and permission for the use of personal data - Legislative
No.196, Art. 13
Toto Holding S.p.A. considers the 'privacy' of
its users to be of the utmost importance and guarantees that the
processing of personal data via the Toto website is performed respecting the fundamental rights, liberties and dignity
of the person concerned. The Company pays particular attention to matters of confidentiality,
personal identity and the right to protect personal data. To
this end, Toto Holding S.p.A. has adopted and
running of the website and the personal data of its
users. The policy was drawn up in compliance with Article 13 of the
'Italian Personal Data Protection Code' (Legislative
Decree no. 196/2003).
updates or revisions that may be necessary.
of 'personal data'
the purposes of this Policy, 'personal data' - as
better specified in Article 4 of the Code - means
'any information concerning a physical person, legal person,
body or association, identified or identifiable, even indirectly, by
reference to any other information, including a personal
not apply to personal data collected 'offline', unless
that personal data is combined with other personal data collected
online by Toto Holding S.p.A. Furthermore, this policy
does not apply to other websites belonging to third parties that
might be accessible via web link, as Toto Holding S.p.A.
does not manage and control the content of these sites.
Toto Holding may collect the following personal data through
its website: name, surname, address, email address, information
collected for statistical purposes during consultation of the site,
other information voluntarily provided by the user during online
registration or the compilation of specific fields and forms, and
information intended to improve and facilitate site navigation.
can access different sections of the website without releasing any
personal information. Toto Holding S.p.A. collects and
processes personal data online through its website or email address;
this processing occurs, for the most part automatically, via the
released voluntarily by users
Toto Holding S.p.A. collects personal information and other
data from registration forms or fields on the website, as well as
anything sent to Toto Holding S.p.A. by email. This data
might be information required to provide services requested by the
person concerned (e.g. Newsletter) and/or to contact the person
concerned (name, address, email address, telephone number, user ID
and password), or the user's date of birth, professional
credentials and hobbies and interests.
data collected by use of electronic instruments
information systems and software procedures set up to run the Toto Holding S.p.A. website acquire, as part of their normal
functioning, a series of personal information that is transmitted in
the use of internet communication protocols (e.g. the user IP address
or the domain name of the computer used to access the website, the
URI of the requested resource, the time of request or duration of
session, the method used to submit the query to the server, the size
of the file received in response to the request, the numerical code
concerning the status of the data response from the server and other
information concerning the operating system and IT environment of the
user). The Toto Holding website does not use technology
such as cookies or similar to collect and/or transmit the personal
data of its users. Toto Holding S.p.A. uses such
technology exclusively for the purposes of gathering statistical
information on the use of the website (e.g. total number of visitors
to the site, number of visitors per single page, original domain name
of internet service provider of visitors). More specifically, the use
of session cookies (which are removed from the user's computer
when the browser is closed) is strictly limited to the transmission
of information relevant to the user's session, of fundamental
importance for safe and efficient browsing of the website.
Furthermore, the use of these session cookies strictly excludes
recourse to other technical information that might be potentially
damaging to the confidentiality of the user's session and does
not permit the acquisition of their personal identification data.
Toto Holding S.p.A. does not use any kind of persistent
of collecting data
Toto Holding S.p.A. collects the personal data from its users
needed to enact the authorisation, activation and customisation
processes for access to the various areas and related content of the
Toto Holding S.p.A. website.
Toto Holding may use the personal data obtained online in
order to offer products and services, monitor the authorised access
system for data security and evaluate job applications sent by
candidates (CVs). Only at the express request of the person concerned
and by means of an online form may Toto Holding S.p.A.
suggest commercial offers and promote marketing initiatives through
Toto Holding S.p.A., as 'Data controller',
informs users that the data in question will be exclusively processed
and/or diffusion of personal data
personal data will be accessible to departments and employees of Toto Holding S.p.A., formally titled Data Supervisors or
staff responsible for processing. The use and forwarding of personal
data by external individuals and organisations that act on behalf of
Toto Holding S.p.A. is regulated by contracts that
ensure a sufficient level of personal data protection. Users'
personal data will be used and issued by Toto Holding
S.p.A. exclusively to individuals and organisations that work on its
Toto Holding S.p.A. manages the information contained on
its website in collaboration with other service providers and web
agencies, from which it may receive personal data concerning the
users of that information. This online collaboration is regulated
by specific contracts that ensure an adequate level of protection of
the personal data processed.
In some cases, Toto Holding S.p.A. may be bound to
release personal data concerning the users of its website, to comply
with contractual obligations under current regulations or to meet the
request for services by the person concerned; this release of
information may occur in the following cases:
online users have authorised the release of information;
Toto Holding S.p.A. needs to communicate information
concerning its users in order to provide services and fulfil the
requests of an online user;
Toto Holding S.p.A. needs to communicate information to
its partners who provide services for online users;
Toto Holding S.p.A. is bound, by judicial
authorities, to release information concerning users, or to conform
to local or international laws, regulations or mandates.
Other circumstances may arise, whereby for example Toto Holding S.p.A. decides, for commercial motives, to proceed with
sales, mergers or capital acquisition operations. In the sphere of
this reorganizational activity, personal data may be shared with
current or potential purchasers. In these circumstances, Toto Holding S.p.A. will obtain written guarantees that
personal data will be processed with a sufficient level of protection, in compliance with current regulations. With the
exception of cases explicitly permitted by law, or outlined in this
without the consent of the person concerned.
Toto Holding S.p.A. will not under any circumstances release personal data concerning users of its
website to unauthorised third parties.
compliance with the principle of necessity stated in Article 3 of
Legislative Decree 196/03, Toto Holding S.p.A.
guarantees that processing with electronic instruments occurs with
minimum use of personal data and is only used in
cases where it is absolutely necessary in order to achieve the
purposes for which the data was obtained. Furthermore, Toto Holding S.p.A. guarantees the adoption of and compliance
with specific security measures to prevent the loss of data, its illicit
or incorrect use and unauthorised access.
data will be archived by Toto Holding S.p.A. until the
person concerned requests its deletion; including data that does not need to be kept in order to fulfil the purpose it was collected for. This is has been
in observance of the rights sanctioned by Article 7 of
Legislative Decree 196/2003 and will occur as outlined in the
following paragraph 'Your Rights'.
is the responsibility of every single user to check and guarantee the
possession and safekeeping of their password and relative access
codes for web resources.
for personal data processing
Toto Holding S.p.A. will only process data concerning its
users/clients with their exclusive consent. However, where the user
does not consent to data processing or requests the deletion of their
data, they will no longer be able to access the restricted area of
the Toto Holding S.p.A. website.
Data Controller is Toto Holding S.p.A., with registered
office in Viale Abruzzo No. 410, 66100 Chieti (CH).
processing connected to web services provided by the Toto Holding S.p.A. website takes place at the Rome Office and is only
performed by the technical staff of the Office responsible for data
processing (e.g. Area Internet), or by potential external
collaborators (outsourcers) for the completion of occasional or
periodic technical operations (e.g. Database maintenance).
The user may
choose to provide or not provide personal data in the request and/or
registration forms on the Toto Holding S.p.A. website.
of such data may make it impossible to fulfil requests.
It should be remembered that in some cases
(not required for the standard running of this site), the Authorities
may require news and information under Article 157 of Legislative
Decree no. 196/2003, in order to monitor personal data processing. In
these cases it is obligatory to respond and those who fail to do so risk incurring
of the Toto Holding S.p.A. website can always contact
the Data Controller and/or Data Supervisor - indicated above -
to assert their rights as per Article 7 of Legislative Decree
196/2003 no. 196, which states:
A data subject shall have the right to obtain confirmation as to
whether or not personal data concerning him exists, regardless of whether it has been already recorded or not. Such data shall be communicated in intelligible form.
A data subject shall have the right to be informed:
Of the source of the personal data;
Of the purposes and methods of the processing;
Of the logic applied to the processing, if the latter is carried out
with the help of electronic means;
Of the identification data concerning data controller, data
processors and the representative designated as per Section 5(2);
Of the entities or categories of entity to whom or which the personal
data may be communicated and who or which may get to know the data
in their capacity as designated representative(s) in the State's
territory, data processor(s) or person(s) in charge of the
A data subject shall have the right to:
Update, rectify or, where interested therein, integrate the data;
Erase, make anonymous or block the data that has been processed
unlawfully, including data that does not need to be kept in order to fulfil the purpose it was collected and subsequently processed for;
Certification to the effect that the operations as per letters a) and
d) Be notified,in terms of their content, to the entities to
whom or which the data was communicated or disseminated, unless this
requirement proves impossible or involves a manifestly
disproportionate effort for the right that is to be
A data subject shall have the right to object, in whole or in part:
On legitimate grounds, to the processing of personal data concerning
him/her, even though it is relevant to the purpose it was collected for;
To the processing of personal data concerning him/her, where it is
carried out for the purpose of direct selling or sending advertising material or for the performance of market or commercial
compliance with the present documents, and in addition to the other
rights herein specified, Toto Holding S.p.A. offers
users of its website the following options:
gathering of personal data: the User may choose not to provide
online personal data to Toto Holding S.p.A., by
deciding not to insert or issue personal information in the
registration forms or fields online or by not using the personalised
services available on the Toto Holding S.p.A. website.
Some of the content and/or services on the Toto Holding S.p.A.
website are exclusively offered to users that provide personal
information or that use personalised services.
use and communication of personal data for different purposes:
access to certain sections of content and/or services on the Toto Holding S.p.A. website may require consent from the
user to use and release personal data for the purpose of
implementing contact lists and/or identifying and offering
supplementary services considered of interest for the user. Users
may limit further processing of this information, by verifying or
selecting the options to be set upon insertion of data. Furthermore,
information provided after initial registration can be modified or
deleted by changing the previous settings on the registration form
for the Toto Holding S.p.A. website, by accessing the
'Newsletter' section on the homepage. It is also
possible for users to access their personal data, released
and archived online and, where permitted, to update and modify
personal data online.
modified in order to adopt and/or comply with national, European or
international regulations or to adjust to technological innovation.
on this web page, and made constantly visible via web link on the
Toto Holding S.p.A. website, so that interested parties
may be fully informed of the use of their personal data released
through the Toto Holding S.p.A. website.
read this Policy upon every access to the Toto Holding
into force: 14 November 2012