Tel.: (+39) 059 908511

Privacy Statement

Company OSIM srl, with registered office in Via Canaletto, 135 / b – 41030 SAN PROSPERO SULLA SECCHIA (MO), fiscal code and VAT number 00743300360 (hereinafter “Data Controller”) as the Data Controller,

Informs you that:

Under Art. 13 of Legislative Decree 30/06/2003 No. 196 (hereinafter, “Privacy Code” and under Article 13 of EU Regulation n ° 2016/679 (hereinafter, “GDPR”) that your personal data will be processed in the following ways and for the following purposes:

  1. Content. The Data Controller processes the personal data (for example, name, surname, company name, address, phone number, E-mail address, bank and payment details – later called, “personal data” or even “data”) provided by you while entering into the contracts for the Data Controller services.
  2. Purpose. Your personal data are processed without your explicit consent (Article 24 letter a), b), c) Privacy Code and art. 6 letter b), e) GDPR, for the following purposes:
    1. Enter into contracts for the services provided by the Data Controller ;
    2. Fulfill all pre-contractual, contractual and fiscal obligations arising from relationships with you;
    3. Fulfill the obligations established by the Law, by a regulation, by a EU law or by an order of the Authority (such as anti-money laundering regulation);
    4. Exercise the rights of the Data Controller, for example the right to defense in court.
  3. Processing methods. The processing of your personal data is carried out in compliance with the art. 4 Code Privacy and art. 4, number 2) GDPR, namely through: collection, registration, management, storage, view, processing, change, selection, extraction, comparison, use, interconnection, interdiction, communication, erasure and destruction of all data. Your personal data are subjected to both paper and electronic or automated processing. The Data Controller will process your personal data for the time necessary to fulfill the above mentioned purposes and in any case for no longer than ten years starting from the cessation of the relationship for service purposes
  4. Access to data.Your data may be made available for the purposes referred to in art. 2:
    1. To the employees and partners of the Data Controller, as persons in charge and / or to internal officers managing the Data and to system administrators;
    2. To third-party companies or other subjects (banks, professional firms, consultants,insurance companies providing for insurance services, etc.) carrying out business inoutsourcing on behalf of the Data Controller, as external Data processors.
  5. Data communication. Without the need for an explicit consent (pursuant to Article 24 letter a), b), d) Privacy Code and art. 6 letter b) and c) GDPR, for the purposes referred to in art. 2, the Data Controller may communicate your data to Supervisory Agencies (such as IVASS), Judicial Authorities, Insurance Companies for the provision of insurance services, as well as to those subjects to whom the communication is mandatory by law for the accomplishment of the said purposes. These subjects will process the data as independent data controllers. Your personal data will not be made public
  6. Data Security.  The data are stored and monitored through preventive security measures, aimed at minimizing the risks of loss and destruction, unauthorized access, unauthorized processing and any other purpose different from the ones for which the processing is carried out.
  7. Data transfer. Your personal data will be managed and stored within the European Union.
  8. Data subject rights. As the subject concerned, according to art. 15 GDPR you have the right to:
    1. Obtain confirmation of the existence or not of personal data concerning you, even if not registered yet and their intelligible communication;
    2. Obtain the information about: a) the origin of personal data; b) the purposes and methods of the processing; c) the logic applied in case of processing carried out through electronic instruments; d) the identity of the Data Controller, of the managers and of the designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e)  the subjects or categories of subjects to whom personal data may be communicated or who may become aware of the data as designated representative in the territory of the State, managers or people in charge of it.
    3. Obtain: a) the updating, amendment or integration of data; b) the erasure, transformation in anonymous way or blocking of data processed in violation of the law, including the data forwhich storage is not necessary, referred to the purposes for which the data were collected or subsequently processed; c) the confirmation that the recipients of the data have been informed about the measures mentioned in letters a) and b) except in the case where the above is impossible to be fulfilled or requires an excessive use of means compared to the safeguarded right;
    4. Revoke the processing of your personal data in whole or in part for legitimate reasons, even if related to the purpose of the collection. You have also the rights referred to in articles. 16-21 GDPR (Right of amendment, right to be forgotten, right to limitation of processing, right to data portability, right of opposition), as well as the right to file complaints with a Data Protection Authority.
  9. How to exercise rights. You can exercise your rights at any time contacting us:
    1. By e-mail, writing to:
    2. Or by registered mail to: OSIM srl, Via Canaletto, 135 / b – 41030 SAN PROSPEROON THE SECCHIA (MO) ITALY
  10. Data Controller, manager and agents. The data controller is the company OSIM srl, Via Canaletto, 135 / b – 41030 SAN PROSPERO SULLA SECCHIA (MO)ITALY. The updated list of the data processors is available for consultation at the headquarters of the Data Controller.