Політика конфіденційності

You are here:
  1. Home
  2. Політика конфіденційності

Tomasetto.com Website Policy

This notice is provided pursuant to Article 13 of Regulation 2016/679 (GDPR) and Article 13 of Legislative Decree no. 196/2003 (Personal Data Protection Code) to users who access the website tomasetto.com and its subdomains (hereinafter “Website”).

This document relates to all personal data processed in the manner described below and explains how your personal information is handled when you use our services. It also allows you, where applicable, to give your explicit and informed consent to the processing of your personal data in the sections of the website where you are asked to provide personal information.

The data processing is carried out in accordance with the regulations mentioned above and is based on the principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimization, and confidentiality. It is specified that the following information relates exclusively to the Website and not to other websites that may be visited through links from this Website.

Data Controller Tomasetto
Achille S.p.A
Via del Progresso n.47/53, 36020 Castegnero (VI)
Tel. +39 0444 638326
info@tomasetto.com

Processed data types

  • Contact data: personal data are required to website users only if they want to contact the Company, by filling in the contact form; in this case, which is entirely optional, after having read this information, Users will be able to provide only the data strictly necessary to process the intended inquiry (name, company, state, email);
  • Technical navigation data: these are data relating to the utilization of technologies that involve the automatic storage of some data relating to the tools used, in some way attributable to the Users, such as IP addresses or domain names of the computers by which the Users connect to the Website, the addresses in URI notation of the requested resources, the time of the request, the method used, etc. These data could be made available to the Judicial Authority to ascertain responsibility in the event of offenses committed through the site or computer crimes against the site. The use of Cookies – or of other tracking tools – by this Website or by third party services owners used by this Website, unless otherwise specified, is intended to provide the Service requested by the User, in addition to additional purposes described in this document and in the Cookie Policy.

Purpose of the processing

The User Data is collected to allow the Data Controller to:

  • contact the User who requests information through the Contact form;
  • carry out statistical analysis, control Website accesses and monitor their progress also in order to improve the provided service and offer a better browsing experience;

Processing methods

The Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. The processing is carried out using IT tools, with organizational methods and logic strictly related to the indicated purposes.

In addition to the Controller, other parties involved in the organization of this Website (administrative staff, commercial staff, system administrators) or external parties (such as third-party technical service providers, hosting providers, IT companies) may have access to the Data. These external parties may also be designated, if necessary, as Data Processors by the Controller. The updated list of Data Processors can be requested from the Controller.

The Data is processed at the Controller’s operational offices and at any other location where the parties involved in the processing are located. For more information, please contact the Controller.

Personal data is processed using automated tools for the time strictly necessary to achieve the purposes for which it was collected, with periodic checks of the stored data to delete those deemed obsolete, unless the law requires retention obligations.

Data subject rights

Pursuant to Article According to Article 7 of the Privacy Code and Article 13 of the GDPR, each user has the right to obtain confirmation from the Controller regarding the existence or non-existence of their personal data and to receive communication of the data.

Additionally, the data subject has the right to obtain from the Controller information regarding the origin of the personal data; the purpose and methods of processing; the identification details of the controller, the processors, and the designated representative; the subjects and categories of subjects to whom the data may be communicated; the rectification, integration, or deletion of their data; the limitation of processing. The data subject has the right to file a complaint with the supervisory authority, according to Article 77 of EU Regulation 679/2016.

Requests as per the previous points should be sent via email to the address info@tomasetto.com.

Updates and Changes.

The Data Controller reserves the right to amend, supplement or periodically update this Policy in accordance with the applicable legislation or the measures adopted by the Guarantor for the Protection of Personal Data. The aforementioned changes or additions will be brought to the attention of the interested parties through a link to the Privacy Policy page of the website.

Customers/ Suppliers Policy

The company Tomasetto Achille S.p.A., with registered office in Via del Progresso n.47/53, 36020 Castegnero (VI), VAT number 00931330245 (“Company“), represented by the legal representative pro tempore (“Administrator“), in compliance with Article.
13 of the GDPR, and in relation to Your Personal Data (“PD”), hereby communicates the following:

  1. Subjects of processing and Personal Data
    • The Data Controller (“Owner”) is the Company.
    • The Data Controller has not appointed a personal data protection officer (“DPO“) and the legal conditions for the mandatory appointment of the DPO do not exist.
    • Pursuant to art. 4 of the GDPR, DP means any information relating to an identified or identifiable natural person (“Data Subject”), directly or indirectly, such as a name, an identification number, an address, a telephone number, an email address, etc. or one or more characteristic elements of his physical, physiological, genetic, psychological, economic, cultural or social identity.
  2. Purpose of the processing of DP
    • Purpose of the processing of PD
      The processing is primarily aimed at managing the pre-contractual phase and the correct and complete execution of the contractual relationship with the Company, and the consequent fulfillment of the resulting contractual, legal and tax obligations. In particular, among the primary purposes (“Primary Purposes“) of the processing there are the following:
      • the preparation of estimates, order confirmations, transport documents;
      • the execution of the contractual relationship;
      • the fulfillment of legal obligations in the tax and accounting, labor law, social security and welfare and insurance fields;
      • the provision of technical assistance services;
      • the payment of invoices issued by the Company or paid by the latter;
      • compliance with any other legal obligation incumbent on the Company or the Administrator and provided for by current legislation.
    • Your PD will be processed, subject to your separate and subsequent specific consent, also for the additional purposes (“Additional Purposes“) below:
      • newsletters, invitations to events and meetings;
      • greeting, commemorative and celebratory cards;
      • information on the opening / closing times of the Company’s offices;
      • management of promotional, advertising, commercial and marketing activities.
    • You (“Interested Party“) may in any case freely choose not to give your consent for the Additional Purposes.
    • In the event that the processing of particular data is essential for the carrying out of the relationship or for the fulfillment of specific services as well as legal obligations, the provision of such data will be mandatory and since their processing is permitted only with the prior written consent of the interested party (pursuant to articles 9 and 10 GDPR), you must also consent to their processing.
  1. Legal basis of the processing
    • The Company processes Your Personal Data lawfully when the processing:
      • it is necessary for the execution of the contractual relationship of which you (or companies or entities of which you are a shareholder, director, manager or attorney) are a party, or for the execution of pre-contractual measures adopted upon request;
      • It is also urgent to fulfil a legal obligation incumbent on the Company or the Director;
      • This point is based on express consent, about activities related to the Additional Purposes.
    • Furthermore, your express consent is not required when the processing concerns data coming from public registers, lists, deeds or documents knowable by anyone, without prejudice to the limits and methods of the law.
    • Finally, your express consent is not required – and if given, it must be considered confirmatory of the lawfulness of the processing – when the processing concerns the preparation or carrying out of activities related to the Primary Purposes.
  1. Consequences of failure to communicate PD
    • With regard to the DPs relating to the execution of the contract of which you are a party (i.e. companies or entities of which you are a shareholder, director, manager or attorney) or relating to the fulfillment of a regulatory obligation, failure to communicate the DPs prevents the completion of the contractual relationship or, depending on the case, suspends or prejudices its execution.
    • Data that is not essential for the performance of the contractual relationship must be qualified and considered additional information and their provision, if requested, is optional.
  2. Conservation of DP

Your DP, subject to processing for the Primary and/or Additional Purposes, will be kept for the duration of the contract and, subsequently, for the time in which the Company and/or the Administrator is subject to conservation obligations for purposes tax or for other purposes.

  1. Communication of DP
    • Your DP may be communicated to:
      • external professionals (such as lawyers, accountants, labor consultants, data processing centers, etc.) who provide services functional to the achievement of the Primary and/or Additional Purposes, who – if the legal conditions exist – will assume the role of external managers of the treatment;
      • Employees and collaborators of the Data Controller, in their capacity as internal data processors and/or managers and/or system administrators, or as the DPO if appointed;
      • third-party companies or other subjects not mentioned in the previous letters (for example, credit institutions, professional firms, consultants, insurance companies, factoring, leasing, etc.) that provide services functional to the Primary and/or Additional Purposes, which – if the legal conditions exist – they will assume the role of external data controllers;
      • subjects who process data in compliance with specific legal obligations;

      • judicial or administrative authorities, including arbitration, for the fulfillment of legal obligations.
    • The Controller may also communicate your Personal Data to a service for address management and email sending.
    • The DP provided for the Additional Purposes may also be made available to third parties, possibly appointed as external data controllers, and used by them for the sole purpose of carrying out the service or provision requested and only if this is for this purpose.
  1. Profiling and diffusion of DP

We also inform you that your PD will not be disclosed and will not be communicated without your explicit consent, nor to any fully automated decision-making process, including profiling, except for necessary communications which may involve the transfer of data to public bodies, consultants or to other subjects for the fulfillment of legal obligations. In particular, your data may be communicated to:

    • Public bodies or offices or supervisory authorities according to legal and/or contractual obligations;
    • Banking institutions and/or credit institutions for the management of payments deriving from the contractual relationship.
  1. DP Transfer
    • Your Personal Data is stored on servers located at the registered office of the Controller.
    • Your PD will not be transferred either to member states of the European Union or to third countries not belonging to the European Union, if such activity is not necessary for the achievement of the Primary Purposes.
    • Without prejudice to communications and dissemination carried out in compliance with legal obligations,
    • If the DP are transferred to a third country or an international organization, you have the right to be informed about the existence of adequate safeguards pursuant to Article. 46 GDPR.
  1. User rights

Among the rights granted to you by the GDPR are the following:

    • ask the Company for access to your PD and information relating to them; their rectification or integration; their cancellation);

    • object at any time to the processing of your PD if particular situations arise that concern you
    • revoke consent at any time, limited to cases in which the processing is based on your consent for one or more specific purposes and concerns common personal data or particular categories of data. Processing based on consent and carried out prior to its revocation, however, retains its lawfulness;
    • lodge a complaint with a supervisory authority (Personal Data Protection Authority).
  1. Methods of exercising rights

As a data subject, you may exercise your rights at any me by sending:

    • a registered letter with return receipt to Tomasetto Achille S.p.A. Via del Progresso n.47/53, 36020 Castegnero (VI);
    • an email to the email address: info@tomasetto.com