CUSTOMER PRIVACY information

―

Privacy Notice pursuant to Articles 12 and 13 of the European Regulation 2016/679 (GDPR)

This privacy notice is provided in accordance with Articles 12 and 13 of the European Regulation 2016/679 for the benefit of data subjects who are either engaging in pre-contractual communications or entering into contracts for the supply of goods with the Data Controller.

The Data Controller is Teclumen Srl, with registered office at Via Castel Goffredo, 35/1 – 46040 Casaloldo (MN) – Italy.
Contact details: +39 0376 778670 – Email: info@teclumen.it

The Data Controller has appointed a Data Protection Officer (DPO), identified as Dr. A.R., who can be contacted at: dpo@teclumen.it or by writing to the Data Controller, attention: DPO.

Categories of data subjects: customers and potential customers

Categories of personal data processed:

Teclumen Srl will process your basic identification and contact details, such as name and surname, home and mailing address, email/PEC address, phone/mobile number, as well as accounting/tax, postal, and banking data, in accordance with the purposes and methods outlined below.

The personal data mentioned above are only those provided by you during negotiations and/or the possible signing of a contract for the supply of goods or services.

Your personal data will be processed for the following specific purposes:

a) performance and execution of a contract for the supply of goods/services;
b) responding to your requests prior to entering into a contract;
c) compliance with tax, administrative, technical, and/or accounting obligations;
d) customer management (client administration, contracts, orders, shipments and invoicing, credit reliability checks, credit transfer, information requests);
e) internal control services (security, productivity, service quality);
f) commercial communications related to products already purchased (soft-spam);
g) management of disputes (contractual breaches, formal warnings, settlements, credit recovery, arbitration, litigation and legal proceedings);
h) enabling the exercise of your data protection rights;
i) sending newsletters containing updates on our products, events, and commercial communications.

The legal basis for processing your personal data for the purposes listed from a) to h) is Article 6(1)(b) and 6(1)(c) of the GDPR. For purpose i) (sending newsletters), your consent is required, which you may withdraw at any time via the “unsubscribe” button at the bottom of our newsletters or by written notice to the Data Controller.

Nature of data provision:
The provision of your personal data is always optional. However, for purposes from a) to f), it is necessary for the establishment and execution of the contract and related obligations. Failure to provide such data will make it impossible for us to deliver our services.
Subscription to our newsletter is entirely optional.

Data processing methods:

Your personal data will be processed on paper, electronically, and via telematic tools, using technical and organizational measures that ensure an appropriate level of security, by specifically authorized personnel who will operate in compliance with legal obligations and ensure confidentiality, data security, accuracy, updating, and relevance for the stated purposes.

We also inform you that the Data Controller does not use automated decision-making processes or perform profiling activities.

Data recipients:
Without prejudice to any legal obligations, your personal data may be accessed, in addition to the Data Controller and authorized personnel, by:

• service providers necessary for proper contract execution and company operations (e.g., couriers, IT maintenance, freelance professionals);
• professionals responsible for managing, marketing, and supporting the sale of our products (e.g., our sales agents who may contact you if you show interest in our products);
• public authorities for any reason related to the protection of the rights and freedoms of individuals.

These recipients act either as independent data controllers or as data processors. Personal data will not be sold or disclosed to third parties.

Data transfers outside the EU:

The Data Controller informs you that your personal data will be processed within the European Union.

Data retention periods:
In accordance with the principles of necessity and proportionality, the Data Controller has identified different retention periods depending on the purpose of processing:

a) performance and execution of the contract: 10 years;
b) handling pre-contractual requests: 6 months;
c) compliance with tax, administrative, technical, and accounting obligations: 10 years;
d) customer management: 10 years;
e) internal control services: until the end of the contract, including warranty periods;
f) soft-spam communications: 30 days from the end of the contract;
g) dispute management: until the statute of limitations expires;
h) exercising your data protection rights: 2 years from closure of the request.

Once the retention period has elapsed, your data will be deleted from all databases, applications, and archives, both electronic and paper-based.

Data Subject Rights:
You may exercise the rights granted under Articles 15 to 22 of the GDPR, including:

• Right of access: to know whether your data are being processed and obtain relevant information;
• Right to rectification: to correct inaccurate data and complete incomplete ones;
• Right to erasure: to have your data deleted when no longer needed, consent is withdrawn, data have been processed unlawfully, or to comply with a legal obligation;
• Right to object: to processing based on the legitimate interest of Teclumen Srl;
• Right to restriction of processing: in cases where the accuracy of the data is contested, processing is unlawful, or data are needed for legal defense;
• Right to data portability: where applicable, to receive your data in a structured, commonly used, machine-readable format and transmit them to another controller (when processing is based on consent or contract and carried out by automated means);
• Right to lodge a complaint with a Supervisory Authority, if you believe your rights under the GDPR have been violated.

How to exercise your rights:
You may send your requests to:

• Email: privacy@teclumen.it
• Mail: Teclumen Srl – Privacy Office – Via Castel Goffredo, 35/1 – 46040 Casaloldo (MN), Italy

The Data Controller will acknowledge receipt of your request and provide you with information on the action taken within one (1) month of receiving your request.