Privacy Policy
Thélios SpA, with registered office in Z.I. Villanova 16, 32013 Longarone (BL), VAT No. 09858510960, email: info@thelios.com, in the capacity as Data Controller (hereinafter: “Controller”), pursuant to EU Regulation 2016/679 (hereinafter: 'Regulation’ or ‘GDPR’) - in carrying out its business considers privacy and the protection of Personal Data fundamental. We therefore invite you, before transmitting any Personal Data to the Controller, to carefully read this Policy, which contains important information on the processing of your Personal Data.
‘Personal Data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Nature of the data processed
We will process the personal data you provide to us in the event of a request for information and when interacting with the website.
The data processed are collected directly from you or through third parties such as public databases, and may include for example:
• personal data, tax identification data, physical addresses and telephone contact numbers (including mobile phone numbers), fax numbers, e-mail addresses, PEC (certified email) addresses and, in general, data required for the performance of pre-contractual and contractual obligations, such as bank account details and data relating to the payment crediting system;
• Data on your use of and navigation on our Website, such as your IP address and other identification data of your device, the operating system, the browser you are using and information about the pages of our Website that you visit, collected through cookies and other tracking systems.
We may collect information about how your device has interacted with us, including the pages visited and links clicked, how you move to and from our sites (how you view and use the content on the sites, links clicked and time spent on each page), your preferences, the products and/or services you view or search for, any download errors and response times;
Purpose of the processing
We may process your personal data (for example: first name, last name, company name, address, telephone and email contact details, VAT number) acquired by filling in the contact form on this website, to:
1. Manage communications with the data subject, and any requests from him/her and, if necessary, communicate the data subject's data to third parties for the sole purpose of fulfilling your request;
2. If the data subject is a client or potential client: pre-contractual and contract management, to plan and perform activities, and supply the requested products and services as well as any related after-sales services (e.g. warranty); the personal data provided in the event of a request for informative material (newsletters, requests for information, catalogues, etc.) will be used for the sole purpose of fulfilling such requests and will be communicated to third parties only if necessary for this purpose (shipping services).
3. Allow you to browse the website in order to find out more about the activities carried out and the services offered by the Controller.
4. Fulfil obligations set forth by law, a regulation, European legislation or an order from the Authority;
Based on the legitimate interest of the Controller, for the following purposes:
5. Prevent or detect fraudulent activity or abuse that is harmful for the Website;
6. Exercise the rights of the Controller, to handle any complaints and litigation and protect the Controller's rights, e.g. the exercise of a right in court;
7. If you have purchased our goods or services, your data may be processed for the purpose of direct mailing of advertising material related to our products or services similar to those purchased by you, without your consent (so-called "soft spam'). You have the right to object to such processing, either immediately or on the occasion of subsequent communications;
8. Measure the degree of satisfaction with the quality of the products and services provided.
Method of processing
Your personal data will be processed according to principles of correctness, lawfulness, transparency and protection of your privacy and rights. The data will be processed according to principles of relevance and non-excessiveness, using paper and electronic means, guaranteeing the confidentiality and integrity of the data.
The data will be processed by personnel authorised to process the data (duly identified and trained), and by data processors for the fulfilment of the purposes indicated.
Possible recipients/categories of recipients of personal data
Without the need for your express consent, your personal data may be communicated following inspections or audits (if requested of us), to all inspection bodies in charge of audits and controls of the regularity of legal compliance.
Your data may be communicated to companies/professional firms that provide assistance, consultancy or collaboration to the controller in accounting, administrative, fiscal, legal, tax and financial matters, to public administrations for the performance of institutional functions within the limits established by law or regulations, and to third party service providers to whom the communication is necessary for the performance of the services covered by the agreement.
Your personal data will not be disseminated.
Obligation to provide data
The provision of data is necessary to ensure that the Controller is able to correctly manage requests and legal obligations. Any refusal to communicate the data, or incorrect/incomplete communication of any of the mandatory information, may make it impossible for the Controller to guarantee the provision of the service or the supply of the product.
Transfer of data to third countries
We may transfer your personal data to recipients outside the European Economic Area (EEA), to third countries that do not guarantee the same level of protection of Personal Data as the EEA. Transfer to third countries will always take place in accordance with the requirements of the General Data Protection Regulation, by taking the measures necessary to ensure the security of the data being transferred, such as standard contractual clauses as drawn up by the European Commission.
Retention period of personal data
Your personal data will be processed and retained for as long as necessary for the performance of the requested activity, and also thereafter if required by legal obligations or to protect, assert or defend the rights of the Controller in court.
In general, we will delete your personal data in our possession once the purpose for which they were collected and used has been achieved (for example, data related to requests made by the user to our Customer Service); with reference to the judicial protection of our rights, we note that we adopt a data retention period in compliance with any restrictions imposed by local regulations.
Rights of the data subject
As a Data Subject you have the right:
• to request access, rectification, cancellation, restriction and opposition to data processing;
• to receive without hindrance your data, processed on the basis of your consent or on the basis of a contract entered into with the Controller, in a structured, machine-readable format, and transmit them to another controller;
• withdraw consent to the processing, without prejudice to the lawfulness of the processing based on the consent acquired before the withdrawal;
You may exercise your rights at any time by contacting the controller at the above reference addresses.
In accordance with current legislation, in addition to the above rights, you also have the right to lodge a complaint with the supervisory authority by accessing www.garanteprivacy.it.
The DPO (Data Protection Officer) can be contacted by email at dpo@thelios.com