Privacy Policy

(GDPR 679/2016, Art. 13)

Odissea ensures that the processing of personal data is made confidentially by the Company, which is equipped with high standards of data protection. The User is required to carefully read the following privacy policy in order to give his/her informed consent.

Table of contents

  1. Data Controller
  2. Legal Basis and purpose of the processing
  3. Categories of personal data
  4. Recipients of personal data
  5. Place of data processing
  6. Transfer of personal data abroad
  7. Retention period of Personal data
  8. Rights of the Data subject
  9. Changes and updates

1. Data Controller

The Data Controller of your personal data is Odissea GmbH, registered in Austria (FN 398599a) and subject to Austrian law, with registered office at Salurner Straße 12, – 6020 Innsbruck (AT)
mail:
info@odissea.at

2. Legal Basis and purpose of the processing

Personal data will be used only with methods and procedures strictly necessary to carry out the undermentioned activities and will not be disclosed.

Your personal data will be processed for the following purposes:

  • save browsing preferences and optimize the user’s browsing experience on our Website
  • reply to anyone who wishes to contact us.

Your personal data shall be processed exclusively for the purposes listed above, whose legal basis can be found in its unambiguous, freely given, specific, informed, verifiable and revocable consent.

3. Categories of personal data

As for the categories of processed personal data, they are represented by:

a) Cookie

The site uses technical and analytics cookies. Technical cookies are used to browse or provide a service requested by the user. They are not used for other purposes and are normally installed directly by the owner of the website. These cookies are useful because they can make browsing and use of the website faster, intervening to facilitate certain procedures; therefore, without the use of these cookies, some operations could not be performed or would be more complex and/or less secure.  Cookie analytics are also considered technical if they are used for the purpose of optimizing the site directly by the owner of the site itself, who can collect information in aggregate form on the number of users and how they visit the site. The website works optimally if cookies are enabled. However, you can decide not to allow the enabling of cookies on your computer. Enabling or disabling cookies is very simple and there are special settings that allow you to do it in every browser.

b) Data voluntarily provided by the user

The optional, explicit and voluntary sending of emails to the addresses indicated on this website, entails the subsequent acquisition of the address of the sender, which is necessary to respond to requests, as well as any other personal data included in the message.

All data acquired by the Data controller is provided voluntarily by the data subject, it is forbidden for anyone to transmit data of third parties, regardless of any actual authorisation given by the same subjects to divulge them.

4. Recipients of data

The company avails itself of internal employees and collaborators, and will not communicate or disclose data to third parties.

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

5. Place of data processing

Personal data are processed on the premises of the Data controller in Innsbruck, as well as on IT support by means of the software made available by the various partners and the devices made available to the subjects authorised to process and protect data.

6. Transfer of personal data abroad

Your personal data will not be transferred abroad as the servers used by the Data controller are located within the European Union, with the required high levels of data protection.

7. Retention period of Personal data

The Data will be stored, pursuant to article 13, paragraph 2, letter (a) of the Regulation, according to the time parameters dictated by the data controller which are:

  • For Cookie: data will expire in 48 hours (or on browser close), or in 14 days if you check the “Remember me” box.
  • For voluntary provided data: they are destroyed within 30 days.

8. Rights of the Data subject

As a data subject, you may at any time make use of the faculties and rights provided by the Regulation. In particular, you have: the Right to obtain confirmation of the existence or not of your personal data, the Right to access to and have communication of your data upon a simple request, the Right to rectification, the Right to object, the Right to be forgotten, the Right to restriction of processing, the Right to data portability, the Right to revoke the consent to the processing of your personal data at any time.

In addition to the rights listed above please be informed that you always have the right to lodge a complaint with the Authority for the Protection of personal data. The exercise of rights is not subject to any restrictions and it is free of charge; the rights may be exercised by submitting a request to the Data controller by means of the email address mentioned above.

9. Changes and updates

This privacy policy may be subject to future change and additions.

Users will be able to view the updated version of the policy on our website.

Last update: 18/12/2019