This document outlines our policy on privacy, explaining how your personal data are managed when using our services, and to enable you to give express consent to the processing of your personal data while being aware of the website sections requiring the entry of such data.
Please note that the various sections of the web sites of www.tecnoprimaf.it requiring entry of your personal data may contain specific disclosure options in accordance with art. 13 of the Regulation (EU) 2016/679, which must be viewed by you before providing the requested data. The information and data supplied by you or otherwise acquired when registering for the various services of tecnoprimaf.it will be processed in observance of the provisions of the GDPR and the obligations for confidentiality. In accordance with the provisions of the Regulation (EU), the processing operations carried out by the Data Controller and Data Protection Officer will comply with the principles of lawfulness, fairness, transparency, purpose and retention limitation, data minimisation, accuracy, integrity and confidentiality.
- Data Controller
- Personal data undergoing processing
- Browsing data
- Data provided voluntarily by the data subject
- Usage data
- Purposes of the processing
- Legal basis and mandatory or optional nature of the processing
- Recipients of personal data
- Automated decision-making process
- Data storage
- Processing methods and security measures
- Retention of personal data
- Rights of the data subject
1. Data Controller
The controller of the processing operations carried out through the Site is Tecnoprimaf s.r.l., VAT. 01840130361, in the person of the legal pro-tempore representative, located in Via della Meccanica 16/18 - Z.I. Graziosa, 41018 San Cesario S.P. (MO). The list of the persons in charge of the data processing is at the legal office of the Data Controller.
2. Personal data undergoing processing
Processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
We inform you that the personal data undergoing processing may consist of an identifier such as the name, e-mail address, ID number, location data, online identifier and other data enabling you to be identified or identifiable, depending on the type of Services requested (hereinafter "Personal Data").
In particular, the Personal Data processed through the Site are the following:
1. Browsing data
The computer systems and software procedures used for operation of the Site acquire, during routine operation, some personal data, the transmission of which is considered implicit in the use of the Internet communication protocols. This information is not collected to be associated with identified persons, but which in their nature may, through processing and associations with data retained by third parties, enable the identification of users. This category of data includes IP addresses or domain names of the computer used by the users to connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the dimensions of the file obtained in the response, the numerical code indicating the status of the response sent by the server (successful, error, etc.) and other parameters regarding the operating system and IT environment of the user. These data are used exclusively to retrieve anonymous statistical information on use of the present site and the sites of our clients, and to ensure correct operation of the latter, identify faults and/or abuse, and are deleted immediately after processing. The same data may be used to ascertain responsibility in the hypothetical case of computer crime harmful to the site or third parties.
2. Data provided voluntarily by the data subject
Sending, explicit and voluntary, an email to the addresses indicated on this site involves the acquisition of personal data included in the message.
The providing of personal data to take advantage of the specific services offered by the Site (such as for the contact form, subscription to the newsletter or for proposing an application) entails the acquisition of the personal data provided.
In any case, specific information regarding the submitted data will be provided with reference to specific services offered on the Site.
Data relating to the usage of the Site by the User may also be collected, such as, for example, the browsed pages, the actions taken, the used functions and the services.
3.Purposes of processing
The Data Controller informs you that the collected data will be processed, according to the legal art. 6 of the Regulation, following your express consent where necessary, exclusively for the following purposes:
1. to allow you to browse and explore the website.
2. Operational, organizational and managerial purposes.
2. to answer requests for assistance or information, which we will receive via e-mail, telephone or chat through the “Contact us” section of our Site
3. to conduct studies, research, market statistics.
4. security and prevention of fraudulent conduct: the Data Controller implements an automatic control system that involves the detection and analysis of the users’ behavior on the site, including the IP address
4. Legal basis and mandatory or optional nature of the processing
The Data Controller processes Personal Data relating to the User if one of the following conditions exists:
• The User has given consent for one or more specific purposes.
• The Data Processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual process.
• The Data Processing is necessary to fulfil a legal obligation to which the Data Controller is obliged.
• The Data Processing is due because the Data Controller is called to perform a task in the public interest and/or to exercise of public authority.
• The Data Processing is necessary for the pursuit of the legitimate interest by the Data Controller or third parties.
However, it is always possible to request the Data Controller to clarify the concrete legal basis of each Data Processing.
The Data Providing by the User is always optional, but it is essential, in relation to those data indicated as mandatory and marked with an asterisk (*) through request forms. Any refusal, even if legitimate, to provide all or part of the requested data, could compromise the success of the web usage and, in case of the personal data defined as indispensable, could impede us to carry out the requested services.
5. Recipients of personal data
The provided Personal Data will be in possession to the staff and/or collaborators of the Data Controller, that are in charge of the site content and users’ requests management, with the only purpose of performing the working activity they are called to fulfil, in accordance with the above mentioned purposes of the art. 3.
The Users' Personal Data may also be shared with third parties, authorised by the Data Controller, such as External Data Processors or Independent Data Controllers.
The Users will be able to obtain the list of any External Processors in charge with a simple request addressed to the Data Controller.
6. Automated decision-making process
There is not any automated decision-making process. The data will be not processed automatically.
The Data are processed and stored at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For further information, contact the Data Controller at the following email address firstname.lastname@example.org.
Personal Data will be processed exclusively in the EU territory.
If it is necessary to proceed with the Data Processing outside the EU, the Data Controller ensures that such processing will take place in compliance with the Regulation. Indeed, transfers can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission. More information is available by the Data Controller.
8. Processing methods and security measures
The Data Processing is carried out using IT tools, with logic and organizational processes strictly related to the purposes indicated.
The Data Processing is carried out according to suitable tools and methods, in order to guarantee security and confidentiality of the data, in accordance with the of art. 32 of the EU Regulation 2016/679.
During the processing operations, however, all the technical, IT, organizational, logistical and procedural security measures, adequate to guarantee the minimum level of data protection required by law, will always be applied.
9. Retention of personal data
The Data Controller will process the Personal Data for the necessary duration to fulfil the above mentioned purposes.
Personal Data may be stored for longer time if necessary, to fulfill a legal obligation or by order of an authority.
All data will be deleted at the termination of the retention time. At the end of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
10. Rights of the data subject
All Users can exercise their rights relating to the Personal Data processed by the Data Controller. In particular, the User has the following rights:
1. Right to withdraw the consent at any time
2. Right to refuse the Data Processing
3. Right to access to his personal data (Art. 15 GDPR)
4. Right for rectification (Art. 16 GDPR)
5. Restriction of processing (Art. 18 GDPR);
6. Right for erasure of his Personal Data (Art. 17 GDPR);
7. Right to transfer his Personal Data to another Data Controller (Art. 20 GDPR);
8. Right to complaint to the supervisory authority for the protection of personal data and / or act in court
Last update: 26th January 2019