PRIVACY POLICY
PURSUANT TO ART. 13 OF EU REGULATION 2016/679
TEMPCO S.R.L.
Registered office: 1 via Lavoratori Autobianchi – 20832 Desio, Tel. +39 0362 300830 / Fax +39 0362 300253 – info@tempco.it – Share capital € 10,400.00 = f.p. – Tax code and VAT No. 03026390967 – MB Economic and Administrative Index – no. 1625214, pursuant to articles 4, par. 1, point c) and art. 24 of EU Regulation 2016/679 (hereinafter GDPR) is the Data Controller (hereinafter the Controller) and, in fulfilment of the obligations under art. 13 of the GDPR provides this Notice which details the purposes and how your personal data is processed.
Please note that:
1. Data Controller and contact data
The Data Controller under art. 24 of the GDPR, namely the party who decides the processing purposes and methods, is
TEMPCO S.R.L.
registered office: 1 via Lavoratori Autobianchi – 20832 Desio
Tel. +39 0362 300830 / Fax +39 0362 300253
info@tempco.it
2. Data processed
Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
It concerns information that is not collected to be associated with specific individuals, but by its very nature could, through the processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters related to the operating system and the users.
These data are used only to obtain anonymous statistical information on the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the website.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this website, as well as completion of the contact form or transmission of data through other sections of the site, involves the subsequent acquisition of the sender’s address, necessary to reply to the requests, as well as any other personal data entered by the user.
3. Purposes and legal basis of processing
3.1 Your personal data, subject of processing, are used for the following purposes:
3.2 The processing of your data is based on art. 6, par. 1 points b) and c) of the GDPR.
4. Nature of the provision of personal data
For the purposes referred to in art. 3.1, points a), b), c) and d) hereof, the provision of personal data is necessary to carry out the services rendered by the Controller, and a refusal shall make it impossible to do so. To carry out processing as it is referred to in art. 3.1, points a), b), c) and d) hereof, obtaining the Data Subject’s consent is not necessary.
5. Data Processing Methods
Data are processed by means of hard copy records, computer and electronic media as well as electronic devices by specifically authorised internal subjects and/or through third parties, according to logics strictly connected to the purposes referred to herein. Data are stored in electronic files and, as a second-line option, in hard copy, in order to ensure data security and confidentiality. The personal data is processed in compliance with the principles underlying the GDPR.
6. Data recipients
Data Recipient, pursuant to art. 4, par. 1, no. 9) of the GDPR, means ‘the natural or legal person, the service or another body that receives personal data communications, whether it is a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing’.
It should be noted that, in relation to the aforementioned purposes, personal data may be disclosed to recipients collaborating with the Data Controller or responsible for fulfilling legal obligations. These recipients are strictly bound by a duty of confidentiality regarding any information that may be disclosed. Their categories are reported by way of example below.
7. Data processing location and possible data transfer outside the EU
Data is processed in a Member State of the European Union (EU) or a Member State of the European Economic Area (EEA).
However, data processing may involve the transfer of data to a non-EU or non-EEA country. In this case, the Data Controller shall henceforth ensure that transfer, if necessary, will be carried out only under the specific conditions set out in articles 44 et seq. the GDPR.
8. Data dissemination and disclosure
Your personal data will not be disseminated or transferred.
Disclosing personal data to third parties other than the Data Controller and Data Processors – inside or outside the organisational structure of the Data Controller – identified and appointed pursuant to articles 24 and 28 of the GDPR is foreseen where necessary.
In any case, processing by third parties will be carried out in compliance with the principles of lawfulness, fairness, proportionality and need as well as the current laws.
9. Storage time
Data will be stored in compliance with the principle of proportionality and, in any case, for no longer than 10 fiscal years necessary to achieve the purposes referred to in art. 3.1 hereof.
10. Data security
The Data Controller shall adopt the appropriate technical and organisational data protection measures in order to prevent data from being lost or used unlawfully and improperly, and any unauthorised access.
11. Data Subject’s rights
Notice is hereby given that, pursuant to art. 13, par. 2, point b) of the GDPR, in relation to processing of the personal data referred to herein and in order to ensure fair, transparent processing, the following rights may be exercised:
11.1. Right to information and access (pursuant to art. 15 of the GDPR): in order to obtain information from the Data Controller on whether your personal data is being processed or not; on access to your personal data and to details on the purposes of processing; on the recipients or categories of recipients data are transmitted to.
11.2. Right to rectification (pursuant to art. 16 of the GDPR), Right to erasure (pursuant to art. 17 of the GDPR) and Right to restriction of processing (pursuant to art. 18 of the GDPR): in order to ask the Data Controller to rectify, erase your personal data and restrict processing.
11.3. Right to data portability (pursuant to art. 20 of the GDPR): in order to gain access to your personal data, which was provided to the Controller, in a structured, commonly used and machine-readable format and you are entitled to transmit said data to another Data Controller, provided that this operation is technically feasible.
11.4. Right to object (pursuant to art. 21 of the GDPR): in order to object to the processing of your data.
To exercise the rights referred to in the aforementioned art. 13, par. 2, points b) and e) of the GDPR, please write to:
TEMPCO S.R.L.
registered office: 1 via Lavoratori Autobianchi – 20832 Desio
Tel. +39 0362 300830 / Fax +39 0362 300253
info@tempco.it
12. Right to lodge a complaint or appeal
Pursuant to art. 13, par. 2, point d) of GDPR and art. 140 bis of (It.) Legislative Decree no. 196/2003 bis, as amended by (It.) Legislative Decree no. 101/2018, furthermore, it should be noted that if data processing is performed in breach of the provisions of the European Regulation or the Code concerning the protection of personal data, a complaint may be lodged to the Privacy Authority pursuant to art. 77 of GDPR or, alternatively, an appeal may be lodged to the Judicial Authorities.