Privacy policy

Tinext SA, as Data Controller (hereinafter "Data Controller"), considers privacy and the protection of personal data as an important topic of its activity. For this reason, it processes personal data in accordance with the Federal Data Protection Act (LPD,25 September 2020) and according to the EU Regulation 679/2016 or GDPR, General Data Protection Regulation, (hereinafter "Regulation"). We invite you, therefore, before communicating any personal data to the Data Controller, to read carefully this Privacy Policy. It contains very useful information on the protection of your personal data.



This Privacy Policy:

  • is intended for the website www.tinext.com (hereinafter "Website") and applies in all cases in which reference is made or there is a link to this statement;
  • is an integral part of the Website and the services we offer;
  • is made to those who interact with the web services of the Website, according to Section 13 of the Regulation and Section 19 LPD. 

The processing of your personal data will be based on principles of good faith and proportionality, correctness, lawfulness, transparency, limitation of purpose and preservation, minimization and accuracy, integrity and confidentiality, as well as the principle of accountability. Your personal data will therefore be processed in accordance with the laws and confidentiality obligations in force.

We inform you that the personal data processed may be established - also depending on your decisions on how to use the services - from textual information, images or any other information suitable to make the individual identified or identifiable, depending on the type of services requested.

1. DATA CONTROLLER
The data controller is Tinext SA, with registered office at the Viale Serfontana 7, 6834 Morbio Inferiore.

2. PERSONAL DATA OBJECT OF TREATMENT
To allow you to use the Website and its services, the Data Controller needs to know and process some of your personal data.
By personal data we mean information about an identified or identifiable natural person, such as, for example, name, contact references, IP addresses.
On the other hand, for simply browsing the Website, the types of data processed, and its specific "cookie" policy are specified below.
We inform you that the personal data processed may consist - also depending on your decisions on how to use the services - by an identifier such as your name, an identification number, one or more characteristics of your identity suitable to make the interested party identified or identifiable, depending on the type of services requested (hereinafter only "personal data").
The personal data processed through the Website are as follows:
a. Browsing data
During their normal operation, the computer systems and software procedures used to operate the Website acquire some personal data, the transmission of which is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects and the Data Controller will not attempt in any way to relate the data contained in the protocols of its servers with the people who visited the Website. However, such data, through processing and merging with data held by third parties, could make it possible to identify users. As an example, this category of data includes IP addresses or domain names of the computers used by users connecting to the Website, Uniform Resource Identifier (URI) sequences of the requested resources, the time of request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters related to the user's operating system.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Website, to check its correct functioning, identify anomalies and/or abuses, as well as to better structure the Website itself. The data could be used to establish responsibility in case of hypothetical computer crimes against the Website or third parties.
b. Data voluntarily provided by the user
Unless referred to in specific notices, this Privacy Policy shall also be deemed to apply to the processing of data voluntarily provided by you through the Website. In particular, You may provide data either by filling in the form (hereinafter Form) to subscribe to the newsletter and/or request information for services and products, or by sending e-mails. In this regard, we invite you not to enter in the Forms contained within the Website or send us by e-mail information that may fall under the special categories of personal data referred to in Article 9 GDPR (for example, data referring to your political opinions, religious beliefs or your state of health) and personal data worthy of special protection, pursuant to Article 5, para.1 lett.c, LPD.
c. Third party data voluntarily provided by you
When using particular services, the processing of third parties' personal data, communicated by you to the Data Controller, may occur.. With respect to these assumptions, you are the independent data controller, assuming all the legal obligations and responsibilities. In this sense, you grant on this point the widest indemnity with respect to any dispute, claim, request for compensation for damage from processing, which should be received by the Data Controller from third parties, whose personal data have been processed through your use of Website services in violation of the applicable data protection regulations. In any case, if you provide or otherwise treat personal data of third parties in the use of the Website, you warrant as of now - assuming all related liability - that this particular hypothesis of treatment is based on the prior acquisition - on your part - of the consent of the third party to the processing of information concerning him.
d. Cookie
The information on cookies are available at the following link.

3. PURPOSE OF THE PROCESSING
The personal data collected by the Data Controller are exclusively those provided when browsing the Website and/or when filling in forms or submitting any requests for information. 
Therefore, personal data will be processed to:
A) Allow you to use the Website;
B) Fulfill requests that may be received through the contact form, including allowing us to contact you at the e-mail address you voluntarily provide;
C) To send the requested newsletter by filling out the appropriate form, subject to the possibility of unsubscribing from the list of recipients by selecting the appropriate link in each message;
D) to fulfill any obligations under applicable laws, regulations or EU legislation, as well as to comply with requests from the authorities.
E) for statistical purposes, with no possibility of tracing your identity.
The processing of your data may be carried out using manual, electronic and telematic tools, including through automated methods designed to store, manage and transmit them; it will be carried out by means suitable, as far as reasonably possible and in accordance with the state of the art, to guarantee security and confidentiality through the use of suitable procedures that avoid the risk of loss, unauthorized access, illicit use and dissemination.
Data are stored in computer, telematic, and - residually - paper archives, with full assurance of the security measures provided by the legislator.
Specific security measures are observed to prevent data loss, illicit or incorrect use, and unauthorized access.

4. LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF PROCESSING
In view of the choice to take advantage of the services provided by the Website, the legal basis on which the processing of personal data is based may be:
A) express consent, by accepting the Cookie Policy and continuing to browse the Website;
B and C) the legitimate interest in processing personal data to provide the best service, respond to requests received, and send newsletters; 
D) the need to fulfill a legal obligation or respond to an authority;
E) this processing is not performed on personal data; therefore, it can be freely carried out by the Controller. 

5. RECIPIENTS OF PERSONAL DATA
Tinext does not sell, transfer, or otherwise transmit your personal data to third parties.
Personal data may be shared, for the purposes set out in section 3 of this Privacy Policy, with:
5.1. parties that typically act as data processor, namely: i) persons, companies or professional firms that provide assistance and advice to the Data Controller in accounting, administrative, legal, tax and financial matters; ii) parties delegated to carry out technical maintenance activities; iii) credit institutions, insurance companies and brokers; iv) parent, subsidiary and associated companies of the Data Controller, limited to the pursuit of administrative-accounting purposes and/or related to the performance of activities of an organizational, commercial, administrative, financial and accounting nature;
5.2. subjects, bodies or authorities to whom it is mandatory to communicate your personal data according to applicable law or orders of the authorities;
5.3. persons authorized by the Data Controller to process the Data who act under the authority of the Data Controller or the Data Processor in accordance with the law.
Any communication of personal data will take place in full compliance with the legal provisions provided for by the GDPR and the FADP, and with the technical and organizational measures arranged by the Data Controller to ensure an adequate level of security.

6. TRANSFERS OF PERSONAL DATA
Your personal data are processed in the country where the Data Controller is based, as well as in Italy. For the sake of clarity, please note that Switzerland is a country where Personal Data may also be processed and transferred under the GDPR, as it provides adequate protection to the standard required by European regulations, pursuant to section 45 GDPR (EU) 2016/679. 
In case of transfer of personal data to other countries belonging to the European Union, in compliance with Article 16 et seq. FADP and Article 8 et seq. OFADP, the country of destination will be part of the countries listed in Annex 1 OFADP, i.e. countries which the Federal Council considers to have legislation that guarantees adequate data protection. 
In the absence of the aforementioned adequate guarantees, transfers will be permitted only in compliance with the provisions of Art. 17 FADP and Art. 8 et seq. OFADP. Specific notice of such transfers will be given to the data subject.

7. STORAGE OF PERSONAL DATA
Unless specified otherwise, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.

8. RIGHTS OF DATA SUBJECTS
The data subject is granted the following rights: 
1) the right of access, i.e., to obtain confirmation from the Data Controller that personal data is or is not being processed, as well as to obtain information regarding the purposes and methods of processing, the recipients of the data, the criteria used to determine the period of data retention, the origin of the data (if not collected from the data subject), and the existence of an automated decision-making process; the Data Controller shall provide a copy of the personal data being processed;
2) the right to obtain rectification and integration of incomplete personal data, including by providing a supplementary statement;
3) the right to the deletion of data; this right may be limited if the processing is necessary for the establishment, exercise, or defense of a right in judicial proceedings;
4) the right to obtain from the Data Controller the limitation of the processing;5) the right to revoke consent, without affecting the lawfulness of the processing based on the consent given before its revocation;
6) the right to object, for legitimate reasons, to the processing of one's personal data, including in the case of processing for direct marketing purposes;
7) the right to data portability;
8) the right to object to automated decision-making regarding natural persons, including profiling;
9) the right to lodge a complaint with a supervisory authority.
The data subject may also initiate actions concerning the protection of personality by requesting the prohibition of certain processing of personal data, the prohibition of the disclosure of personal data to third parties, and the deletion or destruction of data, as provided for in Article 32, para. 2, FADP.
These rights may be exercised by sending an e-mail to privacy@tinext.com.
The Data Controller will attempt to give the requested information within 30 days (or will communicate the time frame within which the information can be provided) and free of charge, unless a fee is charged if the provision of the information involves a disproportionate effort.

9. CONSENT OF MINORS IN RELATION TO INFORMATION SOCIETY SERVICES
In order to use the services provided through the Website, it is necessary to be older than sixteen years: consent to the processing of personal data of a minor under sixteen years is lawful provided that it is exercised by the person exercising parental responsibility.

10. EXISTENCE OF AN AUTOMATED DECISION-MAKING PROCESS
The Data Controller does not use automated decision-making processes, including profiling.

11. REPRESENTATIVE OF THE DATA CONTROLLER 
In order to make available an intermediary based in a State of the European Union for all matters concerning the processing, the Data Controller has appointed as representative established in the EU ex art. 27 GDPR
Tinext Italia S.r.l.
Gallarate, Via Borghi 8
which can be reached at the e-mail address privacy@tinext.com.

12. CHANGES
Tinext reserves the right to modify or simply update the content of this Privacy Policy, in part or completely, also due to changes in the applicable law. The Data Controller will inform you of such changes and they will be binding as soon as they are published on the Website. The Data Controller therefore invites you to regularly visit this section to become aware of the most recent and updated version of the Privacy Policy, in order to be always updated on the personal data collected and on the use made of it by the Data Controller.

13. CONTACTS
To exercise the above rights or for any other request you can send an e-mail to privacy@tinext.com.