This policy abide to the Regulation 2016/679 (GDPR), article 13 and to the D.LGS no. 196/2003, art. 13 (related to personal data protection) to all users who access tomasetto.com web site and its subdomains (hereinafter “Website”)
This document is related to all personal data processed as indicated here follows and explain how your personal information are handled while using our services and to allow you, where appropriate, to give express consent to the processing of your personal data in the website sections in which it is requested to provide personal data.
The data processing is carried out in compliance with the regulations indicated above and is based on the principles of lawfulness, correctness, transparency, purpose limitation and storage, data minimization and confidentiality.
It should be noted that the following information refers exclusively to the Website and not to other websites that may be visited via links from this Website.
Processed data types
- Contact data: personal data are required to website users only if they want to contact the Company, by filling in the contact form; in this case, which is entirely optional, after having read this information, Users will be able to provide only the data strictly necessary to process the intended inquiry (name, company, state, email);
Purpose of the processing
The User Data is collected to allow the Data Controller to:
- contact the User who requests information through the Contact form;
- carry out statistical analysis, control Website accesses and monitor their progress also in order to improve the provided service and offer a better browsing experience;
The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. The processing is carried out using IT tools, with organizational methods and with logic strictly related to the indicated purposes.
In addition to the Data Controller, other subjects involved in the organization of this Website (administrative, commercial, system administrators) or external subjects (such as third party technical service providers, hosting providers, IT companies) may have access to the Data, also appointed, if necessary, Data Processors by the Data Controller. The updated list of Managers shall be requested to the Data Controller.
The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller.
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which the same were collected, in any case providing for periodic verification of the stored data, in order to delete those deemed obsolete, unless the law demand archiving obligations.
Data subject rights
Pursuant to art. 7 of the Privacy Code and art. 13 GDPR, each user has the right to obtain from the Data Controller confirmation of the existence or otherwise of his personal data and their communication.
Furthermore, the interested party has the right to obtain from the Data Controller an indication of the origin of the personal data; the purpose and methods of treatment; the identity of the Data Controller, managers and the designated representative; the subjects and categories of subjects to whom the data may be communicated; the rectification, integration or cancellation of their data; the restriction of processing. The interested party has the right to complain to the supervisory Authority, pursuant to art. 77 of EU Regulation 679/2016.
Requests as mentioned in the previous points must be sent by email to firstname.lastname@example.org.
Updates and Changes.