INFORMATION ON THE PROCESSING OF PERSONAL DATA

TAS S.p.A., as data controller, informs that in accordance with article 13 of EU Regulation n. 2016/679 (hereinafter “GDPR”) that the data provided by users (the “Users”) through the websites www.tasgroup.it, www.tasgroup.eu, www.tasgroup.es, www.tasgroup.fr, www.tasgroup.eu/de, www.tasgroup.ch, www.tasgroup.com.br, www.tasgroup.us.com (hereinafter the” Websites”), will be processed in the following ways and for the following purposes:

1 – Data Controller

The Data Controller is TAS S.p.A. (hereinafter “TAS” or the “Owner”), with registered office in Via Serviliano Lattuada 25, 20135 Milan – e-mail: privacy@tasgroup.eu.

2 – Types of data processed

The processing will concern single operations, or a set of operations, processing (for example, but not limited to: collection, recording, organization, storage, processing, communication, modification, selection, use) of the following personal data provided by the User during the use of the services provided by TAS through the Websites (the “Personal Data” or the “Data”):

  • identification and contact data, provided by the user during registration on the Websites or through requests for information sent to the Company, including but not limited to, first name, last name, e-mail address, address and mobile phone number;
  • data relating to the curriculum, sent to job@tasgroup.it;
  • browsing data: for simple access to the Website it is not necessary to provide any personal data; however, the computer systems and software used to operate the Website acquire, during normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information collected is not associated with identified individuals.

3 – Data processing objectives

Personal Data is processed:

A) without the express consent of the User, GDPR article 6 (a), for the following purposes:

  • to process a request for contact and/or registration on the Websites;
  • to evaluate an application for inclusion in the database for recruitment by TAS and for a possible future establishment of a working relationship with TAS;
  • to manage and maintain the Websites;
  • to process a request for a free trial of a TAS service/product;
  • to fulfill obligations under law, regulation, EU legislation or by an order of the Authorities;
  • to fulfill obligations related to the management of relations with Users;
  • to prevent or uncover fraudulent activity or abuse harmful to the Websites;
  • to exercise the rights of the Owner, such as to exercise a right in court.

B) with the express consent of the User (GDPR article 7), for the following purposes:

  • to send by e-mail informative communications, including the newsletter, referring to TAS products and/or services, including free trials already requested by Users;
  • to send by e-mail invitations to update the data contained in the curriculum vitae sent by the User to job@tasgroup.it.

4 – Processing methods

The processing of personal data is carried out through the operations indicated in GDPR article 4 (2) and specifically: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of Data.

Personal Data, both paper and electronic and/or automated, is processed through the use of websites hosted by TAS France E.U.R.L. and managed by the Data Controller.

The Data Controller will process the Personal Data for the time necessary to fulfill the above purposes, and guarantees the following maximum retention times:

  • for the purposes under article 3 (a): after the use of the service for which it is collected, the Data may be stored and maintained for a maximum period of 10 years;
  • for the purposes under article 3 (a): 3 years from consent, with subsequent updating of the Data and renewal of the consent given.

5 – Security

The Data Controller has adopted a variety of security measures to protect the Data against the risk of loss, misuse or alteration, consistent with the measures expressed in GDPR article 32.

6 – Access and communication

The Data may be made accessible for the purposes referred to in GDPR article 2 above:

  • to employees, partners, and associates of the Owner, in their capacity as agents and/or internal data processors and/or system administrators;
  • third-party companies or other parties (for example, Website providers, Cloud providers, hardware and software support technicians, etc.) who carry out outsourcing activities on behalf of the Data Controller, in their capacity as data processors.

Without the express consent of the User (ex article 6 (b) GDPR), the Data Controller may communicate the Data for the purposes referred to in article 2 A) to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom disclosure is mandatory by law for the fulfilment of the aforementioned purposes.

Without the express consent of the User, the Data may not be transferred to third parties for their use for their own purposes, and therefore outside the access referred to in article 6 above. The Data will not be disseminated in any case.

7 – Data transfer

TAS is a company that operates at a global level.

The management and storage of data will take place in Europe, on the Owner’s servers located in France and/or third party companies appointed and duly appointed as Data Processors.

The Data Controller may also provide its services in other countries, in which case the transfer of Data to these countries is strictly limited to the actual need to be aware of the Data. TAS will take the necessary measures to protect the personal data of Users and candidates, and prevent unauthorized access. All information of Users and Candidates will be accessible and processed exclusively by the employees of TAS involved in the purposes referred to in article 3 above, in any country, as well as by authorized third parties as companies that provide ratings to assist the Owner in the scope of the aforementioned purposes.

In cases where the Data is transferred to the systems used by TAS also outside the European Union, TAS guarantees the application of the standard contractual clauses of the European Commission to ensure a secure international transfer of personal data, in accordance with GDPR articles 44, 45 and 46.

8 – Provision of data and consequences of refusal

The provision of data for the purposes referred to in article 2 (a) is mandatory. In its absence, the User cannot be guaranteed the reply to contact requests, access to free TAS product trials, evaluation of the candidate’s profile and selection of the same.

The possible sending with the curriculum vitae of particular data (concerning, in particular, racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, as well as personal data revealing the state of health or sex life) involves immediate deletion of the data itself in the absence of consent by the User to its processing by TAS. The declaration of consent may be contained at the bottom of the curriculum vitae or issued by selecting the appropriate field during the application made through the Website.

The provision of data for the purposes referred to in article 2 (b) is optional. The User may decide not to provide any Data or to subsequently deny the possibility to process the Data provided: in such case, the User may not receive newsletters or other communications from the Owner.

9 – Rights of the parties involved

In their capacity as interested parties, Users have the right under GDPR article 15 to:

  • obtain confirmation of the existence or otherwise of Personal Data concerning the User, even if not yet recorded, and its communication in an intelligible form;
  • obtain indication of: a) the origin of the Personal Data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic instruments; d) the identification details of the data controller, the data processors and the representative designated in accordance with article 5 (2) of the Privacy Policy and article 3 (1) GDPR; e) of the subjects or categories of subjects to whom the Personal Data may be communicated or who may learn about it as representative appointed in the territory of the State, of managers or agents;
  • obtain: a) updating, rectification or, when the User has an interest, integration of the Data; b) deletion, transformation into anonymous form or blocking of Data processed in violation of the law, including data that does not need to be kept in relation to the purposes for which the Data was collected or c) certification that the operations referred to in letters (a) and (b) have been notified, also as regards their content, to those to whom the Data has been communicated or disseminated, except in the case in which this fulfilment is revealed impossible or involves the use of means manifestly disproportionate to the protected right;
  • oppose, in whole or in part: a) for reasons legitimate to the processing of Personal Data concerning the User, even if pertinent to the purpose of the collection; b) to the processing of Personal Data concerning the User for the purpose of sending material advertising or direct selling or for carrying out market research or commercial communication through the use of automated systems without the intervention of an operator via e-mail and/ or through traditional marketing methods by telephone and/or paper mail. Please note that the right of opposition of the person concerned, as set out in point (b) above, for direct marketing purposes by automated means extends to traditional ones and that in any case remains without prejudice to the possibility for the data subject to exercise his/her right of opposition even in part. Therefore, the data subject may decide to receive only communications by traditional means or only automated communications or neither of the two types of communication. Where applicable, Users are also granted the rights under articles 16-21 of the GDPR (Right of rectification, right to be forgotten, right to limit processing, right to portability of Data, right of opposition), as well as the right to make a claim to the Guarantor Authority.

10 – Exercise of rights

The User may exercise his/her rights at any time by sending:

  • an e-mail to privacy@tasgroup.eu;
  • a registered letter to TAS S.p.A., Via Serviliano Lattuada 25, 20135 Milan, Italy.

11 – Cookies

Information regarding the management of cookies on the Website is provided in the section COOKIE POLICY reported here.

12 – Data Protection Officer  

Users may contact the Data Protection Officer (“DPO”) for all matters relating to the processing of their personal data and the exercise of their rights under the Regulation.

You can contact the DPO at the following e-address: tas_dpo.it@tasgroup.eu

The updated list of data processors is kept at the headquarters of the Data Controller.

13 – Amendments to this Privacy policy

This privacy statement may be subject to change. It is therefore recommended that you check this policy regularly and refer to the most current version.

***

INTELLECTUAL PROPERTY AND PROTECTION OF THE TRADEMARK

The pages of this Website are protected by copyright, marked with the symbol © in accordance with Law 633/1941; therefore, the contents of the Website is protected against duplications and translations. In addition, the trademark is protected under article 2571 of the Italian Civil Code.

Talk with Lia
Type your message here...