WEBSITE PRIVACY POLICY

WHY DO WE PROVIDE THIS NOTICE?

In this page, we describe how personal data of the users visiting this website are processed.
This privacy policy statement is provided in conformity with and as a result of the article 13 Reg. UE 2016/679 to those benefiting from the web services of TSEC S.p.A. - DATA CONTROLLER – which can be accessed from the address: www.tsec.it, corresponding to the home page of the official website of the company TSEC S.p.A.

This privacy policy statement does not apply to other websites which can be consulted clicking on the links on the websites of the Data Controller, who is not to be considered in any way responsible for third-party websites.

DATA CONTROLLER

TSEC SpA, having its place of business in Bedizzole (BS), Luigi Becchetti, 74, 25081, is the Data Controller.

DATA PROCESSING LOCATION

Data related to the services provided by this website are processed at the main seat of the Data Controller and the personnel authorised only can access to them.

DATA DERIVING FROM THE USER’S WEB SURFING

IT systems and software procedures which make this website work collect, during their normal operations, some personal data, which are transferred, as implied in the use of Internet communication protocols.

These data are not collected to be linked to identified Data subjects, even though, by their own nature, they could allow to identify users by means of processes and connections with data hold by third parties.

The following information belong to this category: IP addresses or domain names of the computers used to connect to the website, URI (Uniform Resource Identifier) addresses of the resources required, the moment of the request, the procedure followed to send the request to the server, the size of the answer file, the numeric code on the server response status (successful, error, etc.) and other parameters related to the operating system and the IT infrastructure of the user.

These data are used to collect anonymous statistical information on the website usage and to verify its correct functioning, they are deleted right after processing. Data could be used for detecting and prosecuting hypothetical cyber-crimes to the detriment of the website: except for this event, data on web usage are kept for no longer than seven days.

COOKIES AND PLUG-INS

The software applications used may be provided with cookies. Cookies are needed mainly to facilitate the users’ surfing experience. Cookies may provide information on the surfing patterns on the website and allow to provide some services that need to track the user’s actions on the different pages of the website. The cookies on the software applications are anonymous and cannot be attributable to the user’s personal data. Regardless of whether or not there are cookies, every time a user accesses the website, the following information is registered: type of browser (e.g. Internet Explorer, Netscape), operating system (e.g. Macintosh, Windows), host and URL of the visitor, in addition to the data on the page required. Nonetheless, the user can set up its browser in order to be informed each time he receives a cookie and to decide whether to delete it or not. Further information on cookies are available on the websites of the browsers.

Types of cookies

There are two types of cookies: “session” and “persistent” cookies. The first, once downloaded, are deleted when the browser is closed; while the latter are stored in the hardware of the user/visitor until they expire. Persistent cookies are used mainly to facilitate browsing, to understand which sections of the website have generated a given number of pages and users, and to show adverts as well.
Session cookies have the purpose of accelerating the analysis of the Internet traffic and to facilitate users access to the website services. No personal data are collected or transmitted when using session cookies, and no users tracking systems are used. Session cookies are employed mainly during the authentication and authorisation stages and while browsing in the services accessible after registration. There also exist:

• First-party cookies, that can be read only by the domain that created them;
• Third-party cookies, generated by external websites, for example, by means of Google Analytics.

The software used for the website and the platform generates a cookie for each user in order to make usage analysis. Data collected through this cookie are stored at Google Inc. For further information on Google Analytics cookies, please check the Google official documents at the following URL: http://code.google.com/apis/analytics/docs/concepts/gaConceptsCookies.html

TSEC SPA employs social media plugins on its website. Plugins are identifiable through the icon of the respective social network. Plugins allow to set up bookmarks on these pages and to share bookmarks with the other social networks’ users.
When visiting a page on our websites having plugins installed, your browser establishes a direct connection with the server of the social networks. Plugins inform the social media that you have visited the corresponding page of our websites. If you have logged-in, you can share on your social network account the page you have visited on our website. If you interact with the plugins by using social networks or leaving comments, your browser communicates your interaction to the social network where it is stored.
Even if you haven’t logged in, plugins could transmit your IP address to the relative social network. As regards the data processing purposes and methods of the social networks, and for any information on you rights and set-up options to protect your privacy, please, check the privacy policy of the website and/or the respective social network. In fact, we cannot control data gathered by the plugins.




DATA VOLUNTARILY PROVIDED BY THE USER

Personal data, which are provided by the users interacting voluntarily with the website for benefiting from some services (information requests, e-mails, website registration etc.), are used only to provide the service or performance requested and they are transmitted to third parties only if it is strictly necessary to provide the service (information requests, transmission of adverts related to the company’s activities etc.).
Therefore, in the above-mentioned cases, the user, having viewed the privacy statement, needs to give his consent, otherwise, it will not be possible to satisfy the requests.
Consequently, the provision of personal data is optional for the users, as well as necessary to provide specific services; in case data are not given, the supply of services could be impossible or compromised.




METHODS OF DATA PROCESSING

Personal data are processed by automated means for no longer than necessary for the purposes of the collection. Specific safety measures are observed to prevent data loss, illicit or incorrect use and unauthorized access, in pursuance of art. 32 Reg. EU 2016/679 as well.

RIGHTS OF THE DATA SUBJECT

Data subjects have the right to obtain confirmation at any time as to whether or not personal data concerning him are being processed and to know their origin and content, to verify their accuracy or to obtain integration or updating, or rectification.
In particular, as regards what mentioned above, we inform you that, in conformity with articles 13 par. 2, 14 par. 2, and with article 15 and following of the Reg. EU 679/2016, you have the right to ask TSEC SPA to access to your personal data and to obtain their rectification or erasure or restriction on processing or to object to the processing, in addition to the right to data portability. You have the right to withdraw your consent at any time without affecting the lawfulness of the processing based on the consent given before its withdrawal; you have the right to obtain confirmation on whether or not personal data are being processed, their erasure and anonymisation and blocking when processed unlawfully, their updating, rectification, or integration, and a document stating that those having data transmitted, or disclosed, are aware of the operations described. We inform you that you also have the right to lodge a complaint to the Supervisory Authority.
In case the data subject wants to exercise the above-described rights under article 15 ff. Reg. EU 679/2016, they can contact the Data Controller at the following address: privacy@tsec.it

Email Privacy Policy

This message (including any attachments) may contain confidential, proprietary, privileged and/or private information. The information is intended to be for the use of the individual or entity designated above. If you are not the intended recipient of this message, please notify the sender immediately, and delete the message and any attachments. Any disclosure, reproduction, distribution or other use of this message or any attachments by an individual or entity other than the intended recipient is prohibited according to the REG. EU 2016/679.
We also inform you that the reply to this message including any attachments could be viewed, for work purposes, also by other authorized parties

CUSTOMER/SUPPLIER INFORMATION

The company TSEC SPA, Data Controller, provides you with the following information regarding the processing of your personal data, pursuant to Article 13 of the Code regarding the protection of personal data (Legislative Decree 196/03) as amended by Legislative Decree 101/2018 in force since 19.09.2018 and pursuant to Arts. 13 and 14 (in the case of data not obtained from the interested party) EU REG. 679/2016.

a) Purpose of the processing

Your data will be processed for:

1. administrative and accounting management, fulfillment of contractual and legal obligations related to civil law, tax accounting; management of any litigation;
2. with your consent (as per the proper form that you will be asked to complete and sign): sending communications on products or initiatives by TSEC SPA, made through letters, newsletters, landline and/or mobile phone, advertising material, automated communication systems, e-mail.

b) Processing methods

The data are processed through manual, computerized and telematic tools according and streactly related to the aforementioned purposes and, in any case, in order to guarantee a level of security appropriate to the risk of the treatments in question and thus in application of adequate technical and organizational security measures. The data will be stored for a period not exceeding the purposes for which they were collected and subsequently processed.

c) Nature of the provision of data

The provision of data is necessary in order to provide the required service and supply and to fulfill legal obligations related to the management of the existing relationship. Any refusal to provide the data implies the impossibility of carrying out the requested service/supply. The legal basis for the data provision is, in this case, the relationship between the existing parties. For what concerns the purposes indicated in point 2) of the previous letter a), however, the provision of data is purely optional and their processing will take place only following an explicit consent of the interested party, that, in fact, constitutes the legal basis of the processing in question. The absence of consent to these purposes will not affect the provision of services.

d) Data comunication

The data may be communicated, in whole or in part where necessary and in any case for the purposes of the processing in question, to:

• subjects to whom such communication must be submitted in fulfillment of an obligation established by law, by a regulation or by EU legislation;
• external structures/companies responsible for the activities connected with or resulting from the execution of the given provisions or for the provision of the requested services;
• credit institutions for payment orders or other financial assets instrumental to the execution of the service.

The subjects belonging to the aforementioned categories perform the function of Data Processor (all of whom have been appointed for this purpose under Article 28 of the EU Reg. 679/2016), or operate in complete autonomy as separate Data Controllers.

The personnel specifically appointed can acquire the provided data, in relation to the assigned duties.

e) Disclosure of data

The data will not be disclosed in any way.

f) Data controller

Is TSEC SPA, Via Luigi Becchetti, 74 – Bedizzole (BS)

g) Rights of the interested party

Pursuant to art. 7 of the Code regarding the protection of personal data, and pursuant to Art. 15 and seq. of EU REG. 679/2016 each interested party:

1. Has the right to obtain confirmation of the existence of personal data concerning himself, even if not yet registered, and their communication in intelligible form.
2. The interested party has the right to obtain information about:
   1. the source of personal data;
   2. the purposes and methods of processing;
   3. the logic underlying treatments carried out with the aid of electronic instruments;
   4. the identification details of the owner, the managers and the designated representative;
   5. the subjects or the categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents.;
   1. The interested party has the right to obtain:
      1. updating, rectification or, when interested, integration of the data;
      2. the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
      3. the proof that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated, except in the case in which this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right.
   2. The interested party has the right to object, in whole or in part:
      1. for legitimate reasons, the processing of personal data concerning him, even if pertinent to the purpose of the collection;
      2. the processing of personal data concerning him for the purpose of sending advertising or direct sales material or of carrying out market research or commercial communication.
   3. The interested party has the right to revoke the consent given and indicated as the legal basis of the processing in question, except where the consent is necessary for the fulfillment of the legal obligations by the Data Controller and related to the purposes of relationship between the parties.
   4. The interested party also has the right of complaint to the reference Supervisory Authority.

The interested party can refer for the fulfillment of his rights to the Data Controller: TSEC SPA, Via Luigi Becchetti, 74– Bedizzole (BS).