Privacy Policy
for Technacy website pursuant to Art. 13 Regulation (EU) 2016/679 (GDPR)
Preamble
Pursuant to Regulation (EU) 2016/679 (hereinafter, the "Regulation"), this page outlines the processing of personal data belonging to users who access the website electronically at www.technacy.it.
This Policy does not apply to other websites, web pages or online services accessible through hypertext links links available on our website that relate to resources outside the Data Controller's domain.
This privacy policy may be modified periodically, particularly if new services are activated or due to legislative updates Therefore, we recommend to regularly access our website to check for any updates.
This page describes the methods of website management concerning processing the personal data of users who consult it. This Policy is also provided pursuant to Article 13 of the EU Regulation on the protection of natural persons with regard to the processing of personal data to those who interact with the web services of TECHNACY S.R.L, accessible electronically from the address www.technacy.it.
The Policy applies only to the TECHNACY S.R.L. website, and not to other websites that may be consulted by the user through links.
Data Controller
The Data Controller, pursuant to the regulation, is TECHNACY S.R.L., with its registered and operational headquarters at via Molveno, 5 - 48015 Cervia (RA) Italy, Tax Code and VAT registration number 02399920392.
The Data Protection Officer (DPO) can be contacted via the following email address dpo@technacy.it.
Categories of data processed
During the user's browsing and interacting with our website, we may collect different types of personal data. This data helps us ensure an operational, personalized, and secure user experience, and enable us to effectively respond to the requests we receive. Below is an overview of the main categories of data we may process, depending on the type of interaction:
- Browsing data (e.g. IP address, URI, connection time, browser type).
- Identification and contact data (first name, last name, email, phone number, role, company).
- Professional data (cv, work experience, profession).
- Data provided voluntarily via contact forms or spontaneous communications.
- Any special data (e.g., sensitive data included in a CV) processed only if strictly necessary.
Purpose of processing and legal bases
The processing of personal data is always carried out in compliance with current regulations, and is directed toward specific, legitimate, and clearly defined purposes. Below, we describe the various purposes for which we use the collected data, linking them to the legal bases that authorize their processing, thus ensuring transparency and security at every stage of the process.
a. Website browsing
- Purpose: to allow the website to function properly, ensure its security, and collect anonymous statistics.
- Legal bases: the legitimate interest of the Data Controller (art. 6, par. 1, lett. f GDPR).
Please refer to the specific Cookie Policy for more details on the tracking tools used by the website.
b. Company/Partner Contact Form.
- Data collected: first name, last name, email, role, company, phone number (optional), message.
- Purpose: to manage requests for information, quotes, demos or business collaborations.
- Legal bases: the execution of pre-contractual measures (art. 6, par. 1, lett. b GDPR).
With separate and optional consent, the data may also be used for sending newsletters and promotional communications (Art. 6, par. 1, lett. a GDPR).
c. Spontaneous application form /CV sending
- Data collected: first name, last name, email, telephone, message (optional), CV.
- Purpose: to evaluate the candidate's profile for current or future job positions.
- Legal bases: the execution of pre-contractual measures (art. 6, par. 1, lett. b GDPR) and art. 111-bis of Legislative Decree 196/2003.
Data may be kept for 12 months and used for future selections. Please do not include sensitive data, unless strictly necessary (e.g., belonging to protected categories). In this case, the processing will be carried out in accordance with Art. 9 GDPR and national legislation, due to a legal obligation.
All criteria provided for in Legislative Decree 125/91 will also be adopted to guarantee equal treatment between the sexes during selection procedures.
d. Newsletter subscription
- Data collected: first name, last name, email, profession (optional).
- Purpose: periodic sending of newsletters, updates, promotional and informative communications.
- Legal bases: the explicit consent of the data subject (art. 6, par. 1, lett. a GDPR).
The data subject may revoke consent at any time via a link in each email or by writing to dpo@technacy.it. The consent given will be valid for 24 months, unless revoked earlier. Revocation of consent will not affect the lawfulness of the processing conducted up to that point.
e. Data voluntarily communicated by the user
It is specified that the optional, explicit and voluntary sending of messages to the contact addresses of TECHNACY S.R.L., as well as the completion and submission of the forms on the site www.technacy.it involve the acquisition of the sender's contact data, necessary to respond, as well as all personal data included in the communications.
- Data collected: Information included in the missive;
- Purpose: to respond to requests received;
- Legal bases: the consent given by the data subject, including through equivalent acts (e.g., sending an application or request) (Art. 6(1)(a) GDPR) or, where relevant, the execution of pre-contractual measures (Art. 6(1)(b) GDPR).
Optional nature of data provision
Except as specified for browsing data, the user is free to provide the personal data indicated in the information request forms to TECHNACY S.R.L. It is specified, however, that the sending of missing and/or incorrect information may make it impossible for the Data Controller to conduct the processing.
Method and place of processing
The data will be processed using electronic and/or paper-based tools, with adequate security measures to ensure the confidentiality, integrity and availability of the information.
No automated decision-making or profiling are planned
The processing operations related to the web services of this website are located in Europe, are managed by the service provider HubSpot and are handled by authorized personnel of TECHNACY S.R.L. as well as by any third-party companies - duly appointed as Data Processors pursuant to ex art. 28 of the GDPR, where the legal requirements exist - during update and maintenance operations.
No data derived from the web service is disseminated. Personal data voluntarily provided by users who submit contact requests are used for the sole purpose of performing the service or operation requested, potentially also through external service providers.
Communication and access to data
To ensure effective and secure management of personal data, access is granted only to those persons and entities closely involved in the processing. In this section we oultline who may process the data collected, in compliance with applicable regulations, and under what circumstances such data may be disclosed to authorized third parties. Transparency on these matters is essential to ensure the protection of the user's privacy at all times.
In particular, personal data collected through the website may be processed by:
- Authorized personnel of TECHNACY S.R.L.
- External suppliers (e.g. IT services, consultants, recruitment companies) appointed as Data Processors pursuant to ex art. 28 of the GDPR.
- Entities or authorities, in the cases provided for by law.
Data transfer abroad
The Data Controller does not transfer personal data to non EU countries. Should the need arise, the data subject will be informed in advance, and adequate safeguards for the transfer will be adopted towards the interested party, pursuant to ex arts. 44 et seq. of the GDPR, which, depending on the case, may include: verification of the existence of an adequacy decision by the Commission for the recipient country, the signing of standard contractual clauses, or, in the case of U.S.A., verification of adherence to existing international agreements. As an exception to these safeguards (in accordance with Art. 49 of the GDPR) the existence of a contract or pre-contractual measures in favour of the data subject or consent to the transfer will be verified.
Data retention
The Data Controller applies strict data retention policies in line with the principles of proportionality, necessity and data minimization. Therefore, the retention period of personal data is strictly limited to the time necessary to achieve the purposes for which the data were collected, in compliance with the principles of minimization and security provided for by current legislation. Below, we indicate the specific retention periods applied to different categories of processed data, to ensure transparency and fairness in the management of personal information.
- Browsing data: up to 7 days, except for any need to investigate security incidents.
- Contact requests: for as long as necessary to handle the request, with a maximum period of 12 months.
- Data for marketing purposes: until consent is revoked, but with a maximum retention period of 24 months.
- CVs and applications: 12 months from receipt, unless the candidate is hired (in which case they will be treated as employee data).
After that period, documents containing personal data will be destroyed or the personal data will be irreversibly anonymized.
Disclosure
Personal data collected by the data controller shall not be disseminated.
Data Subject rights
Pursuant to Articles 15 et seq. of Regulation (EU) 2016/679 (GDPR), the data subject has the right to obtain confirmation as to whether or not personal data concerning them are being processed and to access those data (right of access). Furthermore, the data subject may request the rectification of inaccurate data or the completion of incomplete data (Article 16 GDPR), as well as the erasure of his/her personal data when provided for by law (right to be forgotten, Article 17 GDPR).
The data subject also has the right to request the restriction of processing in the cases provided for in Article 18 GDPR, to object to processing for legitimate reasons (Article 21 GDPR), and to revoke the consent previously given at any time, affecting the lawfulness of processing based on consent before its withdrawal (Article 7(3) GDPR).
In addition, where applicable, the data subject may request the portability of the personal data provided, obtaining them in a structured, commonly used and machine-readable format so that they can be transmitted to another data controller (Art. 20 GDPR).
For any request regarding the exercise of these rights or for further information, the data subject may contact the Data Protection Officer (DPO) by writing to the e-mail address: dpo@technacy.it. In the event of disputes or doubts about the use of personal data, the data subject also has the right to lodge a complaint with the Data Protection Authority, which can be consulted at www.garanteprivacy.it.
Cookies
The website uses essential technical cookies necessary for navigation, and third-party cookies for statistical purposes.
Direct profiling cookies are not used, but marketing cookies are employed. For more details, please refer to the extended Cookie Policy .
Amendments to the Policy
This Policy may be updated at any time, including in connection with new regulatory requirements or the activation of new services. Users are therefore encouraged to consult it periodically.
Last updated: October 2025
Privacy Policy Rev. 1/2025