Privacy policy

T.M. PLANTS S.r.l. with registered office in Via Umberto Mariotti n°190 51100 Pistoia (PT), as Data Controller, protects your personal data, given by you during the navigation and use of this site ensuring their confidentiality and guaranteeing the respect of the regulations in force as well as the necessary level of protection, from any event that may put them at risk of violation.

As required by Article 13 of the General Data Protection Regulation of the European Union (GDPR), T.M. Plants S.r.l. Informs you that your personal data, collected through this website, are subject to processing through computer and/or telematic tools, for the purposes indicated below in this statement.

1. TYPE OF PERSONAL DATA SUBJECT TO PROCESSING

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

Consequently, the following personal data, by way of example, may be processed:

– browsing data: this category of data includes IP addresses or domain names of the computers and terminals used by users, addresses in URI/URL (Uniform Resource Identifier/Locator) notation, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. These data, necessary for the use of web services, are also processed for the purpose of:

– obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or daily, geographical areas of origin, etc.);

– check the proper functioning of the services offered.

– data communicated by the user: such as, for example, personal data provided by you through the “contact us” form;

The optional sending of such requests through the completion and submission of the forms on this site, involves the acquisition of your personal data for the details of which please refer to the dedicated information available at the following link:

– CONTACT US PRIVACY POLICY at this link;

– cookies and other tracking systems: for details of the cookies used by this site please refer to the extended COOKIE POLICY available at the following link Cookie Policy .

2. PURPOSE AND LEGAL BASIS FOR PROCESSING

Your personal data will be processed for the following purposes:

(a) to enable the enjoyment and use of this website, as well as to carry out the maintenance and technical assistance necessary for its proper functioning;

b) to allow the Data Controller to respond to requests made by you through this website.

The legal basis underlying the processing referred to in (a) of this point is:

– Art. 6(1)(f) GDPR: “processing is necessary for the pursuit of the legitimate interest of the data controller.”

For the legal bases underlying the processing referred to in lett. b) of this point, please refer to what is contained in the information notices dedicated to each processing that can be found at the links above.

3. METHODS OF PROCESSING

The personal data subject to processing are collected directly by the Data Controller or by third parties expressly authorized by the latter, or communicated by the Data Controller to such third parties for the pursuit of the purposes set forth in point no. 2.

The processing of personal data will be carried out mainly with the aid of computer tools by persons internal and external to the structure of the Data Controller duly authorized and instructed for this purpose in the manner and with the means appropriate to ensure the security and confidentiality of such data, in accordance with the provisions of the GDPR.

The Data Controller carries out periodic checks, so that no personal data are processed, collected, stored or retained that are not necessary in relation to the processing and related purposes as indicated in point no. 2 of this policy.

In carrying out the aforementioned activities, T.M. Plants S.r.l. undertakes to:

            a) ensure the accuracy and updating of personal data processed, and promptly receive any corrections and/or additions requested by you;

            b) notify you, within the timeframe and in the cases provided for by the regulations in force, of any violations of personal data;

            c) ensure the compliance of processing operations with applicable legal provisions.

4. RECIPIENTS OF PERSONAL DATA

The personal data processed for the purposes referred to in point No. 2 of this statement may be communicated:

– to internal subjects of the structure of the Data Controller duly authorized for the parts of processing under their respective competence;

– to external parties acting as Data Processors on behalf of T.M. Plants S.r.l. such as:

– information and computer support companies;

– companies, or professional firms that offer professional and/or consulting services regarding accounting, legal, tax, administrative, financial, and credit recovery issues;

– providers of IT infrastructure and solutions;

– web service providers;

– banks and payment service providers, acting as Processors, to whom your personal data may be disclosed for the purpose of processing your payments;

– consultants, to the extent necessary for the performance of their professional duties.

The communication concerns the categories of personal data whose transmission to the above-mentioned third parties is necessary for the performance of the activities and for the purposes referred to in this policy.

The updated list of Data Processors and Persons Authorized to Process is kept at the Data Controller’s office and is available upon request to be made by e-mail to info@tmplants19.com .

For the processing of communication of personal data concerning you, described in this paragraph, your consent is not necessary as the same is done for the performance of obligations arising from your request(s).

Your personal data may be disclosed to public bodies, organs and authorities acting as autonomous Data Controllers, in accordance with applicable laws or to comply with binding provisions.

Under no circumstances will your personal data be disclosed to other categories of third parties (other than those mentioned above) and will not be subject to dissemination operations.

5. EXTRA EU/SEAS TRANSFER

The Data Controller does not make any transfer of your personal data abroad (to be understood as abroad all countries not belonging to the European Economic Area).

The management and storage of your personal data will take place on servers of the Data Controller and/or third party companies duly appointed as Data Processors, located within the European Union.

6. RETENTION PERIOD/DATA RETENTION

Personal data relating to you will be processed by the Data Controller for as long as necessary to achieve the purposes for which it was collected as set out in point no. 2 of this Policy.

In relation to the purpose referred to in point no. 2 letter a), Your browsing data will not be retained on the Data Controller’s systems for more than seven (7) days (except for any need to ascertain crimes by the Judicial Authority).

For details about the terms of retention of personal data concerning you referred to in point No. 2 letter b), please refer to what is contained in the information notices dedicated to each treatment available at the links above.

When the above-mentioned terms are reached, the Data Controller will delete the data concerning you.

Longer retention periods may be applied in the presence of specific legal obligations or in the event that the Data Controller receives requests from Public Authorities or for further needs to protect the rights of the Data Controller itself or of the Data Subject.

Pursuant to EU Reg. 2016/679 You have the right to:

– obtain confirmation of the processing carried out by the Data Controller on personal data concerning you;

– to access the personal data concerning you and to know its origin (when the data is not obtained directly from you), the purposes of the processing, the data of the persons to whom it is communicated (recipients), the period of storage of the data or, failing that, the criteria useful to determine it;

– obtain the rectification of personal data concerning you;

– obtain the deletion of personal data concerning You from the databases of the Data Controller in the event that they are no longer necessary for the purposes for which they were collected or if the processing is unlawful and in the other cases referred to in Article 17 GDPR;

– limit the processing of personal data concerning you, for example, where its accuracy is disputed, for the period necessary for the Data Controller to verify its accuracy, and in all other cases referred to in Article 18 GDPR;

– obtain the personal data concerning you in electronic format, also in order to be able to communicate them to another Data Controller (portability).

You may assert your rights by contacting the Data Controller by written communication at info@tmplants19.com.

The Data Controller will do so without delay and, at the latest, within one month of receipt of the request. The deadline may be extended by two months, and in this case the Data Controller will, again within thirty days, inform you about the reasons that make the extension necessary.

8. COMPLAINTS

You have the right to file a complaint with the Data Protection Authority.

In the event that you reside in a different EU member state or the violation of the legislation protecting personal data occurs in another EU country than the one where the Data Controller is located, you must lodge a complaint with the Authority responsible for monitoring compliance with the legislation on the protection of personal data in that country.

The lodging of the complaint is without prejudice to the possibility of bringing any other legal action.

9. CHANGES TO THIS POLICY

The Data Controller reserves the right to make changes to this Privacy Policy at any time by giving notice to users on this site. Therefore, please consult this page often, taking as reference the date of last modification indicated at the end of the document. In the event that you do not accept the changes made to this Privacy Policy, you may request the Data Controller to delete the personal data concerning you. Unless otherwise specified, the previous Privacy Policy will continue to apply to personal data collected up to that point.