Privacy Policy


Information for interested parties (website users) pursuant to art. 13 of the European Regulation on the Protection of Personal Data (GDPR) n. 679/2016 and related provisions issued by the National and European Authorities

Privacy Protection

TFM Automotive & Industry SpA (hereinafter also TFM) is constantly committed to providing visitors with a web experience in full respect and protection of their privacy and welcomes you to the website

 We invite you to read our Privacy policy and to read this information provided pursuant to art. 13 of the GDPR (General Data Protection Regulation) n. 679/2016 – EU Privacy Regulation; it is aimed at those who interact with the web services directly provided by the writer and accessible electronically from the address; This information describes how to manage the aforementioned website and not other external websites that can be consulted by the user via links. Additional information may be provided within the different access channels.


The Data Controller of personal data – indication and contact details

Responsible for the processing of personal data and place of processing


Subjects external to the Data Controller who can manage your personal data in the name and on our behalf. List available at our office and can be requested using the above references.


The list of data processors possibly appointed as well as the system administrator (s) is available at the headquarters. The treatments connected to the web services offered by this site take place at the headquarters of the writer (as identified above) and possibly at the offices of the external Data Processors as well as at the other subjects appointed and authorized for this purpose (as better specified below) and are handled by natural and / or legal persons responsible for the management of the requested services, for the conservation and processing of data as well as for the necessary maintenance operations.

With the consent of the interested parties, if required by law, and in any case subject to adequate information specifying the various purposes, personal data may be disclosed to third parties, public and private, unrelated to the organization, who will treat them as independent owners ( or, where appropriate, responsible) of the treatment; in this regard, the Owner is in no way responsible, moreover, it does not assume any claim on:

  1. rules and methods for managing personal data from other websites, which can be reached from the pages of the website through links and / or references;
  2. contents of any e-mail services, web spaces, chat forums provided to users.


Legal basis for processing / Why do we process your data (basic purpose)?


  • Statistics
  • User Contact
  • Legislative and / or regulatory provisions
  • Sector-specific provisions
  • Instances received by the user


Personal Data is collected for the following purposes and using the following services:


The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.

Google Analytics (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualize and personalize the advertisements of its own advertising network.

Personal data collected: Cookies and Usage data.

Place of processing: USA – Privacy – Opt-out


 What data do we process and how?


Cookies (refer to the Cookie Policy) –

Navigation and usage data Name Surname –

E-mail address –

Requests made via the website

System log and maintenance



Personal Data may be entered voluntarily by the User, or collected automatically when using this Application. Any use of Cookies (see the cookie policy) – or of other tracking tools – by this Application or by the owners of third party services used by this Application, unless otherwise specified, has the purpose of identifying the User. and record the related. Failure by the User to provide certain Personal Data may prevent this Application from providing its services.

The User assumes responsibility for the Personal Data of third parties published or shared through this Application and guarantees to have the right to communicate or disseminate them, freeing the Owner from any liability to third parties.

Interaction with external social networks and platforms

These services allow interaction with social networks or other external platforms directly from the pages of this Application. The interactions and information acquired by this Application are in any case subject to the User’s privacy settings relating to each social network. In the event that an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.

Viewing content from external platforms

These services allow you to view content hosted on external platforms directly from the pages of this Application and interact with them. In the event that a service of this type is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.

System log and maintenance

For needs related to operation and maintenance, this Application and any third party services used by it may collect system logs, which are files that record the interactions and which may also contain Personal Data, such as the User IP address.


Method in which the processing takes place


Paper and IT supports



The processing of data concerning you takes place using manual and automated tools, with methods strictly related to the purposes indicated above and, in any case, in order to guarantee the security and confidentiality of your data. In case you wish to obtain further information, we remind you of the rights guaranteed to you as specified here.


When is the user obliged to give us their data?


Basic purpose: obligation

Other purposes (marketing / promotional): faculty

Request to receive explicit newsletter: obligation (otherwise it would not be possible to send it)


The types of personal data collected and processed on are those necessary for the provision of the services requested and in the remaining cases derive from the user’s navigation. We remind you that we also provide training services both in the traditional “classroom” mode and through the use of digital tools (remote training via video conference, e-learning, webinar etc …). It is therefore clear that, if such data were not provided, the services that require the use of these tools will not be provided. If you do not give your consent to the receipt of advertising information or direct sales or interactive commercial communication, your references will not be used for this purpose. Any voluntary sending of e-mails to the addresses indicated on the site involves the acquisition of the sender’s address as well as any other information contained in the message; such personal data will be used for the sole purpose of responding to requests.


Protection of minors


The processing of the data of minors is not allowed.


TFM does not intentionally collect personal information from minors. We do not allow minors to provide their own data on our site. In any case, if the parent or guardian of a minor believes that the minor may have provided personal information, you must contact us promptly. Should the organization learn that it has come in possession of personal information relating to a minor in spite of itself, it will immediately delete the aforementioned information from its databases and activate the necessary interventions. Should untruthful data be provided, TFM is held harmless from any liability and / or claim, subject to the checks to which it undertakes. Finally, please note that all minors must, in any case, receive due authorization from their parents or guardians before using or making public information on websites of any type except as specified in relation to our web space.


Categories of recipients to whom the personal data may be disclosed


  • employees and similar of the organization qualified as subjects “authorized to process” (administrative, commercial, marketing, system administrators, etc. …) and duly trained and monitored by the owner;
  • external subjects (e.g. agents, legal and administrative consultants, experts in sector regulations, technical service providers, hosting providers, information services companies, communication agencies, commercial partners where necessary to fulfill specific obligations, platforms for sending newsletters and / or information to the companies of the “Group” etc. …).


If necessary, in relation to further and particular services or products requested, personal data may be disclosed to third parties, independent data controllers (or, where appropriate, managers) of the treatment, for functions strictly connected and instrumental to the provision of services and / or answers to specific requests. In addition to the above, we specify in accordance with the law that your personal data may also be disclosed to subjects (eg advertising agencies and the like) carrying out in the name and on behalf of TFM (your data will not be disclosed to third parties for their commercial purposes unless with your consent) management operations of promotional campaigns also (and not only) by means of social networks, platforms, chat etc … always within the perimeters of legal and regulatory provisions. The list of operators as described above is available in an updated version at the TFM headquarters and upon request by e-mail at the address

Personal data will not be disclosed, unless the desired service requires it but may be disclosed to third parties to fulfill legal obligations, in execution of orders from public authorities entitled to do so or to assert or defend a right in the office. judicial. 



Retention period of personal data


10 years for the purposes of conservation in accordance with the law


The aforementioned terms could be reduced and / or increased (upon communication to the interested parties) in the case, for example, of indications from institutions and / or supervisory authorities.

Transfer to non-EU countries


The data controller may transfer your data to non-EU countries to use services, for example, for archiving or for the creation of mailing lists; naturally in this case TFM undertakes to provide adequate guarantees.



The transfer of personal data to countries outside the European Union may involve greater risks and as such must be adequately supervised. If the owner makes use of this possibility, he undertakes to collect all the supporting documentation in advance and make available to the interested parties in the same ways with which the rights can be exercised.

Complaint to the Guarantor Authority

The procedures at your disposal and protection (in addition to the exercise of your rights towards us) are:

  • Access from the website www.garante in the appropriate section dedicated to complaints in the competent case is the Italian Authority;


  • Respecting the procedures provided by the Supervisory Authority of the Member State (where different from Italy) in which the interested party usually resides, works or the place where the alleged violation occurred.

Your rights


Access – Limitation – Rectification – Opposition – – Withdrawal of consent – Cancellation (Oblivion) – Portability


Right of access: you can receive a copy of the personal data being processed at any time.

Right of limitation: it can be exercised not only in the event of violation of the conditions of lawfulness of the processing but also in the event that the rectification of the data is requested or the interested party objects to the processing; the Data Controller undertakes to mark the data in question during the period of its evaluation of what to do by means of organizational measures suitable for this purpose.

Right of rectification: you can obtain the correction of inaccurate personal data concerning you without delay and you can also obtain the integration of incomplete personal data also by providing a supplementary declaration.

Right to object: you can object at any time, for reasons connected to your particular situation, to the processing of personal data concerning you even if used for direct marketing and / or profiling.

Right to withdraw consent when issued, for example for marketing and similar purposes.

Right of cancellation (to be forgotten): it is possible to request the cancellation of data in an enhanced form, for example even after the withdrawal of consent to the processing of personal data by the interested party.

Right to portability: it does not apply to non-automated processing, therefore to paper archives and / or registers; Furthermore, only the data provided by the data subject to the Data Controller and processed with the consent of the latter or on the basis of a contract stipulated with the Data Controller are portable.

Which references to use to exercise the rights?

 Name: TFM Automotive & Industry SpA


Term and methods of response from the Data Controller to those who wish to assert a right inherent in their personal data


  1. 1 (one) month extendable up to n. 3 (three) months in more complex cases in written form



We represent that if you exercise your rights, the Data Controller must provide a written reply also through electronic tools that facilitate accessibility (orally only at the express request of the interested party) within the term of no. 1 (one) month which in particularly complex cases can be extended to n. 3 (three) months without prejudice to the obligation to provide feedback within one month of the request even in the event of refusal.

The Data Controller, having assessed the complexity of the request made by the interested party, can establish the amount of any contribution to be requested but only in the case of manifestly unfounded or excessive requests.

Changes to this information sheet

The Data Controller reserves the right to make changes to this information page at any time by giving notice to Users here. Therefore, please consult this page often, referring to the date of the last modification indicated at the bottom. In the event of non-acceptance of the changes made to this privacy policy, the User is required to cease using this Application and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous information sheet will continue to apply to the Personal Data collected up to that time.

Updated 06/05/2022