Privacy policy

Disclosure in accordance with EU Regulation no. 679/2016.

The data controller is Thermokey S.p.A. – Via dell’Industria, 1 – 33061 Rivarotta di Rivignano Teor (UD), in the person of its pro tempore legal representative.

 

Purposes of the treatment: Thermokey S.p.A. will process your personal data (personal and fiscal) for the following purposes:

  • management of ordinary business relationship such as the definition, management and execution of contracts with us stipulated;
  • Compliance with legal obligations related to civil, accounting, fiscal (filling in of registry lists, keeping accounts of customers / suppliers, invoicing, management of the creditor) and fulfilment of all obligations under current regulations.

If you already are a customer, your personal data (name, company, email address) may be used by us for the management of communications, the reply to your possible requests, and to send informative and advertising material regarding alike services such as the ones of the existing commercial relationship (up to your possible consent withdrawal to the treatment for such uses).

Your personal data will be used only after your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR) to send you using automated communication tools (by mail, post and/or text message and/or telephone contacts) newsletters, commercial communications and/or advertising material on products or services offered by the Owner.

The interested party has the right to withdraw their consent to the processing of their personal data at any time.

 

Method of treatment

The data will be processed following lawfulness, righteousness, pertinence and non excess, using paper-based and electronic instruments, ensuring the confidentiality and integrity of the data.

The data may be seen by the operators in charge and by the external Data Controller’s collaborators in charge of carrying out activities that are necessary to the procurement of the requested services or services of a complementary nature (in compliance with the requirements of existing legislation on administrative, legal and tax matters).

 

Legal basis for the processing:The legal basis for the processing is based on the request to our company for the procurement of products and services.

 

Possible recipients / categories of recipients of personal data

Without a need for an express consent (art. 6 lett. b) and c) GDPR), your data may be disclosed as a result to inspections or checks (when required), to all supervisory bodies responsible for checks and inspections relating to the regularity of legal obligations.

Your data may also be disclosed to companies/professional firms that provide assistance, advice or collaboration to the Data Controller, in accounting, administrative, tax, legal, tax and financial matters, to public administrations for the carrying out of the institutional functions within the limits established by the law or by regulations and to third party service providers to whom the communication is necessary for the carrying out of the services subjected to the contract. Your personal data shall not be disseminated.

 

Obligations regarding the providing of data

In addition to what is specified for navigation data, the user is free to provide or not their personal data.

The providing of data necessary for the fulfilment of obligations under the existing contractual relationship is required for a proper management of the relationship and their communication is mandatory for the fulfilment of the above indicated purposes. Please note that any non-communication, or incorrect communication, of one of the mandatory data, may cause the Data Controller’s inability to guarantee the adequacy of the processing itself.

The providing of personal data for marketing purposes is optional.

 

Transfer of data to third countries

For the performance of certain processing of your Personal Data, we may communicate personal data to external parties located in countries that do not belong to the European Union (EU) or the European Economic Area (EEA) (hereinafter referred to as «Third Countries”).

The transfer to Third Countries will always take place in accordance with the provisions of the GDPR, through the adoption of measures necessary to guarantee the security of the data being transferred, including standard contractual clauses as drawn up by the European Commission.

 

Conservation period of personal data

Personal data will be kept for the period needed for the fulfilment of existing contractual obligations and other obligations dictated by the applicable regulations on the activity of the Data Controller, and in any case for no more than 10 years from the termination of the relationship for accounting and administrative purposes.

 

Rights of the interested party

Pursuant to articles 15-22 of the GDPR, the interested party has the right to know at any time which are their data stored at the Organization and how this data is used; he also has the right to have the data updated, corrected, completed or cancelled, request their blocking and object to their treatment.

The interested party may at any time exercise hisrights by sending:

  • a registered letter A.R. to Thermokey S.p.A. – Via dell’Industria, 1 – 33061 Rivarotta di Rivignano Teor (UD);

  • an e-mail to the address: mail@thermokey.com