Personal data processing notice
This notice is provided under Articles 12, 13 and 14 of Regulation (EU) 2016/679 (“GDPR”) and describes how personal data is processed when users visit omnes.cloud or interact with Omnes through the available contact channels.
Last updated: May 21, 2026.
Data controller
- Company name
- Omnes srls
- Registered office
- Viale Montolmo 56, Corridonia, MC (Italy), 62014
- VAT / Tax code
- IT02057060432
- Privacy email
- support@omnes.cloud
- Certified email
- omnes.srls@pec.it
- DPO
- Alessio Acella
Data processed
The website may process browsing data collected automatically by technical systems, data voluntarily provided by users by email, phone or form, and data relating to cookies or similar technologies when the user gives the related consent.
We do not request special categories of personal data under Article 9 GDPR. If the user voluntarily provides unnecessary information, the Controller will process it only within the limits required to handle the request.
Purposes, legal bases and retention
| Purpose | Data | Legal basis | Retention |
|---|---|---|---|
| Website delivery, security, abuse prevention, error monitoring and technical maintenance. | Browsing data, IP address, user agent, technical logs, application errors, language preferences and cookie consent. | Legitimate interest of the Controller and technical necessity of the service, Article 6(1)(f) GDPR; Article 122 of the Italian Privacy Code for technical cookies. | 12 months, unless needed to establish, exercise or defend legal claims. |
| Responding to requests sent by email, phone or contact form. | First name, last name, email, phone, company, role, request content and any further data voluntarily provided. | Performance of pre-contractual or contractual measures requested by the data subject, Article 6(1)(b) GDPR. | 12 months from closure of the request, unless a subsequent contractual relationship is established. |
| Statistical analysis, website performance measurement and experience improvement. | Online identifiers, browsing events, visited pages, aggregated device information and interactions with the website. | User consent, Article 6(1)(a) GDPR and Article 122 of the Italian Privacy Code, where tools are not strictly technical. | Until consent is withdrawn and according to the durations indicated in the Cookie Policy and provider panels. |
| Campaign measurement, remarketing, custom audiences and optimization of promotional communications. | Online identifiers, conversion events, campaign data, visited pages and interactions with content or calls to action. | User consent, Article 6(1)(a) GDPR and Article 122 of the Italian Privacy Code. | Until consent is withdrawn and according to the durations indicated in the Cookie Policy and provider panels. |
| Form protection and prevention of spam or automated use if Google reCAPTCHA is enabled. | IP address, device data, interactions with the page and other technical identifiers processed by Google. | Legitimate interest in website security, Article 6(1)(f) GDPR; where non-technical identifiers are used, consent as described in the Cookie Policy. | [RETENTION_RECAPTCHA] and according to the provider’s terms. |
| Compliance with legal, tax, administrative obligations or Authority requests. | Identification data, contact data, contractual information and data required for compliance. | Legal obligation, Article 6(1)(c) GDPR. | For the periods required by applicable law, including tax and civil limitation periods where relevant. |
Cookies and tracking tools
Technical cookies are used for the operation of the website and do not require consent. Measurement and marketing tools are loaded only if the user gives consent through the banner or the “Cookie preferences” panel.
Closing or rejecting the banner keeps non-essential cookies and tools disabled. Consent can be withdrawn at any time from the website footer.
For the list of cookies and services, please see the Cookie Policy.
Providers and recipients
Data may be processed by technical providers, consultants and persons authorized by the Controller. Where necessary, these parties act as processors under Article 28 GDPR or as independent controllers.
| Service | Provider | Purpose | Consent |
|---|---|---|---|
| Google Analytics | Google Ireland Limited / Google LLC | Browsing statistics and event measurement. | Measurement category. |
| Microsoft Clarity | Microsoft Ireland Operations Limited / Microsoft Corporation | Experience analysis, heatmaps and session recordings, if enabled. | Measurement category. |
| Umami Analytics | self-hosted | Traffic statistics and website performance. | Measurement category. |
| Google Tag Manager | Google Ireland Limited / Google LLC | Technical management of analytics or marketing tags configured in the container. | Measurement and/or Marketing category, depending on the tags loaded. |
| Meta Pixel | Meta Platforms Ireland Limited / Meta Platforms, Inc. | Campaign measurement, conversions, remarketing and custom audiences. | Marketing category. |
| Google reCAPTCHA | Google Ireland Limited / Google LLC | Anti-spam protection and verification of form interactions, if enabled. | Website security; see the Cookie Policy for any non-technical identifiers. |
| Sentry | Sentry / Functional Software, Inc. | Monitoring application errors, stability and technical reliability of the website. | Website security and technical maintenance; not used for marketing or profiling. |
| Google Maps | Google Ireland Limited / Google LLC | Displaying the map on the contact page. | Voluntary interaction with embedded third-party content. |
| Website Carbon Badge | Website Carbon / Wholegrain Digital | Displaying the page carbon impact estimate in the footer. | Informational widget loaded when the footer approaches the viewport; see the Cookie Policy for local caching. |
Additional providers to specify: [HOSTING_PROVIDER], [EMAIL_PROVIDER], [CRM_OR_MANAGEMENT_SYSTEM], [FORM_BACKEND_PROVIDER], [OTHER_DATA_PROCESSORS].
Transfers outside the European Economic Area
Some providers may process personal data in countries outside the European Economic Area. In such cases, where applicable, transfers take place on the basis of adequacy decisions, Standard Contractual Clauses approved by the European Commission or other safeguards provided by Articles 44 et seq. GDPR.
Add here any specific details on data centers, processing regions and contractual safeguards adopted: [EXTRA_EEA_TRANSFER_DETAILS].
Data subject rights
The data subject may exercise the rights provided by Articles 15-22 GDPR by writing to support@omnes.cloud. The Controller responds within one month of the request, unless an extension is permitted by law.
- access to personal data
- rectification of inaccurate data or completion of incomplete data
- erasure of data, where applicable
- restriction of processing
- objection to processing based on legitimate interest
- data portability, where applicable
- withdrawal of consent at any time, without affecting the lawfulness of processing before withdrawal
- lodging a complaint with the Italian Data Protection Authority
Minors, automated decisions and updates
The website and Omnes services are intended for a professional audience and are not directed to minors. The Controller does not use data collected through the website for automated decision-making processes that produce legal effects or similarly significant effects on the data subject, unless otherwise indicated here: [AUTOMATED_DECISION_DETAILS].
This notice may be updated in the event of regulatory, technical or organizational changes. Substantial changes will be made available on this page.