PRIVACY POLICY

Pursuant to section 13 of the Italian Law Decree No. 196/2003 – Personal Data Protection Code.

This notice is given pursuant to section 13 of the Italian Law Decree No. 196/2003 (Personal Data Protection Code) to the Users that interact with Onit Group cloud services.

This notice describes procedures for the processing of Onit Group’s cloud platform as well as other external websites that users can reach via a link.

1. TYPES OF DATA PROCESSED

1.1.Log files

During their normal operation, IT systems and software procedures which operate this website acquire some personal data, the transmission of which is implicit in the use of Internet communications protocols.

These data are not gathered for association with identified subjects, but by their very nature, when processed or associated with data held by third parties, they might allow users to be identified.

This category of data includes IP addresses or domain names of computers used by users who connect to the site, the address in the URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used when submitting to the request to the server, the size of the file obtained in reply, the numerical code indicating the server’s response status (concluded successfully, error, etc.) and other parameters relating to the user’s operating system and the IT environment.

These data are used for the sole purpose of obtaining anonymous statistical information concerning the use of the website and to check that it is operating correctly, to improve the navigation and the contents, and are deleted seven days after processing. The data gathered automatically may be used by “Onit Group” to identify those responsible in the event of IT crimes against the site.

1.2. Data supplied voluntarily by users

If access to specific services requires prior registration, the acquisition of the data of the sender/user may be requested in order to respond to requests and/or to deliver the services required.

These data are divided into user’s data and third parties data, of which the users is also Controller and that Onit Group manages/processes pursuant to the service and/or the agreement between the parties.

1.3. Cookies

So-called session cookies are erased when the connection to the website is closed. Onit Group’s IT systems do not use:

2. PURPOSE OF THE DATA HANDLING

Onit Group will only perform on the personal data the operation strictly necessary to discharge its functions, excluding the handling when the purpose can be achieved by using anonymous data or methods that allow identification of the individual only when necessary.

3. DATA CONTROLLER

Onit Group is the Data Controller of the handling of all the data acquired, with the exception of those archived by the Customer in the software, of which the Customer is the exclusive owner.

Moreover the Customer declare to be aware that the processing of the collected data may concern also sensitive data, as in section 4, comma 1 lett. d) and section 26 of the Italian Decree 196/2003. Therefore the Customer nominates in writing Onit Group as responsible of data processing and give consent to process the same data in order to accomplish tasks defined in this agreement, to perform operations pursuant to the agreement, and afterwards to fulfill all the obligations pursuant to the law and the business purposes.

4. PROCESSING METHODS

Personal data are automatically processed, strictly during the time required for the purpose of their intended use. In details:

5. COMMUNICATION AND/OR DISCLOSURE OF DATA

The data submitted by the users may be communicated/disclosed to subjects appointed by Onit Group as persons in charge of processing them within/outside the company, and, when necessary, to subjects who need them for the performance of tasks/operations according to the agreement between the two parties. The provision of the data is not compulsory, however please note that without these data, it may be impossible to proceed in the service you ask for.

6. USERS ACCESS RIGHTS

The subjects, i.e. the natural persons, legal persons, institutions, whose personal data are processed, may at any time obtain confirmation of the presence or absence of such data, and are entitled to know their content and source, check for accuracy and request supplement, update, or correct such data (pursuant to section 7 of Law Decree No. 196/2003). Pursuant to the same article, these subjects are also entitled to request the destruction of data handled in violation of law, render data unidentifiable or inaccessible, and forbid their handling.

Onit Group considers as granted the authorization to use the company logo and/or Customer name in order to convey trading information and the publication of the Customer logo and/or name on its website for the only purpose of commercial references.

Onit commits to use the logo and/or name in accordance to non-unfair and non-harmful manners for the Customer and in the full respect of the current regulations concerning intellectual property and copyright and privacy policy.