration or destruction of the processed data.
Please note that at any moment the rights referred to under art. 15 and following of the Privacy Regulations can be exercised by sending a written notice to the Data Controller’s addresses with the purpose of obtaining:
• Confirmation of whether the personal data exists or not and of the respective origin, to verify the accuracy or require its update, rectification and integration .
• Access to data, their cancellation or data processing limitations.
• The transformation to anonymous form or the blocking of data processing in violation of the law.
Also, you will be able to oppose to personal data processing when previously provided.
Regarding the Newsletter, please notice that the possible request for cancellation can be expressed by using the proper link/click.
The Data Controller reserves the right to modify the present Privacy Policy and to replace the previous versions. The present policy was released in March 2021.