PRIVACY POLICY AND EXTENDED PRIVACY POLICY OF THIS SITE
This page describes how this website is managed with regard to the processing of personal data of users consulting it. Pursuant to Regulation (EU) 2016/679 (hereinafter referred to as the âRegulationâ), this page describes the methods for processing the personal data of users consulting the website(s) accessible electronically at the following address(es) corresponding to the home page of the website of which this page is a part.
The information is provided only for the above-mentioned website and not for any other websites that may be consulted by the user via links. The information is also based on Recommendation no. 2/2001 that the European authorities for the protection of personal data, brought together in the Group established by art. 29 of Directive no. 95/46/EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
The Recommendation and a summary description of its purpose are not reproduced on this site but can be found on the web via the website of the Garante della Privacy.
THE âOWNERâ OF THE PROCESSING
Following consultation of this site, data relating to identified or identifiable persons may be processed. The âownerâ of their processing is T.G.M. srl for the protection of personal data, which is based in Via Settecani Cavidole, 43 San Vito di Spilamberto (MO).
PLACE OF DATA PROCESSING
Data processing related to the web services of this site takes place at the aforementioned premises and is carried out only by technical personnel in charge of data processing, or by persons in charge of occasional maintenance operations. The data communicated may be communicated or diffused to third parties (Couriers, Forwarding Agents, Postal Service) for requirements connected to the sending of informative material or to manage requests for information and to send the requested commercial or promotional material and relative detailed information.
The personal data provided by users who send requests for information material (general contact requests, requests for estimates, requests to subscribe to newsletters, answers to queries, specific requests, requests regarding products or services, etc.) are used solely for the purpose of providing the requested service or performance and are communicated to third parties only if necessary for that purpose.
The data provided are collected and processed by T.G.M. srl in accordance with the purposes connected with and instrumental to the company’s business as described in the presentation pages of this site.
The processing operations connected to the web services of this site take place at the aforementioned premises and are handled only by the technical staff of the Office in charge of processing. In case of necessity, the data necessary for the functioning of the site may be processed by the staff of the company in charge of the maintenance of the technological part of the site, Video Studio 1 s.n.c., at the head office of the same company.
Web services are provided by Video Studio 1 s.n.c. via servers located in the European community and in particular on Italian soil, in compliance with the directives and regulations currently in force regarding the protection and processing of personal data.
TYPES OF DATA PROCESSED
- Navigation data:
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation, and is deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the site: apart from this eventuality, at present the data on web contacts do not persist for more than sixty days. - Data provided voluntarily by the user:
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other personal data included in the message.
Definition of Cookies:
Cookies are small data files made up of letters and numbers that allow the web server to store information on the client (the browser) to be used while browsing the site (session cookies) or later, even after a period of time (persistent cookies). Cookies are stored by the individual browser on the specific device used for browsing (computer, tablet, smartphone) according to the settings of the browser used. Similar technologies (controllable GIFs, web beacons, and local storage forms of HTML5, etc.) can be used to collect information on user behaviour and use of services.
Cookie types (the following definitions contain quotation from the Garante della Privacy website)
- Technical cookies
Technical cookies are those used for the sole purpose of âcarrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide such a serviceâ. They are not used for any other purpose and are normally installed directly by the owner or operator of the website. They can be divided into navigation or session cookies, which ensure normal navigation and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas); analytics cookies, assimilated to technical cookies where they are used directly by the website operator to collect information, in aggregate form, on the number of users and how they visit the site functionality cookies, which allow the user to navigate according to a set of selected criteria (e.g. language, products selected for purchase) in order to improve the service rendered to the same. Users’ prior consent is not required for the installation of such cookies.
- Profiling cookies
Profiling cookies are aimed at creating profiles of the user and are used to send advertising messages in line with the preferences expressed by the user when surfing the web. Because of the particular invasiveness that such devices can have in the private sphere of users, European and Italian law requires that the user must be adequately informed about the use of such devices and thus express his or her valid consent.
- Third-party cookies
So-called âthird-partyâ cookies are used in the site’s navigation for user profiling but have been installed by other sites previously navigated, even for some time. They are used to personalise surfing, to propose advertising messages in line with the preferences expressed in previous web surfing, and to compile marketing statistics relating to the tastes and preferences of users of the site.
How to manage/enable/disable cookies:
Cookie management is entirely left to browsers; they can be managed in the relevant control panels that change according to the version, update, translation of the browser itself.
Below are some links to the main browsers currently in use that are useful for managing browser settings with regard to cookies:
Chrome: https://support.google.com/chrome/answer/95647?hl=it
Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/ie10-win8-privacy-statement
Opera: http://help.opera.com/Windows/10.00/it/cookies.html
Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT
What cookies this site uses:
This site uses only technical session cookies
The cookies used on this site avoid the use of other IT techniques that could potentially prejudice the confidentiality of users’ browsing and do not allow the acquisition of personal data identifying the user. Disabling cookies may prevent the user from using certain services or accessing certain sections of the site.
OPTIONAL SUBMISSION OF DATA
The cookies used on this site avoid the use of other IT techniques that could potentially prejudice the confidentiality of users’ browsing and do not allow the acquisition of personal data identifying the user. Disabling cookies may prevent the user from using certain services or accessing certain sections of the site.
Failure to provide them may result in the impossibility of obtaining what has been requested.
For the sake of completeness, it should be recalled that in some cases (not covered by the ordinary management of this site) the Authority may request news and information pursuant to Article 157 of Legislative Decree No. 196/2003, for the purpose of monitoring the processing of personal data. In such cases, the answer is obligatory.
METHODS OF PROCESSING
Personal data are processed in both paper and electronic form and consist of the storage, archiving, use, communication and dissemination – as specified in the chapter âPLACE OF DATA PROCESSINGâ of this document – of the data communicated. Specific security measures are observed to prevent data loss, unlawful or incorrect use and unauthorised access.
RIGHTS OF DATA SUBJECTS
Data subjects have the right at any time to obtain confirmation as to whether or not personal data concerning them exist and to be informed of their content and origin, to verify their accuracy or to request that they be supplemented or updated, rectified or erased, or to object to their processing (Art. 15 et seq. of the Regulation).
Pursuant to the same article, data subjects have the right to request the deletion, transformation into anonymous form or blocking of data processed in breach of the law, as well as to object in any case, for legitimate reasons, to their processing.
Please note that the cancellation of the name from the T.G.M srl data archive entails the renunciation of all services offered by the Company.
Requests should be addressed to T.G.M srl:
the contact forms present on the site,
the address: info@tgmsrl.com
or the contact details Tel. +39 059 536 723 Fax. +39 059 537 235
Interested parties who consider that the processing of personal data relating to them carried out through this site is in violation of the provisions of the Regulation have the right to lodge a complaint with the Guarantor, as provided for by art. 77 of the Regulation itself, or to take legal action (art. 79 of the Regulation).
ACCESS TO THIS DOCUMENT
This Privacy Policy and Extended Policy can be consulted automatically by the most recent browsers currently available for the various operating systems.
Considering that the state of perfection of the automatic control mechanisms does not currently render them free from errors and dysfunctions, it is hereby specified that the present document constitutes the âPrivacy Policy and Cookie Noticeâ of this site, which will be subject to updates.
CUSTOMER INFORMATION PURSUANT TO ARTICLES 13 AND 14 OF EU REGULATION 679/2016 (GDPR)
The Company T.G.M srl with registered office in Via Settecani Cavidole, 43/E 41051 San Vito di Spilamberto MO Cod. Fisc.-Part. IVA 02575120361 in its capacity as Data Controller pursuant to Art. 4 of EU Regulation 2016/679 informs you, in accordance with Art. 13 of the Regulation, that it will process1 your personal data manually and/or with the support of computerised means for the purposes indicated below.
Type of data processed
As a result of the formation of the contract (including orally) and in the course of its execution, our organisation will collect and process your personal data. The data that will be processed are the so-called common data such as, but not limited to: personal data; address of residence, telephone number, e-mail address, data contained in identification documents, tax code, VAT number, IBAN/BIC code.
Purpose of processing
The processing of your personal data will be carried out for the following purposes:
a) management of payments provided for by law and by contract and the exercise of related rights;
b) fulfilment of legal or contractual obligations and the exercise of related rights;
c) tax and accounting and administrative fulfilments and communications to the financial administration related thereto. The provision of data for purposes related to the fulfilment of contractual obligations, the exercise of related rights and compliance with legal and tax obligations is mandatory and your consent is not required for the processing of such data. Even a partial refusal to provide the data will make it impossible to fulfil the contract or to continue the existing contractual relationship. Our organisation will process your data scrupulously in compliance with the limits and conditions imposed by the laws in force and the guidelines issued from time to time by the relevant Authorities. You undertake to promptly notify us of any corrections, additions and/or updates to the data supplied and collected.
Legal basis
Your personal data shall be processed for the performance of a contract concluded with you or for the performance of pre-contractual measures taken at your request, for the need to comply with obligations provided for by law or by a regulation or by Community legislation, including those provided for by tax legislation. The sending of commercial and/or promotional communications relating to products and services similar to those which are the subject of the contractual relationship in place is carried out on the basis of the legitimate interest of the Controller.
Data recipients
Your data may be communicated to: other companies in the group, to subsidiaries or affiliates, to legal, administrative, tax and labour consultancy firms, to companies appointed by the Data Controller to carry out specific data processing, to companies that provide IT services, to supervisory bodies, which will carry out the processing as External Processors, in fulfilment of legal or contractual obligations. Your data may also be communicated to our specially authorised collaborators and employees within the scope of the tasks they perform. The updated list of persons appointed as External Processors or expressly authorised to process data may be requested by e-mail from the following address: info@tgmsrl.com
- Processing of personal data shall mean any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Your data, where necessary and in accordance with the principle of relevance, may be communicated to the categories of subjects indicated below, who will carry out the processing as Autonomous Controllers of the same:
– to Banks, Credit Institutions and Insurance Companies
– to factoring or debt collection companies;
– to Public Administrations and Financial Offices;
– to notary’s offices;
– to persons who can access them by virtue of legal provisions or secondary or EU regulations;
– to auditing companies;
The Company may also disclose your personal data to third parties
(i) where required to do so by EU or Member State law;
(ii) in the event of legal proceedings;
(iii) in response to a law enforcement request that is based on legitimate grounds;
(iv) to protect the rights, privacy, safety or property of the Company and, to the extent permitted by law, to investigate, prevent or take action regarding illegal activities, suspected fraud.
Data retention periods
For all legal purposes, including accounting, administrative and tax matters, the data will be stored, in archives, for a period of 10 years from the termination of the contractual relationship. In any case, this is without prejudice to cases in which storage for a later period is required by the competent authorities or pursuant to applicable legislation. At the end of the retention period the data will be deleted, anonymised or aggregated.
Data Transfer
The Data Controller does not transfer personal data to third countries or to international organisations.
However, it reserves the possibility of using cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as provided for in Article 46 GDPR 679/16.
Rights of the data subject
Pursuant to Articles 13(2) and 15 to 21 of the Regulation, we inform you that you may exercise the following rights with regard to the processing of your personal data:
- Right to obtain access to personal data and the following information:
– confirmation as to whether or not their personal data are being processed;
– the purposes of the processing;
– categories of personal data;
– the recipients or categories of recipients to whom the personal data have been or will be disclosed;
– where the data are not collected from the data subject, all available information on their origin;
– the existence of an automated decision-making process, including profiling;
– a copy of the personal data being processed. - Right to rectification and integration of personal data;
- Right to the deletion of data (âright to be forgottenâ) if one of the following grounds exists:
1. personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2.the data subject withdraws consent to the processing of the data and there is no other legal basis for the processing;
3. the data subject objects to the processing and there is no overriding legitimate reason to proceed with the processing;
4. personal data have been unlawfully processed;
5. personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the data controller is subject.
If a data controller has made personal data public and is obliged to delete it, it must inform other data controllers of the request to delete any link, copy or reproduction of its data. - Right to restriction of processing in case:
1. the data subject contests the accuracy of the personal data, for the period necessary for the controller to verify the accuracy of such personal data;
2. the processing is unlawful and the data subject objects to the deletion of the personal data and requests instead that their use be restricted;
3. although the data controller no longer needs them for the purposes of processing, the personal data are necessary for the establishment, exercise or defence of a legal claim;
4. the data subject has objected to the processing, pending verification as to whether the data controller’s legitimate reasons prevail over those of the data subject. - Right to lodge a complaint with the Garante per la protezione dei dati personali, following the procedures and indications published on the Authority’s official website www.garanteprivacy.it.
- The data subject’s right to data portability, i.e. the right to receive in a structured, commonly used and machine-readable format personal data concerning him or her that have been provided to a data controller and, where appropriate, to have them transmitted to another data controller where the processing is based on consent or on a contract and is carried out by automated means. Where technically possible, the data subject shall have the right to obtain the direct transmission of data from one controller to another.
- Right to object at any time to the processing of personal data, including profiling, in particular if
1. processing is carried out on the basis of the legitimate interest of the data controller, subject to explanation of the reasons for the objection;
2. personal data are processed for direct marketing purposes. - Right not to be subject to a decision based solely on automated processing, including profiling, except where the decision: is necessary for the conclusion or performance of a contract between the data subject and a data controller; is authorised by Union law or the law of the Member State to which the data controller is subject; or is based on the data subject’s explicit consent.
- Right to revoke consent at any time; data, if not based on another legal basis (e.g. fulfilment of a legal obligation or performance of a contract) must be deleted by the data controller.
The exercise of rights is not subject to any formal constraints and is free of charge.
Methods of exercising rights
The interested party may exercise its rights at any time by sending:
– a registered letter with return receipt to: T.G.M srl with head office in Via Settecani Cavidole, 43/E 41051 San Vito di Spilamberto MO
– an e-mail to: info@tgmsrl.com
Data controller
The data controller is: T.G.M srl with registered office in Via Settecani Cavidole, 43/E 41051 San Vito di Spilamberto MO
SUPPLIER AND CONSULTANT INFORMATION PURSUANT TO ART. 13-14 OF EUROPEAN REGULATION 679/2016 (GDPR)
The Company T.G.M srl with registered office in Via Settecani Cavidole, 43/E 41051 San Vito di Spilamberto MO Cod. Fisc.-Part. IVA 02575120361 in its capacity as Data Controller pursuant to Art. 4 of EU Regulation 2016/679 informs you, in accordance with Art. 13 of the Regulation, that it will process1 your personal data manually and/or with the support of computerised means for the purposes indicated below.
Type of data processed
As a result of the formation of the contract (including orally) and in the course of its execution, our organisation will collect and process your personal data. The data that will be processed are the so-called common data such as, but not limited to: personal data; address of residence, telephone number, e-mail address, data contained in identification documents, tax code, VAT number, IBAN/BIC code, qualification and vocational training data.
Purpose of processing
Il trattamento dei Suoi dati personali sarĂ svolto per le seguenti FinalitĂ :
a) management of payments provided for by law and by contract and the exercise of related rights;
b) fulfilment of legal or contractual obligations and the exercise of related rights;
c) fulfilment of legal or contractual obligations and the exercise of related rights;
d) tax and accounting and administrative fulfilments and communications to the financial administration related thereto. The provision of data for purposes related to the fulfilment of contractual obligations, the exercise of related rights and compliance with legal and tax obligations is mandatory and your consent is not required for the processing of such data. Even a partial refusal to provide the data will make it impossible to fulfil the contract or to continue the existing contractual relationship. Our organisation will process your data scrupulously in compliance with the limits and conditions imposed by the laws in force and the guidelines issued from time to time by the relevant Authorities.
e) to fulfil your specific requests.
You undertake to promptly notify us of any corrections, additions and/or updates to the data supplied and collected.
You undertake to promptly notify us of any corrections, additions and/or updates to the data provided and collected.
The provision of data for the above-mentioned purposes is optional, but even a partial refusal to provide such data will make it impossible for us to correctly manage the contract, to comply with legal and tax obligations, or to follow up on your requests.
Legal basis
Your personal data shall be processed for the performance of a contract concluded with you or for the performance of pre-contractual measures taken at your request, for the need to comply with obligations provided for by law or by a regulation or by Community legislation, including those provided for by tax legislation. The sending of commercial and/or promotional communications relating to products and services similar to those which are the subject of the contractual relationship in place is carried out on the basis of the legitimate interest of the Controller.
Data recipients
Your data may be communicated to: other companies in the group, to subsidiaries or affiliates, to legal, administrative, tax and labour consultancy firms, to companies appointed by the Data Controller to carry out specific data processing, to companies that provide IT services, to supervisory bodies, which will carry out the processing as External Processors, in fulfilment of legal or contractual obligations. Your data may also be communicated to our specially authorised collaborators and employees within the scope of the tasks they perform.
Processing of personal data shall mean any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. The updated list of persons appointed as External Data Processors or expressly authorised to process data may be requested by e-mail from the following address: info@tgmsrl.com
Your data, where necessary and in accordance with the principle of relevance, may be communicated to the categories of subjects indicated below, who will carry out the processing as Autonomous Controllers of the same:
– to Banks, Credit Institutions and Insurance Companies
– to factoring or debt collection companies;
– to public administrations and financial offices;
– to notary offices;
– to persons who can access them by virtue of legal provisions or secondary or EU regulations;
– to auditing companies;
The Company may also disclose your personal data to third parties
(i) where required to do so by EU or Member State law;
(ii) in the event of legal proceedings;
(iii) in response to a law enforcement request that is based on legitimate grounds;
(iv) to protect the rights, privacy, safety or property of the Company and, to the extent permitted by law, to investigate, prevent or take action regarding illegal activities, suspected fraud.
Data retention periods
For all legal purposes, including accounting, administrative and tax matters, the data will be stored, in archives, for a period of 10 years from the termination of the contractual relationship. In any case, this is without prejudice to cases in which storage for a later period is required by the competent authorities or pursuant to applicable legislation. At the end of the retention period the data will be deleted, anonymised or aggregated.
Data Transfer
The Data Controller does not transfer personal data to third countries or to international organisations.
However, it reserves the possibility of using cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as provided for in Article 46 GDPR 679/16.
Rights of the data subject
Ai sensi degli articoli 13, comma 2, e da 15 a 21 del Regolamento, La informiamo che in merito al trattamento dei Suoi dati personali Lei potrĂ esercitare i seguenti diritti:
Right to obtain access to personal data and the following information:
– confirmation as to whether or not their personal data are being processed;
– the purposes of the processing;
– categories of personal data;
– the recipients or categories of recipients to whom the personal data have been or will be disclosed;
– where the data are not collected from the data subject, all available information on their origin;
– the existence of an automated decision-making process, including profiling;
– a copy of the personal data being processed.
Right to rectification and integration of personal data;
Right to the deletion of data (âright to be forgottenâ) if one of the following grounds exists:
1. personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2.the data subject withdraws consent to the processing of the data and there is no other legal basis for the processing;
3. the data subject objects to the processing and there is no overriding legitimate reason to proceed with the processing;
4. personal data have been unlawfully processed;
5. personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the data controller is subject.
If a data controller has made personal data public and is obliged to delete it, it must inform other data controllers of the request to delete any link, copy or reproduction of its data.
Right to obtain access to personal data and the following information:
– confirmation as to whether or not their personal data are being processed;
– the purposes of the processing;
– categories of personal data;
– the recipients or categories of recipients to whom the personal data have been or will be disclosed;
– where the data are not collected from the data subject, all available information on their origin;
– the existence of an automated decision-making process, including profiling;
– a copy of the personal data being processed.
Right to rectification and integration of personal data;
Right to the deletion of data (âright to be forgottenâ) if one of the following grounds exists:
1. personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2.the data subject withdraws consent to the processing of the data and there is no other legal basis for the processing;
3. the data subject objects to the processing and there is no overriding legitimate reason to proceed with the processing;
4. personal data have been unlawfully processed;
5. personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the data controller is subject.
If a data controller has made personal data public and is obliged to delete it, it must inform other data controllers of the request to delete any link, copy or reproduction of its data.
Right to restriction of processing in case:
1. the data subject contests the accuracy of the personal data, for the period necessary for the controller to verify the accuracy of such personal data;
2. the processing is unlawful and the data subject objects to the deletion of the personal data and requests instead that their use be restricted;
3. although the data controller no longer needs them for the purposes of processing, the personal data are necessary for the establishment, exercise or defence of a legal claim;
4. the data subject has objected to the processing, pending verification as to whether the data controller’s legitimate reasons prevail over those of the data subject.
Right to lodge a complaint with the Garante per la protezione dei dati personali, following the procedures and indications published on the Authority’s official website www.garanteprivacy.it.
The data subject’s right to data portability, i.e. the right to receive in a structured, commonly used and machine-readable format personal data concerning him or her that have been provided to a data controller and, where appropriate, to have them transmitted to another data controller where the processing is based on consent or on a contract and is carried out by automated means. Where technically possible, the data subject shall have the right to obtain the direct transmission of data from one controller to another.
Right to object at any time to the processing of personal data, including profiling, in particular if
1. processing is carried out on the basis of the legitimate interest of the data controller, subject to explanation of the reasons for the objection;
2. personal data are processed for direct marketing purposes.
Right not to be subject to a decision based solely on automated processing, including profiling, except where the decision: is necessary for the conclusion or performance of a contract between the data subject and a data controller; is authorised by Union law or the law of the Member State to which the data controller is subject; or is based on the data subject’s explicit consent.
Right to revoke consent at any time; data, if not based on another legal basis (e.g. fulfilment of a legal obligation or performance of a contract) must be deleted by the data controller.
The exercise of rights is not subject to any formal constraints and is free of charge.
Methods of exercising rights
The interested party may exercise its rights at any time by sending:
– a registered letter with return receipt to: T.G.M srl with head office in Via Settecani Cavidole, 43/E 41051 San Vito di Spilamberto MO
– an e-mail to: info@tgmsrl.com
Data controller
The data controller is: T.G.M srl with registered office in Via Settecani Cavidole, 43/E 41051 San Vito di Spilamberto MO