2. Controller. Data Protection Officer
2.1. The “controller” (within the meaning of Article 4(7) of the GDPR) is: Octo Telematics S.p.A., with registered office at Via Lamaro, 51 00173 Roma – Italy, Tel.: +39 (06) 726 53 41 – Fax: +39 (06) 729 01 45, email firstname.lastname@example.org.
2.2. The Users may also contact OCTO’s Data Protection Officer, also in order to exercise their data protection right as detailed in paragraph 8, at the following contact details:
Mr. Filippo Verna
at Octo Telematics S.p.A.
Via Lamaro, 51 | 00173 Rome
Tel. +39 (06) 726 53 41
3. Modalities of the processing. Sharing of personal data
3.1. Personal data relating to the services provided by this Website are processed through paper and electronic means by OCTO’s personnel (technical staff) expressly authorized. Personal data are stored on OCTO’s proprietary servers in Italy. No information deriving from the web services is passed on or disclosed to third parties acting as autonomous controllers.
3.2. We will never share Users’ personal data with any third party that intends to use it for direct marketing purposes, unless we have specifically informed Users and the same Users have given us specific consent to do this.
3.3. We may share Users’ personal data with:
a) companies of the OCTO Group located in the EU;
b) third party suppliers located in the EU;
c) other third parties as part of a corporate transaction such as a merger or sale of assets; public authorities and entities, for legal and tax purposes, or, possibly, in order to protect the business as well as the customers, staff or suppliers of OCTO. In some cases, OCTO may be requested to communicate the personal data in accordance with the legitimate orders from public authorities and to meet the national security requirements or comply with statutory provisions.
3.5. OCTO will only process personal data in countries located in the European Union and will not carry out any cross-border transfer of personal data outside the EEA, unless such transfer is based on the prior written consent of the Data Subject or any other suitable safeguard, including (a) the EU Commission standard contractual clauses; (b) EU Commission’s decisions of adequacy pertaining to the countries to which Data are transferred; (c) binding corporate rules adopted by OCTO Group or by OCTO’s designated processors or sub-processors.
4. Browsing data. Cookies
4.1. In the normal course of operation, the information systems and software procedures involved in the operation of this Website acquire certain items of personal information, the transmission of which is implicit in the use of internet communication protocols.
4.2. The information in question is not collected in order to be associated with specific Users, but could by its very nature allow the identification of these Users as a result of processing and association with information held by third parties.
4.3. This category of information includes IP addresses or domain names of computers used by Users who connect to the Website, addresses of the required resources in URI (Uniform Resource Identifier) notation, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (successful, error, etc.) and other parameters pertaining to the User’s operating system and information technology environment
4.4. The above information is used solely for the purpose of (a) enable Users to move around it and to use its features (technical cookies). Without these essential cookies, we may not be able to provide certain services or features and our Website will not perform as smoothly for Users as we would like; and (b) obtaining anonymous statistical information (analytics cookies) on the use of the Website. The information could be used to ascertain responsibility in the case of information technology offences committed against the Website.
4.5. The above cookies are placed directly by OCTO (so called “first party cookies”) or by a third party (so called “third party cookies”), as detailed below.
4.6. Our Website uses technical and analytics cookies and does not use profiling or advertisement cookies, i.e. those used to track a User’s navigation online and create a profile based on personal tastes, habits and choices, etc. Therefore, OCTO is not required to obtain Users’ prior consent in order to install cookies. That said, the User may deactivate first party cookies (i.e., technical and analytics) by clicking on the indicated links or, in the case of third party technical cookies, by accessing the privacy notices and – as the case may be – consent forms of such third party. Nonetheless the deactivation of such cookies could comprise the correct navigation and function of the Website.
Please note that the full list of cookies is currently under review. We will update as soon as possible the tables below.
5. Information voluntarily shared by Users
5.1. The optional, explicit or voluntary sending of e-mails to the addresses indicated on this Website entails the subsequent acquisition of the User’s (sender’s) e-mail address, required to respond to requests, and any other personal information included in the message. Specific information summaries will be progressively reported or displayed on certain pages of this Website that may be set up to provide specific services on request.
6. Purposes and legal basis of the processing
6.1. Personal data collected through the Website are used for the following purposes to:
b) obtain anonymous statistical information on the use of the Website (through analytics cookies). In such a case, the legal basis is represented by OCTO legitimate interest;
c) respond to the Users’ requests sent through the contact details included in the Website. In such a case, the legal basis is represented by the Users’ request;
d) send newsletters relating to OCTO products and services In such a case, the legal basis is represented by the Users express free consent or Users’ request to get the newsletters.
6.2. Data retention for the processing activities carried out through cookies are set out in the tables above. For the purpose under par. 6.1 c) above, personal data will be retained as long as necessary in order to answer Users’ requests.
6.3. Data retention for the processing activities under paragraph 6.1 d) is 12 months from (i) the personal data communication, or (ii) consent withdrawal.
7. How can Users change the cookie settings
7.1. By changing the settings in his/her browser, a User can decide to subject the installation of any type of cookie to his/her prior acceptance or fully prevent their installation. Please note that the setup of each browser is different and is explained in the “Help” menu of the browser. Herein below there is a link to the most commonly used browsers’ settings:
7.2. After altering the browser’s cookie settings, some of the website functions may not work correctly.
7.3. To disable cookies placed by Google Analytics, download a plug-in specific for Users’ browser from the following website: https://tools.google.com/dlpage/gaoptout.
8. Users’ rights
8.1. The Users, at any time and at no charge, can have and/or exercise the following rights, as specified in the GDPR:
a) the right to be informed on the purposes and methods of the processing;
b) the right of access;
c) the right to obtain a copy of the data held overseas and obtain information concerning the place in which such data are kept;
d) the right to ask for updating, rectification or integration of the data;
e) the right to request the cancellation, anonymization or blocking of the data;
f) the right to restrict the processing;
g) the right to object to the processing, wholly or partly, also where it is carried out through automated individual decision-making, including profiling;
h) the right to revoke the consent to the processing of the data freely and at any time;
i) the right to data portability, (i.e. to receive an electronic copy of User’s personal data, if the User would like to port his/her personal data to himself or a different provider);
j) the right to limitation of the processing;
k) the right to contact the data protection officer at the following email address: email@example.com;
l) the right to lodge a complaint in front of the competent national data protection or judicial authority.
8.2. In order to exercise the rights mentioned above, please use the contact details in par. 2 above.