WHY THIS NOTICE
This page describes the methods of managing the website with reference to the processing of personal data of users who consult it.
This is also an information notice pursuant to EU General Regulation 2016/679 (hereinafter “GDPR”) on the protection of personal data for those who interact with the web services of Take Over srl, accessible electronically from the address https://take-over.it/en (hereinafter “website”).
This notice is provided only for the website https://take-over.it/en of Take Over srl and not for other websites that may be consulted by the user via links.

DATA CONTROLLER
The Data Controller is Take Over srl and can be contacted at the email address amministrazione@take-over.it

PLACE OF DATA PROCESSING
The processing related to the web services of this website takes place at the registered office of the Controller and is carried out only by technical personnel assigned to processing, or by individuals responsible for occasional maintenance operations.
The hosting/housing/cloud servers are located with Aruba, which is based in the European Economic Area and operates in accordance with European regulations (Privacy Policy).
No data deriving from the web service is communicated or disseminated.

TYPES OF DATA PROCESSED

Among the Personal Data collected on the Controller’s Website, either independently or through third parties, are: cookies; usage data; first name; last name; address; email; city; data communicated during use of the service. Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during browsing and use of the services offered on the Site.

Browsing data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the response status (successful, error, etc.) and other parameters related to the user’s operating system and IT environment.
These data are used solely to obtain anonymous statistical information about the use of the site and to check its proper functioning, and are deleted immediately after processing. Data could be used to ascertain responsibility in case of hypothetical computer crimes to the detriment of the site: except for this eventuality, at present, web contact data does not persist for more time than is necessary for navigation.

Data voluntarily provided by the user
To use the Services provided by Take Over srl, users may be asked to fill in contact request forms and/or registration forms, containing fields for mandatory and optional personal data. Providing the personal data marked as mandatory is necessary to complete the contact or registration procedure; failure or partial provision of such data makes it impossible to register and/or use the Services. Providing non-mandatory data is optional; therefore, their omission does not prevent registration and/or use of the Services.
The personal data required by Take Over srl for subscription to the Services may vary depending on the registration forms used.
Voluntarily and explicitly sending emails to the addresses indicated on this site’s various access channels does not require consent and entails the acquisition of the sender’s address and data, necessary to respond to requests, as well as any other personal data included in the message. Such data is understood to be voluntarily provided by the user at the time of the request for service provision.

COOKIES
As better specified in the “Cookie Policy”, the Website uses “cookies,” meaning short text fragments (letters and/or numbers) that allow the web server to store information on the client (the browser) to be reused during the same visit (session cookies) or later, during future visits (persistent cookies).

For more information, you can visit the Cookie Policy page where you can configure the types of cookies to be used (https://take-over.it/en/cookie-policy/).

PURPOSES AND LEGAL BASIS OF DATA PROCESSING
The User’s Personal Data provided through the Website will be processed for the following purposes:

a) purposes related to providing information about services available through the Website (e.g., contact requests via site forms, account registration, service provision, etc.);
b) purposes of statistical research/analysis on aggregated or anonymous data, without the possibility of identifying the user, to measure the functioning of the Website and its operational features, including troubleshooting;
c) purposes aimed at preventing or averting fraudulent activities or misuse that could harm the website or compromise operational security;
d) purposes related to compliance with a legal obligation to which we are subject;
e) purposes necessary for the establishment, exercise, or defense of legal claims or whenever judicial authorities exercise their functions;
f) purposes for sending advertising, informational, promotional material and periodic updates on initiatives, services, products, and events of Take Over srl (so-called marketing).

The processing of personal data for the purposes from a) to e) above does not require your express consent (Art. 24, letters a) and b) of the Italian Code and Art. 6 letters b) and e) of the GDPR) as they are part of a service contract, and the legal basis for the processing is the legitimate interest of the Data Controller to fulfill contractual obligations requested by the data subject.
The processing of personal data for the purposes outlined in f) above requires your express consent (Art. 23 of the Italian Code and Art. 7 of the GDPR).
This consent applies to both automated and traditional communication methods.
You will always have the right to object easily and free of charge, in whole or in part, to the processing of your data for these purposes, for example excluding automated contact methods and choosing to receive commercial communications only through traditional means.
The legal basis for this processing is the data subject’s consent.

DETAILS ON PERSONAL DATA PROCESSING
Personal Data is collected for the following purposes and through the following services:

Direct contact
Contact form
By filling in the contact form with their Data, the User consents to its use to respond to requests for information of any nature indicated in the form’s header.
Personal Data collected: email, first name, last name, phone number.

Phone contact
Users who have provided their phone number may be contacted for informational or promotional purposes by Take Over srl, as well as to fulfill support requests.
Personal Data collected: phone number.

Interaction with social networks and external platforms
These services allow interaction with social networks or other external platforms directly from the website pages.
The interactions and information acquired are subject to the User’s privacy settings for each social network.
If a service for social interaction is installed, it may collect traffic data for the pages on which it is installed, even if the Users do not use the service.

Like button and Facebook social widgets (Facebook, Inc.)
The “Like” button and Facebook social widgets are interaction services with the Facebook social network, provided by Facebook, Inc.
Personal Data collected: Cookies and Usage data.
Processing location: USA – Privacy Policy.

Embedded YouTube videos (Google Inc.)
Embedded YouTube videos, i.e., videos present directly on the website, are interaction services with the YouTube social network, provided by Google Inc.
Personal Data collected: Cookies and Usage data.
Processing location: USA – Privacy PolicyTerms of Use.

Google Maps (Google Inc.)
Google Maps on the website are interaction services with the Google Maps system, provided by Google Inc.
Personal Data collected: Cookies and Usage data.
Processing location: USA – Privacy PolicyTerms of Use.

Platform monitoring
These services allow the website to monitor its use and behavior in order to improve performance and functionality, perform maintenance or resolve problems.
The Personal Data processed depends on the features and implementation method of these services, which by nature filter website activity.

Statistics
The services in this section allow the Data Controller to monitor and analyze traffic data and track User behavior.

Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected to track and examine website usage, compile reports, and share them with other Google-developed services.
Google may use the Personal Data to personalize ads in its advertising network. IP Anonymization is active on the website.
Personal Data collected: Cookies and Usage data.
Processing location: USA – Privacy PolicyOpt Out.

Directly collected statistics
The website may use an internal statistics system that does not involve third parties, for additional analytics purposes.
Personal Data collected: Cookies and Usage data.

OPTIONAL PROVISION OF DATA
Except as specified for browsing data, the user is free to provide the personal data indicated in the request forms or otherwise indicated in contacts with the Office to request orders, materials, information, or other communications.
Therefore, any refusal, even partial, to provide such data would make it impossible to establish and manage the relationship and provide the requested service.

PROCESSING METHODS

The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.
Data processing is carried out both through paper-based means and with the aid of automated electronic tools (via our IT system, in which case data will be recorded on protected electronic media) for the time strictly necessary to achieve the purposes for which the data was collected.

These media, whether electronic or paper-based, will be properly maintained and protected by us for the duration necessary for processing, using procedures suitable to ensure security and confidentiality, preventing data loss in compliance with the security measures outlined in Article 32 of GDPR 2016/679, and preventing unlawful or improper use and unauthorized access.

DURATION OF PROCESSING AND PERSONAL DATA RETENTION PERIOD

The collected data is processed for the time necessary to fulfill the purposes for which it was collected, and in any case no longer than the time prescribed by law.
Data required for tax purposes is retained until the audits for the corresponding tax period are completed, therefore for at least 10 years and longer if the related fiscal year is not yet time-barred.
At the end of this period, the data will be deleted or anonymized, unless there are additional reasons to retain it (e.g., warranty obligations, tax requirements).
Personal data that is no longer needed, or for which there is no longer a legal basis for retention, is irreversibly anonymized (and may thus be retained) or securely destroyed.

Below are the retention times in relation to the different purposes listed above:

  • Fulfillment of contractual obligations: Data processed to fulfill any contractual obligation may be retained for the entire duration of the contract and in any case no longer than the following 10 years, in order to verify any outstanding matters, including accounting documents (e.g., invoices).

  • Operational management and related purposes for website access: Data may be retained for the time necessary to evaluate the website’s functioning from the date we obtained your last consent for this purpose (excluding opposition to further communications), after which it will be destroyed or anonymized.

  • Customer satisfaction survey purposes: Data processed for this purpose may be retained for the time necessary to analyze the survey from the date we obtained your last consent for this purpose (excluding opposition to further communications).

  • Disputes: In the event we need to defend ourselves, act, or make claims against you or third parties, we may retain the personal data we deem reasonably necessary to process for such purposes, for the duration in which such claims can be pursued.

  • If the data was collected based on explicit consent, it will be processed until the consent is revoked or the provided service ends.

SOCIAL NETWORK PLUGINS

This site may also incorporate plugins and/or buttons for social networks, to allow for easy content sharing on your favorite platforms. These plugins are programmed so that no cookies are set upon access to the page, to safeguard user privacy.
Cookies may be set, as permitted by social networks, only when the user voluntarily uses the plugin.
Please note that if you are logged into a social network while browsing, you have already consented to the use of cookies conveyed through this site at the time of registration with the social network.
The collection and use of information obtained via these plugins are governed by the respective privacy policies of the social networks, which we kindly ask you to refer to.

  • Facebook

  • Youtube

  • Google Maps

  • Google My Business

DATA SUBJECT RIGHTS

We inform you that, in your capacity as a data subject, you have—pursuant to Articles 15 to 23 of GDPR 2016/679—the rights listed below, which you may exercise by submitting a specific request to the Data Controller and/or to the Data Processor, in addition to the right to lodge a complaint with a supervisory authority:

  • Art. 15 – Right of access
    The data subject has the right to obtain confirmation from the controller as to whether or not personal data concerning them is being processed, and, if so, to gain access to the data and information about the processing.

  • Art. 16 – Right to rectification
    The data subject has the right to obtain from the controller the rectification of inaccurate personal data without undue delay. Considering the purposes of the processing, the data subject also has the right to have incomplete personal data completed, including by means of a supplementary statement.

  • Art. 17 – Right to erasure (right to be forgotten)
    The data subject has the right to obtain from the controller the erasure of personal data without undue delay, and the controller is obliged to erase such data without undue delay.

  • Art. 18 – Right to restriction of processing
    The data subject has the right to obtain restriction of processing from the controller where one of the following applies:

    • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify its accuracy;

    • the processing is unlawful and the data subject opposes the erasure of the data and requests restriction of its use instead;

    • although the controller no longer needs the personal data for processing, it is required by the data subject for the establishment, exercise, or defense of legal claims;

    • the data subject has objected to processing pursuant to Article 21(1) pending the verification of whether the legitimate grounds of the controller override those of the data subject.

  • Art. 20 – Right to data portability
    The data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format, and has the right to transmit those data to another controller without hindrance from the original controller.
    In exercising the right to data portability, the data subject also has the right to have the personal data transmitted directly from one controller to another, where technically feasible.

  • Art. 21 – Right to object
    The data subject has the right to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them pursuant to Article 6(1)(e) or (f), including profiling based on those provisions.

  • Art. 22 – Right not to be subject to automated decision-making, including profiling
    The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects them in a similar manner.

DISCLOSURE AND DISSEMINATION

Your data will not be “disseminated” by us (meaning made known to unspecified parties in any way, including by making them available or accessible, unless specifically consented to separately by the data subject).

Your data may, however, be “communicated” (meaning made known to one or more specific parties) in the following cases:

  • to persons within Take Over srl authorized to process your data, particularly those in administrative departments;

  • to subjects who can access the data under legal, regulatory, or EU provisions, within the limits of such rules;

  • to subjects who need access to your data for purposes auxiliary to the relationship between you and us, strictly to the extent necessary for performing their assigned tasks;

  • to our consultants, to the extent necessary to carry out their role at Take Over srl, or in an outsourcing capacity, as external Data Processors under a formal assignment imposing confidentiality and data security obligations.

HOW TO EXERCISE YOUR RIGHTS

You may exercise your rights or withdraw your consent at any time by sending a communication to the addresses and following the procedures indicated below.

CONTACT DETAILS
All requests should be addressed to: amministrazione@take-over.it