Privacy Policy - Newsletter

Dear Customer,

in accordance with article 13 EU Regulation 2016/679 (hereinafter, "GDPR"), we inform you that the processing of data by you provided will be carried out with methods and procedures aimed at ensuring that the processing itself is compliant with fundamental rights and freedoms, with special attention to confidentiality and security, to personal identity and the right of data protection.

Remember that “processing” means any operation or set of operations which is carried out on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (article 4 GDPR).

1 Object of processing
Personal data are processed by TAITÙ S.r.l. and they concern to:

  • personal data (e-mail address);
  • job information.

2 Legal basis for the processing
Legal basis for the processing is your express consent (article 6.1, point a) GDPR.

3 Purpose of the processing
Personal data are collected for the only purpose of sending newsletter for marketing and business communication.

4 Processing methods
The processing is limited to the following operations and with the following methods:

  • collection of data from the data subject;
  • registration and processing on computerized support;
  • organization of the archives in the form mainly automated, through business applications and computerized personal data;
  • trasmission of your personal data to third party service providers, in order to help us to administer certain activities and services on our behalf.

The data will be processed using instruments that guarantee confidentiality, integrity and availability. The processing is carried out on paper and through computerized and / or automated systems and will include all the operations or set of operations envisaged in art. 4 of the GDPR and necessary for the processing in question, including the communication with the subjects assigned to the processing itself.

The data concerned will not be disseminated, however, it will or may be communicated to public or private entities or individuals, within the context of the purposes described above.

5 Data Retention
The data collected will be kept for a period of time not exceeding the achievement of the purposes for which they are processed and not more than 2 years from the recording of your consent for business and marketing purposes.

6 Access to processing
The data will be made accessible for the purposes of point number 3:

  • to the employees/collaborators in their capacity as authorized to the treatment, after suitable appointment;
  • to third parties partner of the Data Controller appointed as “Data Processor”;
  • subjects whose right to access their personal data is recognized by provisions of law or secondary or community legislation.

The data concerned will not be disseminated to third parties not authorized.

7 Data transfers
We inform you that the management and storage of personal data carried out by the Data Controller will take place on servers located within European Union.
The processing of personal data by third-party companies that provide support services and duly appointed as Data Processors could take place on servers located outside the European Union. This transfer is legitimate on the basis of the adequacy decision “Privacy Shield”between the European Union and the United States of America pursuant to Article 45 of the GDPR.

8 Nature of providing data and consequences of refusing to answer
The provision of data for the purposes referred to in point 2.1 is not mandatory. In their absence, it will not be possible to send you any business communications.

9 Rights of the data subject
According to the provisions of the GDPR, the interested party has the following rights towards the Data Controller:

  • obtain confirmation of whether or not personal data processing is being processed and, in this case, to obtain access to personal data (Right of access article 15);
  • obtain the rectification of inaccurate personal data concerning him without undue delay (Right to rectification article 16);
  • obtain the erasure of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay, if certain conditions are met (Right to be forgotten article 17);
  • obtain the restriction of processing in certain cases (Right to restriction article 18);
  • receive the personal data concerning you provided in a structured, commonly used and readable form by automatic device and have the right to transmit such data to another Data Controller, without impediments by the data controller who provided them, in certain cases (Right to data portability article 20);
  • object at any time, for reasons connected with your particular situation, to the processing of your personal data (Right to object article 21);
  • receive without undue delay communication of the personal data breach suffered by the Data Controller (article 34);
  • withdraw the consent expressed at any time (withdraw of the consent article 7).

Where applicable, in addition to the rights referred to articles 16-21 GDPR the data subject has the right to lodge a complaint with the Supervisory Authority.

10 Modalities of exercising your rights
The data subject can contact the Data Controller at email address:

11 Titolare del trattamento
Data Controller is TAITÙ S.r.l. - Corso Sempione, 39 - 20145 Milano - Tel. +39 02 9078 0606 - email:

The list of data processors is available at the registered office of the owner mentioned above.