This information is provided pursuant to art. 13 of EU Regulation 679/2016 by TECNO ORAFA S.r.l. – Via B. Cellini 29/31 –  36061 Bassano del Grappa (VI) -Italy, VAT No. 02008150241, as Data Controller to those accessing our website (from now on only the “Site”) and fill out the “contact” form in order to illustrate the essential elements of the processing carried out

Personal data processed

The data provided voluntarily will be processed. Through the Site you have the possibility to voluntarily provide personal data, for example, the name and e-mail address to contact us through the “contact” form. We will use this data in compliance with the applicable legislation in force, assuming that it refers to you. In the event data relates to third parties, for the latter, you are acting as an independent data controller, assuming all legal obligations and responsibilities. In this sense, you confer on the point the broader indemnity with respect to any dispute, claim, request for compensation for processing damage, etc. that should reach us by third parties whose personal data have been processed through your use of the Site in violation of the applicable legislation currently in force. 

Purposes of the processing and legal bases

Specifically, your personal data is processed for the following purposes and legal bases:

  • activities related to contact management (examples of activities are: completing the contact form on the site or more generally sending an e-mail that involve the processing of personal data such as, for example, the name, surname, subject; the legal basis of the aforementioned purpose is identified in the contract and pre-contractual measures (art. 6.1, letter b, GDPR);
  • activities related to the execution of the contract of which you are a party, including the pre-contractual phase (examples of activities are: the provision of a service, the response to a request, the request for contact via the “contact” form ( etc.); the legal basis of the aforementioned purpose is identified in the contract and pre-contractual measures (art. 6.1, letter b, GDPR), but also (if the case occurs) in the legitimate interest (art. 6.1, letter f, RGDP) as regards to the necessity to defend a right and also to comply with a legal obligation or regulations in force or to fulfil an obligation imposed by the Authorities (art. 6.1, letter c, GDPR);
  • IT systems and devices maintenance (the subjects in charge of performing maintenance and repairs on the Site may accidentally have access to your personal data. These are completely occasional and unforeseeable events and in any case lacking in identification purposes and of limited duration for carrying out maintenance / repair work); the legal basis of the aforementioned purpose is identified in the legitimate interest (art. 6.1, letter f, GDPR).

No processing of ours is based on consent. The legal bases on which we operate are: contract, legal obligation and legitimate interest. We do not carry out processing with automated decision-making processes or profiling.

Data retention times

Your personal data will be kept for the time strictly necessary to carry out the aforementioned purposes and to fulfil the obligations established by law.

In particular, for activities related to contact management, your personal data is deleted when the purpose of contact, response or correspondence is definitively exhausted. For the activities related to the execution of the contract of which you are a party (including the pre-contractual phase), your personal data is kept for the entire duration of the contractual relationship and, once the relationship is concluded, will be kept for any needs of verification / exercise / defense of a right or to fulfil a legal obligation or regulations in force or to fulfil an obligation imposed by the Authorities (art. 6.1, letter c, GDPR). For IT systems and devices maintenance activities, referring to personal data that we have for the other purposes indicated in this Notice, storage times coincide with those from time to time identified for the aforementioned purposes. 

Consent and optional / compulsory conferment.

The processing of your personal data, for the purposes described above, can be carried out without your consent.

The provision of your data that you undertake to provide contractually or by law, is mandatory and is a necessary requirement for the conclusion of the contract and failure to provide it will make it impossible for us to proceed with the contracts and other related obligations. Any other provision of your personal data (e.g. for sending requests not yet contractualized or for browsing the site) is purely optional. The only consequence of the optional non-conferment will be the impossibility to provide or perform the requested services.

Categories of recipients

Furthermore, your Personal Data may be disclosed to third parties for technical and operational requirements strictly related to the purposes stated above and in particular to the following categories of subjects:

  1. subjects necessary for the provision of the services offered by the Site including, for example, the sending of e-mails and the analysis of the operation of the Site which typically act as data processors of our status;
  2. persons authorized by us to process data, committed to confidentiality or that have an adequate legal obligation of confidentiality;
  3. Judicial authorities in the performance of their duties when required by applicable law.

Transfers abroad

The data controller does not transfer personal data outside the European Economic Area. The Controller, however, reserves the right to use cloud services; in which case, the service providers will be selected among those who provide adequate guarantees in compliance with the applicable current legislation.

Processing methods

Your personal data will be processed both electronically and on paper.

The processing will, however, be carried out mainly with IT tools and in any case with the observance of the minimum precautionary measures for data security and confidentiality. In particular, technical, IT, organizational, logistical and procedural security measures have been implemented in order to prevent the loss, illicit or irrelevant use of data and access to the same without authorization. 

Rights of the interested party and claim before the Guarantor

We inform you that in relation to the processing of your personal data you can exercise the following rights:

  1. Right to obtain access to your personal data (art. 15 GDPR): you can contact us to find out if your personal data is being processed and the information on processing’ law;
  2. Right of rectification (art. 16 GDPR): obtain the correction of your inaccurate personal data or the integration of incomplete ones;
  3. Right to cancellation / oblivion (art. 17 GDPR): obtain the cancellation of your personal data in the cases provided for by law;
  4. Right to limit processing (art. 18 GDPR): obtain the subjection of your personal data to the sole conservation, with the exclusion of other activities, in the cases provided for by law;
  5. Right to portability (art. 20 GDPR): obtain your personal data in a structured format, commonly used and readable by an automatic device, and also obtain direct transmission to another data controller, in the cases provided for by law;
  6. Right to object (art. 21 GDPR): right to stop further processing of personal data for reasons connected to your particular situation, unless our legitimate and binding reasons prevail, in the cases provided for by law;
  7. Right to withdraw consent (art. 7.3 GDPR): right to revoke consent at any time for cases where processing is based on consent.

To exercise the aforementioned rights, you may use the contact details of the Data Controller provided in this Information notice.

The exercise of rights is not subject to any form restriction and is free.

We also inform you of your right to promote a complaint before the Guarantor Authority for the protection of personal data. We remind you that the complaint, pursuant to art. 77.1 GDPR, can be promoted by the interested party to the Authority of the place where the person concerned usually resides, where he works or where the alleged violation has occurred.

Data controller

The Data Controller is the company: TECNO ORAFA S.r.l.

Contact details of the Data Controller:


Telephone +39 0424 833977

Paper mail address: Via B. Cellini 29/31 – 36061 Bassano del Grappa (VI) – Italy 


This information is effective from May 25, 2018. We reserve the right to modify or simply update the content, in part or completely, also due to changes in the applicable legislation. The updated information will be promptly published on this Site. We invite you, therefore, to regularly visit this page to view any updates.