top of page

Privacy Policy

INTRODUCTION

The ORS GROUP (“we”, “us”, “our”) believe in Personal Data governance. We are committed to protecting the privacy and security of the Personal Data of all individuals who come in contact with us, as provided by the EU General Data Protection Regulation 2016/679 (“GDPR”) and by all the applicable laws.

Personal Data (“Data”) is any information relating to an identified or identifiable natural person.

The ORS GROUP is a Personal Data Controller. This Privacy Policy (“Policy”) contains information about how we collect, store, hold, process, use, record, consult, disclose, erase, make decisions based upon, destroy and, in some instances, transmit Personal Data about you (the “Data Subject”). These activities are referred to as “Processing” or “Process.”

Additional Privacy information may be provided in offer descriptions, contractual terms, supplemental Privacy statements or notices provided prior to or at the time of data collection.

The person responsible for overseeing Data protection compliance issues within the ORS GROUP is the Company’s Data Protection Officer (“DPO”), who can be reached by email at dpo@dedagroup.it.

For questions about anything contained in this Policy please contact the DPO.

 

DATA PROTECTION PRINCIPLES

We will comply with Data Protection Law and Principles, which means that your Data will be:

  • Used lawfully, fairly and in a transparent way.

  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.

  • Relevant to the purposes we have told you about and limited only to those purposes.

  • Accurate and kept up to date.

  • Maintained only for as long as necessary for the purposes we have told you about, i.e. in relation to the recruitment exercise.

  • Kept securely and protected against unauthorized or unlawful processing and against loss or destruction using appropriate technical and organizational measures.

 

WHAT DATA WE COLLECT AND WHY

You may choose to give us Data directly in a variety of situations. For example, you may want to give us your name and contact information to communicate with you, to have information about one or more of our products or solutions, to process an order or to do business with us. You may also share a description of your education and work experience in connection with a job opening at ORS GROUP for which you wish to be considered. See our Candidate Privacy Statement

When you wish to receive information, we may ask you to provide your name and business contact information, as well as other information in connection with your request. We use this information in connection with your request and to communicate with you.

When you provide us with your business contact information (such as by handing over a business card) we may use this to communicate with you.

We will retain your information for potential future interactions with you.


If you tell us that you do not want us to use your information to make further contact with you beyond fulfilling your request, we will respect your wishes.

 

Data Collection through the Website: Cookies and Similar Tracking Technologies

We use only session cookies for technical purposes, and we do not use Tracking Technologies. See our Cookies Policy

 

LEGITIMATE INTEREST

We may process your Personal Data:

  • For the purpose of this Privacy Policy.

  • To perform a contract or carry out a pre-contractual request.

  • For compliance with legal obligation to which the ORS GROUP is subject.

  • You reasonably expect the Company to use your Data.

The list provided above is not exhaustive.

 

CONSENT TO PROCESS YOUR DATA

In general, as long as we are using your Data as set out in this Policy, your consent to the Processing is not required. In limited circumstances, we may request specific written consent to allow the Processing of certain Personal Data. If we do so, we will provide full details of the information requested and why it is needed, so that you can carefully consider whether to give consent.

 

SHARING DATA WITHIN ORS GROUP AND WITHIN THIRD PARTIES

Your Data may be shared between legal entities within the ORS GROUP. In addition, we may share your Data with third parties, including service providers.

All legal entities and third parties to whom Data is transferred are required to take appropriate security measures to protect your Data, in line with the ORS GROUP’s policies. We do not allow third-party service providers to use your Data for their own purposes. They are only permitted to process your Data for specified purposes and in accordance with our instructions.

 

PROTECTING THE RIGHTS AND PROPERTY OF ORS GROUP AND OTHERS

We may also use or share your personal information to protect the rights or property of ORS GROUP, our business partners, suppliers, customers, or others when we have reasonable grounds to believe that such rights or property have been or could be affected. In addition, we reserve the right to disclose your personal information as required by law and/or to comply with a judicial proceeding, court order or legal process.

 

PROVIDING SUPPORT

We may use your personal information to support products or solutions you have obtained from us, such as notifying you of a product/solution update or fix. We may combine your information with information from other interactions with you to provide you with more valuable suggestions in relation to product and solutions support.

In the course of providing technical support to you, we may sometimes have incidental access to data that you have provided to us or data that is located on your system. This data may contain information about you, your organization’s employees, customers, partners, or suppliers. This Policy does not apply to our access to or handling of this personal information; the conditions regarding the handling and processing of this data is covered by the applicable Terms of Use or other agreements between you and the ORS GROUP.

 

EMAIL AND MARKETING

The personal information you provide to us, as well as the personal information we have collected about you indirectly, may be used by us for marketing purposes, e.g., to keep you informed about solutions that we sell and which may complement an existing solutions portfolio. Before we do so, however, we will offer you the opportunity to choose whether or not to have your personal information used in this way. You may at any time choose not to receive marketing materials from us by following the unsubscribe instructions included in each e-mail you may receive, by indicating so when we call you, or by contacting the DPO.

 

COLLECTION AND USE OF NON-PERSONAL DATA

We also collect data in a form that does not, on its own, permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. If we do combine non-personal information with Personal Data, the combined information will be treated as Personal Data for as long as it remains combined.

 

DATA RETENTION

We will keep your Data for no longer than is necessary for the purposes for which it is collected or processed. The criteria used to determine retention periods or whether Data can be purged will depend, among other things, on the ongoing need for the information as well as the legally mandated retention periods, and whether the information is subject to a document preservation order due to current or anticipated litigation or other legal matters.

In general, Data will be removed if it has been superseded by more relevant or up to date information, or if it is out of date, irrelevant or no longer necessary. In some circumstances we may anonymize Data so that it can no longer be associated with you, in which case we may use such Data without further notice to you.

 

DATA SECURITY AND DATA BREACH

In general, Data will be removed if it has been superseded by more relevant or up to date information, or if it is out of date, irrelevant or no longer necessary. In some circumstances we may anonymize Data so that it can no longer be associated with you, in which case we may use such Data without further notice to you.

We have put in place procedures to deal with any suspected Data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

 

TRANSFERRING DATA OUTSIDE THE EEA

We may transfer Data about you to countries outside the European Economic Area (EEA), including to legal entities outside the EEA, in order to perform a contract with you. Certain countries are deemed “third countries” by the European Commission. The European Commission states that these third countries do not offer an adequate level of Data protection, whether by the country’s domestic legislation or through the international commitments the country has entered into.

To ensure that your Data receives an adequate level of protection, we have put in place the following protective measures:

  • EU standard contractual clauses for the transfer of Personal Data to third countries (controller to processor transfer).

  • Intercompany agreements, with EU standard contractual clauses for the transfer of personal Data to third countries (controller to controller transfer).

 

YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA

Under certain circumstances, by Law you have the right to:

  • Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Data we hold about you and to check that we are lawfully processing it.

  • Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data corrected.

  • Request erasure of your Personal Data. This enables you to ask us to delete or remove Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).

  • Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your Data for direct marketing purposes.

  • Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Data about you, for example if you want us to establish its accuracy or the reason for processing it.

  • Request the transfer of your Personal Data to another party.

If you want to review, verify, correct, or request erasure of your Data, object to its Processing, or request that the we transfer a copy of your Data to another party, please contact the DPO in writing. We may need to request specific information from you to help confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

 

USE OF INFORMATION IN THE SOCIAL COMPUTING ENVIRONMENT

We may provide some social computing tools on our website to enable online sharing and collaboration among members who have registered to use them. These include forums, wikis, blogs and other social media platforms.

Any content you post, such as pictures, information, opinions, or any other type of personal information that you make available to other participants on these social platforms or applications, is subject to the social computing tools’ Privacy Statement.

When downloading, registering and using the social computing tools, you may be asked to provide certain personal information. Such content is subject to the Terms of Use of those applications or platforms, and any additional guidelines and privacy information provided in relation to their use, as well as the process by which you can remove your content from such tools or get help to do so.

Please refer to them to better understand yours, our, and other parties’ rights and obligations with regard to such content. You should be aware that the content you post on any such social computing platforms may be made broadly available to others inside and outside the ORS GROUP. Please read their Privacy Statement to understand what the tools and applications may do.

 

NOTIFICATION OF CHANGES

We may update this Privacy Policy from time to time to reflect changes to our Data governance practices. The revised Policy will be posted on the website with an updated revision date.

 

PRIVACY QUESTIONS AND ACCESS

If you have a question about this Privacy Policy or ORS GROUP’s handling of your information, you can contact the DPO in writing.

Review date: February 21, 2020

Deda Group Privacy policy

Legal disclaimer

 

1.DEDAGROUP S.p.A. is the data controller and is responsible, personally and on behalf of its companies, for the acquisition, use, transmission, storage and protection of the personal data in compliance with this Privacy Policy and the laws in force (Reg. EU/679 of 27 April 2016, General Date Protection Regulation, “GDPR”). 


2. All the information found on all the Group's Websites, including the texts, documents, images, graphics, videos, their arrangement and their adaptations, and all the codes and script formats used to implement Websites (hereinafter "Contents") are subject to intellectual property laws and are protected by copyright and copyright laws (Italian Law no.633 of 22 April 1941), and therefore the Contents cannot be copied, altered, distributed, published or used on other websites for commercial purposes, without the specific authorisation of Dedagroup.


3. The trademarks and logos used on our Websites are protected by commercial rights and are registered trademarks of Dedagroup S.p.A., the companies of the Dedagroup and third parties.


4. The information found on our Websites are carefully maintained and checked regularly. Nevertheless, the contents may contain errors and may not be complete, accurate or updated at all times. 


5. Dedagroup declines all responsibility for all direct or indirect damages resulting from the consultation of its Websites.
6. Access to our Websites is free and optional, and when surfing the web pages the User is not required to register and declares that he/she accepts the application of all the laws in force in Italy, where applicable. 


7. On the other hand, it is expressly prohibited to make the Websites visible in framing, deep linking or mirroring mode.


8. The use of the Websites by the User implies the acceptance of the indications in this section and in the Privacy Policy section.

 

PRIVACY POLICY

The privacy and security of your personal data are of utmost importance to us. For this reason, we have prepared this Privacy Policy to to provide a more detailed explanation of who we are and how we collect and manage your data.

Who are we?
This Policy is published by DEDAGROUP S.p.A., based in Loc. Palazzine 120/F, 38121 Trento (TN), VAT no. 01763870225 (also called “Dedagroup”) and by the wholly-owned subsidiaries of the Dedagroup, i.e. Dedagroup Stealth S.p.a., Dedagroup Business Solutions S.r.l., Deda Next S.r.l., Deda Cloud S.r.l., RAD Informatica S.r.l., Deda Value S.r.l., Deda Digital S.r.l., Berma S.r.l., Opentech S.r.l. and, Deda Spark S.r.l.

The privacy organisation of Dedagroup provides for the appointment of a Data Protection Officer (DPO) as manager of the privacy programme on behalf of the data controller. Our DPO can be contacted through the address: dpo@dedagroup.it

Information on the user collected by Dedagroup:
You are requested to provide the following personal data on the forms found on our websites: name, surname, email and company in which you work. Registration via each websites of the Groups' companies (hereinafter “Websites”) will enable us to manage the information, so that we may answer any requests you may have.

Registration forms on several sections of our Websites may also ask you to provide a telephone number and the region where you live. This data will be used for statistical purposes and will enable us to invite you to events organised near you.  

How do we use your personal data and for what purposes?
We use your personal data only for the purposes described in this Privacy Policy, unless notified otherwise at the time of collection of the data. 

If you are our client, your personal data may be used by Dedagroup to fulfil contractual obligations undertaken with you, to respond to requests for action and/or assistance and/or to provide you with online services.  

It shall be our legitimate interest - pursuant to Recital 47 and art. 6.1, letter f) of the GDPR - to use the data you have provided for direct marketing purposes, without infringing upon your rights and fundamental freedoms. This includes, for example:

  • the processing of your data to manage and organise the event for which you have registered and to send you information material and to invite you to the events organised by Dedagroup closest to your area of interest; 

  • guaranteeing your access to the contents reserved for registered users, such as, for example, white papers, presentations, webinar recordings and past events;

  • the presentation of targeted marketing campaigns, contacting you via email or via telephone, to offer you promotions and to inform you of products and services of the group;

  • the performance of market research on client satisfaction, also through appointed market agencies, via telephone, with questionnaires or via personal appointments;

  • the measurement of the performance of our email marketing campaigns (e.g. by analysing the percentage of open and click rates);

  • the improvement of our Services, for example, by examining the data on blocked pages or pages that do not work visited by users, so that problems can be identified and solved and so that we can provide you with a better experience.

 

If you have given your consent to the receipt of the newsletter and/or have expressed an interest in remaining up-to-date on new events we have organised, we will use your details to inform you, via email, of the latest news on Dedagroup products and services, by sending you our newsletter.

You can unsubscribe from our marketing services, at any time, pursuant to and in accordance with art.7, paragraph 3, GDPR, through the unsubscribe link found in these notifications or by sending a special request to: info@dedagroup.it

Who can we share your data with?
Dedagroup can transfer the data collected for direct marketing purposes to the companies of the Dedagroup and Data Owners that process the data on our behalf that comply with the organisation and management standards of the data defined by the holding company, in full respect of the laws in force on data processing.

In the case of registration to events, your data may also be processed by approved third-party companies, partners or suppliers of Dedagroup, selected for their high level of professionalism and appointed Data Owners.  

Besides, DEDAGROUP could communicate your data to the third parts, software manufacturing partner of your interest, that can also use them for activity with marketing finality. 

Dedagroup may process and store the personal data collected in its own data-centres or those of selected and approved suppliers located in various countries within the European Union.

For how long can we store your data?
With regard to the different processing operations carried out, Dedagroup can store your data:
 

  • in the case of an agreement, for the ordinary limitation period of 10 years, starting from the expiry of the agreement; 

  • for direct marketing activities, for as long as you cooperate with the organisation that is our client and/or prospective client, until you unsubscribe;

  • until you withdraw your consent to the receipt of our newsletter or, at the latest, until the expiry of the ordinary limitation period of 10 years from the time that you voluntarily provided your data.

 

How can you protect your data?
You can exercise your rights vis-à-vis the Data Controller at any time, pursuant to articles 15 et seq. of the GDPR, by contacting dataprivacy@dedagroup.it and: 

  • obtain confirmation as to whether or not personal data concerning you exist and the communication of such data in intelligible form; 

  • obtain information on: a) the purposes and methods of the processing; b) the logic applied to the processing, if the latter is carried out with the help of electronic means; c) the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing; 

  • also obtain: a) access to the personal data processed by Dedagroup; b) the updating, rectification, or, when interested, the erasure of the data; c) the portability of the data provided; 

  • if you receive the newsletter informing you of our products and our events, you may withdraw your consent at any time, by clicking on the unsubscribe link found in the newsletter or by contacting info@dedagroup.it; Oppose, either fully or in part, the processing of your data for direct marketing purposes. This right may also be exercised by clicking on the unsubscribe link found in these notifications;   

  • also make a complaint to a supervisory Authority, in the cases and pursuant to the laws in force.

 

Version of: 22 march 2024

bottom of page