Information on the processing of personal data
Techyon S.r.l. (P. IVA 10642430960), with registered office in Milan at Via Giovanni Battista Sammartini 33, as the controller of the processing of personal data (hereinafter the “Controller”) of the website www.techyon.it (hereinafter the “Site”), informs visitors of the Site (hereinafter the "Users") pursuant to art. 13 of the European Regulation n. 2016/679, the General Data Protection Regulation (GDPR).
The Controller is aware of the importance of the processing of personal data of the Users and, for this reason, take care to state which data are processed and how they are processed. By proceeding with the navigation of the Site or showing the willingness to use the services provided, the User declares to have read and accepted this statement (hereinafter “Policy”), thereby granting your agreement for the processing of personal data by the Controller himself.
For any information, doubts or requests related to this Policy, the Controller makes available to Interested the following email address: [email protected]
Which are the rights of the User in relation to the processing of personal data?
The User has the following rights:
- the right to be informed that there is an ongoing processing of data concerning him and, if so, access to the personal data processed;
- right to rectification of personal data;
- right to erase (right to oblivion) the personal data concerning him;
- the right to restrict the processing of personal data concerning him;
- the right to data portability in order to receive, or have transmitted to another external controller, personal data concerning him in a structured, commonly used and machine-readable format;
- the right to object to the processing of personal data;
- the right to withdraw consent previously granted;
- right to file a complaint with the authorities for a breach of personal data processing.
The Users may exercise their rights by writing to the email address above.
The Controller does not intend to make the Users to bear any costs to exercise one of their rights, but to do so the Controller may request specific information in order to be able to answer properly at the communications of the Users in relation to their rights.
The above-mentioned communications are usually noticed within 30 days from the receipt of the communication itself, but in case this deadline will not be respected (e.g. for excessive load of requests or complexity of the response), it will be responsibility of the Controller to inform the User and keep him updated on the developments of the communication sent.
What personal data are processed?
The Controller processes the personal data provided by both the Users and third parties to follow up at the best the contact requests of the User received through the Site (hereinafter the “Servizi”).
a) Data supplied directly by the interested party
|Category of personal data||Types of data|
|Identification and contact information||Name, surname, email address, residence address, telephone number, tax/VAT number|
|Technical data||IP address|
|Third party source of personal data||Types of data|
The Controller may collect, use and share aggregated data, such as statistical or demographic data, for any purpose.
The aggregate data may derive from the personal data of the Users, but once aggregated they do not constitute personal data under the GDPR provisions as they are not able to identify directly or indirectly the User. However, if the Controller combines or connects the aggregated data with the personal data of the User so as to allow the identification of the User himself, directly or indirectly, the Controller will process the resulting data in accordance with the provisions of the Policy.
The Controller does not deal with any particular category of data of the User ( particular data shall mean a piece of information related to ethnic or racial origin, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, genetic, biometric and health) as they do not collect any data related to criminal convictions and offenses. Why are personal data processed?
The Controllers process personal data for the following purposes indicated in the table below.
The GDPR requires that, for any purpose of processing personal data, the Controllers must have a legal basis which allow the processing itself.
The Controllers will process the personal data of the Users with their consent as a legal basis for the processing. The consent can be revoked at any time, but the processing carried out until the withdrawal of the consent cannot be affected.
Below is a summary table of all aims and their description:
|Provide the services||The User may, through the Site, request to be contacted in order to receive information, getting an appointment or pricing of activities of the Controller.||The data will be stored until the provision of all the services will be completed.|
|Provide support to the Users||Solve technical problems encountered by Users during navigation, their requests for assistance, improve the Services and the Site and provide the support requested by them.||The data will be stored until the fulfillment of the request for support of the Users.|
|Newsletter||The Controllers may send updates to inform the User about the development of their activities, as well as agreements with commercial partners and participation in events.||The data will be stored for 24 months.|
|Comply with the legal, regulatory and protection obligations of the Controller||The Controllers may process the personal data of the User to comply with legislative and regulatory obligations, as well as to comply with the provisions of the courts and administrative authorities. The Controllers will also be able to process the data to protect their rights and interests, such as, for example, in the case of judicial redress or due diligence in case of changes in the corporate structure.||Personal data will be kept for the period of time determined by the law, regulation and/or authority reference.|
If the data are necessary to provide the Services, the Controller will not be able to provide them and support the Users in their requests. In this case, the Controller may, alternatively, request the integration of personal data or delete the personal data of the User, preventing the provision of the Services.
For purposes other than the provision of Services and support to Users, the provision of data is optional and refusing to provide personal data will not affect the aforementioned purposes of processing.
To whom are personal data communicated and disclosed?
The personal data of the Users may be communicated to third parties with respect to the Controller, as indicated in the following table:
|Addressees||Purpose of the communication|
|Suppliers||The suppliers of the Controller that support them in the provision of the Services including, but not limited to, the development of the Site, hosting, maintenance, backup, virtual infrastructure.|
|External consultants||In case of legal obligations or obligations related to the relationship established with the User, the Controller may communicate personal data to external consultants, such as, for example, accountants and the lawyers.|
|Judicial authorities and legal proceedings||The Controller may communicate the personal data of the Users to state and/or administrative and/or judicial authorities in case this is mandatory according to the law, regulations or measures of the authorities or also to defend a right and/or interest.|
The personal data of the User will not be disclosed.
Where do we keep personal data?
The Controller keeps personal data in paper files within his offices, in addition to computer files located both within the European Union, and outside if this is instrumental to the pursuit of the purposes indicated in letter a). In latter case, the Controller ensures that companies that do not have offices within the European Union are treating personal data with the utmost confidentiality in compliance with all the European Commission Adequacy Decision, any Privacy Shield or, where necessary, entering into agreements that guarantee an adequate level of protection.
How are personal data processed?
The Controllers process the personal data of the User by adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification and destruction.
The processing of data is carried out through IT procedures, telematic means and, in a residual way, on paper by internal subjects specifically authorized as well as by external managers in case appointed, and this also according to the contractual arrangements in place.
The processing can also be carried out through the use of automated means.
Which is the policy on the processing of children’s data?
The Controller is aware of the sensitivity of the processing of data of minors. In particular, the Services cannot be provided to minors under the age of 14 and the Controller does not under any circumstances process data of minors under the age of 14: at this regard, the Users are not allowed to request any of the Services in case their age is under 14 years.
The Controller encourages those who exercise parental authority over children under 14 to ensure that the minors do not require the provision of the Services and to educate children under 14 to not give their personal data through the Site.
If the Controller become aware that certain personal data relate to minors under 14 years, the Controller himself will start the proceeding to the elimination of all the personal data related.
What if there are links to other websites?
The Controller informs the Users that this Policy applies only to the Site and, if there are links to other websites, the Users must verify the information of these sites before releasing any personal data.
The Controller does not take any responsibility for the personal data provided by the Users on other websites.
Changes to the Policy
The Controller reserves the right to amend this Policy at any time. In case of changes, the Controller will upload on this page the new policy and with that said it is recommended for Users to check the changes in the Policy: the Users can see the history of the Policy by looking at the date enrolled.
By continuing to use the Site after the changes, the User accepts these changes and consents to the processing of data as modified.