With this note, Gruppo Coin S.p.A. intends to inform users visiting the website “upim.com” (hereinafter the “Website”) of the Policy adopted regarding Personal Data Protection, emphasising its commitment and focus on protecting the privacy of visitors to the Website.
Visitors may browse the website freely and are not obliged to register, except in certain areas of the same, in which the user can freely and expressly provide a series of personal data in order to access services for which their specific consent is required. Where visitors intend to provide personal data to access these services, they will be expressly informed, pursuant to 13 Lgs. Decree no. 196, 30 June 2003, Data protection code, stating (for example) the aims and method of data use by OVS, as well as the right to request the deletion of said data or the updating of same at any time.
Information on personal data protection
OVS S.p.A. hereby provides the following information, pursuant to and by effect of Legislative Decree no.196/2003 “Personal data protection code” (hereinafter the “Code”).
1. Data Controller and Supervisor
The Data Controller is OVS S.p.A., with headquarters in Mestre (Venice), at via Terraglio, 17, post code 30174, through its division, Upim. The Data Supervisor, with regard to the management of the website, is the head of the Oviesse General Brand Management Division. You may request to be notified of the name of the Data Supervisor, and receive a full list of the Data Supervisors by writing to the addresses indicated at point 7.
2. Optional nature of the user’s decision to provide personal data
Whether the user provides the personal data is generally an optional decision. Only in certain cases, failure to confer the data can prevent the user from accessing specific services and obtaining the object of the request.
3. Data processing procedures and field of communication
The data can be processed both electronically and in paper form. Upim guarantees that the personal data provided via the website will be processed lawfully and correctly, in full compliance with the legislation in force, and will maintain the strictest confidentiality regarding the data provided during registration. All the information collected is sent via a protected connection to prevent it being intercepted by third parties. The safety of the Website is guaranteed and certified by a leading company in the provision of services regarding Internet security.
Data will not be communicated or disseminated to third parties except within the limits and under the conditions expressly indicated in the note provided to the user from time to time, and only upon receipt of authorisation from the same.
4. Links to other sites
This note is only applicable to the website www.upim.com and is not valid for any other websites that may be consulted by the user via links on the same. Upim cannot be held responsible for the personal data provided by the users to external parties or to any other websites that may be linked to this site.
5. Location of data processing
The data relative to the services provided by the Website is processed in the legal office of Upim indicated at point 1 above by those appointed for this purpose by the Marketing Management Division.
6. Rights of the interested parties
Pursuant to art. 7 Lgs. Decree 196/2003, you have the right to obtain, from the Data Supervisor, information concerning the processing of your data, including: 1) to obtain, without delay, confirmation of the existence of your personal data[…]; 2) obtain: a) information on the source of the personal data, the purposes and methods of the processing, the logic applied to the processing carried out with the help of electronic means, the identification data of the data controller, data processors and the entities or categories of entity to whom or which the personal data may be communicated and who may be made aware of said data in the capacity as data processors or persons in charge of the processing; have the data updated, amended or integrated, should you so wish; b) obtain the erasure, anonymization or blocking of data that have been processed unlawfully; 3) oppose, fully or partially the processing of your personal data for the purposes of advertising, disseminating advertising materials, direct sale, market research or market communication.
7. Review clause
At any time, you may exercise your rights, as per Art. 7 Lgs. Decree 196/2003 using the Contact Us form. The integral text of Legislative Decree no. 196 of 30 June 2003 can be consulted on the website of the Italian Data Protection Authority www.garanteprivacy.it/.
8. Types of personal data processed
You do not need to be registered to access the website. However, some sections in the website do require you to register, or use a username and password (e.g. to complete the on-line purchasing process).There are also certain services for which you must provide your data should you wish to use them (e.g. your data may be required if you wish to access the Newsletter services, contact us, etc.).
If Upim should acquire personal details and information, it will inform users beforehand, pursuant to Art. 13 of Lgs. Decree 196/2003, of the purposes for which said details have been requested and the methods which will be used for processing. If necessary, Upim will arrange to acquire the user’s specific consent for the relative use of the data. For example, personal data such as the user’s name and surname, telephone number, email address and other information that the user consents to provide may be requested to enable the user to access the services of the Website, and these must be provided by filling in a specific registration form. Upim will only use the personal data collected on-line for the purposes indicated during registration.
The data relative to the user’s connection to and browsing on the Website (such as the URI-Uniform Resource Identifier addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relative to the user’s operating system and IT environment) are only collected for the purpose of gathering anonymous statistical information about the use of the Website and to check that it works correctly, and these are erased immediately after processing. Data may be used to ascertain responsibility in cases of hypothetical computer crimes against the website, with the exclusion of these possibilities, these data will be deleted after the useful time for the provision of the services illustrated on the website.
With reference to the data relative to the user’s browsing within the website, please also see point 6 below regarding the Profiling tools used by the website.