Privacy Policy
Trevi Spa Privacy Policy
Your privacy and the security of your personal data are very important to us, which is why we collect and manage your personal data with the utmost care and take specific measures to keep them safe.
This Privacy Policy describes how Trevi Spa manages the personal information collected through the sites on www.trevi.it and www.emgmobility.it, which refer to this Privacy Policy (hereinafter referred to as "the Websites").
Data Controller
TREVI S.p.a.
Strada Consolare Rimini-San Marino 62
47924 Rimini (RN) Italy
Owner’s email address: privacy@trevi.it
Trevi has appointed a Data Protection Officer (DPO) based on Art. 37,38 and 39 of the GDPR whose contact references are:
Name and Surname of the Data Protection Officer (DPO):Marco Gentilini
Email address of the Data Protection Officer (DPO): dpo@marcogentilini.com
Types of Data collected and Purposes
The Personal Data collected by these Websites, directly provided by the User, either independently or through third parties, are:
1) Data collected through the SECTIONS: "CONTACT US" - "RESERVED AREA for REGISTERED Users" "TECHNICAL SUPPORT" and "ASSISTANCE" - the NEWSLETTER REGISTRATION FORM and through all the EMAIL BOXES indicated in the contact section:
Purposes and Legal Bases on the basis of which we process this data:
- To fulfill a contractual and / or pre-contractual obligation (e.g. offers, orders, after-sales assistance); - Legitimate Interest of the Owner; - The user has given consent for a specific sub-purpose; - Fulfill legal obligations (eg regarding administrative / accounting and tax provisions); - Defense in Judgment. Sub-purpose:
|
Types of data that we can process by way of example:
Name, Surname, E-Mail, Company Name and Legal Form, City, REA, Bank Data, Shipping Data, VAT number, Tax Code, Country, City, Address, Postal Code, State / Region, Province, Telephone, Mobile, Promotional Codes, Authentication Data for accessing the reserved area as registered users, and other types of data. Registered Users can always access their Reserved Area, modify and / or update the data they have entered, as well as unsubscribe at any time. |
2) DATA contained in the user's SOCIAL profiles
Purposes and Legal Bases The legal basis for this purpose is the Consent expressed by clicking on the icons on these websites, relating to the specific Social service with which the user wishes to interact and for which he has already activated an account or wishes to activate it by adhering to the privacy policy of the social same. This consent can also be collected directly from the User or through third parties. Sub-purpose:
|
Types of data that we can process by way of example:
Data contained in the user's Social Profile and interaction data collected by the platform (eg Facebook / instagram pixel) based on the privacy settings of the user account on the social network itself. If the User decides to share some content through one or more social networks (Facebook, Instagram, YouTube etc), the site may access some information of his account or profile if the User has activated the sharing of data of his account o profile with third-party applications through cookies (read specific policy). |
3) LOCATION DATA Purposes and Legal Bases To fulfill a contractual and pre-contractual obligation; - Legitimate Interest of the Owner. Sub-purpose:
|
Types of data that we can process by way of example:
These Websites may collect approximate location data (geographical area), if enabled by the user on their device, for the identification of the points of sale and / or of the competent Commercials and / or Authorized Service Centers close to the user's position. and as well as for viewing and invitations to events related to the user's localization area of the site. |
4) DATA COLLECTED FOR THE NAVIGATION OF THE SITES (Cookies) Purposes and Legal Bases The condition that makes the processing lawful is the consent expressed by the user by clicking on the cookie banner that appears when the site is accessed for the first time. Sub-purpose:
|
Types of data that we can process by way of example: The user's browsing data such as IP address, browser data, device etc are collected through cookies for the entire duration of the browsing session on the Site. Once these terms have elapsed, personal data will be destroyed, deleted or made anonymous (where not already collected anonymously). To see how cookies work go to the specific policy |
5) STATISTICAL DATA collected by the sites in ANONYMOUS or AGGREGATE FORM
Purposes and Legal Bases The condition that makes the processing lawful is the legitimate interest for statistical and marketing purpose Sub-purpose: The services listed in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior to improve the browsing experience and provide content and commercial information more suited to his interests. |
Types of data that we can process by way of example: Service used: Google Analytics is a web analysis service provided by Google Inc. ("Google"). The Data Controller uses, through Google Analytics, the Personal Data in anonymized form (anonymous IP) collected for the purpose of tracing and examining the use of these Websites, compiling reports and sharing them with other services developed by Google (e.g. advertising marketing). Personal Data collected: Cookies and browsing data in anonymous or aggregate form. Place of processing: EU for those who surf within the EU – PRIVACY POLICY – OPT OUT. |
6) DATA CONTAINED in the CURRICULUM VITAE spontaneously sent by candidates through the email boxes indicated on these websites Purposes and Legal Bases The condition that makes the processing lawful is Legitimate Interest Sub-purpose: The processing of the particular categories of personal data contained in the CVs is carried out only if necessary (Article 9, paragraph 2 of EU Regulation a. For the evaluation of possible job positions; The Data Controller and the Manager supervise to guarantee the interested parties that the data will be processed only for the stated purpose and only for the part strictly necessary for the processing. They also undertake, within the limits of reasonableness, to modify and correct all data that are in the meantime different from the originals, to keep them updated and to delete all data that exceed the declared treatment. |
Types of data that we can process by way of example: Name, Surname, E-Mail, City, Tax Code, Country, City, Address, Postal Code, State / Region, Province, Telephone, Mobile, Age, sex, photo, study path, work experience and other types of data. |
7) Protection from SPAM Purposes and Legal Bases The condition that makes the processing lawful is the legitimate interest |
Types of data that we can process by way of example: This type of service analyzes the traffic of these Websites, potentially containing Users' Personal Data, in order to filter it from parts of traffic, messages and contents recognized as SPAM. |
COMPULSORY TO PROVIDE DATA |
Some personal data (technical cookies) are strictly necessary for the functioning of the Sites, others are used for the sole purpose of obtaining anonymous statistical information (statistical cookies) on the use of the Site and to check its correct functioning and are deleted immediately after processing. Any refusal to authorize statistical cookies will not block the use of the site. Still others are necessary to fulfill contractual or pre-contractual obligations to provide the requested service without which it will not be possible to provide the service itself. |
Method and place of processing of the collected data
Methods of treatment and communication
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The treatment can be carried out both by means of IT and / or telematic and analog tools, with organizational methods and with logic strictly related to the purposes indicated.
It is important that the User takes adequate measures to prevent unauthorized access to the password and to his or her computers, devices and applications. Always make sure you are logged out when you finish using a computer shared with other users.
In addition to the Data Controller, in some cases, other parties involved in the organization of the Data Controller (administrative, commercial, marketing, legal, system administrators) authorized to process directly by the Data Controller under Art. 29 of the Gdpr and bound by confidentiality, or external subjects (such as third party technical service providers, couriers and carriers, postal services, hosting providers, IT companies, communication agencies, Authorized Technical Assistance Centers, Sales and Brokerage Agencies, insurance, insurance, financial, subsidiary company of the TREVIDEA Owner) identified and appointed as Data Processors by the Owner on the basis of Art. 28 of the Gdpr.
In no case will the data in the possession of the Data Controller be disseminated and / or communicated to third parties not specified in this information for marketing purposes without the explicit consent of the interested party.
The updated list of Managers can always be requested directly from the Data Controller at the references indicated in this statement.
Source of data
The data was acquired by Trevi Spa as provided directly by the user on these websites or provided by the same directly in the past or as legitimately acquired by a third party to whom the user has previously given consent based on the purposes. for which it is required, or as extrapolated from lists, books or sources accessible to the public or from business cards collected by our sales network or at trade fairs and corporate events.
Place of data processing
The Data are mainly processed at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For more information, you can contact the owner.
Transfer of data outside the EU
Pursuant to the EU General Data Protection Regulation
If it is necessary to transfer data to non-EU countries and, in the absence of the above-mentioned adequacy requirements or Standard Contractual Clauses, the only legal basis is consent.
Retention period
Data are processed and stored for the time required by the purposes for which they were collected.
Therefore:
- The Personal Data collected for purposes related to the execution of a contract or pre-contract between the Owner and the User / Customer / Supplier will be retained until the execution of this contract is completed, to fulfill administrative and accounting practices and tax as well as for the terms established by law.
- The Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until this interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.
- The Personal Data processed on the basis of Legitimate Interest for marketing purposes (referred to in point 1.let f), are kept for a period equal to the duration of the provision of the requested service and a period of 36 months following the last contact to be considered, among others, participation in an event of the Company, the use of a product or service provided by the Company or the opening of a newsletter (jointly defined as the "Last Contact") or until the User requests the cancellation of your data or oppose the processing by contacting the Data Controller at one of the addresses indicated in this information;
- Furthermore, the Data Controller may be obliged to keep the Personal Data for a longer period in compliance with a legal obligation or by order of an authority, as if the processing is carried out for administrative / accounting obligations (10 years) or for use it for a defense in court.
- When the processing is based on the User's consent, the Data Controller may keep the Personal Data until such consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a period beyond the revocation date in compliance with a legal obligation or by order of an authority;
At the end of the retention period and once the purpose for which they were collected has been exhausted, the Personal Data will be deleted unless they need to be further stored by order of Public Authorities or for other regulatory obligations. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
User rights
Users can exercise certain rights with reference to the Data processed by the Data Controller.
In case of higher protection, the User can exercise all the rights listed below. In any other case, the User can contact the owner to find out which rights are applicable in his case and how to exercise them.
In particular, the User has the right to:
- withdraw consent at any time. The User can withdraw the consent to the processing of their Personal Data previously expressed.
- oppose the processing of their data. The user can oppose the processing of their data when it occurs on a legal basis other than consent. Further details on the right to object are indicated in the section below.
- access their data. The user has the right to obtain information on the data processed by the owner, on certain aspects of the processing and to receive a copy of the data processed.
- verify and ask for rectification. The User can verify the correctness of their Data and request its updating or correction.
- obtain the limitation of the processing. When certain conditions are met, the User can request the limitation of the processing of their Data. In this case, the Data Controller will not process the Data for any other purpose than their conservation.
- obtain the cancellation or removal of their Personal Data. When certain conditions are met, the User can request the cancellation of their Data by the Owner.
- receive their data or have them transferred to another owner. The User has the right to receive his / her Data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain its unhindered transfer to another owner. This provision is applicable when the Data is processed with automated tools and the processing is based on the User's consent, on a contract to which the User is a party or on contractual measures connected to it.
- propose a complaint. The User can lodge a complaint with the competent personal data protection supervisory authority through the website of the Garante della Privacy or take legal.
Details on the right to object
Users are reminded that, if their data are processed for direct marketing purposes, they can oppose the processing without providing any reasons. To find out if the Data Controller processes data for direct marketing purposes, Users can refer to the respective sections of this document.
Third party links
The Websites may connect to third-party sites not directly controlled by the Owner (e.g. the brand sites present on the Home Page or links on the various pages) and which do not operate according to our privacy practices. When connecting to third party sites, Trevi's privacy practices no longer apply. You are encouraged to review the privacy policy of each third-party site before disclosing personally identifiable information.
How to exercise your rights
To exercise the User's rights, Users can direct a request to the contact details of the Owner indicated in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within one month of notification.
Cookie Policy
This website uses cookies. To learn more and to read the detailed information, the User can consult the specification Cookie Policy
Further information on the treatment
Defense in court
The User's Personal Data may be used by the Owner in court or in the preparatory stages for its eventual establishment for the defense against abuse in the use of these Websites or related Services by the User.
The User declares to be aware that the Owner may be obliged to disclose the Data by order of the public authorities.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Response to requests "Do Not Track”
This Website does not support "Do Not Track" requests or those that require the suspension of data collection to a user browsing the site.
To find out if any third-party services used support them, the User is invited to consult the respective privacy policies.
Changes to this privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, if possible, on this Website as well as, if technically and legally feasible, by sending a notification to Users through one of the contact details held by the Data Controller. Therefore, please consult this page regularly, referring to the date of the last modification indicated at the bottom.
If the changes affect treatments whose legal basis is consent, the Data Controller will collect the User's consent again, if necessary.
Definitions and legal references
Personal Data (or Data)
Any information that, directly or indirectly, also in connection with any other information including a personal identification number, makes a natural person identified or identifiable constitutes personal data.
Usage Data
This is the information collected automatically through this Website (including from third-party applications integrated into this Website), including: the IP addresses or domain names of the computers used by the User who connects with this Website, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc. .) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of the pages consulted, to the parameters relating to the operating system and the IT environment of the User.
User
The individual who uses this Website or who otherwise provides data to the Data Controller (e.g. Customer, Supplier or Partner), unless otherwise specified, coincides with the Data Subject.
Data subject
The natural person to whom the Personal Data refers.
Data Processor (or Manager)
The natural person, legal person, public administration and any other body that processes personal data on behalf of the Data Controller, as set out in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, service or other organization which, individually or together with others, determines the purposes and means of the processing of personal data and the tools adopted, including the security measures relating to the operation and use of this Website. The Data Controller, unless otherwise specified, is the owner of this Website.
These Websites
The hardware and / or software tools through which the Personal Data of Users are collected and processed.
Service
The Service provided through these Websites as defined in the relative terms (if available) on this site / application or directly by Trevi Spa.
European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document is intended to be extended to all current member states of the European Union and the European Economic Area.
Cookie
Small portion of data stored in the User's device.
Company of TREVI Spa Group
TREVIDEA Srl- Str. Consolare Rimini San Marino, 62
47924 - Rimini ITALY P.Iva
Legal references
This privacy statement is drawn up on the basis of multiple legislative systems including Regulation (EU)
Unless otherwise specified, this privacy policy applies exclusively to these Websites.
Last modified: February 2021