Who are we and what do we do with your personal data? 

TAS S.p.A., with registered office in Via Serviliano Lattuada 25, 20135 Milan, (hereinafter also the Data Controller), as data controller, is concerned about the confidentiality of your personal data and to guarantee them the necessary protection from any event that could put them at risk of violation.

For the purpose, the Data Controller puts into practice policies and practices regarding the collection and use of personal data and the exercise of the rights that are recognized by the applicable legislation. The Data Controller takes care to update the policies and practices adopted for the protection of personal data whenever this becomes necessary and in any case in the event of regulatory and organizational changes that may affect the processing of your personal data.

The Data Controller has appointed a Data Protection Officer (DPO) who you can contact if you have questions about the policies and practices adopted.

You can contact the DPO at the address

 How does the Data Controller collect and process your data? 

Personal information about you will be processed for:

 1) Browsing the site   

The processing of your personal data, such as navigation data eg. the IP address and cookies issued by browsing the website are processed by the Data Controller to follow up on the management of the site and to collect information of an aggregate nature.

Your personal data will in no way be disseminated or disclosed to indeterminate subjects.

 2) Communication to third parties and recipients  

The communication of your personal data takes place mainly towards third parties and / or recipients whose activity is necessary for the performance of the activities related to the aforementioned purposes, and also to respond to certain legal obligations. Any communication that does not respond to these purposes will be subject to your consent.

In particular, your data will be disclosed to third parties / recipients for:

  1. the performance of the service (e.g. IT service provider);
  2. communications to the financial administration, and to public supervisory and control bodies in respect of which the Data Controller must fulfill specific obligations deriving from the specific nature of the activity carried out;

The personal data that the Data Controller processes for this purpose are:

  • browsing data (IP address)

 3) Reasons for cybersecurity 

The Data Controller processes, also through its suppliers (third parties and / or recipients), your personal data (e.g. IP address) or traffic data collected, or obtained, in the case of services displayed on the website to a strictly necessary and proportionate extent. to ensure the security and ability of a network or servers connected to it to withstand, at a given level of security, unforeseen events or illegal or malicious acts that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted.

For these purposes, the Data Controller provides procedures for the management of the violation of personal data (data breach).

What are cookies and for what purposes they can be used   

A “cookie” is a small text file created by some websites on the user’s computer when the user accesses a particular site, with the purpose of storing and transporting information. Cookies are sent from a web server (which is the computer on which the visited website is running) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on the user’s computer; they are then re-sent to the website at the time of subsequent visits.

Some operations could not be performed without the use of cookies, which, in some cases, are therefore technically necessary. In other cases, the site uses cookies to facilitate and facilitate navigation by the user or to allow them to use services specifically requested.

Cookies can remain in the system even for long periods and may also contain a unique identification code. This allows the sites that use them to keep track of the user’s navigation within the site itself, for statistical or advertising purposes, to create a personalized user profile starting from the pages that the same has visited and show him and / o then send him targeted advertising (so-called Behavioral Advertising).

Which cookies are used and for what main purpose 

The Data Controller reports below the specific categories of cookies used, the purpose and the consequence that derives from their de-selection:

Third-party cookies  

Third-party cookies are also operating on this website, i.e. cookies created by a website other than the one the user is currently visiting. 

To view the complete and always updated list of third-party cookies, deselect and enable cookies, consult the page cookie preferences”  

What happens if you don’t provide your data? 

We invite you to read the consequences of deselecting individual cookies, as shown in the table above.

How, where and for how long is your data stored? 

How we treat your data 

The processing of personal data is carried out through IT procedures by specifically authorized and trained internal subjects. They are allowed access to your personal data to the extent and to the extent that it is necessary for the performance of the processing activities that concern you.

The Data Controller periodically checks the tools by which your data are processed and the security measures envisaged for them, which it provides for constant updating; verifies, also through the subjects authorized to the processing, that personal data which do not need to be processed is not collected, processed, archived or stored; verifies that the data are kept with the guarantee of integrity and authenticity and of their use for the purposes of the treatments actually carried out.

Where we process your data 

The data is stored in computerized and telematic archives located within the European economic area.

Personal data (name, surname, email, company to which it belongs) entered for subscription to the newsletter are stored in computer and electronic archives located outside the European Economic Area, specifically in the USA. The Data Controller guarantees compliance with the appropriate security measures, for more information you can write to the address 

How long we process your data 


We invite you to read the retention terms of personal data as indicated in the previous table.


Personal data is provided for the time necessary to allow navigation of the site and in any case no later than 2 days necessary, except in cases in which authorization is required, except in cases in which intervention is required, except in cases in which it is intervention is necessary, also in collaboration with third parties / recipients of the IT security activity of the Data Controller, to carry out any investigations on the causes that determined the event, as well as to protect the interests of the Data Controller relating to any liability related to use of the site and related services.

What are your rights? 

At any time and free of charge and without special charges and formalities for your request, you can:

  • obtain confirmation of the processing carried out by the Data Controller;
  • access your personal data and know its origin (when the data are not obtained from you directly), the purposes and purposes of the processing, the data of the subjects to whom they are communicated, the retention period of your data or useful criteria to determine it;
  • update or rectify your personal data so that it is always accurate and accurate;
  • delete your personal data from the databases and / or archives, including backups, of the Data Controller in the event, among others, in which they are no longer necessary for the purposes of the processing or if this is assumed to be illegal, and always if the conditions required by law; and in any case if the processing is not justified by another equally legitimate reason;
  • limit the processing of your personal data in certain circumstances, for example where you have contested its accuracy, for the period necessary for the Data Controller to verify its accuracy. You must also be informed, in a reasonable time, of when the suspension period has been completed or the cause of the limitation of the processing has ceased, and therefore the limitation itself has been revoked;
  • obtain your personal data, if received or processed by the Data Controller with your consent and / or if their processing takes place on the basis of a contract and with automated tools, in electronic format also in order to transmit them to another Data Controller.

The Data Controller must proceed in this sense without delay and, in any case, at the latest within one month of receiving your request. The deadline can be extended by two months, if necessary, taking into account the complexity and number of requests received by the Data Controller. In such cases, the Data Controller, within one month of receiving your request, will inform you and will inform you of the reasons for the extension. To exercise your rights, write to

How and when can you object to the processing of your personal data? 

For reasons relating to your particular situation, you can object to the processing of your personal data at any time if it is based on legitimate interest, by sending your request to the Data Controller, at the address

You also have the right to have your personal data deleted if there is no legitimate reason overriding the one that gave rise to your request.

Who can you lodge a complaint with? 

Without prejudice to any other administrative or judicial action, you can lodge a complaint with the competent supervisory authority or the one that carries out its duties and exercises its powers in Italy where you have your habitual residence or work or if different in the State member where the violation of Regulation (EU) 2016/679 occurred.

Talk with Lia
Type your message here...