The information on the processing of personal data identifies the requirements for the collection of personal data and, in particular, the methods, times and nature of the information that data controllers must provide to users when they connect to web pages, regardless from the purposes of the connection.

This information is therefore provided, pursuant to art. 13 of EU Regulation 2016/679, relating to the protection of natural persons with regard to the processing of personal data, as well as the free circulation of such data and which repeals Directive 95/46/EC, to the user who interacts with this site, and not also for other websites that may be consulted by the user via links, and intends to inform about the personal data that is collected and the methods of the related processing, which must always take place correctly, lawfully and transparently, protecting the confidentiality and rights of the interested.

1. Data controller

The data controller of personal data is CENTRALE EVALUATIVA Srl, with registered office in Via Arduino, 11/B – 00162 Rome, CF 13667401007.

2. Object of the treatment

CENTRALE EVALUATIVA may process data relating to identified or identifiable persons.

ASSESSMENT CENTER raccepts the data of its members acquired through the site  https://tethys.farm/ or even verbally, directly or through third parties, classified as "personal data" by Legislative Decree no. 196/2003, as consolidated in August 2018, taking into account the amendments and repeals, and by EU Regulation 2016/679.

The personal data you provide are treated confidentially and are transferred to third parties solely as provided in this Policy, or with your consent.

In particular, we deal with:

1. personal, identifying and non-sensitive data (in particular, name, surname, tax code, VAT number, email, telephone number - hereinafter, "personal data" or also "data") directly provided by you when registering on the site web;
2. data not directly provided by you - and in any case acquired within the limits of the provisions of the art. 14, paragraph 5, GDPR - the transmission of which is connected to the use of Internet communication protocols (by way of example, accesses to the page, amount of data transferred, status message upon access, session ID numbers, IP addresses , URL addresses, etc.). These data allow us to reconstruct the path of your visits to the site.

3. Purpose of the processing

Your personal data is processed:

1. A) without your express consent (art. 6 letter b), e) GDPR), for the following Service Purposes:

• process a contract request;

• execute pre-contractual measures adopted at your request;
• develop internal statistics;
• fulfill pre-contractual, contractual and tax obligations deriving from existing relationships;
• fulfill the obligations established by law, by a regulation, by community legislation or by an order from the Authority;
• safeguard the vital interests of the data subject or of another natural person;
• carry out tasks of public interest or connected to the exercise of public powers vested in the data controller;
• prevent or discover fraudulent activity or abuse harmful to the website;
• pursue a legitimate interest of the Data Controller or of third parties, within the limits and conditions set out in the art. 6, letter. f) GDPR;
• exercise the rights of the Owner, (by way of example, the right of defense in court);

1. B) Only with your specific and unequivocal consent (art. 130 Privacy Code and art. 7 GDPR), for the following Marketing Purposes:

• send newsletters, commercial communications and/or advertising material via email on products and/or services, different and/or dissimilar to those already purchased, offered by the Owner.

4. Nature of the provision of personal data

The provision of your Data for the purposes described in point 2, letter. A), n. ie ii) is necessary in nature. In the absence of provision, we cannot guarantee your registration on the website, nor the possibility of processing your requests.

The provision of Data for the purposes described in point 2, letter. B), is instead optional in nature.

You may therefore decide not to provide any data or revoke the possibility of our processing of data previously provided. In this case, you will no longer receive our newsletters, while you will continue to receive our services and will retain the right to register on the site.

5. Treatment methods

The processing of your personal data is carried out by means of the operations indicated in the art. 4, no. 2) GDPR and precisely: collection, recording, organisation, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The processing of your data will be based on the principles of correctness, lawfulness and transparency and may also be carried out through automated methods aimed at storing, managing and transmitting them using suitable tools, to the extent reasonable and state of the art, to guarantee security and safety. confidentiality through the use of suitable procedures that avoid the risk of loss, unauthorized access, illicit use and dissemination.

6. Data retention period

The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for the "Service Purposes" and for no more than 2 years from the collection of data for the "Service Purposes". Marketing". After this retention period, the data will be destroyed or made anonymous.

7. Data access

The personal data processed by the Data Controller will not be disclosed, i.e. it will not be disclosed to indeterminate subjects in any possible form, including that of making it available or simply consulting it. However, they may be communicated to the workers who work for the Data Controller and to some external parties who collaborate with them. In particular, your data may be made accessible to:

1. employees and collaborators of the Owner, authorized to manage the site and provide the related services (for example: customer services, IT department, etc.), in their capacity as "Authorized to process personal data";
2. third-party companies or other subjects (by way of example: credit institutions, professional firms, consultants, insurance companies, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as "External Data Processors" .

Your data may also be communicated, within the strictly necessary limits, to subjects entitled to access it pursuant to legal provisions, regulations and community regulations.

8. Data communication

Without your express consent (art. 6 letter b), c) GDPR), the Data Controller may communicate your data for the purposes indicated to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom communication is mandatory for law for the fulfillment of the aforementioned purposes.

9. Data transfer

The management and storage of personal data will take place on the servers of the Data Controller and/or of third-party companies appointed and duly appointed as Data Processors, located within the European Union, or in compliance with the provisions of the articles. 45 et seq., GDPR. Currently the servers are located in France and Italy. The data will not be transferred outside the European Union. In any case, it is understood that, should it become necessary to transfer the location of the servers to Italy and/or the European Union and/or non-EU countries, such movement will always take place in compliance with the articles. 45 and following. GDPR.

In this case, however, the Data Controller hereby ensures that the transfer of non-EU data will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses. provided by the European Commission.

10. Browsing data

The computer systems and software procedures used to operate the site may acquire, during their normal activity, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified (i.e. parameters relating to the operating system and the IT environment of the user). These data are used by the Owner for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are deleted immediately after processing.

These data can also be used to ascertain responsibility in case of hypothetical computer crimes against the site.

11. Cookies

Cookies are small text files sent by a server to a user's device (generally to the Internet browser) when a page of a website is accessed. Cookies allow the web server to store information to be reused during the same visit to the site (session cookies) or later (persistent cookies). Cookies facilitate navigation of the site, allow the storage of pages visited and other specific information, such as pages consulted most frequently, connection errors, etc., and are stored based on user preferences, by the individual browser on the specific device used (computer, tablet, smartphone). Browsers (Internet Explorer, Mozilla Firefox, Google Chrome, Safari, etc.) are often set to automatically accept cookies. However, users can change the default configuration in order to disable or delete cookies, with the consequence, however, that the optimal use of some areas of the site may be precluded. Therefore, for optimal use of this site, it would be advisable for the user to configure their browser to accept the receipt of such cookies. Furthermore, during navigation, the user may also receive on his device cookies from different sites (so-called "third party" cookies) set directly by the managers of said websites and used for the purposes and according to the methods defined by them.

12. Rights of the interested party

In your capacity as an interested party, you enjoy the rights referred to in the art. 15 GDPR and precisely of:

1. obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet registered, and of their communication in an intelligible form;
2. obtain indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) of the logic applied in case of processing carried out with the aid of electronic instruments; d) the identification details of the owner and of the managers designated pursuant to the art. 3, c.1 GDPR; e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representatives in the territory of the State, managers or agents;
3. obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed; c) certification that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this requirement is proves impossible or involves a manifestly disproportionate use of means compared to the protected right;
4. object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator via email and/or via traditional marketing methods, via telephone and/or paper mail. Please note that the right to object

of the interested party, set out in the previous point b), for direct marketing purposes using automated methods extends to traditional ones and in any case the possibility for the interested party to exercise the right of opposition even only in part remains intact. Therefore, the interested party can decide to receive only communications via traditional methods or only automated communications or neither of the two types of communication.

Where applicable, you also have the rights referred to in the articles. from 16 to 21 GDPR (Right of rectification, right to be forgotten, right to limit processing, right to data portability, right to object), as well as the right to complain to the Guarantor Authority.

13. Methods of exercising rights

You have the right to ask the Data Controller for access to the data concerning you, their rectification or cancellation, the integration of incomplete data, the limitation of processing; to receive the data in a structured, commonly used and machine-readable format; to revoke any consent given relating to the processing of your personal data at any time and to oppose, in whole or in part, the use of the data; to lodge a complaint with the Authority, as well as to exercise the other rights recognized to you by the applicable regulations.

You may exercise these rights at any time by sending a registered letter with return receipt to EVALUATION CENTER with registered office in Via Arduino, 11/B – 00162 Rome, or through an e-mail to the address privacy@centralevalutiva.it

14. Minors

Where the person providing the data is under the age of 14, such processing is lawful only if and to the extent that such consent is given or authorized by the holder of parental responsibility for whom the identification data and copy of the data are acquired. identification documents.

Changes to this Policy

This information may be subject to change. The indication at the bottom of the page indicates the date on which the information was updated.

Rome, 04/01/2023