Agreement for the supply of Software in SAAS Mode
Last updated: May 2020
This document contains the general terms and conditions for the use of the software denominated “Teyuto” in SAAS mode (hereinafter also referred to as “Software”).
Nature and acceptance of the TOS
We recommend that you read this document carefully before using the Software. The TOS constitutes the terms and conditions of contract pursuant to Art. 1341 of the Italian Civil Code and are therefore legally binding at the moment of the signing of this document, between yourself (hereinafter also referred to as Super User) and the company Teyuto S.r.l., a company incorporated under Italian law, with registered office in Florence (FI), Via Ippolito Pindemonte n. 63, VAT No. 06781570483, in the person of its pro tempore legal representative, email [email protected], PEC: [email protected] (hereinafter also referred to as Teyuto), whose object is the access and use of the Software. This document, including any Annexed Materials, is unconditionally and irrevocably concluded when the Super User clicks the “Sign up” button (or an equivalent phrase) during their registration to the Software, or when, after first accessing it, they continue to use the Software. Furthermore, the TOS apply also to any document attached herein or sent by Teyuto (either in printed form, or electronically), including but not limited to: informational material, support materials, configuration files, brochures, access guides, F.A.Q., etc. (referred to also as “Annexed Materials”). Therefore, in the event that the Super User no longer wishes (or in the event that the Super User is no longer in possession of the authorization required to act on behalf of their company/organization/professional studio) to accept, in whole or in part, this TOS, they are kindly asked to exit the Software or, in any case, interrupt their use of the Software, or further interrupt their registration and return, delete and/or cancel immediately any information on the Software and on the annexed Materials. The TOS governs whatever version, revision or update of the Software made available to the Super User by Teyuto. If subsequent versions of the Software contain terms and conditions that differ from this document, they will be subject to a further request for acceptance to the Super User in a separate document. In the event that the Super User wishes to use a specific service supplied by Teyuto within the Software, other special conditions may apply where specifically indicated, in addition to this TOS.
1.1 For the purposes of the TOS, the terms indicated blow, where capitalized, will have the meaning ascribed as follows (with the clarification that terms defined in the singular are to be understood as referring also to the plural and vice versa):
- “TOS”: this document, together with any attached documents and Materials (including, but not limited: financial offer, quote, specific Service implementation methods, etc.);
- “Software”: is the platform offered by Teyuto that allows Super Users, in SAAS (Software as a service) mode, to take advantage of some or all serviced indicated in the Annexed Materials – upon the payment of a fee;
- “Device”: is the device through which the Super User and Users may use the Software. The minimum requirements are available at the following Link.
- “Super user”: refers to you, or the natural or legal person that uses the Software exclusively through the Device, after reviewing and accepting this TOS;
- “Users”: refers to the final users of the Software to whom the Super User, thanks to the license granted by Teyuto, may allow the use of the software;
- “Account”: is the web space whose access is protected through credentials, located inside the Software and partially viewable by the Users.
2 [Object and duration of the TOS]
3 [Use of the Software, Account registration procedure and how to use it].
3.1 In order to use the Software, the Super User must register by connecting to the Software portal at the URL www.teyuto.com and follow the procedure indicated therein. At the end of the guided procedure, the Super User will be able to access the Software with his username (the e-mail address communicated during registration) and the password chosen by him. The Software provides the Super User with a web-based interface that allows access to the functions provided for the various profiles and levels of use. The Software can be accessed via secure and unique authentication, thanks to the use of a communication mechanism which protects documents from unauthorised viewing while allowing maximum flexibility in assigning access permissions.
3.2 Failure by the Super user to complete all the fields indicated as “mandatory” during registration shall make it impossible for him to use the services offered by the Software. The Super User undertakes to verify the accuracy of the data entered, releasing Teyuto from any claim for damages arising from such error. 3.3 The Super User may also register validly using alternative methods, only if this option is made available by Teyuto. When registering by these methods, the Super User declares that the data provided is true and assumes all civil and criminal liability for any falsity of the same. 3.4 The Super User agrees to use (and have others Users use) the Software only on the Devices indicated in this TOS as supported by Teyuto. 3.5 The Super User, after completing the registration procedure referred to in this article, may use all the services of the Software indicated as active, and may eventually opt for a further level of services, following the instructions provided therein. 3.6 The access credentials referred to in this article are personal, relative to the Super User and not transferable (not even free of charge). It is the Super user’s responsibility to take all appropriate measures to ensure the confidentiality of the access credentials to the Account. 3.7 Teyuto reserves the right to suspend and/or cancel the Super user’s registration at any time and to take legal action in the appropriate courts, if the data provided during registration is not true, correct, accurate and/or is issued in violation of the rights of third parties. 3.8 Teyuto may apply, for the duration of the relevant TOS, certain technological protection measures (hereinafter also referred to as ‘TPM’) within the Software to prevent unlicensed or unlawful use of the Software or to increase the security level of the Super User’s Account. The Super User expressly agrees that Teyuto may use such TPMs to protect the Software.
4 [Modification of TOS and Limitation of Liability]
4.1 this TOS may be subject to additions or changes in order to adapt them to any technical and/or operational changes made to the Software. Teyuto will inform the Super User of any changes with appropriate notices. However, it is advisable to check this document periodically in order to keep up to date with any changes. 4.2 Any updated versions, which will bear the date on which the update was made, will be promptly published in this document and will become effective immediately after publication. 4.3 If the Super User continues to use the Software after the changes have been made, the Super User implicitly accepts the TOS as modified by Teyuto. 4.4 Teyuto does not guarantee that the information contained in the Software is accurate, up to date or complete and Teyuto reserves the right (without assuming any obligation) to update or change such information at any time without notice and to communicate such information in the same manner as previously communicated. 4.5 Teyuto may include within the Software information provided by third parties, who remain solely responsible for communicating such information, including the obligation to verify the accuracy and correct updating of such information. 4.6 Teyuto shall not be liable for any incorrect information referred to in clause 4.5 above. 4.7 Teyuto makes no representation that the Software is suitable for the particular results or purposes expected by the Super User and expressly excludes any liability in this respect. By accepting this TOS, the Super User declares and confirms that he has checked the technical and economic characteristics of the Software and has found them to be fully compliant with his expectations and appropriate to his needs. 4.8 The Super User is responsible for all content shared and/or uploaded through the Software (personally and by Users). In particular, the Super User guarantees that the contents referred to in this article, in addition to not being contrary to legally binding regulations, are legally available to him (or a suitable release and/or intellectual property licence has been obtained) and do not violate any copyright, trademark, patent or other third party right deriving from law, contract and/or custom, exonerating Teyuto as of now from any burden of ascertaining and/or checking the truthfulness of such information.
The Super User, in any case, expressly undertakes to substantially and procedurally indemnify Teyuto, holding it indemnified against any loss, damage, liability, cost or expense, including legal fees, arising from economic claims that third parties may have on the content referred to in this article.
4.9 The Super User expressly acknowledges that all charges relating to compliance with his tax law-related deadlines are and remain his sole responsibility. 4.10 The Super User expressly acknowledges that it is not Teyuto’s responsibility to verify the content of the documents uploaded and/or managed through the Software or any tax compliance (or similar) resulting from the use of the Software. 4.11 The fulfilments and checks relating to the above article are and remain the exclusive responsibility of the Super User. 4.12 The Super User expressly acknowledges that he is solely responsible for any errors or omissions in the prices, quantities and other details of the products/services offered through the Software. The Super User expressly agrees to indemnify and hold Teyuto, keeping Teyuto undamaged by any loss, damage, liability, cost or expense, including legal fees, arising from any errors pursuant to this Article.
5 [Granting a Licence to a Super User]
5.2 The Super User may not, by way of example and without limitation: 1. circumvent the technological limitations of the Software; 2. de-compile or disassemble the Software; 3. publish (in analogue or digital format) the Software for duplication by third parties; 4. rent, lease or lend the Software; 5. transfer this licence to third parties. 5.3 The Software is licensed by Teyuto to the Super User “as is” and the Super User uses the Software at his own risk. Teyuto does not recognise any additional conditions or warranties other than those provided by Italian law. 5.4 The Super User may not transfer or sub-license the rights and/or the license under this TOS.
6.1 The Super User agrees to pay Teyuto for the provision of some or all of the service levels and/or features of the Software, in the amount and according to the terms set out on the website located at www.teyuto.com/pricing or in the Annexed Materials. 6.2 The amounts referred to in this article shall be paid as described on the website at www.teyuto.com/pricing. 6.3 If the delay in the payment of the sums referred to in this article exceeds 30 (thirty) days from the agreed terms, Teyuto may suspend and/or deactivate the Super User’s Account and the Super User shall also incur a penalty equal to 10% (ten percent) of the amount for which the terms have not been met.
7 [Reports and/or Complaints].
7.1 Any report and/or complaint may be sent by the Super User to the email address [email protected] or through a different procedure indicated by Teyuto. 7.2 Such communication must clearly state the Super user’s information, as well as a detailed textual description of the problem encountered (it is also advisable to send any documentation deemed suitable for the resolution of the issue). 7.3 Teyuto undertakes to provide a response to the report/complaint as soon as possible after receiving it.
8 [Personal Data Processing and Appointment of External Data Controller].
8.1 Any personal data communicated to Teyuto by the Super user will be processed, manually and electronically, exclusively for the fulfilment of the obligations deriving from the TOS or, in any case, for the fulfilment of the obligations provided for by the laws in force.
8.2 The provision of any personal data directly referable to the Super User is optional but, in case of refusal to provide such data, the correct fulfilment of the TOS could be jeopardized.
In this case, Teyuto will be exempt from liability for any damage or financial loss that the Super User may suffer. Teyuto informs you that it will process such contact data, if they contain personal data of the relevant persons (e.g., email contact data referring to natural persons, personal phone numbers, etc.), in compliance with Regulation No. 679/2016 of 27 April 2016 on the protection of individuals with regard to the processing and free movement of personal data, in particular Article 13 of the Regulation, also referred to hereinafter as ‘GDPR’). The legal basis for these processing operations is the performance of a contract (Art. 6.1-b of the GDPR) or, as the case may be, the performance of a legal obligation to which Teyuto is subject (Art. 6.1-c of the GDPR). Teyuto ensures that the Super User’s data will only be processed for the purposes of the proper fulfilment of contractual obligations and/or for any communication inherent to signed agreements. 8.3 Such personal data will not be disseminated but may be communicated to:
- subjects, public and private, who, where strictly provided for by law, can access the data by virtue of legal provisions, within the limits provided for by those provisions (by way of example only and not exhaustive: financial administration bodies, etc.);
- to subjects who need access to such data for purposes auxiliary to the relationship between Teyuto and the Super User, within the limits strictly necessary to carry out the auxiliary tasks entrusted to them and only after signing a confidentiality agreement;
- to Teyuto’s consultants, subject to a letter of authorisation/external manager from Teyuto itself imposing on them the duty of confidentiality and security in the processing of personal data referring to the Super user;
In any event, such personal data shall not be disclosed or, except as indicated above, communicated to third parties.
8.4 The GDPR confers on the Super User the option to exercise specific rights; in particular, the Super User has the right to obtain:
- confirmation as to whether or not his personal data is being processed and, if so, to obtain access to it (right of access, pursuant to Article 15 of the GDPR);
- the rectification of inaccurate personal data, or to complete any incomplete personal data (right of rectification, pursuant to Article 16 GDPR);
- the deletion of such data, if one of the reasons set out in the GDPR applies (right to be forgotten, pursuant to art. 17 GDPR);
- the restriction to processing of such data when one of the cases provided for by the GDPR applies (Right to restriction of processing, pursuant to art. 18 GDPR);
- the right to request a complete and up-to-date list of all Data Controllers and Authorised Persons responsible for processing such personal data.
8.5 Teyuto will retain such personal data for as long as necessary to fulfil the statutory obligations, resolve disputes and enforce the agreements concluded. Such personal data will therefore be kept, in accordance with the law, for a period of time not exceeding that necessary to achieve the purposes for which we are processing them. In any event, we shall take every care to avoid excessive storage of any data, by periodically checking our records.
8.6 You may exercise the aforementioned rights at any time by sending a simple request to this email address [email protected] We will contact or inform the Super User as soon as possible and, in any case, within 30 (thirty) days from the date of the request.
8.7 If the Super User believes that the data protection legislation has been violated with regard to the processing of any personal data relating to the Super User, the Super User is also entitled to lodge a complaint with the local data protection authority within the European Economic Area (‘EEA’). The Super user can find the contact details of each Authority, depending on the country in which he is located, by clicking on this Link.
8.8 The Super User (referred to hereafter, exclusively in this article and in the acceptance section at the end of the TOS, also as “Owner”) is the exclusive owner – or has obtained specific authorisation to use that data – of the processing of any personal data acquired, saved, processed and in any case handled by the Super User within its Account. Teyuto is required, limited to what it is obliged to do with the scope of the TOS and the operations all of which are indicated in detail in this article, to comply with the prescriptions given by the Super user on any data that may be processed.
8.9 Exclusively for the processing of personal data received and/or managed and processed by Teyuto in the provision of services covered by the TOS, the Super User, in his capacity as Data Controller, by signing this TOS designates and appoints Teyuto, pursuant to and for the purposes of Articles 28 and 29 of the GDPR (Reg. EU 2016/679), as “External Data Controller” for the sole processing operations of personal data that may be necessary for the fulfilment of the TOS in the capacity of system administrator, with exclusive regard to the performance, on such data, of all processing operations necessary for the supply of the Software application (Teyuto, exclusively in this article and in the acceptance section at the end of the TOS, shall forthwith be referred to as “External Data Controller”). 8.10 The designation of Teyuto as the External Data Controller, of which the Super User remains the sole and exclusive owner, is to be considered valid and effective for the entire duration of the TOS and for any renewals, even tacit, that may be made by the Parties.
8.4 As the External Data Controller, Teyuto declares to be in possession of the requirements set forth in articles 28 and 29 of the GDPR (EU Reg. 2016/679), as it is an entity that, due to its experience, capacity and reliability, is able to provide suitable guarantees of its full compliance with all provisions applicable to data processing, including the security level exclusively of the part of processing for which Teyuto is responsible pursuant to this TOS. Consequently, the External Controller confirms that it is directly and thoroughly aware of the obligations it assumes under the provisions of the same decree and undertakes to process personal data in compliance with the instructions received, as set out in the following paragraph.
8.11 The processing instructions with which Teyuto, as External Data Controller, undertakes to comply are as follows:
- the External Controller is authorised to process personal data exclusively for the part of the processing and for the set of operations to which, if any, it is required to perform in execution of the TOS, with reference, in particular, to the provision of the Software application in SaaS mode to the Super User;
- the External Controller must adopt the necessary security measures, both physical and IT, to protect the integrity, storing and confidentiality of the data, in particular that of the data defined as special by Reg. 679/2016, where provided for in the processing operations;
- the External Controller must appoint in writing the “Authorised Persons for the processing of personal data” pursuant to Reg. 679/2016, identifying them among the subjects, endowed with the necessary competences, operating under the direct responsibility of the External Controller itself, to whom the latter must provide appropriate and necessary instructions as required by the legislation in question.
- the External Controller must promptly inform the Data Controller, in relation to the processing operations listed above, of all relevant matters for the purposes of the applicable law (e.g., requests forwarded to the External Controller by the Italian Data Protection Authority, results of any investigations and/or controls, requests by the data subjects, etc.);
- the External Controller must assist the Data Controller in ensuring compliance with the obligations set out in Articles 32 to 36 of the GDPR (Reg. 679/2016): Art. 32: Security of processing, Art. 33: Notification of a personal data breach to the supervisory authority, Art. 34: Notification of a personal data breach to the data subject, Art. 35: Data Protection Impact Assessment, Art. 36: Prior consultation), taking into account the nature of the processing and the information available to the Data Controller.
8.12 The External Controller must also provide appropriate training to authorised persons on the obligations imposed by law and in particular on the security measures adopted.
8.13 The External Controller shall guarantee the fulfilment of obligations and duties, including formal ones, towards the Italian Data Protection Authority for the protection of personal data if requested and within the due limits, and shall promptly cooperate, as far as it is competent, with both the Controller and the Authority.
8.14 The Data Controller, in turn, undertakes to comply with the following:
- it shall issue information to the data subjects and collect the relevant consent from them, where necessary, as well as proceed to fulfil any further requirements pursuant to the legislation on the protection of personal data that have not been expressly entrusted to the External Controller and that have been specifically approved in writing by the latter;
- to indemnify, guarantee and hold undamaged the External Controller for any amount that the latter may be required to pay for any reason, as a result of the failures regarding the aforementioned requirements, which are the exclusive responsibility of the Data Controller or, possibly, of other data controllers other than the External Controller.
8.15 The designation and appointment of Teyuto as the External Data Controller (in its capacity as system administrator), contained in this article, shall be effective upon the conclusion of the TOS and shall cease when the TOS cease to be effective.
9.1 The technical computer terms contained in this TOS shall be interpreted according to common sense and the current meaning that they have in the relevant IT field.
10 [Intellectual Property, External Links and Document Ownership].
10.1 The Software is an intellectual work protected by the copyright law (Law No. 633 of 22 April 1941, and subsequent amendments and additions) for the protection of intellectual property. The owner of the rights to the Software is Teyuto who, subject to the full acceptance of the terms and conditions set out in this TOS, grants to the Super User free of charge the right, revocable in the manner set out in this article, to use the Software exclusively within the limits set out herein. 10.2 Reproduction, communication to the public, modification and any other act of use of the Software and Teyuto’s proprietary content for purposes other than and in addition to those granted in this TOS is prohibited. 10.3 The intellectual property rights over the Teyuto trademark and the domain name www.teyuto.com belong exclusively to Teyuto. 10.4 All other names, signs or other symbols in the Software may be trademarks of their respective owners. Unauthorised use of such marks may constitute an infringement of the rights of the respective owners and as such may be subject to prosecution. 10.5 The Software may use third party libraries (including open source libraries) for which Teyuto has purchased the respective licenses. By accepting this TOS, the Super User agrees to the terms and conditions of such third-party libraries. Teyuto is not responsible for the content of any third-party websites and/or services provided by third parties (or any links contained therein) – contained within the Software. 10.6 Further services that may be offered by Teyuto and accessible to the Super User through links outside the Software will be managed and regulated by further specific documents as expressly indicated. 10.7 The documents uploaded and/or managed by the Super User within the Software remain the exclusive property of the Super User, who by signing this document consents that Teyuto carry out the operations necessary to perform the services requested. 10.8 By virtue of the TOS, the Super User allows Teyuto to use its logo, for information and/or communication purposes, both on Teyuto’s websites and on the Software presentation material.
11.1 Although the Software offered by Teyuto is not normally a vehicle for viruses, worms, trojans or other malware, it is not possible to exclude a priori that such malicious code may be conveyed through the navigation within the Software by the Super User. It is therefore the Super User’s sole responsibility to equip himself with the appropriate tools for safe navigation (e.g. constantly updated antivirus and firewall software, etc.).
12 [Limitation of liability].
- 1 Subject to the mandatory limits of the law, Teyuto’s liability for damages of any kind caused by Teyuto to the Super User during the execution of the Software shall, in any case, only be limited to cases of intentional misconduct or gross negligence on Teyuto’s part and and to the limit of a refund of 100% (one hundred percent) of the amount actually paid by the Super User up to that moment (by way of example only and not exhaustive: damages arising from inability to use the Software, business interruption, loss of data, loss of business information or other economic loss, damages caused to software and/or hardware, etc.).
12.2 In the event of damage or loss of the Super User’s data, Teyuto shall only be responsible for the normal data recovery operations (to be carried out by the end of the working day following the aforementioned event) in order to restore the data to its original state no later than 48 (forty-eight) hours prior to its loss or damage. It is the Super User’s responsibility to make periodic backup copies of the data contained in its Device (including, but not only: personal data, configuration files, data archive, etc.) and to check the integrity of such backup copies. 12.3 Subject to the mandatory limits of the law, Teyuto shall not be liable for any consequences on the Super User’s computer systems resulting from: I. the installation and/or use of software or services by the Super User on his computer system; II. changes to the hardware and/or software configuration made by the Super User on his computer system. 12.4 Teyuto is in no way responsible for any loss of data, disclosure of personal or sensitive data and any other type of damage directly or indirectly suffered by the Super User which is caused by malware on the Internet. 12.5 The Super User agrees to indemnify and hold Teyuto harmless from and against any and all losses, damages, liabilities, costs or expenses, including legal fees, arising out of or in any way connected with claims or allegations made by third parties in connection with the Super User’s use of the Software that happens in violation of the TOS (or in violation of any applicable law).
13 [Super User’s Responsibilities].
13.1 The Super user undertakes to use (and to let Users use) the Software in accordance with this TOS and, in any case, only for lawful purposes.
13.2 Any breach of this TOS by the Super User (and/or Users) may result in the immediate termination of the TOS pursuant to art. 1456 of the Italian Civil Code, as well as the blocking of access to the Software by the Super User, and exposes the latter to all liabilities provided for by law.
13.3 By signing this TOS, the Super User declares and confirms that he has checked the technical and economic characteristics of the Software, and that he has found them to be fully compliant with his expectations and adequate to his needs.
14 [No Waiver]
14.1 Teyuto’s failure to exercise any right, power or option provided in this TOS does not constitute acquiescence or waiver thereof.
15 [Invalidity or Partial Ineffectiveness of the TOS]
15.1 If any provision of this TOS is held by any court of competent jurisdiction to be void, voidable, invalid or otherwise unenforceable, in no event shall such nullity, voidability, invalidity or unenforceability affect the remaining provisions of this TOS, which shall remain in full force and effect.
16.1 The English language version of the TOS is the original version of this Agreement between Teyuto and the Super User. Any other translation will be provided by Teyuto for convenience only. The Italian version will always prevail in case of any differences between the Italian language version and the version translated into another language.
17 [Applicable law and competent court]
17.1 The interpretation and execution of this TOS, as well as the relationships between Teyuto and the Super User arising from them, are governed by Italian law, with the express exclusion of the application of any provisions of private international law under that legal system.
17.2 Except for the cases in which jurisdiction is mandated by law, and without prejudice to the provisions of article 18 below, all disputes arising out of or in any way related to this TOS shall be submitted to the exclusive jurisdiction of the Court of Bologna (Italy), with express waiver of any exception to such jurisdiction by the Super User.
18 [Conciliation and Arbitration].
18.1 For any dispute arising out of or in any way related to the TOS, Teyuto and the Super User (hereinafter also referred to as the “Parties”) undertake to carry out: 1. a compulsory attempt at mediation in accordance with the procedure indicated below; 2. in the event of failure of the mediation procedure, an arbitration procedure shall be carried out in accordance with the procedure indicated below.
18.2 The request for mediation shall be deemed to have been made at the time when a communication containing a description of the matter in dispute is sent in writing to the other party by registered letter with return receipt (or equivalent means). The attempt at mediation may be carried out according to the modalities that Teyuto and the Super User deem most appropriate for the purpose, also with the participation of a mediator appointed by mutual agreement or, in the event of disagreement, drawn from among those proposed, in equal number, by the Parties.
18.3 The mediation procedure shall be concluded within 30 (thirty) days from the deadline referred to in the previous paragraph. This term may be extended by mutual agreement of the Parties before expiry. At the expiry of the term, unless it has been extended, the attempt at mediation shall in any event be deemed to have been made. If the attempt at mediation is successful, the minutes of mediation, signed by the Parties, shall constitute a settlement agreement. 18.4 If the attempt at mediation referred to in this article fails, disputes arising out of or in connection with the obligations of this TOS shall be settled by arbitration in accordance with the rules of the Chamber of Commerce I.A.A. of Bologna, by a sole arbitrator appointed in accordance with such rules – which are freely available at the URL https://www.bo.camcom.gov.it/.
19 [Merger clause]
19.1 this TOS constitute a complete agreement between Teyuto and the Super User with respect to its subject matter and supersede and replace any prior written or oral agreement between the Parties on the same subject matter. 19.2 To the extent that the terms of any Annexed Material conflict with the terms of the TOS, the terms of the TOS shall prevail. 19.3 No amendment, addendum or other clause added to the TOS by Teyuto or the Super User shall be valid or enforceable unless specifically and expressly approved in writing by both Parties.
Pursuant to and for the purposes of articles 1341 and 1342 of the Italian Civil Code, the Super user declares to have read and understood and to expressly approve the following clauses of the TOS:
2 [Object and duration of the TOS]; 3 [Use of the Software, Account registration procedure and how to use it]; 4 [Modifications of TOS and limitation of liability]; 6 [Fees]; 12 [Limitations of liability]; 13 [Super user’s responsibilities]; 14 [No Waiver]; 15 [Invalidity or partial ineffectiveness of the TOS]; 17 [Applicable law and competent court]; 18 [Conciliation and arbitration]; 19 [Merger clause].
Last updated: May 2020
SCOPE OF APPLICATION
The Data Controller scrupulously respects the privacy of all users who access the website www.teyuto.com or the services linked to it (which we will hereinafter refer to collectively as the “Platform”), from any PC, application, mobile device, platform or other method of access or use.
In this information policy we want to describe to you in a transparent, detailed and comprehensive manner how we:
your personal information.
The legal basis on which this Policy is based is the European Data Protection Regulation no. 679/2016 of 27 April 2016 on the protection of individuals with regard to the processing and free movement of personal data, in particular Article 13 of the Regulation and Legislative Decree no. 101/2018.
WHAT THIS POLICY DOES NOT PERTAIN TO
We will modify the policy with additions or changes in order to bring it up to date with respect to the law and to adapt it to any technical changes made to the Platform or to any changes in the purposes or methods of processing your data. We will inform you of any changes with specific notices. However, we advise that you periodically check this page to remain up to date. Any updated version, which will be accompanied by its date, will be published on this web page and will become effective for you immediately after its publication.
PERSONAL DATA CONTROLLER
The data controller of your personal data for the Platform is the company Teyuto S.r.l. with a registered office in Florence (FI), at via Ippolito Pindemonte n. 63, C.F. and VAT No. 06781570483, e-Mail: [email protected] (in this document we shall also refer to the company as the “Controller”).
WHAT PERSONAL DATA WE COLLECT
When you use the Platform, we will only collect your personal data if you send it to us directly or through automated systems that allow the Platform to function properly. Some personal data is compulsory for us to identify you, others are optional but may be necessary in order for you to use certain services of the Platform.
In particular, we may collect your personal data in these categories:
- PERSONAL DATA THAT YOU VOLUNTARILY PROVIDE TO US
This is the data that you voluntarily provide to us, for example, when you send us an email to our email address indicated on the Platform or when you fill in our contact form.
In these cases, we will collect your personal data as necessary to respond to you, in addition to any data you have sent us in your communication. We will not disclose or communicate this data to third parties, nor will we use it to define your profile or personality. Finally, we will only keep it as correspondence.
The personal data that you may voluntarily provide us with are:
- data relating to the way in which you use the Platform;
- Identification data such as your name, last name, phone number, email address or other information that you send us via the forms on the Platform;
- information relating to your navigation within the Platform.
The legal basis for such processing is the performance of the contract (art. 6.1-b of the GDPR) or, as the case may be, the pursuit of the legitimate interest of the data controller (art. 6.1-f of the GDPR).
- PERSONAL DATA THAT YOU PROVIDE US WITH IN ORDER TO USE SERVICES ACCESSIBLE WITH CREDENTIALS
Some of the services of the Platform are reserved only for users who carry out the registration process. In order to complete the registration process, we need some of your personal data, in particular:
- your first and last name
- your e-mail address;
You must also provide us, where required, with a username and password to identify you. Any other personal data requested during the registration process is optional and is entirely up to you.
HOW WILL WE USE THEM?
We will use the data you provide to use the services accessible with your credentials, to perform the following activities:
- to invoice you for any paid services and/or purchases of products and/or services that you request from us;
- for any purpose strictly related to the performance of the services we offer you on the Platform.
The legal basis for these processing operations is the performance of a contract (art. 6.1-b of the GDPR) or, as the case may be, the performance of a legal obligation to which the Controller is subject (art. 6.1-c of the GDPR). If you do not provide us with this data, we will not be able to allow you to use some or all of the services we offer on our Platform. We will also use your data – only if you give us your consent to do so by ticking the box “I agree to the processing of my personal data for promotional and direct/indirect marketing purposes” – to send you updates on our activities (even when carried out in partnership/collaboration with other entities), in particular on services and events, on surveys and/or opinions and on other types of communication relating to the services we offer and for carrying out statistical research studies. Your consent to this type of data processing is optional (and can be freely modified even if you have previously given your consent, by sending a simple request to the e-mail address [email protected] or through any other method indicated by the Data Controller, without any further formalities) and your refusal will not make it impossible for you to participate in what is indicated in the above form. Your data may also be transmitted to the police and to judicial and administrative authorities, in accordance with the law, for the detection and prosecution of crimes, the prevention and protection from threats to public safety, as well as to allow the Data Controllers to exercise or protect their own rights or those of third parties before the competent authorities, as well as for other reasons related to the protection of the rights and freedoms of others.
- BROWSING DATA
The telematic and information systems that allow the Platform to function automatically acquire, in the course of their normal operation, some of your personal data pertaining to your browsing.
In particular, while you are browsing the Platform, we collect:
- your IP address
- the number of times you access the website
- the duration of your browsing;
- the name of your browser
- the pages you have viewed
- the date and time you logged in;
- other parameters relating to the operating system you used to connect.
HOW WILL WE USE IT?
We only collect your browsing data in order to obtain anonymous statistical information on how you use our Platform and to check that it is working properly. However, by their very nature, this data may allow us to trace back your identity, including through processing and association with other data held by third parties. Your surfing data are not used in any case for marketing purposes, to define your profile or personality, to send you advertising material, to carry out market research or commercial communications – and we will keep them only temporarily.
The legal basis for this processing is the pursuit of the legitimate interest of the data controller (art. 6.1-f of the GDPR).
METHODS OF PROCESSING
The processing of your personal data that you have communicated to us will be carried out by us, with or without the aid of electronic instruments, in accordance with principles of correctness, lawfulness and transparency, so as to protect your confidentiality and your rights at all times in compliance with the provisions of current legislation. This data will not be disseminated or communicated in any way to external parties, without prejudice to the obligations under the laws in force.
RECIPIENTS OF PERSONAL DATA
Unless otherwise specified in relation to the individual purposes of the processing as specified above, your personal data may be communicated to – or come to the attention of – data controllers/processors (including external entities), in relation to the skills and functions of each, in order to fulfil the purposes or to implement specific regulatory and/or contractual obligations. The personal data you have communicated to us are generally not communicated to other subjects, unless this is necessary for regulatory or contractual provisions or to fulfil specific obligations. In these cases, we may have to communicate your personal data to some of these subjects:
- internal and/or external consultants or collaborators, in order to comply with current legislation and/or for the performance of contractual services in dealings with the individual concerned (e.g., employment consultants, legal consultants, accountants, tax advisors, auditors, etc.) exclusively after appointment as external/authorised personal data controllers;
- judicial authorities or other public authorities, in compliance with the purposes of processing your data or for legal obligations.
You can request a full list of the data processors by sending an email request to this address: [email protected]
LOCATION AND POSSIBLE TRANSFER OF YOUR PERSONAL DATA
Your personal data is stored within the European Economic Area (also referred to as ‘EEA’). We also reserve the right to transfer your personal data to countries that provide us with an adequate level of security on the basis of adequacy decisions by the European Commission or on the basis of adequate safeguards provided by applicable law.
PROTECTION OF YOUR PERSONAL DATA
We use state-of-the-art encryption technologies and regular backups to protect the integrity and confidentiality of your data.
RETENTION PERIOD FOR YOUR PERSONAL DATA
We will also retain your personal data for as long as necessary to fulfil our legal obligations, resolve disputes and enforce agreements. Your personal data will therefore be kept, in accordance with the law, for a period of time not exceeding the period necessary to achieve the purposes for which we are processing it, in particular
- in relation to the management of the existing contractual relationship, the data will be retained for the time period defined by the reference legislation as well as, upon termination of the relationship, for an additional ten-year period for the retention of civil law data only;
- in relation to the management of the personal data that you may have communicated to us when you registered for our services that are accessible through credentials, for as long as such registration remains active.
In relation to the processing of your personal data for promotional and direct/indirect marketing purposes, and only if you have provided us with your specific (optional) consent, we will keep the data collected for the time strictly necessary for the management of the above-mentioned purposes in compliance with current regulations and based on the principles of fairness and the balancing our interests with your rights/freedoms. In the absence of specific rules providing for different retention periods, and in the absence of your new explicit consent, which you must give us as the upcoming deadlines approach, we will use your data for the purposes of promotion and direct/indirect marketing for a maximum of 24 months and then we will delete it.
In any case, we will take every care to avoid the indefinite use of your data, periodically verifying your interest in allowing us to process your data.
WHAT ARE YOUR RIGHTS
As a data subject concerned by the processing of your personal data, you have the right to ask us for:
- confirmation as to whether or not your personal data is being processed and, if so, to obtain access to it (right of access);
- rectification of your inaccurate personal data, or to complete any incomplete personal data (right of rectification);
- the deletion of your data, if one of the reasons provided for in the GDPR applies (right to be forgotten);
- the restriction of the processing of your data when one of the cases provided for by the GDPR applies (right of restriction);
- to receive your data in a structured, commonly used and machine-readable format and to transmit, where technically possible, such data to another data controller (right to portability).
- the right to withdraw consent to the processing of your data, at any time, without prejudice to the lawfulness of the processing that was carried out based on the consent given prior to the withdrawal and to object at any time to the processing for marketing or other further purposes (right to object)
- the right to object, on legitimate grounds, to the processing of your data, even if pertinent to the purpose of its collection;
- the right to object to the processing of your data for the purpose of sending advertising or direct sales materials or for carrying out market research or commercial communications.
AUTOMATED DECISION-MAKING PROCESS
Please note that you also have the right not to be subject to a decision based solely on the automated processing of your personal data that produces legal effects concerning you or significantly affects you in a similar way (unless such automated activity is necessary for the conclusion or performance of a contract between you and the Controller, is authorised by the law of the European Union or of the Member State to which we are subject as Controllers (which shall also specify appropriate measures to protect your rights, freedoms and legitimate interests) – or is based on your explicit consent).
You may exercise the above rights at any time by sending a simple request to this email address [email protected]
We will contact you or inform you as soon as possible and, in any case, within 30 (thirty) days from the date of your request.
If you believe that there has been a breach of data protection legislation with regard to the processing of your data, you also have the right to lodge a complaint with the local Data Protection Authority within the European Economic Area (‘EEA’). You can find the contact details of each Authority, depending on the country you are in, by clicking on this link.
Cookies are small text files that are installed by a website in the cache of the browser you are using (and therefore in the device from which you connect to the Platform, such as a PC, tablet, mobile phone, etc.) and which record certain information relating to your browsing activity.
If you do not disable the cookies, these data are communicated to the site that installed them each time you return to that site.
Cookies therefore allow the (temporary) recording of certain information relating to your preferences, but also allow for simplified browsing and greater ease in the use and effectiveness of the site you are visiting.
WHAT ARE THE DIFFERENT TYPES OF COOKIES
Cookies are divided into the following categories based on their duration:
- session cookies: these cookies are automatically deleted when you close your browser;
- persistent cookies: they are stored on your device for a certain period of time (e.g., to allow you to log in easily into the Platform, etc.).
and based on their implementation, they can be divided into:
- own cookies: created and managed directly by the Data Controller;
- third-party cookies: created and managed by parties other than the Data Controller and over which we have no control.
HOW TO PREVENT THE INSTALLATION OF COOKIES
You can prevent the installation of cookies, installation which is normally done automatically by most browsers, by deactivating the authorisation for cookies in your browser settings.
To understand the exact procedure to do so, we recommend that you click on the link for your browser:
- Internet Explorer;
- Google Chrome;
WHAT COOKIES DO WE INSTALL?
Teyuto S.r.l., a company incorporated under Italian law with registered office in Florence (FI), at Via Ippolito Pindemonte n. 63, VAT No. 06781570483, email: [email protected], PEC: [email protected]; installs on your device:
- TECHNICAL COOKIES: automatically some technical cookies (session and persistent), i.e., files that allow you to use the Platform correctly and easily:
- Own, technical and essential cookies: they allow you to navigate within the Platform – without them, the Platform may not function. Current legislation does not require your prior consent for the installation of these cookies, although we are required to indicate them in the information notice;
- Own, technical and persistent cookies: these cookies make it easier for you to browse the Platform by preventing the short information notice (so-called pop-up banner), which asks for your consent to the installation of cookies on your device, from being displayed to you again after your consent has been given (by clicking on the ‘OK’ button or other consent system that must be indicated to you)
- PROFILING COOKIES: only after you have given your consent,
We will install certain types of persistent profiling cookies made by third parties (for example, some cookies may be present in images, maps, videos, sounds, links to pages outside of the Platform, etc.), which have the task of profiling you in order to allow the sending of targeted advertising messages based on the preferences you have expressed when browsing the Platform:
- Google Maps: https://policies.google.com/privacy?hl=it;
- Google tag manager: https://www.google.com/analytics/tag-manager/use-policy/.
- Profiling cookies created by third parties and related to statistical services (session and persistent): these cookies allow us to know how you visit the Platform and allow us to assess and make any changes how the information and services may be used. These cookies allow us to know
- the number of visitors to the Platform;
- the average amount of time spent on the Platform
- the channels through which the Platform is accessed, the most visited sections, etc;
In order to carry out these operations, we use the Google Analytics service – a web analytics service, provided by Google. This system places cookies on your device and generates information about your use of the Platform which is transmitted to and stored by Google (the servers where it is stored may be in the United States – subject to the Privacy Shield). Google uses this information to:
- evaluate how you use the Platform;
- prepare reports on your activity;
- to provide other services relating to the activity of the Platform and internet usage;
Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
Google will not associate your IP address with any other data held by Google (we have turned off all features that share your personal data, except for the ‘Benchmarking’ feature that processes aggregate and anonymous data – https://support.google.com/analytics/answe r/1011397?hl=en) and have masked out part of your IP address.
- https://www.google.com/an alytics/;
- https://www.google.com/an alytics/learn/privacy.html.
You can find instructions for deleting or blocking detections through this service by clicking on this link: https://tools.google.com/dlpage/gaoptout?hl=it.
HOW YOU CAN MANAGE COOKIES
To check which cookies are installed on your device, and if necessary change your choices, you can change the privacy settings in the control panel of your browser and/or visit this site https://cookiepedia.co.uk/.
You can find more basic information on the privacy configuration of your browser by clicking on this link https://optout.aboutads.info/?c=2#!/.
You can also check, and if necessary change, your choices regarding ‘Online behavioural advertising’ (i.e. the method that allows third parties to send you advertising on the websites you visit, making them more in line with your needs and interests) and we recommend you visit this site where you can find the information and tools to perform these operations: www.youronlinechoices.eu.
If you disable the services that install cookies, we inform you that you may not be able to use the Platform in full.
HOW LONG DO COOKIES REMAIN INSTALLED FOR?
The duration of the cookies that are installed on your device depends on their nature:
Session cookies are deleted when you close your browser; persistent cookies may have different expiration dates set by the cookie’s creator. To check the lifetime of each cookie you can use tools such as ‘Wappalyzer’ (free to download by clicking this link https://www.wappalyzer.com/).