ER TLC has decided to adopt since its establishment a Quality Management System in compliance with UNI EN ISO 9001 and to have it certified by a primary Certification Body. The objective is certainly to present itself to the market with all the “papers in order”, but also to guarantee the maximum attention to the development of the company processes towards the owners, employees, collaborators and Solution Partners towards the efficiency of the processes and the increase of Customer satisfaction.
The “Risk Based Thinking” approach is fully in line with the conviction that only by knowing and supervising the processes and the dynamics of their development can we determine the facts that could make the processes themselves ineffective. This knowledge makes it possible to implement in advance the necessary measures to ensure their elimination, the limitation of their impact and in any case the awareness of the necessary controls.
In order to implement and maintain a Quality Policy that is appropriate to the purposes and context of our Organization and that supports the strategic guidelines, ER TLC members are personally committed to ensuring the necessary resources for:
- provide products and services that meet the customer’s requirements, in compliance with applicable laws, regulations and standards;
- increase the number of Clients provided;
- conduct all business activities with respect for the environment and sustainable development;
- monitor the customer’s perception of the level of satisfaction with the products and services provided in order to determine opportunities to increase customer satisfaction;
- increase competitiveness by promoting the health and safety of its workers and partners;
- monitor and review the information that determines the context of the organization and the needs of stakeholders by identifying and considering the risks and opportunities to achieve customer satisfaction and an effective Quality Management System;
- enhancing people through continuous professional updating capable of motivating and empowering employees while ensuring continuous monitoring of their needs and expectations;
- collect and periodically examine the results of their training activities;
- privilege relationships with its suppliers, Solution Partners, and increase the quality of the relationship in a relationship of mutual benefit;
- periodically define new objectives that are both achievable and stimulating for the organization;
- carry out periodic reviews of the Quality management system to assess its suitability, adequacy and effectiveness as well as its alignment with strategic guidelines.
Our information security policy is based on the following principles:
Ensure that the organization is fully aware of the information it handles and assesses its criticality, in order to facilitate the implementation of appropriate levels of protection.
Ensuring secure access to information in order to prevent unauthorized processing or processing without the necessary rights.
Ensuring that the organization and third parties cooperate in the processing of information by adopting procedures designed to meet appropriate levels of security.
Ensure that the organization and third parties cooperating in the processing of information are fully aware of security issues.
Ensure that anomalies and incidents affecting the information system and corporate security levels are promptly recognized and correctly managed through efficient systems of prevention, communication and reaction in order to
minimize the impact on business.
Ensure that access to Client premises and individual company premises is only by authorized personnel, to guarantee the security of the areas and assets present.
Ensure compliance with legal requirements and compliance with security commitments established in contracts with third parties.
Ensure the detection of anomalous events, incidents and vulnerabilities of information systems in order to respect the security and availability of services and information.
Ensure business continuity and disaster recovery, through the application of established security procedures.
The information security policy is formalized SGSI, is constantly updated to ensure its continuous improvement and is shared with the organization, third parties and customers, through specific communication channels.
The Management, expressed by the 3 Members in the Management Committee, is committed to:
implement, support and periodically verify this Policy, to disseminate it to all persons working for the company or on its behalf and always to all interested parties, including suppliers and partners;
ensure the necessary resources for the effective protection of information;
define information security objectives
periodically review the objectives and the Information Security Policy to ensure their continued suitability, particularly with regard to:
significant business developments;
new threats compared to those considered in the risk analysis activity;
significant security incidents;
changes in the regulatory or legislative context regarding the secure handling of information.
This Application collects certain Personal Data of its Users.
Company Name: ER TLC srl
Registered office: P.zza G.Marconi , 15 , Rome, 00144
Email address of the Owner: firstname.lastname@example.org
The updated list of the persons in charge appointed by the Owner pursuant to art.28 of the above mentioned EU Regulation and of the persons authorized to the processing can be consulted at ER TLC S.r.l.’s head office.
Types of Data collected
Among the Personal Data collected by this Application, either independently or through third parties, are: First Name; Last Name; Email; Cookies; Usage Data.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Application.
Unless otherwise specified, all Data required by this Application is mandatory.
If you refuse to provide it, it may be impossible for this Application to provide the Service. In cases where this Application indicates certain Data as optional, Users are free to refrain from communicating such Data, without affecting the availability of the Service or its operation.
Should Users have any doubts about which Data is mandatory, they are encouraged to contact the Data Controller.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Application and guarantees to have the right to communicate or disseminate them, releasing the Owner from any responsibility towards third parties.
Methods and place of processing of the collected Data
The Owner adopts appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The processing is carried out by computer and/or telematic means, with organizational methods and logics strictly related to the purposes indicated.
In addition to the Data Controller, in some cases, other subjects involved in the organization of this Application (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, computer companies, communication agencies) may have access to the Data also appointed, if necessary, as Data Processors by the Data Controller.
The updated list of Managers can always be requested from the Data Controller.
Legal basis of the treatment
The Owner processes Personal Data relating to the User if one of the following conditions is met:
* the User has given his/her consent for one or more specific purposes; Note: in some jurisdictions the Data Controller may be authorized to process Personal Data without the User’s consent or another of the legal bases specified below, until the User objects (“opt-out”) to such processing. However, this is not applicable if the processing of Personal Data is governed by European legislation on the protection of Personal Data;
* the processing is necessary for the execution of a contract with the User and/or the execution of pre-contractual measures;
* the processing is necessary to fulfil a legal obligation to which the Data Controller is subject;
* processing is necessary for the performance of a task in the public interest or for the exercise of public authority vested in the Data Controller;
* the processing is necessary for the pursuit of the legitimate interest of the Owner or of third parties.
However, it is always possible to ask the Owner to clarify the concrete legal basis of each processing and in particular to specify whether the processing is based on law, provided for in a contract or necessary to conclude a contract.
The Data are processed at the headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, please contact the Owner.
The User’s Personal Data may be transferred to a country other than that in which the User is located.
For further information on the location of the processing, the User may refer to the section on details of the processing of Personal Data.
The User has the right to obtain information about the legal basis for the transfer of Data outside the European Union or to an international organization under public international law or formed by two or more countries, such as the UN, as well as about the security measures taken by the Data Controller to protect the Data.
The User may check whether one of the transfers described above takes place by examining the section of this document relating to the details of the processing of Personal Data or request information from the Data Controller by contacting him/her at the details given at the beginning.
Period of Retention
The Data are processed and stored for the time required for the purposes for which they were collected.
* Personal Data collected for purposes related to the execution of a contract between the Data Controller and the User will be retained until the execution of such contract is completed.
* Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User may obtain further information about the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.
When the processing is based on the User’s consent, the Owner may retain the Personal Data for a longer period of time until such consent is revoked. In addition, the Data Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period Personal Data will be deleted. Therefore, at the end of this period the right of access, deletion, rectification and the right to portability of the Data may no longer be exercised.
Purposes of the Processing of Collected Data
Data processing is carried out by the Supplier in the performance of its economic and commercial activities for purposes related to the establishment, management and execution of business relationships, including the management of the pre-contractual relationship. In particular, the Data provided by the data subjects will be processed, mainly by means of IT tools, for the following purposes:
1. the performance of obligations strictly related to the management of the Contract, including the administrative and accounting management of contracts, the management of payments and invoices, the provision of services and the management of customer support services. The provision of data for these activities is essential for the proper management of the Contract and does not require the consent of the interested party (art. 6(1)(b) of GDPR);
2. the performance of activities instrumental to the management of the Contract, including the planning of activities, the protection of the management of any litigation and debt collection for which the provision of data, where necessary, is optional and whose treatment is based on the legitimate interest of the Supplier;
3. the fulfilment of obligations deriving from the law, regulations or Community legislation (e.g. fiscal and accounting obligations) for which the provision of data is mandatory and the processing does not require the consent of the interested party (art. 6(1)(c) of GDPR);
4. the sending, in the event that users have expressed their consent at the time of activation of the service, or express it subsequently, and until the withdrawal of the same, communications of a commercial nature on their own products and services, or those of third party companies, including by automated means, for the purposes of direct sales, as well as for sending market research and for checking the degree of user satisfaction;
5. to carry out, if users have expressed their consent at the time of activation of the service, or express it subsequently, and until the revocation of the same, including through electronic means, activities of analysis of specific behaviors and habits of consumption, so as to improve the services provided and direct the commercial proposals of interest to the user, also offering third parties aggregate data summarizing the openings and clicks obtained through a tracking system through “cookies”.
The interested party may exercise, in relation to the processing of data described herein, the rights provided for
by GDPR (Articles 15-21), including:
* receive confirmation of the existence of the Data and access their content (access rights);
* update, modify and/or correct the Data (right of correction);
* request the deletion or limitation of Data processed in violation of the law, including those that do not need to be kept in relation to the purposes for which the Data was collected or otherwise processed (right to be forgotten and right to limitation);
* oppose the processing (right of opposition);
* revoke the consent, if given, without prejudice to the lawfulness of the processing based on the consent given before the revocation;
* submit a complaint to the Supervisory Authority (Guarantor for the protection of personal data www.garanteprivacy.it ) in case of violation of the regulations on the protection of personal data;
* receive an electronic copy of the Data concerning him/her as the Data Subject, when such Data have been rendered in the context of the contract and request that such Data be transmitted to another data controller (right to data portability).
In order to exercise these rights, the Data Subject may contact the Data Protection Manager by sending his request to email@example.com or by directing the communication by mail to:
ER TLC Srl
Piazza G. Marconi, 15
00144, Rome, Italy
Details of the right of opposition
When Personal Data are processed in the public interest, in the exercise of public powers vested in the Owner or to pursue a legitimate interest of the Owner, Users have the right to object to the processing for reasons related to their particular situation.
Users are reminded that, should their Data be processed for direct marketing purposes, they may object to the processing without giving any reasons. To find out if the Data Controller processes data for direct marketing purposes, Users may refer to the respective sections of this document.
How to exercise your rights
To exercise the User’s rights, Users may address a request to the contact details of the Owner indicated in this document. Requests are deposited free of charge and processed by the Owner as soon as possible, in any case within one month.
Further information on the treatment
Defense in court
The User’s Personal Data may be used by the Owner in court or in the preparatory stages for its possible establishment for the defense against abuse in the use of this Application or related Services by the User. The User declares to be aware that the Owner may be obliged to disclose the Data by order of the public authorities.
System Log and Maintenance
For operational and maintenance purposes, this Application and any third party services used by it may collect system logs, i.e. files that record interactions and may also contain Personal Data, such as the User IP address.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Answer to “Do Not Track” requests
This Application does not support “Do Not Track” requests. To find out whether any third party services you use support them, please consult their privacy policies.
Our Cookies Policy
ER TLC S.r.l.’s website collects information that may relate to the user, his preferences, or the Internet access device (computer, tablet or cell phone) and is mainly used to adapt the operation of the site to the user’s expectations, offering a better browsing experience and to send personalized promotional messages.
Below you can learn more about the various types of cookies used.
Without prejudice to the above, we use the following categories of cookies for our website and other online services:
1. Essential Cookies
These cookies are necessary for the proper functioning of our websites and to use and/or improve the various functions and/or services requested. Without these cookies it would not be possible to manage and automate, for example, user authentication and access to the reserved area of the website.
2. Analysis cookies
These cookies allow us to improve our websites by monitoring and analyzing user behavior, creating user profiles in order to make improvements and facilitate navigation.
For example, analysis cookies can help us keep track of which pages are frequently visited, what your preferences are, what products have already been displayed to prevent them from being repeated, whether or not the advertising that is published on the website is effective, whether and what difficulties you encounter in using the site.
Some of the browser and user information we currently collect includes:
* All cookies placed by Google in the last 6 months,
* How many mouse clicks did you make on that screen (or tap if on a touch device),
* The CSS information for that page,
* The exact date,
* The language in which the browser is set,
* Any plug-in installed in the browser,
3. Third party cookies and social media cookies
Our website may allow the use of third party cookies that may collect information about your movements on the Internet and, in particular, within our websites.
In addition, some pages on our website are characterized by the presence of so-called “social plug-ins”, which allow you to share our content on social media networks such as Facebook, Twitter, Youtube.
Renunciation of cookies
At any time, you may refuse to accept all or some of the cookies used on this website.