PRIVACY POLICY

GENERAL INFORMATION

Data subjects are informed (pursuant to Art. 4, paragraph 1 of the GDPR) of the following general profiles, which apply to all processing:

• all data are processed in compliance with the privacy regulations in force (Regulation (EU) 2016/679 and Legislative Decree 196/2003, as amended and added to by Legislative Decree 101/2018);
• all data are processed lawfully, fairly and in a transparent manner in relation to data subjects, in accordance with the main principles of Art. 5 of the GDPR;
• specific security measures are applied to prevent data loss, unlawful or incorrect use and unauthorised access (GDPR, Art. 32).

Data controller

The Data Controller is the undersigned Company (represented by the legal representative pro-tempore) contactable as follows for privacy-related information or in order to exercise the rights listed below:

Contact information

TELME Spa

Tel: 0377-466630 – E-mail: contabilita@telme.it

Data Protection Officer

Name: Galli Data Service Srl

E-mail: dpo@gallidataservice.com

Rights of the data subjects

• the right to obtain confirmation from the controller as to whether or not personal data concerning him or her are being processed, and to access the personal data (Art. 15 “Right of access”)
• the right to have inaccurate or incomplete data rectified/completed (Art.16 “Right to rectification”)
• the right to obtain erasure of data, if reasonable grounds apply (Art. 17 “Right to erasure”)
• the right to obtain from the controller restriction of processing (Art.18 “Right to restriction of processing”)
• the right to receive personal data concerning him or her in a structured format (Art. 20 “ Right to data portability”)
• the right to object to processing concerning them and to automated decision-making, including profiling (Art. 21, 22)
• the right to withdraw consent previously given;
• if they receive no response, the right to lodge a complaint with the Data Protection Supervisor.

The following is specific information relating to:

• processing data linked to the operation of the website
• processing the data of the Data Controller’s customers / suppliers

1) PROCESSING DATA LINKED TO THE OPERATION OF THIS WEBSITE

1.1 Navigation data

The computer systems and software procedures in place for the operation of this website acquire, during their normal operation, certain personal data, whose transmission is implicit in the use of internet communication protocols. The information is not collected to be associated to identified data subjects but, due to their nature, could, when processed and associated with data held by third parties, allow identification of the users. This category of data includes IP addresses or domain names of the computers used by the users that connect to the website, the addresses in URI (Uniform Resource Identifier) format of the resources requested, the time of the request, the method used to present the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters relative to the operating system and the computer environment of the user.

1.2 Cookies

This privacy policy is provided pursuant to Art. 13 of Regulation (EU) 2016/679 “GDPR”, as well as the specific regulations in force concerning cookies:

• “Guidelines on the use of cookies and other tracking tools” of 10 June 2021 (Published in Official Journal No. 163 of 9 July 2021);
• Guidelines 5/2020 on consent under Regulation (EU) 2016/679, adopted by the European Data Protection Board.

What are cookies? Cookies are small text files (letters and/or numbers) that allow the web server to save on the client (the browser), information that it can reuse during the same visit to the website (session cookies) or in subsequent visits, even days later (persistent cookies). The cookies are stored, based on the user's preferences, by the single browser on the specific device used (computer, tablet, smartphone). Similar technologies, such as, for example, web beacons, transparent GIFs and all forms of local storage introduced with HTML5, can be used to collect information on the user's activities and on the use of the services. In this policy we will use the term cookie to refer to cookies and all similar technologies.

Possible types of cookies

With regard to the measures of the “Guidelines on the use of cookies and other tracking tools” of 10 June 2021 (Published in Official Journal No. 163 of 9 July 2021) and in the 231 measures register of 10 June 2021, below are the categories of cookies used, the purposes and the categorisation criteria.

Functionalities guaranteed by the pop-up banner

Profiling cookies are blocked by default upon first accessing the website, when the user is presented with a banner which they can use to express their choices:

• accept only technical cookies (therefore leave profiling cookies blocked);
• accept all cookies;
• express customised preferences on which cookies to accept.

Such preferences must remain recorded, accessible and if necessary modifiable, through a link placed in the fixed structure of the website (e.g.: footer).

Connections to portals and social media Pages on the website may include buttons, widgets, plug-in, links, cookies for Social Networks for easy interaction with Social networks and content sharing. By way of example only: facebook pixel, facebook remarketing, facebook segmentation, etc. (which in any case use technologies and tools which reduce the identifying power of cookies, such as anonymisation or hashing/encryption systems). Notice that processing of the data entered by the user on various social network channels complies with the rules and privacy settings of the social network, which the user accepted when they registered with it. For information purposes, links for the main social networks are provided, which can be used to manage privacy configurations and to accept cookies:

• Youtube: https://www.youtube.com/t/terms

In-depth look at types and ways of managing preferences

Using the main navigation browsers, by clicking on the relevant icons, it is possible to obtain an analytical classification of the cookies used by the website, complete with: cookie name, contents, domain, how they are sent, duration.

The main navigation browsers also allow users to:

• block by default reception of all (or some) types of cookies
• remove all or some of the cookies installed

For information on settings for individual browsers, see the next section. Please note that blocking or deleting cookies could compromise navigation of the website. The website could contain links to third party sites and third party cookies; for more information please see the privacy policy of any linked sites.

Managing preferences with the main navigation browsers The user can decide whether or not to accept cookies by using their browser's settings (please note that, by default, almost all web browsers are set to automatically accept cookies). The settings can be changed and defined specifically for different websites and web applications. Moreover the best browsers let you define different settings for first-party and third-party cookies. Usually cookies can be configured in the 'Preferences', 'Tools' or 'Options' menu.

See below for a list of links to guides on how to manage cookies for the main browsers:

Internet Explorer:http://support.microsoft.com/kb/278835

Internet Explorer [mobile version]: http://www.windowsphone.com/en-us/how-to/wp7/web/changing-privacy-and- other-browser-settings

Chrome:http://support.google.com/chrome/bin/answer.py?hl=en-GB&answer=95647 Safari [mobile version]: http://support.apple.com/kb/HT1677 Firefox:http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies

Android:https://support.google.com/accounts/answer/61416?hl=it&co=GENIE.Platform%3DAndroid Opera:http://help.opera.com/opera/Windows/1781/it/controlPages.html#manageCookies

More information

• allaboutcookies.org (for more information on cookie technologies and how they work)
• youronlinechoices.com/it/a-proposito (lets users choose to block the installation of profiling cookies)
• garanteprivacy.it/cookie (collection of the main legislation on cookies by the Italian Data Protection Authority)

1.3 Specific functions of the website

Some pages on the website could require users to enter information for specific services (e.g.: request information, user registration, work with us, etc.).

1.4 Data supplied voluntarily by the user

The optional, explicit and voluntary supply of e-mail and/or ordinary mail addresses indicated in this website results in the acquisition of the sender's address, necessary to respond to the requests, as well as any other personal data included in the message. If the sender sends their CV in order to be considered for a professional role, the sender remains the sole person responsible for the relevance and accuracy of the data sent. Please note that any CV not including the data processing authorisation will be immediately deleted.

2) PROCESSING DATA RELATED TO RELATIONSHIPS WITH CUSTOMERS AND SUPPLIERS

2.1 Data subjected to processing

The company processes identifying personal data of customers / suppliers (for example: first name, surname, corporate name, personal/tax details, address, telephone number, e-mail address, bank and payment details) and of their contacts, if any (surname and contact details) acquired and used for provision of the products/services supplied.

2.2 Purpose and legal basis for the data processing

The data are processed to:

• arrange contractual/professional relationships and for the provision of services;
• comply with pre-contractual, contractual and fiscal obligations arising from existing relationships, as well as to manage the necessary relevant communication;
• comply with obligations required by law, rules, European Community regulations or orders of the Italian Data Protection Authority;
• exercise a legitimate interest as well as right of the Data Controller (e.g.: the right to defend themselves in a court of law, the protection of credit positions and routine internal operative, management and accounting requirements).

Failure to supply the afore-mentioned data will make it impossible to establish a relationship with the Data Controller. The afore-mentioned purposes represent, pursuant to Art. 6, paragraphs b, c and f, suitable legal basis for the lawfulness of the data processing. Should the intention be to carry out processing for other purposes (e.g.: marketing communications, production of photo/video content, etc.) data subjects will be asked to provide special specific consent.

2.3 Processing methods and storage period

The personal data are processed with the operations indicated in Article 4 No. 2 of the GDPR:  data collection, recording, organisation, storage, consultation, processing, alteration, selection, retrieval, alignment, use, combination, blockage, disclosure, erasure and destruction. Personal data are subjected to processing in hard copy and electronic format. The Data Controller will process the personal data for the time necessary to fulfil the purposes for which they were collected and related legal obligations.

2.4 Scope of the processing

The data are processed by duly authorised and trained internal personnel, in compliance with Article 29 of the GDPR. It is also possible to request the scope of disclosure of the personal data, along with precise information about any external subjects that operate as Processors or independent Data Controllers (consultants, technicians, banks, carriers, etc.). The data may be transferred outside the EU as part of the management of international orders, in compliance with the conditions of Chapter V of the GDPR, which are intended to ensure that the level of protection of data subjects is not compromised “Art. 45 Transfers on the basis of an adequacy decision, Art. 46 Transfers subject to appropriate safeguards, Art. 47 Binding corporate rules, Art. 49 Derogations for specific situations”). The data are not processed by automated means which produce significant consequences for the data subject.

3) POLICY UPDATE

This privacy policy may be subject to regular updates, even in relation to the reference standard and law. Any significant changes to the policy will be highlighted on the home page of the website for a suitable period of time. Please consult this privacy policy regularly.