enit +39 0422 460272 Mon - Fri 08:30 - 12:30 & 14:00 - 18:00 Via Molinella 3, 31057 Silea (TV) - ITALY

PRIVACY POLICY

TEC-SIM srl based in Via Molinella 3 – 31057 Silea (TV) – ITALY (hereinafter called “Data Controller”), as the data controller, informs you that your data will be processed in accordance with Art. 13 Legislative Decree 30.6.2003 n. 196 (hereinafter called “Privacy Code”) and Art. 13 EU Regulation n. 2016/679 (hereinafter called “GDPR”) in the following ways and for the following purposes:

1. Object of Processing

The Controller processes personal, identifying data e.g. name, company name, address, telephone, e-mail, bank and payment details (hereinafter called “personal data” or “data”) that you provide when closing contracts for the Controller’s services.

2. Purposes of Processing

Your personal data are processed:

(a) without your explicit consent (Art. 24 (a), (b), (c) Privacy Code and Art. 6 (b), (e) GDPR), for the following Service Purposes:

  • closing contracts for the Owner’s services;
  • fulfilling pre-contractual, contractual and tax obligations arising from existing relationships with you;
  • fulfilling obligations required by law, regulation, EU legislation or an order of the Authority such as anti-money laundering;
  • exercising the rights of the Data Controller, such as the right of defense in court;

b) only with your specific consent (Articles 23 and 130 Privacy Code and Art. 7 GDPR), for the following Marketing Purposes:

  • sending you contacts, newsletters, commercial communications and/or advertising material on products or services offered by the Owner as well as satisfaction survey on the quality of services via e-mail, mail and/or sms and/or telephone;
  • sending you contacts, commercial and/or promotional communications from third parties (e.g. business partners, insurance companies, etc.) via e-mail, mail and/or sms and/or telephone.

We would like to point out that, if you have already been our customer, we may send you commercial communications relating to services and products of the Owner similar to those you have already used unless you disagree (art. 130 c. 4 Privacy Code).

3. Methods of Processing

The processing of your personal data is carried out by means of the operations as per Art. 4 Privacy Code and Art. 4 No. 2) GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Your personal data are subject to both paper and electronic and/or automated processing. The Data Controller will process your personal data for as long as necessary to fulfill the above purposes and in any case for no longer than 10 years from the termination of the relationship for the Service Purposes and for no longer than 2 years from the collection of the data for the Marketing Purposes.

4. Access to Data

Your data may be made accessible for the purposes set out in Articles 2.A) and 2.B):

• to employees and collaborators of the Controller in Italy and abroad, as people in charge and/or internal data processors and/or system administrators;

• to third party companies or other entities (e.g. credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) that perform outsourcing activities on behalf of the Data Controller, as external data processors.

5. Communication of Data

Without the need for your explicit consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes of art. 2.A) to Supervisory Bodies, Judicial Authorities, insurance companies for the provision of insurance services, as well as to those subjects to whom the communication is mandatory by law for the fulfillment of the said purposes. These subjects will process the data as autonomous data controllers. Your data will not be further spreaded.

6. Data Transfer

Personal data are stored on servers located within the European Union. Should it become necessary, it is understood that the Data Controller will be entitled to move the servers outside the EU. In this case, the Data Controller assures as of now that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.

7. Nature of Data Provision and Consequences of Refusal to Respond

The provision of data for the purposes of Article 2.A) is mandatory. In their absence, we will not be able to guarantee the Services as art. 2.A). On the other hand, the provision of data for the purposes of Art. 2.B) is optional. Therefore you may decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, commercial communications and advertising material related to the Services offered by the Owner. However, you will continue to be entitled to the Services referred to in Article 2.A).

8. Rights of the Data Subject

As a data subject, you have the rights under Art. 7 Privacy Code and Art. 15 GDPR, namely the right to:

GET

1. confirmation of the existence or otherwise of personal data concerning you, even if not yet recorded, and their communication in intelligible form;

2. indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in the case of processing carried out with the aid of electronic instruments; d) the identification details of the owner, managers and designated representative under Art. 5, paragraph 2 Privacy Code and Art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representative in the Country, managers or agents;

3. updating, correction or integration of the data when there is interest;

4. cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary for the purposes of previous collection and subsequent processing;

5. certification that the operations referred to in letters a) and b) have been brought to the attention of those to whom the data have been communicated or disseminated, except the case where this proves impossible or involves the use of means manifestly disproportionate to the protected right;

OBJECT, in whole or in part, to the processing of personal data concerning you

a) for legitimate reasons, even if pertinent to the purpose of collection;

b) for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and/or through traditional marketing methods by telephone and/or mail.

It should be noted that the data subject’s right to object, set forth in the above point b) for direct marketing purposes by automated means, extends to traditional means and it remains unaffected in any case. Therefore, the data subject may decide to receive only communications by traditional means, or only automated communications, or neither type of communication.

Where applicable, the data subject also has the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority.

9. Methods of Exercising Rights

You may at any time exercise your rights by sending a registered letter with return receipt to the registered office.

10. Owner, Manager and Appointees

The Data Controller is TEC-SIM srl with registered office in via Molinella 3- 31057 Silea (TV) – ITALY. The updated list of data processors and appointees is kept at the registered office of the Data Controller.