DATA PROCESSING PRIVACY NOTICE IN ACCORDANCE WITH
ARTICLE 13 OF REGULATION (EU) 2016/679

This privacy notice will be reviewed and amended, if necessary, in the event of legislative changes
Terranova Srl, with registered office in Via F. Bartolommei 4 - 50129 Florence (FI) (hereinafter “Data Controller”, “Controller” or “TERRANOVA”), as Data Controller, notifies you of our privacy policy in accordance with Article 13 Regulation (EU) no. 2016/679 (hereinafter also "GDPR"), so you understand how we process your personal data when you use our services, and to allow you, if applicable, to give your express and informed consent to the processing of your personal data in the sections of the site where you are asked to provide personal data.
This privacy notice also respects and fully complies with Recommendation No 2/2001 adopted on 17 May 2001 by the European Authorities for personal data protection on certain minimum requirements for collecting personal data on-line in the European Union, and, more specifically, the methods, timing, and nature of the data that a Controller would need to provide to users when they connect to a web page for whatever purpose. The manner for providing consent will be clear, brief and easy to understand; if the original conditions for requesting consent vary, for example the purpose for the data processing changes, we will request your consent again, in accordance with Regulation (EU) No 2016/679.
As required by the Regulation, the processing carried out by TERRANOVA will be based on the principles of lawfulness, fairness, transparency, purpose limitation, storage limitation, data minimisation, accuracy, integrity and confidentiality.
1. Data Controller
TERRANOVA Srl, with registered office in Via F. Bartolommei 4 - 50129 Florence (FI) is the Data Controller to contact to exercise your rights.
Here is the Controller’s contact information
- Telephone: +39 055 5386700
- Fax: +39 055 9909980
- Address: via Volturno 10/12/B – 50019 Sesto Fiorentino (Florence, Italy)
- certified email address (PEC): terranova@arubapec.it
- email: info@terranovasoftware.eu
2. Data Protection Officer
The Data Protection Officer (DPO) of Terranova Srl is Sicurdata Srl, as represented by Agostino Oliveri, who you can contact as follows:
- Telephone: +39 055 750808
- Fax: +39 055750808
- certified email address (PEC): sicurdatasrl@pec.pec-opendata.com
- email: dpo.sicurdata@opendata.it
3. Purposes of the Processing
Our purposes for processing your data, where necessary with your express consent, are:
a) to enable us to provide the Services you request, including the collection, storage and processing of data for the purposes of establishing and managing the operational (including data collection for the purposes of unsolicited applications), technical and administrative relationship associated with providing the Services, and sending communications relating to the performance of the established relationship;
b) to enable you to browse and consult the TERRANOVA website;
c) to respond to requests for assistance or to queries, which we receive by email, telephone or the application chat, or by means of the dedicated form;
d) to comply with legal, accounting and fiscal obligations;
e) to perform direct email marketing for similar services to those you subscribed to, unless you objected to that processing initially or upon subsequent communications, for the purposes of the legitimate interests pursued by TERRANOVA to promote products and services that could reasonably interest you;
f) where applicable, for market statistics, studies and research; to send you advertising material, information, business information or surveys to improve the service ("customer satisfaction") by email or text message, and/or by telephone with operator and/or through TERRANOVA's official social network pages;
g) to make customised business proposals on the basis of products or services you have purchased, or which you expressed interest in by browsing our Site;
h) to opt in to newsletters;
i) or the sole purpose of security and to prevent fraudulent conduct, the Controller has an automatic control system in place to track and analyse user behaviour on the site associated with the processing of Personal Data, including IP address.
3.1 Legal basis and mandatory or optional nature of processing
The legal basis for the processing of your Personal Data for the purposes under the section above is Article 6(1)(b) of the Regulation, since processing is necessary for the performance of the contracted services. You can choose whether or not to provide your personal data for this purpose, but if you do not give your consent, we cannot provide the Services requested.
The purposes connected with legal obligations represent lawful processing in accordance with Article 6(1)(c) of the Regulation. Once you have provided your Personal Data, processing may be indeed necessary for compliance with a legal obligation to which TERRANOVA is subject.
Processing for the purposes of marketing and newsletters as described above is based on your consent, in accordance with Article 6(1)(a) of the Regulation. You can choose whether or not to provide your personal data for this purpose, and it will not affect your use of the Services. The legal basis for subsequent processing for the purposes of email marketing of products or services similar to those you purchased is in accordance with Article 6(1)(f) of the Regulation. It is in the legitimate interests pursued by TERRANOVA to promote our products or services in a context where you can reasonably expect this type of processing, which you can object to at any time. If you decide to object to the processing of your data for these marketing purposes, you can do this at any time through your control panel or in the manner specified in the text of the marketing emails.
4. How we process your data
In relation to the purposes under the above point, your personal data are processed in compliance with the principles of confidentiality, lawfulness, fairness and transparency using manual, IT and telecommunications tools, with organisational methods and systems strictly related to those purposes, also be means of fax, telephone, mobile phone, electronic mail or other forms of remote communications. In processing your personal data, we implement technical and organisational security measures appropriate to the risk, in accordance with Article 32 of the GDPR.
5. Recipients of the personal data
For the purposes under the above-mentioned section, we may share your Personal Data with:
a) parties that commonly act as data processors, namely: i) persons, companies or professional firms that provide assistance and advisory services to TERRANOVA in the accounting, administration, legal, taxation, financial and credit recovery fields in relation to providing the Services; ii) parties with whom it is necessary to interact to provide the Services; iii) or parties delegated to perform technical maintenance (including maintenance of networking equipment and electronic communications networks);
b) parties, entities or authorities to whom we are obliged to provide your personal data in compliance with the law or with orders from authorities;
c) persons authorised by TERRANOVA to process Personal Data required to perform activities strictly related to providing the Services, who have undertaken to maintain confidentiality or who are legal obliged to maintain confidentiality, as TERRANOVA employees;
d) business partners for their independent and separate purposes, and only if you have given your express consent.
6. Period of data storage
Your data will be processed for the entire duration of the contractual relationship and afterwards to comply with legal obligations and for administrative and commercial purposes.
7. Rights of the Data Subject
In accordance with Articles 7, 15, 16, 17, 18, 20, 21 and 22 of Regulation (EU) No 2016/679, you have the right to obtain confirmation of the processing of your data and, in this case, to obtain access to your data and to the following information:
The data subject has the right to know:
a) the purposes of the processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) all the information available on the origin of the data, should they not have been collected from the data subject;
f) the existence of automated decision-making, including profiling.
The data subject also has the right to:
a) obtain from the controller without undue delay the rectification of inaccurate personal data concerning them;
b) obtain from the controller without undue delay the erasure of personal data concerning them (“right to be forgotten”);
c) obtain from the controller restriction of processing;
d) object, on grounds relating to their particular situation, at any time to processing;
e) receive the personal data concerning them in a structured, commonly used and machine-readable format;
f) withdraw their consent at any time;
g) lodge a complaint with a supervisory authority;
h) be informed of the appropriate safeguards, where personal data are transferred to a third country or to an international organisation;
i) obtain a copy of the personal data undergoing processing.
You can exercise these rights by sending the Controller a registered letter, fax and/or email stating your request to the contact points provided in paragraph 1 - Data Controller.
8. Transfers of data
In compliance with the provisions of the regulatory reference, we can transfer the personal data you provide to other EU countries or to third countries outside the European Union. TERRANOVA assures that these Recipients process your Personal Data in compliance with the Regulation. Indeed, transfers may take place on the basis of an adequacy decision or of the Standard Contractual Clauses approved by the European Commission. Additional information is available from the Controller.
9. Cookies
Refer to the cookie policy for information about the cookies used on www.terranovasoftware.eu.
10. Processors and designated/authorised persons
The updated list of Data Processors and persons designated/authorised to process data is kept at the registered office of the Data Controller.