Privacy Policy

Privacy Policy

Privacy policy

Privacy Policy

In compliance with the obligations provided for by the European Privacy Regulation EU/2016/679 (GDPR) we hereby inform you about the processing of personal data freely provided by you and/or by other subjects communicated to Tecnasfalti s.r.l., in particular through:
- browsing web pages, using on-line services, filling in forms on our applications and within the sites:,,,,

The processing of data will be carried out in compliance with the privacy regulations in force and will be based on the principles of correctness, lawfulness and transparency and carried out in compliance with the principles of relevance, completeness and non-excessiveness.

  1. Identity and contact details of the Owner 
    Tecnasfalti s.r.l. - VAT no. 01043991007 Registered and operational office: Via dell'industria n. 12 Loc. Francolino 20080 Carpiano (MI)

Phone: +39 029885701                                            

Fax: +39 0298855702      

corporate website:

PEC: Legal Representative of the Data Controller: Eugenio Maria Canni Ferrari


  1. Contact details of the Data Protection Officer (DPO)          
    Data Protection Officer: Eugenio Maria Canni Ferrari telephone: +39 02 9885701 e-mail:


  1. Categories of personal data processed and methods of processing

In the course of browsing and using the Company's website, certain information may be collected and processed for the sole purpose of security and improving the service offered. The information collected mainly relates to interactions with the website, statistics on pages visited by the user, date and time of access, technology used by the user. Information may also be collected about the user's source and destination page.
In addition, some information is automatically collected (in anonymous, aggregate and pseudonymised form) using cookies and similar technologies when you browse the website. You can read more about our use of cookies in our "Cookies
If you decide to contact the Data Controller by filling in the forms in the "Contacts" section of the aforementioned websites, the information collected will include your name and surname, your home or residence address, e-mail address, telephone number, tax code, VAT number and the text you freely


4. Purpose of processing and legal basis

The personal data requested or acquired will be processed exclusively for the purposes and on the legal bases indicated below.



Legal basis

  1. Processing requests for information and contact, providing technical and commercial assistance and support services, formulated by filling in the form in the "Contacts" section.

Consent is not required as the processing is necessary for the performance of the service requested by the user or for the establishment and/or execution of the contractual relationship (art.6.1.b of the GDPR).

  1. To carry out activities related to the establishment, management and continuation of commercial and/or contractual relationships.
  1. For acting as an intermediary between the customer and the retailer when purchasing products on an e-commerce platform
  1. Creation and management of customer profile


  1. For the proper implementation, management, maintenance, security and improvement of the website, e-commerce platform and IT infrastructure.

Consent is not required as the processing is necessary for the pursuit of the legitimate interest of the data controller, security and maintenance (Art.6.1.f of the GDPR).

  1. Carrying out direct marketing activities; sending newsletters and commercial and/or technical communications; market surveys - conducted internally or with external companies - by email or telephone operator

Consent is required (Art.6.1.a of the GDPR).

  1. Processing of statistical data for market purposes

Consent is not required as the processing is necessary for the pursuit of the legitimate interest of the data controller and the data is processed only as aggregated data and without reference to user identifiers for market research purposes (art.6.1.f GDPR).

  1. To fulfil any kind of obligation required by laws, regulations or Community legislation.

Consent is not required as the processing is necessary to comply with legal obligations to which the Data Controller is subject (Art. 6.1.c GDPR)

  1. For the resolution of any legal disputes that may arise during the course of the relationship;

Consent is not required as the processing is necessary for the pursuit of a legitimate interest of the Controller to protect itself for breach of contract or other causes of damage (art.6.1.f GDPR);

The provision of personal data is generally optional. Only in certain cases, a refusal, albeit legitimate, to provide all or part of the above data, could make it difficult to access and use our web applications and online services and compromise the smooth running of the relationship with our structure (e.g. registration - and the provision of personal data, e-mail address, postal address, credit/debit card data or bank details and telephone number - is necessary to proceed with the purchase of products online).

In particular, failure to consent to the collection of personal data defined as compulsory and indispensable may make it impossible for you to access and use our web applications and online services, and result in our inability to carry out normal business operations and the regular provision of the products/services requested.

The data required from time to time are indicated in the data collection forms on the Site - e.g. by marking them with an (*) - and the consequences of not providing them are set out in the specific information on the data collection pages.


5. Processing methods

Your data may be processed both with the aid of computer systems, including automated systems, and on paper (e.g. for the management of purchases on the Site). The processing of your data may consist of the following operations: collection, registration, organisation and storage, consultation, use, processing, modification, selection, extraction, comparison, interconnection, transmission, communication, dissemination, cancellation, destruction, blocking and restriction.
In carrying out the processing operations, all technical, IT, organisational and procedural security measures will always be adopted, so that the minimum level of data protection required by law is guaranteed. The above methods, applied for the processing, will guarantee access to the data only to the persons specified in point 6.

6. Categories of recipients of personal data

The subjects or categories of subjects who may become aware of the personal data or to whom they may be communicated are the following:

  • Legal representative of the Data Controller, DPO, system administrator and employees and persons in charge of processing in the following areas: Management, Administration and Finance, Technical Area, Production, Logistics, Information Systems, Quality, Marketing and Sales.
  • Data processors include: consultants and IT and software companies, consultants and consultancy firms, freelancers, self-employed workers, agents and representative agencies, transport and logistics companies.
  • Judicial or supervisory authorities, administrations, public bodies and organisations (domestic and foreign), but exclusively for the purpose of fulfilling legal, regulatory or EU obligations, auditors and audit firms for the same purposes.

Personal data may also be disclosed, but only in aggregate and anonymous form and for statistical purposes.


7.  Profiling and/or personalisation tools

The company Tecnasfalti - Limited Liability Company, does not carry out any promotional and/or advertising communication activities without the prior express consent of the user

The Site uses "cookies", both technical (i.e. to facilitate navigation and use of the Site) and profiling (i.e. to analyse users and their behaviour and preferences, and to provide them with personalised advertising).

For a detailed explanation of the cookies used by the Website and how to disable them, please read our Cookies Policy


8. Retention and transfer of personal data abroad

Personal data is managed and stored on servers located within the European Union and the European Economic Area owned by and/or available to the Data Controller and/or third-party companies, duly appointed as data controllers.


In order to allow us to manage the website correctly and to fulfil our obligations, your personal data may be transferred to countries outside the European Union, such as Tunisia, the USA, the United Kingdom and San Marino.


9. Period of retention of personal data

The data will be collected and recorded only for the purposes described below and will be kept for a period of time strictly necessary for these purposes and in any case not longer than the period required by law.

10. Exercisable rights   
In accordance with the provisions of the GDPR, you may exercise the rights set out therein and in particular

  1. You may at any time request from the Data Controller or the Data Protection Officer a copy of your personal data, information on the location where your personal data are processed and an updated list with the identification details of all Data Processors and System Administrators authorised to process your data.
  2. At any time, you may freely revoke the consent given, without any charge and prejudice to the lawfulness of the processing carried out up to that moment, and exercise the following rights of the data subject vis-à-vis the Data Controller as provided for by the European Privacy Regulation EU/2016/679 of Access, Rectification, Cancellation, Limitation, Opposition, Portability and Complaint to the Privacy Guarantor.

The request can be made using the UNSUBSCRIBE functionality of the newsletters or by writing an email to


11. Who can you turn to with a complaint

If you consider that the processing of your personal data violates the provisions of the Regulation, you may lodge a complaint with the data protection authority (, or with the data protection authority of the country in which you normally reside or work, or of the place where the alleged violation occurred.


12. Applicable law

This Privacy Policy is governed by EU Regulation 679/2016 and the national legislation applicable to this case, insofar as such legislation will remain in force after the date of application of the Regulation (25 May 2018).

The Regulation ensures that personal data is processed with due regard for the fundamental rights and freedoms and the dignity of the data subject, with particular reference to confidentiality, personal identity and the right to protection of personal data.


13. Revision clause

The company Tecnasfalti - Limited Liability Company, reserves the right to revise, amend or simply update, in whole or in part, at its sole discretion, in any way and/or at any time, without prior notice, this Privacy Policy, also in consideration of amendments to laws or regulations on the protection of personal data. Changes and updates to the Privacy Policy will be notified to users by sending an e-mail to users registered on the Site and publishing it on the Site's Home Page, and will be binding as soon as they are published and communicated.

We therefore ask you to regularly access this section to check the publication of the most recent and updated Privacy Policy or to check your e-mail inbox.


The full text of EU Regulation 679/2016 is available on the website of the Italian Data Protection Authority