• Tecnau background graphic

    Privacy Policy / GDPR

Stack_5x50_3D_001_Web-1600x950_crop

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally identifiable information’ (PII) is being used online. PII, as used in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

Tecnau.com General Internet Privacy Policy

Tecnau collects personally identifiable information from its site visitors only on a voluntary basis. Personally identifiable information is information that can be associated with a specific individual or entity, including, for example, a customer’s name, or telephone number, e-mail address, personal preferences, and information about on-line activities that are directly linked to him or her. When you want access to certain restricted site areas or place an order with us, Tecnau requires you to supply personally identifiable information.

Tecnau shall maintain the confidentiality/privacy of this information disclosed by you in these circumstances, disclosing the same only to its employees who need to know such information for purposes of enabling Tecnau to perform the orders or for purposes as to inform you of product upgrades, special offers, and other products and services from Tecnau, or to any authority if required so by law. Personally identifiable information will not obtain access to any part of the public areas of our sites and will not be sold to other organisations. Tecnau takes reasonable steps that this policy is followed within our company to protect your personally identifiable information with secure servers, from simple name registration to encrypted financial data used in e-commerce transactions.

Any other material, information, and ideas (Transmissions) which you transmit to this site shall be considered non-confidential and non-proprietary. Besides, any personally identifiable information that is disclosed by you through for example chat rooms, forums, message boards and/or newsgroups made available to you by Tecnau, becomes public information. Tecnau shall have no obligations of any kind with respect to the Transmissions or personally identifiable information that is disclosed in these areas. Tecnau will be free to disclose, copy, reproduce and distribute and otherwise use the Transmissions and the ideas, concepts, know-how, or techniques contained therein for any and all commercial or non-commercial purposes.

  • You may receive a “cookie” for recognition purposes so you do not have to register again, when you visit our site the next time. If you do not want to be recognised please turn to your Internet Browser to remove cookies from your computer hard drive, to hold all cookies, or to receive a warning before a cookie is saved.

  • If your personal identifiable information should not be used as a basis for further contact, please inform us. We will respect your request. Should your personal data be adjusted or removed from our database please inform us by e-mail.

  • To enable us to contact you in case we have questions, please give us your full name, e-mail address and phone number. Our server collects the domain names (not the e-mail addresses) of visitors to our site. This information is aggregated to measure number of visits, average time spent on Tecnau’s site, pages viewed, etc. Tecnau uses this information to measure the use of its site and to improve the content of its site.

  • The site may contain “links” to other non-Tecnau sites, which are not under the control of Tecnau. It is also possible that non-Tecnau-sites may also link into the Tecnau site. Tecnau shall not be responsible in any way for the content or the privacy practices employed of such other sites. Tecnau provides such “links” only as a convenience, and the inclusion of any “link” to any such sites does not imply endorsement by Tecnau of the content of such sites.

  • Tecnau may occasionally update this privacy statement due to the rapidly evolving nature of technologies Tecnau uses to communicate with you. Notice of any revisions will be posted to this privacy statement page. Should you have any comments or questions regarding Tecnau privacy practices on this Tecnau Web site, please inform us by e-mail.

Tecnau.com General Internet Privacy Policy

  • When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, phone number or other details to help you with your experience.

  • We collect information from you when you subscribe to a newsletter, fill out a form or enter information on our site.

  • We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

    • To personalize user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested.

    • To improve our website in order to better serve you.

    • To allow us to better service you in responding to your customer service requests.

    • To administer a contest, promotion, survey or other site feature.

    • To send periodic emails regarding your order or other products and services.

  • Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

    We use regular Malware Scanning.

    We do not use an SSL certificate

    • We do not need an SSL because: we do not ask for credit card numbers or very sensible user details and information

  • Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

    We use cookies to:

    • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third party services that track this information on our behalf.

    You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.

    If you disable cookies off, some features will be disabled It won’t affect the users experience that make your site experience more efficient and some of our services will not function properly.

  • We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.

    However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

  • Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

  • Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en

    We do not use Google AdSense Advertising on our website.

    Google, as a third party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on their visit to our site and other sites on the Internet. Users may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy.

    We have implemented the following:

    • Google Display Network Impression Reporting

    • Demographics and Interests Reporting

    We along with third-party vendors, such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions, and other ad service functions as they relate to our website.

    Opting out:
    Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising initiative opt out page or permanently using the Google Analytics Opt Out Browser add on.

     

  • CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

    According to CalOPPA we agree to the following:

    Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website. Our Privacy Policy link includes the word ‘Privacy’, and can be easily be found on the page specified above.

    Users will be notified of any privacy policy changes:

    • On our Privacy Policy Page

    Users are able to change their personal information:

    • By emailing us

    • By calling us

    How does our site handle do not track signals?

    We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

    Does our site allow third party behavioral tracking?

    It’s also important to note that we do not allow third party behavioral tracking

  • When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

    We do not specifically market to children under 13.

  • The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

    In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

    We will notify the users via email

    • Within 7 business days

    We will notify the users via in site notification

    • Within 1 business day

    We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

  • The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

    We collect your email address in order to:

    • Send information, respond to inquiries, and/or other requests or questions. 

    To be in accordance with CANSPAM we agree to the following:

    • NOT use false, or misleading subjects or email addresses

    • Identify the message as an advertisement in some reasonable way

    • Include the physical address of our business or site headquarters

    • Monitor third party email marketing services for compliance, if one is used.

    • Honor opt-out/unsubscribe requests quickly

    • Allow users to unsubscribe by using the link at the bottom of each email 

    If at any time you would like to unsubscribe from receiving future emails, you can email us at

    • Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.

  • If there are any questions regarding this privacy policy you may contact us using the information below.

    www.tecnau.com

    Via Torino, 603
    Ivrea, TO 10015
    Italy
    info@tecnau.com
    +39 (0)125 63 16 78

Tecnau.com General Internet Privacy Policy

Introduction

The EU General Data Protection Regulation (“GDPR”) comes into force across the European Union on 25th May 2018 and brings with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.

The 21st Century brings with it broader use of technology, new definitions of what constitutes personal data, and a vast increase in cross-border processing. The new Regulation aims to standardize data protection laws and processing across the EU; affording individuals stronger, more consistent rights to access and control their personal information.

Our Commitment

Tecnau Srl is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of GDPR.

Tecnau Srl is dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding and appreciation for the new Regulation. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum and ongoing compliance.

How We are Preparing for the GDPR

Tecnau Srl already have a consistent level of data protection and security across our organization, however it is our aim to be fully compliant with the GDPR by 25th May 2018.

Our preparation includes:

  • Information Audit – carrying out a company-wide information audit to identify and assess what personal information we hold, where it comes from, how and why it is processed and if and to whom it is disclosed.

  • Policies & Procedures – revising data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including:

    • Data Protection – our main policy and procedure document for data protection has been overhauled to meet the standards and requirements of the GDPR. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities; with a dedicated focus on privacy by design and the rights of individuals.

    • Data Retention & Erasure – we have updated our retention policy and schedule to ensure that we meet the ‘data minimization’ and ‘storage limitation’ principles and that personal information is stored, archived and destroyed compliantly and ethically. We have dedicated erasure procedures in place to meet the new ‘Right to Erasure’ obligation and are aware of when this and other data subject’s rights apply; along with any exemptions, response timeframes and notification responsibilities.

    • Data Breaches – our breach procedures ensure that we have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possible time. Our procedures are robust and have been disseminated to all employees, making them aware of the reporting lines and steps to follow.

    • International Data Transfers & Third-Party Disclosures – where Tecnau Srl stores or transfers personal information outside the EU, we have robust procedures and safeguarding measures in place to secure, encrypt and maintain the integrity of the data. Our procedures include a continual review of the countries with sufficient adequacy decisions, as well as provisions for binding corporate rules; standard data protection clauses or approved codes of conduct for those countries without. We carry out strict due diligence checks with all recipients of personal data to assess and verify that they have appropriate safeguards in place to protect the information, ensure enforceable data subject rights and have effective legal remedies for data subjects where applicable.

    • Subject Access Request (SAR) – we have revised our SAR procedures to accommodate the revised 30-day timeframe for providing the requested information and for making this provision free of charge. Our new procedures detail how to verify the data subject, what steps to take for processing an access request, what exemptions apply and a suite of response templates to ensure that communications with data subjects are compliant, consistent and adequate.

  • Legal Basis for Processing – we are reviewing all processing activities to identify the legal basis for processing and ensuring that each basis is appropriate for the activity it relates to. Where applicable, we also maintain records of our processing activities, ensuring that our obligations under Article 30 of the GDPR and Schedule 1 of the Data Protection Bill are met.

  • Privacy Notice/Policy – we have revised our Privacy Notice(s) to comply with the GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, who the information is disclosed to and what safeguarding measures are in place to protect their information.

  • Obtaining Consent – we have revised our consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information. We have developed stringent processes for recording consent, making sure that we can evidence an affirmative opt-in, along with time and date records; and an easy to see and access way to withdraw consent at any time.

  • Direct Marketing – we have revised the wording and processes for direct marketing, including clear opt-in mechanisms for marketing subscriptions; a clear notice and method for opting out and providing unsubscribe features on all subsequent marketing materials.

  • Processor Agreements – where we use any third-party to process personal information on our behalf (e. Payroll, Recruitment, Hosting etc), we have drafted compliant Processor Agreements and due diligence procedures for ensuring that they (as well as we), meet and understand their/our GDPR obligations. These measures include initial and ongoing reviews of the service provided, the necessity of the processing activity, the technical and organizational measures in place and compliance with the GDPR.

Data Subject Rights

In addition to the policies and procedures mentioned above that ensure individuals can enforce their data protection rights, we provide easy to access information via email of an individual’s right to access any personal information that Tecnau Srl processes about them and to request information about:

  • What personal data we hold about them

  • The purposes of the processing

  • The categories of personal data concerned

  • The recipients to whom the personal data has/will be disclosed

  • How long we intend to store your personal data for

  • If we did not collect the data directly from them, information about the source

  • The right to have incomplete or inaccurate data about them corrected or completed and the process for requesting this

  • The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use

  • The right to lodge a complaint or seek judicial remedy and who to contact in such instances


Information Security & Technical and Organizational Measures

Tecnau SRL takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. We have robust information security policies and procedures in place to protect personal information from unauthorized access, alteration, disclosure or destruction and have several layers of security measures.

If you have any questions about our preparation for the GDPR, please contact webmaster@tecnau.com.

Tecnau logo frame

icon-quotes-gray

We no longer have the ‘have-the-job-but-can’t-get-it-done-in-time’ issue. Lead times are 30–50% less.


Brett Keene, CEO, Suttle-Straus

Read the Case Study