PREMISE

Pursuant to (EU) Regulation 2016/679 (hereinafter referred to as "Regulation" or "GDPR"), this page describes how to process the personal data of users who consult the website which Tannus Italia Srl (hereinafter, “Tannus Italia ”) has provided for its institutional purposes.
This information does not relate to other sites, pages or online services accessible via hypertext links that may be published on the sites but refer to resources external to the domains:
https://www.tannus.eu/.
Following consultation of the site, data of data subjects may be processed, i.e. data relating to identified or identifiable individuals, and this entails the need, for those who decide on the purposes and methods of processing ("Data Controllers"), to respond to certain obligations, including informing data subjects and obtaining consent, where the latter constitutes the legal basis for processing. Given that the processing will be based on the principles of legality, correctness and transparency, minimisation and limitation of data retention, accuracy, integrity and confidentiality, in light of the above, Tannus Italia provides you with the following information.

DATA CONTROLLER

Tannus Italia Srl,
Via dei Molini 15, 33017 Tarcento (Ud) (Sede Legale)
Via Francesco Comelli 31/2 33034 Fagagna (UD) (Sede Op.)
Tel: (+39) 0432/997174
PEC: tannusitaliasrl@legalmail.it

Data Protection Officer (DPO)

Data Protection Officer
c/o Tannus Italia Srl,
Ing. Fabrizio Bottacin, Ph.D.
fabrizio@bottacin.eu, fabrizio.bottacin@ingpec.eu

PERSONAL DATA AND THEIR ORIGIN

Data are collected directly from the data subject and are limited to the following:
- Contact data;
- Email.

PURPOSE
Provision of assistance service and consultancy to respond to Data Subject’s requests

LEGAL BASIS

6.1.b Contract
to the execution of a contract of which the Data Subject is a party orto the execution of pre-contractual measures adopted at the request of the same

NOTE

Data Subjects: subject requesting to book a call

Retention Time
The data will be processed for 2 months after the meeting

OBLIGATORY PROVISION OF DATA
For the pursuit of the forementioned purposes, common data will generally be processed (personal data, e-mail, ...). The processing responds to the principle of data minimization and limitation of conservation: the minimum set of data will be processed for the strictly necessary period. In the absence of consent, it will not be possible to carry out the assistance service.

RECIPIENTS AND PERSONS IN CHARGE OF DATA PROCESSING

Without prejudice to the communications and disclosures made in execution of contractual obligations, those ordered by Authorities or provided for by the Law, provided that the communication to third parties does not exempt the latter from providing the information and from requesting consent to the processing, it is specified that the data may be communicated to:

• any Partners in the creation of events;
• consultancy and services company.

The data will not be disclosed. The data may be processed by subjects qualified as Managers pursuant to art. 4.8 and Article 28 of the GDPR (professionals, consultancy and service companies, hardware and software assistance companies, professionals and service companies also operating in the field of communication, web designers, graphics and production of multimedia material) both by of persons authorized to process data pursuant to art. 29, who operate under the direct authority of the Data Controller (employees and collaborators in various capacities), who has appointed them.

TRANSFER OF PERSONAL DATA TO NON-EU COUNTRIES

The Data Controller makes use of professional services offered by some suppliers, adequately qualified as Data Processors. This may result in the data being transferred outside the EU but only:

- to countries subject to an adequacy decision by the European Commission or the Authority (Article 45 of the GDPR);

- in countries located outside the EEA, after signing the standard contractual clauses (Standard Contractual Clauses) adopted/approved by the European Commission pursuant to art. 46, 2, lett. c) and d). In the event that this happens, a copy of the guarantees referred to in art. 46, par. 2, lett. c) and d), adopted by the Data Controller can be obtained by writing an e-mail to the DPO;

- towards subjects that have an international structure and who have provided for the signing, at group level, of specific Binding Corporate Rules, as per art. 47 of the GDPR;

- if the data subject has given his/her explicit consent, in execution of a contract or pre-contractual measures, to ascertain or defend a right in court, to protect the vital interests of a data subject or other persons and the data subject cannot give his/her consent (Article 49 of the GDPR).

DATA SUBJECT RIGHTS (GDPR ARTS. 15-22)

Data subjects have the right to be informed by the Data Controller whether or not personal data relating to them is being processed and, potentially, request access to, rectification and deletion of their personal data, or to limit the purposes of the processing of data concerning them or to oppose their processing ̶ if this is not required by law ̶ in addition to exercising their right to data portability. At any time, the data subject has the right to withdraw his or her consent, without this affecting the lawfulness of the processing undertaken on the basis of consent given before this was withdrawn. Every data subject also has the right to lodge a complaint with the supervisory authorities.

last updating: 28/06/2023