This information is prepared, pursuant to art. 13 of the Privacy Code, in relation to personal data voluntarily provided by users when browsing the sites www.tecnoteca.com / www.cmdbuild.org / www.cmdbuildready2use.org / www.openmaint.org ("the Websites").
DATA CONTROLLER
The Data Controller is TECNOTECA S.R.L., with registered office in Tavagnacco, Via l'Aquila, n° 1/A (hereinafter also "TECNOTECA").
To exercise the rights recognized by REGULATION (EU) 2016/679 (hereinafter "GDPR" or "Regulation") or to request any clarification concerning the processing of personal data, you can contact the Owner at the following addresses: telephone 0432.689094, e-mail privacy@tecnoteca.com.
PURPOSE
The data you provide will be treated in accordance with the principles of lawfulness, correctness, relevance and proportionality for the following purposes:
- Primary Purposes. This term means the carrying out of all those activities strictly functional to the fulfillment of the requests of the interested party and to use the services made available on the Webites (to send requests on services and / or tools; to request general information, to register for webinars and / or other events, etc.), as well as for all the connected or instrumental activities, functionally linked to the operations of the Owner or to the protection of his rights. In fact, we believe that these activities are connected and instrumental, for example: the verification of internal quality through checks, controls and audits; the fulfillment of legal obligations.
The aforementioned treatments are lawful since they are necessary for the execution of a contract or the execution of pre-contractual measures adopted at the request of the interested party, to allow the Data Controller to fulfill a legal obligation to which he is subject or, finally, for a legitimate interest. - Marketing Purposes. TECNOTECA may process the data, subject to specific consent, for sending informative and promotional communications, for sending advertising material or for carrying out market research or commercial communications by the Company, in relation to products and services own.
To this end, the Data Controller reserves the right to use:
- traditional methods of contact, such as sending paper mail and phone calls with an operator;
- automated contact methods: e-mail.
PROVISION OF DATA AND CONSEQUENCES IN THE EVENT OF FAILURE TO ASSIST THE TREATMENT
Failure to provide the data processed for the Primary Purposes will make it impossible for the Owner to provide the information and / or service requested.
With reference to the purpose referred to in point 2) failure to consent will not entail any consequence on the possibility of using the services requested and will only imply the impossibility of proceeding with such treatments.
CATEGORIES OF RECIPIENTS OF PERSONAL DATA
The personal data provided by the User, for the purposes described above, may be made known to or communicated to the following subjects:
- persons authorized to process data and subjects who, by processing data on behalf of the Data Controller, have been appointed as Data Processors (these subjects are bound to secrecy and confidentiality also on the basis of a specific internal regulation).
- if the request is received from a third country, partner companies eventually established in the country of origin of the said request.
TRANSFER OF PERSONAL DATA IN THIRD COUNTRIES
Except as indicated in relation to requests from third countries, the data processed for the purposes indicated above will not be transferred -as a rule- from the European Economic Area.
In the event that this becomes necessary (also on the basis of any IT tools used) the Data Controller guarantees that the transfer will take place in compliance with the conditions set out in Chapter V of the GDPR and in particular:
- Article 45: Transfer on the basis of an adequacy decision;
- Art. 46: Transfer subject to adequate guarantees;
- Art. 47: Binding company rules.
DATA STORAGE CRITERIA
Personal data is processed for the time necessary to achieve the purposes for which it was collected or for any other related legitimate purpose. Therefore, if the personal data are processed for different purposes, these data will be kept until the purpose expires with the longer term; however, they will no longer be processed for those purposes whose retention period has ceased.
Personal data that are no longer necessary, or for which there is no longer a legal prerequisite for their storage, are irreversibly anonymized (or permanently deleted).
In particular, the personal data provided for the Primary Purposes will be kept for a period identified according to strictly necessary criteria due to the different purposes pursued and, in any case, in compliance with the current legislation on the protection of personal data, of keeping accounting records and of the commercial documentation (in compliance with the provisions of art. 2220 of the Civil Code) and according to logics of protection of the rights of the Data Controller (statute of limitations as per the Civil Code).
With regards to the treatments carried out for Marketing Purposes, it is possible to oppose the receipt of further communications at any time.
In the event that some information is subject to dispute and / or is necessary for the exercise of a right in court, it may also be kept beyond the limits indicated above, until the dispute is settled.
RIGHTS OF THE INTERESTED PARTY
The Owner informs that the interested party has the right to request:
- access to personal data and information (art. 15 of the GDPR);
- the correction or cancellation of the same (articles 16 and 17 of the GDPR);
- the limitation of the processing of personal data (art. 18 of the GDPR).
Then the interested party may:
- oppose the processing of personal data under the conditions and within the limits set forth in art. 21 of the GDPR;
- exercise the right to data portability (art. 20 of the GDPR).
With regard to processing operations based on consent, please note that the interested party has the right to revoke it at any time (without prejudice to the lawfulness of the processing based on the consent given before the revocation).
Lastly, the interested party, if he considers that the treatment concerning him violates the Regulations, has the right to lodge a complaint with a supervisory authority (Guarantor for the protection of personal data or any other competent authority) pursuant to articles 77 and following of the GDPR.