Data protection

Information for the Processing of Personal Data Users/Customers (pursuant to and for the purposes of articles 13 and 14 of EU Regulation no. 2016/679) The Data Controller of the personal data listed below, pursuant to article no. 13 of EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data (hereinafter “Regulation”) informs that it will process your personal data collected on the occasion of the conclusion of a service contract or a request for information/assistance/commercial offer or other for the purposes and with the methods indicated below, in compliance with the aforementioned legislation, the principles of lawfulness, correctness, minimization, integrity, transparency, accountability and the confidentiality obligations to which the undersigned company is bound for the purposes of maximum protection of your privacy. The EU Regulation has the purpose of ensuring that the processing of personal data takes place in compliance with the fundamental rights and freedoms of natural persons, in particular the right to protection of personal data. “Processing” of personal data means any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, even if not recorded in a database, such as collection, recording, organization, structuring, storage, processing, selection, blocking, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, erasure or destruction. The processing will be carried out manually (e.g. collection of paper forms) and in electronic form or in any case with the aid of computerized or automated tools. 1. Type of Personal Data Processed The data processed by the Data Controller are: a) personal identification data: 1 ☒ name; 2 ☒ surname; 3 ☒ date of birth; 4 ☒ place of birth; 5 ☒ tax code; 6 ☒ address; 7 ☒ IBAN; 8 ☐ credentials; 9 ☒ telephone number/email address; 10 ☐ economic/financial data; 11 ☐ images; ☐ technical navigation data relating to the IP address; ☐ identification codes of the devices used by the user to use the site or services; b) special personal data: 1 ☐ biometric; 2 ☐ genetic; 3 ☐ health; 4 ☐ sexual orientation; 5 ☐ political orientation; 6 ☐ membership of trade unions; 7 ☐ racial origin; 8 ☐ religious or philosophical beliefs; c) judicial personal data: 1 ☐ criminal convictions/offences; d) type of possible profiling: 1 ☐ professional performance; 2 ☐ economic situation; 3 ☐ health; 4 ☐ personal preferences; 5 ☐ interests; 6 ☐ reliability; 7 ☐ behavior; 8 ☐ location/movements. Special personal data may be processed with the prior consent of the interested party. Otherwise, the data will be immediately destroyed. The personal data processed are relevant, complete and not excessive in relation to the purposes for which they are collected and subsequently processed. 2. Source of the personal data being processed The personal data being processed are those collected from the interested party. 3. Purpose of Data Collection (Art.13 Par.1 Letter C EU Regulation 2016/679) The data will be processed exclusively for the following purposes: a) Fulfillment of the obligations provided for by any applicable law, by a regulation or by the legislation of the European Union, in particular, for civil, contributory, accounting and tax purposes and storage for 10 years from the last relationship; b) management of the existing contractual/pre-contractual relationship and execution of the requested services (e.g. processing of requests for information sent from the contact forms of the site, provision of a service, commercial offers, technical assistance, other) and storage for 10 years from the last relationship; c) service communications and sending appointment reminders, via electronic or paper systems (e.g. sms, email, and letters) and storage for 10 years from the last relationship; d) pursuit of a legitimate interest by the Data Controller (e.g. for the exercise and/or defense of a right in court, administrative proceedings or in arbitration and conciliation procedures; to ensure the security of access to the Data Controller's premises, etc.); e) commercial and promotional communications (marketing) also through automated systems (e.g. SMS, email, letters) and storage for 10 years from the last relationship; 4. Legal Basis for Processing (Art.13 Par.1 Letter C EU Regulation 2016/679).

The lawfulness of the processing of personal data by and of the Data Controller is guaranteed as it complies with art. 6 paragraph 1 of the GDPR, in particular, the legal basis of the processing for: the purpose referred to in point 3.a) is the execution of legal obligations; the purposes referred to in points 3.b) and 3.c) above is the execution of a contract to which the data subject is party or the execution of pre-contractual measures adopted at the request of the same; the purpose referred to in point 3.e) above is the express consent of the data subject; the purpose referred to in point 3.d) above is the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject which require protection of personal data do not prevail, in particular if the data subject is a minor. 5. Processing Methods The processing will be carried out by persons in charge in manual and/or automated form in compliance with articles 30, 32 and 35 of EU Regulation 2016/679, also with the aid of electronic/IT/telematic and automated tools, or on paper, in compliance with the security measures referred to in art. 32 of EU Regulation 2016/679 by persons specifically appointed, in compliance with the provisions of art. 29 of EU Regulation 2016/679. The data will be entered in the Legally Mandatory Records and Registers for the purposes listed above. 6. Nature of the Provision of Data - Consequences of Refusal of Consent (Art.13 Par.2 Letter E) of EU Regulation 2016/679) In cases where the purposes referred to in letters a), b), c), d) of point 3 above apply, the Data Controller of personal data is not obliged to acquire the specific consent of the interested party, either because the processing is necessary to fulfill an obligation established by law, or because the processing is necessary for the execution and management of a contract to which the interested party is a party or to fulfill specific requests of the interested party or because the data processing responds to the legitimate interest of the Data Controller. Therefore, if the interested party does not intend to provide the personal data requested or necessary based on the foregoing, the consequence would be that of the impossibility of establishing or continuing the contractual/pre-contractual relationship or responding to the requests of the interested party. For the purposes illustrated in letter e) of point 3 above or for further and different purposes, the processing of personal data is optional and freely chosen and may only take place with prior express consent. 7. Communication of Data (Art.13 Par.1 Letter E) of EU Regulation 2016/679) With reference to art. 13, par.1, letter e) of EU Regulation 2016/679, the subjects or categories of subjects who may become aware of your personal data are indicated: Persons authorised to process by the Data Controller (employees and collaborators within the scope of their respective functions); Data Processors (external collaborators/consultants, companies that provide services for the Data Controller): by way of example and not limited to, business consultants and freelancers, including in association with each other, who collaborate with the Data Controller, accountants, auditors, administrative, tax and contractual consultants; etc. Joint controllers (client companies and network of entrepreneurs), where present; DPO (Data Protection Officer), where appointed; Any supervisory bodies. The data collected and processed may, therefore, be communicated exclusively for the purposes specified above. The list of data controllers designated by the Data Controller is available upon request of the interested party. Please note that for business needs, some of your personal data may be communicated to companies belonging to the same corporate group as the Data Controller, in line with Recital no. 48 GDPR according to which "Data controllers belonging to a business group or entities connected to a central body may have a legitimate interest in transmitting personal data within the business group for internal administrative purposes, including the processing of personal data of customers [...]". Outside of the hypotheses described above, the communication of personal data to third parties may only take place if expressly authorised by the interested party. We also inform you that your personal data will not be disclosed, except in cases provided for by law and/or regulations or in the event of express authorization by the interested party. 8. Transfer of Personal Data Pursuant to art. 13, paragraph 1, letter f) of EU Regulation 2016/679, we inform you that all data collected may be transferred to Member States of the European Union, to third countries not belonging to the European Union, to International Organizations, in the amand within the limits of articles 44 et seq. of the EU Regulation. 9. Rights of the interested party (chapter iii EU regulation 2016/679) At any time, you may exercise, pursuant to articles 15-22 of the EU Regulation, the following rights: art.15 Right of Access: the right to obtain from the data controller confirmation as to whether or not personal data concerning you are being processed; art.16 Right to rectification: the right to obtain from the data controller the rectification of inaccurate personal data concerning you; art.17 Right to erasure ('right to be forgotten'): the right to obtain from the data controller the erasure of personal data concerning you; art.18 Right to restriction of processing: the right to obtain from the data controller limited processing of your data where the accuracy of the personal data is contested, where the processing is unlawful and where you have objected to the processing; art 19 Right to receive notification from the Data Controller in the event of rectification or erasure of personal data or restriction of processing; art. 20 Right to data portability: obtain data portability, i.e. receive them from a data controller, in a structured, commonly used and machine-readable format, and transmit them to another data controller without hindrance; art. 21 Right to object: object to processing at any time, including processing for direct marketing purposes; art. 22 Automated decision-making relating to natural persons, including profiling: right to object to an automated decision-making process relating to natural persons, including profiling. The interested party may lodge a complaint with the Data Protection Authority, following the procedures and instructions published on the Authority's official website at Home - Privacy Authority. In exercising the rights referred to in art. 15-22 of the EU Regulation, the interested party may confer, in writing, a delegation or power of attorney with natural persons or associations. Requests may be forwarded to the Data Controller or to the DPO, if appointed, at the following email address: dpo@techem.it 10. Period of Retention of Personal Data (Art.13 Par.2 Letter A) EU Regulation 2016/679)) Pursuant to art. 13, paragraph 2, letter a) of the EU Regulation, we inform you that, in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of EU Regulation 2016/679, for the purposes referred to in point 3. above, the retention period of your personal data is established for a period of time not exceeding the achievement of the purposes for which they are collected and processed, in compliance with the times prescribed by law. The data processing will therefore have a duration no longer than that indicated in the individual purposes, however, if the interested party believes, for any reason, that the purpose of the processing has been exhausted, he/she may exercise his/her rights by sending a formal request to the address of the owner or the data protection officer. 11. Data controller and d.p.o. (data protection officer) (art.13 par.1 letter a) and b) EU regulation 2016/679)

The identifying details of the Data Controller are as follows:

TECHEM S.R.L., in the person of its legal representative p.t.,

with registered office in Rome, Via dei Buonvisi n. 61/D, 00148 Rome, C.F/P.IVA 11629910156, tel. 0665191810.

The identification details of the DPO (Data Protection Officer), the Data Protection Officer in charge, are as follows: Caterina Giglio, c/o Techem Srl, Via dei Buonvisi 61/D - 00148 Rome, e-mail: dpo@techem.it Data Protection Declaration (Privacy and Cookie Policy) Purpose, Data Protection, Data Controller, Hosting

What are personal data? Purpose This data protection declaration applies to the Techem Srl website (www.techem.it) for the data collected by this site. It does not refer to the sites of other providers which can be accessed e.g. through links, which apply their own rules. Please read this data protection notice carefully before using the Techem Srl website. With this data protection declaration we inform you, among other things, about how we handle your personal data and use cookies. By using the Techem Srl website, you accept these rules. Data protection Techem Srl takes the protection of personal data very seriously. We treat personal data as confidential, in accordance with the statutory data protection provisions and this data protection declaration. The use of our website is generally possible without providing personal data. If such personal data (for example name, address or e-mail address) is collected, the provision takes place on baif voluntary and there is no transmission to third parties without explicit consent. Please note that data transfer over the Internet (for example during communication via e-mail) may have security gaps. Complete protection of data against access by third parties is not possible. Data controller The controller of the personal data of visitors to our website is TECHEM S.R.L. Via Dei Buonvisi 61/d 00148 Roma (RM) C.F./P.IVA 11629910156 Tel. 06 6519 1810 Hosting The Internet presence is operated by SysEleven GmbH as a technical service provider on our behalf and according to our specifications. What are personal data? “Personal data” means any information relating to an identified or identifiable natural person, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. What information do we collect? How do we use it? Personal data that we obtain directly from you Personal data is collected on this site and subsequently saved, if provided voluntarily, for example, as part of registration, when filling out forms, by sending emails or by sending your application for a job position. We use this data for the purposes described or to respond to your requests. Promotional use of the data occurs only for self-promotion (including referral promotion). In addition, we use the personal data entrusted to us for marketing and market research, for contact and customer support. If necessary, we also ask you to participate in surveys that we use for marketing, market research or public opinion purposes. The communication of data to third parties (companies affiliated with Techem Srl are not to be considered as third parties in this sense) only occurs if it is necessary for the fulfillment of a contract. For the data that we use for marketing purposes, according to Article 4 No. 11 of the GDPR, consent (via opt-in) is "any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her". In simple terms, this means that: You must give us your consent voluntarily, without us exerting any form of pressure on you; You must know what you are giving your consent to, so we will make sure to provide you with sufficient information; You must give us your consent through a positive and unambiguous action. We will probably provide you with a box to tick so that this requirement is clearly met. Contact form If you send us inquiries using the contact form, the data entered in the form, including the contact details provided, will be saved to process the inquiries and for follow-up questions. We will not pass on this data without your permission. Detailed information on the processing of personal data for contact inquiries can be found at https://www.techem.it/contatti/form-di-contatto.html. The legal basis for the processing is your consent, which you give by submitting the form. The data you transmit to us in the customer portal will be stored and processed in the context of the contractual relationship. Sensitive data We ask you not to send or communicate to us sensitive personal data via the websites or by other means (for example, social security numbers, information on ethnic origin, sexual orientation, political opinions, religious or other beliefs, health, biometric or genetic characteristics, criminal records or trade union membership). Co-browsing The legal basis for the use of the co-browsing function is Art. 6 para. 1 lit. a GDPR, your consent. The IP address, date and time of the session are documented during the session. This data is deleted at the end of the session. You can revoke your consent at any time by terminating and leaving the session. Newsletter If you would like to receive the newsletter offered by the website, we need you to provide us with an e-mail address as well as information that allows us to verify that you are the provider of the e-mail address and that you have agreed to receive the newsletter. Any additional data is not collected. We use this data only for sending the requested information and do not pass it on to third parties. You can revoke the consent given to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example, by using the l link in the newsletter. Jobs and careers If you wish to apply for a job position, you can do so by sending your CV to the email address: careers@techem.it. Detailed information on the processing of personal data in CVs is available at https://www.techem.it/societa/lavoro-e-carriera.html. Personal data that we automatically collect on this site Each time you access the Techem Srl website or after receiving an email or clicking on the link within it, Techem may automatically collect some information about you, regardless of whether you use our services. When you visit this site, Techem only saves an abbreviated IP address of the accessing computer and the website from which you accessed it. During your visit, the access date, the names of the files queried, the URL, the HTTP request/response code, the access status, the access duration and the bytes transferred are saved. This information is used exclusively for statistical purposes, whereby individual users remain anonymous. Cookies All websites use so-called cookies to some extent. Cookies do not cause any damage to your computer and do not contain viruses. Cookies help to make our offers more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit to the site. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser during subsequent visits. You can configure your browser so that you are informed about the placement of cookies and can agree to the use of cookies in individual cases, exclude the acceptance of cookies in certain cases or in general and activate the automatic deletion of cookies when closing the browser. The functionality of this website may be limited if cookies are deactivated. Cookiebot We use the features of Cookiebot, a product of the Danish company Cybot A/S, Havnegade 39, 1058 Copenhagen, DK. Through these features, data from you can be sent to Cookiebot or Cybot, stored and processed. You can agree to the use of all or individual cookies or reject them. Technically necessary cookies cannot be deselected. Here you can change or withdraw your consent: Change your consent | Revoke your consent In the recommendation banner, in which you can select or deselect individual cookies, you always have an up-to-date and complete overview of the cookies used on our website and you decide for yourself which cookies you allow and which you do not allow. The Cookiebot banner will be displayed automatically if the user has not yet made a selection or if it has expired. What data does Cookiebot store? If you consent to the use of cookies, the following data will be transferred to Cybot, stored and processed: IP ​​address (anonymized) Date and time of consent The URL of our website Technical data of the browser Encrypted anonymization key List of cookies you have allowed Where and for how long will your data be stored? All data collected is transferred, stored and forwarded exclusively within the European Union. The data is stored in an Azure data center (cloud provider is Microsoft). All data relating to the user will be deleted by Cookiebot after 12 months from the user's consent or immediately after termination by Cookiebot. Cookiebot's privacy policy can be found here: www.cookiebot.com/de/privacy-policy/ Your data will only be stored for as long as is necessary for the respective processing purposes. If the data is no longer necessary for the fulfillment of the processing purposes stated in this data protection information, it will be deleted, unless its retention is still necessary to fulfill commercial or tax obligations. As a rule, your data will be deleted after these periods or the deletion period will be determined based on these criteria: Data relating to the customer account after termination of the relationship with the user; data relating to user behavior will also be deleted only after termination of the relationship with the user. Data relating to a customer service request will generally be deleted 10 years after completion of the process. Data relating to an application for an advertised position will be deleted 3 years after receipt of the CV viate. Possibility of appeal You can object to the collection and storage of the aforementioned data by rejecting the use of cookies in the displayed cookie banner or by rejecting the use of cookies in your browser settings. Applications and systems Techem websites use a variety of applications and systems. The following sections contain more detailed explanations of these. - Adobe Analytics - Adobe Cloud Services - Facebook Business Tools - Friendly Captcha - Google Adwords Conversion Tracking - Google Maps - LinkedIn - Marketo - YouTube Videos - Liferay - Tomcat Adobe Analytics Websites On this website we use the web analysis service Adobe Analytics from Adobe Systems Software Ireland Limited ("Adobe Analytics"). Adobe Analytics uses so-called "cookies", text files that are stored locally on your Internet browser to analyze your use of the website. If the information generated by the cookie about your use of the website is transferred to an Adobe server, the settings ensure that the IP address is anonymized before geolocalization and replaced by a generic IP address before it is stored. The IP address sent by your browser as part of Adobe Analytics is not combined with other data held by Adobe. You can prevent the storage of cookies by setting your browser software accordingly. You can also prevent the collection of data generated by the cookie (including your IP address) and related to your use of the website, as well as the processing of this data by Adobe, by downloading and installing the plugin at the following link: http://www.adobe.com/de/privacy/opt-out.html. You can also revoke or change your consent to cookies on our website (see the Cookiebot section). Adobe Cloud Services A web service of Adobe Systems Software Ireland Limited, 345 Park Avenue, 95110 San Jose (hereinafter: Adobe Cloud Services) is reloaded on our website. Adobe Cloud Services has certified itself as a party to the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). Alternatively, standard contractual clauses have been agreed for the transfer. Your browser can transfer personal data to Adobe Cloud Services (user templates). The legal basis for the processing of personal data by Adobe Cloud Services is Art. 6(1) sentence 1 a). 6(1) sentence 1 a) GDPR (your consent). You can change or revoke this legal basis at any time (Cookiebot Privacy Policy section). However, you can also prevent the recording or processing of your data by Adobe Cloud Services by disabling the execution of script code in your browser or by installing a script blocker in your browser. The data is deleted as soon as the purpose of its collection has been achieved. For more information on how the transferred data is handled, please visit the Adobe Cloud Services Privacy Policy: http://www.adobe.com/de/privacy.html. Adobe Cloud Services include Adobe Target and Adobe Analytics, which are explained in the following paragraphs. Facebook Enterprise Tools On our website we use the Facebook Pixel, an enterprise tool of Facebook Ireland Limited (Ireland, EU). For contact details of Facebook Ireland and for contact details of the data protection officer of Facebook Ireland, please visit the Facebook Ireland Privacy Policy at www.facebook.com/about/privacy. The Facebook Pixel is a JavaScript code that allows us to track the activities of visitors to our website. This tracking is called conversion tracking. In this regard, the Facebook Pixel collects and processes the following information (so-called event data): - Information about the actions and activities of visitors to our website, such as searching for and viewing a product or purchasing a product; - Pixel-specific information, such as the pixel ID and the Facebook cookie; - Information about the buttons clicked by website visitors; - Information provided in HTTP headers, such as IP addresses, web browser information, page location and referrer; - information about the opt-out/limitation status of display tracking. Some of this event data is information stored on the terminal device used by the user. In addition, Facebook Pixel also uses cookies to store information on the terminal device used by the user. Your consent is required for Facebook Pixel to store this information or to access information already stored on your terminal device. Tracked conversions appear in the dashboard of our Facebook Advertising Manager and Facebook Analytics. 

We can use tracked conversions to measure the effectiveness of our ads, set up custom audiences for ad targeting, dynamic ad campaigns and analyze the effectiveness of our website's conversion funnels. The functions we use via the Facebook Pixel are described in detail below. Processing of event data for advertising purposes The event data collected via the Facebook Pixel is used to target our ads and improve ad delivery, personalize features and content and improve and protect Facebook products. For this purpose, event data is collected on our website via the Facebook Pixel and transferred to Facebook Ireland. This only happens if you have given your consent. The legal basis for the collection and transfer of personal data by us to Facebook Ireland is therefore Art. 6(1) a) GDPR. 6(1) a) GDPR. The collection and transfer of event data is carried out by us and Facebook Ireland as joint controllers. We have entered into a data processing agreement with Facebook Ireland that sets out the division of data protection responsibilities between us and Facebook Ireland. In this agreement, we and Facebook Ireland have agreed, among other things, - that we are responsible for providing you with all information pursuant to Articles 13 and 14 of the GDPR on the joint processing of personal data; - that Facebook Ireland is responsible for ensuring the rights of data subjects pursuant to Articles 15 to 20 of the GDPR in relation to the personal data stored by Facebook Ireland as a result of the joint processing. The agreement between us and Facebook Ireland can be found at https://www.facebook.com/legal/controller_addendum. Facebook Ireland is the sole controller of the transferred event data. For more information on how Facebook Ireland processes personal data, including the legal bases Facebook Ireland relies on and how you can exercise your rights vis-à-vis Facebook Ireland, please see Facebook Ireland's Data Policy at https://www.facebook.com/about/privacy. Processing of event data for analytics purposes We have also commissioned Facebook Ireland to compile reports on the impact of our advertising campaigns and other online content (campaign reports) and to create analyses and insights about users and their use of our website, products and services (analytics) based on event data collected via the Facebook Pixel. For this purpose, we transfer the personal data contained in the event data to Facebook Ireland. The transferred personal data is processed by Facebook Ireland as our processor to provide us with campaign reports and analyses. Personal data is processed to create analyses and campaign reports only if you have given your consent. The legal basis for this processing of personal data is therefore Art. 6(1) a) GDPR. 6(1) a) GDPR. A data transfer to Facebook Inc. in the USA cannot be ruled out. . In this regard, please read the information in the section "Data transfer to third countries". You can object to the collection and storage of the aforementioned data by rejecting cookies in the displayed cookie banner (section Cookiebot Privacy Policy) or by rejecting the use of cookies in your browser settings (section Cookies). Friendly Captcha On our website we use the tool "FriendlyCaptcha", provided by FriendlyCaptcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany. To protect the website from spam and abuse, this tool is used for all contact forms. The function of the tool is to distinguish whether the data entered in the contact form has been entered by a human or whether a machine and automatic processing has abused the form. By using FriendlyCaptcha, we are able to block automated software. FriendlyCaptcha is a proof-of-work based CAPTCHA, whereby the user's device takes over the entire work process. In this way, FriendlyCaptcha does not transfer or process personal data. Google AdWords Conversion Tracking We use the online advertising tool "Google AdWords" and in this context Google Conversion Tracking, an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). When you click on an ad delivered by Google, a conversion tracking cookie is stored on your computer ("conversion cookie"). These cookies lose their validity after 30 days, do not contain any personal data li and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, both we and Google can perceive that you have clicked on the advert and have been redirected to this website. Each Google AdWords customer receives a different cookie. Cookies cannot therefore be tracked via the websites of AdWords customers. The information obtained via the conversion cookie is used to prepare conversion statistics for AdWords customers who have opted for conversion tracking. In this case, customers find out the total number of users who have clicked on their advert and have been directed to a website with a conversion tracking tag. However, they do not receive any information that allows users to be personally identified. If you wish to deactivate cookies for conversion tracking, you can set your browser accordingly (deactivation mode) to ensure that cookies are blocked from the following domain: googleadservices.com. This will prevent you from being included in the conversion tracking statistics. More detailed information and Google's privacy policy can be found at: https://www.google.com/policies/technologies/ads/. Alternatively, you can consent to or revoke cookies in our content management system the first time you visit our website in the consent banner, or at any time in the cookie settings (see Cookiebot's privacy policy). Google Maps Our websites use the Google Maps API to display geographic information. By using Google Maps, Google (Google Inc., 1600 Amphitheatre Parkway, Mountain View, California, 94043) also collects, processes and uses data about the use of Maps functions by website visitors. For more information on data processing by Google, please refer to Google's privacy policy at www.google.com/privacypolicy.html. The legal basis for the processing of personal data via Adobe Cloud services is Art. 6(1) sentence 1 a). 6(1) sentence 1 a) GDPR (your consent). You can change or revoke this at any time (see Cookiebot Privacy Policy). However, you can also prevent Google Maps from collecting or processing your data by disabling the execution of the script code in your browser or by installing a script blocker in your browser. LinkedIn Scope of data processing The controller has integrated components (plugins) of the LinkedIn Corporation on this website. LinkedIn is an Internet-based social network that allows users to be connected to existing business contacts and to make new business contacts. The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For data protection issues outside of the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible. Each time our website is accessed and a LinkedIn component (LinkedIn plug-in) has been integrated into our website, the LinkedIn component prompts the data subject's Internet browser to download a display of the corresponding LinkedIn component. As part of this technical process, LinkedIn is made aware of which specific sub-page of our website is visited by the data subject. If the data subject is still logged in to LinkedIn, LinkedIn recognizes with every visit to our website by the data subject; in addition, LinkedIn recognizes for the entire duration of each visit which specific sub-page of our website the data subject visits. This information is collected by LinkedIn using the LinkedIn component and assigned to the respective LinkedIn account of the data subject. If the data subject clicks on a LinkedIn button integrated into our website, then LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data. If the data subject does not wish this information to be transmitted to LinkedIn, he or she may prevent this by logging off from his or her LinkedIn account before a call-up to our website is made. For more information about LinkedIn plugins, visit developer.linkedin.com/plugins. You can unsubscribe from LinkedIn emails, SMS messages, and targeted ads, as well as manage your ad settings, at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, who may place cookies.

You can view LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy.You can view LinkedIn's cookie policy at https://www.linkedin.com/legal/cookie-policy. Purpose of data collection and legal basis The data is collected using the LinkedIn Pixel in order to provide users with information about our company, our products and services, as well as to enable them to interact with us. The legal basis for data processing is based on the user's consent via the cookie banner (Art. 6(1) a) GDPR). You can object to the collection and storage of the aforementioned data by rejecting cookies in the displayed cookie banner (Cookiebot Privacy Policy section) or by rejecting the use of cookies in your browser settings. Storage The collected data is stored for 2 years, after which it is deleted. If you withdraw your consent, no further data will be collected and stored after the withdrawal. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent before the withdrawal. Options for preventing data collection If you do not give your consent in the cookie banner, no collection and storage of the data indicated in this section will take place in this context. Marketo Marketo is used as part of sending information. We also use Marketo to collect statistical data on the use of our website offering and communication measures, to optimize our offering accordingly, as well as to carry out email marketing. The processing takes place on a partially automated basis to evaluate certain personal aspects. Marketo collects the user's IP address and uses it to track and analyze the use of the website and to provide specific information based on the user's interests. The information generated by the cookies is transferred to a Marketo server (located within the EU/EEA) and stored there. Marketo uses this information on our behalf to evaluate how registered users use the website and to compile reports on website activities. If the information collected is transferred to third countries, this is done on the basis of standard contractual clauses. Further information on Marketo's data privacy can be found at: https://legal.marketo.com/vertrauen/legal/datenschutz/. The legal basis for the processing of personal data with Marketo is Art. 6(1) sentence 1 a). 6(1) sentence 1 a) GDPR (your consent). You can change or revoke it at any time (Cookiebot Privacy Policy section). YouTube videos Our websites use the YouTube embedding function to display and play videos from the provider "YouTube", which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This video is integrated into YouTube's extended data protection mode, which blocks the setting of YouTube cookies until you actively click on "Play". By clicking the "Play" button, you agree to YouTube placing cookies on your terminal device, which can also be used to analyze your usage pattern for market research and marketing purposes. For more information on YouTube's use of cookies, please refer to Google's Cookie Policy at https://policies.google.com/technologies/types?hl=de. For more information on YouTube's data privacy, please refer to the provider's data privacy policy: https://www.google.en/intl/de/policies/privacy. Server Log Files The web service provider automatically collects and stores information in so-called server log files that are automatically transmitted by your browser. These are: Browser type and browser version Operating system used Referrer URL IP address Host name of the accessing computer Time of the server request We reserve the right to check the data at a later time if there are indications of illegal use of the site. SSL encryption This website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us via the website. You can recognize an encrypted connection by the change of the browser's address bar from "http: //" to "https: //" and the lock symbol in your browser's address bar. When SSL encryption is active, the transmitted data cannot be read by third parties. 

the right to be informed about: the existence of your personal data stored, the origin, the recipients, the purposes of the data processing. You also have the right to object to the processing, request its limitation or request the deletion of the data. For questions regarding this topic or for other questions about personal data, please do not hesitate to contact us at privacy@techem.it. Right to appeal to a supervisory authority The data subject has the right to lodge a complaint with a supervisory authority. For Techem Srl, as well as its subsidiaries or affiliates, the supervisory authority is the Guarantor for the protection of personal data. Guarantor for the protection of personal data Piazza di Monte Citorio n. 121 00186 ROME Fax: (+39) 06.69677.3785 Switchboard: (+39) 06.696771 E-mail: garante@gpdp.it Opposition to promotional e-mails Techem Srl hereby objects to the use of the contact data published on a mandatory basis for sending promotions and information material that is not expressly requested. The site operator reserves the right to take legal action in the event of unsolicited sending of promotional information, for example through spam e-mails. Consent In some cases, we must obtain consent to the processing of personal data in relation to certain activities. Depending on the reason for which the data is strictly necessary, we may obtain such consent explicitly through the “Opt-in”. According to Article 4 (11) of EU Regulation 2016/679, consent (via Opt-in) is “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” In simple terms, this means that: Consent to data processing must be given voluntarily, without any form of pressure from Techem Srl; The user must be informed of the purposes for which he or she is providing consent to processing – Techem must ensure that it has adequately informed the user; The user’s authorization must be given in the form of a positive and unambiguous action. We will probably present a field where it is necessary to mark that this specification is clear and unambiguous. Your safety is our top priority. To protect the personal data processed by us against improper and unauthorized access and use, we have implemented extensive technical and operational security measures, which are regularly reviewed and updated. Insofar as data is processed by Techem in the context of centralized data processing, for the purpose of improving our customer service, or for technical reasons, we have ensured, through appropriate measures, that the data protection interests of our customers are taken into account in accordance with the provisions of the General Data Protection Regulation (GDPR). Please note that we take the greatest possible measures to ensure the secure transmission of data. Data transmission via the Internet, however, is not completely secure. The security of data transmitted to our websites cannot therefore be guaranteed. Should we change our data protection guidelines, we will publish the changes on this website. As a result, you can find out at any time what information we collect and how we use it. Upon written request, we will be happy to provide information about which data of the data subject we have stored. Your questions and comments on data protection and data security are welcome at Techem.

Data Protection Officer Caterina Giglio

Techem Srl Via dei Buonvisi 61/D - 00148 Rome

Mail: dpo@techem.it