Privacy disclaimer

Information pursuant to articles 13 and 14 of the European Union Regulation nr. 679/2016 (GDPR)

DATA CONTROLLER AND CONTACTS

The Data Controller is Taroni s.r.l. with registered office in Via A. De Gasperi, 5, 22070 Luisago (CO), email: privacy@taroni.com which guarantees compliance with the regulations on the protection of personal data by providing the following information about the processing of the data communicated or otherwise collected.
Taroni S.r.l. has appointed an external DPO / RPD accessible at the e-mail address dpo@digitechcenter.it

PURPOSE AND LEGAL BASIS OF THE TREATMENT. LEGITIMATE INTERESTS PURSUED

The data provided by the user through forms are collected, processed and stored for the following purposes:
a) fulfill the legal and fiscal obligations to which the Owner is subject;
b) in the context of the execution of the contracts to which the Customer is a part or for the adoption of pre-contractual measures adopted at the request of the same;
c) in the event that it is necessary to ascertain, exercise or defend a right in a court of law, for the pursuit of the legitimate interest that the Data Controller has identified to exist on the basis of the balancing of the interests performed;
d) for sending commercial communications on products and services similar to those already purchased;
e) in the presence of specific consent, for sending commercial communications on products and services, training courses, webinars, special promotions or telephone calls with an operator.
f) for the statistical analysis of the use of the website without personal information.
g) in the case of sending a curriculum vitae, exclusively for selection purposes.

The processing of data for the purpose of sub a) and b) does not require the consent of the customer as it is necessary to fulfill legal obligations or for the execution of the contracts to which the customer is a part or for the adoption of pre-contractual measures adopted on request of the same, pursuant to art. 6, c. 1, lett. b) c) of the GDPR. The processing of data for the purposes c) does not require the consent of the customer as it is necessary for the pursuit of the legitimate interest of the owner, pursuant to art. 6, c. 1, lett. f) of the GDPR. The processing of the Data for the purpose sub d) does not require the consent of the Customer, pursuant to art. 130, paragraph 4, of the Code.

For sub f) some generic data is collected whose transmission is implicit in the use of Internet protocols. These data (for example domain names, IP addresses, operating system used, type of device, browser used) are not accompanied by any additional personal information and are used to obtain anonymous statistical information on the use of the site or to ascertain responsibility in case of hypothetical computer crimes.
The legal basis that legitimates the processing of such data is the need to make the site functionalities available following the user's access.

PROVISION OF DATA AND CONSEQUENCES IN THE EVENT OF FAILURE TO PROVIDE

The provision of data for the purposes of sub a) and b) constitutes, respectively, a legal and contractual obligation. The provision of data for the purposes of sub c), instead, is optional but necessary for the pursuit of the legitimate interests of the owner indicated above. In all these cases, failure to provide the data will make it impossible for the Owner to establish or continue in business relations with the customer.
The provision of Data for the purposes described below e) is optional and failure to provide such data or consent to their processing will make it impossible for Owners to carry out functional activities to achieve the purpose in question.

RECIPIENTS OR CATEGORIES OF RECIPIENTS

The Data may be made accessible, brought to the attention of or communicated to the following subjects, who may be appointed by the Data Controller, as the case may be, as data supervisor or person in charge:
- companies of the group to which the owner belongs (controlling, controlled, connected), employees or collaborators in any capacity of the owner or of companies of the group to which the owner belongs;
- public or private subjects, natural or legal persons, of which the Data Controller uses for the performance of activities instrumental to the pursuit of the aforementioned purposes or to which the Data Controller is required to communicate the Data, by virtue of legal or contractual obligations.

STORAGE PERIOD

The Data will be kept for a maximum period of time equal to the period of prescription of the rights that can be exercised by or towards the Holder, as applicable from time to time.

I DIRITTI DELL'INTERESSATO:

At any time you can exercise, pursuant to articles 15 → 22 of the EU Regulation n. 679/2016, the following rights and obtain:

• confirmation of the existence or not of personal data concerning you;
• information about the origin of your personal data;
• information about the purpose and method of processing your personal data;
• information about the logic applied in the case of processing carried out with the aid of electronic tools;
• the identification details of the data controller and data processors;
• an indication of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as, for example, data controllers; - when possible information about the storage period, with the possibility of obtaining treatment limitations; - data portability, ie receiving them in a structured format commonly used and readable by an automatic device and transmitting them to another data controller without impediment
• updating, rectification or integration of your personal data;
• the deletion, transformation into anonymous form or blocking of your personal data, processed in violation of the law, including those for which conservation is not necessary in relation to the purposes for which the data were collected;
• the attestation concerning their content, of those to whom the data have been communicated or disseminated, except in the case in which such fulfillment proves impossible or involves the use of means manifestly disproportionate with respect to the protected right;
• revocation of consent at any time without jeopardizing the lawfulness of the processing based on the consent given before revocation, making a complaint to the competent authority (Privacy Guarantor).

You will, however, have the right to object
a) for legitimate reasons, to the processing of your personal data, even if pertinent to the purpose of the collection;
b) to the processing of personal data concerning you for the purpose of sending news or digital advertising material;
c) the decision-making process not linked to profiling. You can freely and at any time exercise your rights, as long as within the limits of the law, with a request addressed to Taroni S.r.l. to the e-mail address privacy@taroni.com to which we will give appropriate reply within thirty (30) days. Taroni S.r.l. may refuse to comply with requests that are futile, harassing and damage the privacy of others.


The following privacy policy is updated to: March 2019