The information contained in this email and its possible attachments is strictly confidential. If you have received this email by mistake, we ask you to inform us urgently and at the same time to delete it permanently from your system.

Retaining, disclosing, distributing or copying - even partially - an improperly received message constitutes a behavior contrary to what is indicated by the General Data Protection Regulation (GDPR 2016/679/EU) and the Legislative Decree n.101 of August 10, 2018. We inform you that the personal data contained in this email will be managed in compliance with the GDPR 2016/679/EU and the Legislative Decree n.101 of August 10, 2018.

Privacy Policy - Information on treatment of personal data

For Italian, CLICK HERE

Aware of the importance of ensuring the security in the management of personal data (from now on Data), the Data Controller provides the following information to notify the Data Subject of the purposes, methods and, more generally, the characteristics of the management and processing of the Data. The Data Subject is any natural person, whether an employee, collaborator, candidate, customer or supplier, whose Data has been provided, collected and processed during the performance of the Data Controller's services and activities.

1. Reference Regulation

Legislative Decree 196/2003 of June 30, 2003 (from now on Privacy Code) and subsequent amendments; EU Regulation 2016/679 of April 27, 2016 (from now on GDPR) and subsequent amendments, relating to the protection of individuals and the processing of personal data (from now on Data)

2. Data Controller and Data Processor

The Data Controller, i.e. the person who determines the purposes, methods and means of the processing of Data, is TeaPak s.r.l. SB with headquarters in via Bicocca 15/L, 40026 Imola (BO), VAT number 02171691203, (from now on Company), in the person of its legal representative.

Given the nature of the organization and the quality of the data processed, it was not mandatory to set up a Data Protection Officer (DPO), however, the Company has decided to make use of a supervisory body composed as follows:

• Data Controller is identifiable in the person of the legal representative of the Company;
• Data Processors, i.e. key figures within the organization who process data on behalf of the Data Controller and whose functions are, among other things, to ensure compliance with the logical and physical maintenance of data, to ensure compliance with the maintenance of data relating to human resources and delegated to third parties and to prevent loss, unlawful or incorrect use and unauthorized access by third parties.

3. Subject of processing: personal data

They are any information that allows to directly or indirectly identify a natural person. By way of example but not limited to: name and surname, tax code, email address, images, telephone numbers, role held, company and navigation data such as IP addresses, URLs, domain names of computers and terminals used.
Data are collected through spontaneous supply by the interested party, such as when applying for a job or establishing a working relationship or through social network platforms. In addition, the Company may become aware of Data relating to members of corporate bodies at the time of verification and qualification of possible or former clients and/or suppliers or through data from the navigation on its websites and social networks.

4. Purposes of the treatment

The Data are processed, even without the express consent of the Data Subject, for the following purposes:

• Research, evaluation and selection of personnel for a possible establishment of an employment relationship;
• Implementation of qualification procedures of a possible or already existing supplier;
• Pre-contractual negotiations and execution of contracts of any kind;
• Organizational and commercial management;
• Internal statistical analysis;
• Response to reports, questions and requests from the interested party;
• Ensuring the technical functioning of the website and social networks;
• Compliance with legal obligations of law and/or regulations in civil, fiscal and accounting;
• Legitimate protection of operations, privacy, security and property of the Data Controller, as well as to protect the Company's rights in and out of court;
• Fulfillment of legal obligations.

5. Processing methods

The Data Controller undertakes to implement appropriate technical and organizational measures to ensure that processing is carried out following the GDPR, according to the principles of lawfulness, correctness and transparency and within the limits of confidentiality and security outlined in art. 5. As specified in paragraph 2 of this policy, to which reference is made in the section on the function of the Data Processors, the Company therefore undertakes to put in place - primarily through these figures - all necessary procedures, technical and organizational, for the proper processing of Data.
The processing of the Data may take place through paper, computer, telematic instruments or any other support considered suitable and is carried out through the methods indicated in art.4 of the GDPR i.e. ,any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

6. Disclosure of Data

The primary purpose is not the disclosure of the Data; however, they may be shared, to carry out the purposes indicated in paragraph 4 of this policy, with:

• Its employees and collaborators who will act as delegated, designated or authorized employees to process the Data;
• Members of the Controlling Bodies and other companies of the Group of which TeaPak Srl is part;
• Banking institutions, legal firms, consultants, auditors and - in general - other third parties who perform outsourcing activities for the Company;
• Judicial or supervisory authorities;
• Public administrations, bodies and organizations.

Due to the nature of the Group to which the Company belongs, it is possible that Data may be shared with third countries, i.e. beyond the borders of the European Union. Also in this case, data processing will be carried out in compliance with the provisions of the GDPR.

7. Data retention period

As specified in art. 5 e) of the GDPR, the Data are stored in paper and/or electronic form for a period of time not exceeding the achievement of the purposes for which they are processed; personal data may be stored for longer periods provided that they are processed exclusively for archiving purposes in the public interest, scientific or historical research or statistical purposes.
Once the period of time strictly necessary to carry out the purposes indicated in paragraph 4 of this policy has elapsed, the Data will be destroyed, canceled or made anonymous.

8. Rights of the interested party

The interested party may exercise its rights regarding personal data at any time. The GDPR recognizes the following in Articles 15 to 21. Briefly and within limits provided:

• Access to personal data: the Data Subject may ask whether or not their Data is being processed and, if so to obtain access to the personal data and the following information: the purposes, the categories of data in question, the recipients, the storage period, the origin of the Data, if not collected directly from the Data Subject and a copy of the processed data;
• Request the rectification, restriction or deletion of its Data;
• Richiedere la rettifica, la limitazione o la cancellazione dei propri Dati;
• Portability of the Data in case of treatment by automated means;
• Oppose in whole or in part the processing of your Data;
• Complain to a control authority.

9. How to exercise your rights

The interested party may contact the Data Controller to exercise his/her rights, to request further information regarding the persons in charge, the delegates and the modalities of Data processing, to ensure that the Data in his/her possession are correct or to communicate their updating by:

• Registered mail with return receipt: Teapak s.r.l. SB, via Bicocca 15/L, 40026 Imola (BO)
• E-mail: teapak@yogiproducts.com
• PEC: teapak@pec.teapak.com

10. Guarantor for the protection of personal data

In the usual spirit of transparency and respect, we provide the following useful links to gather more information on the protection of personal data:

• Rights of the interested party https://www.garanteprivacy.it/home/diritti
• Duties of the Owner/Responsible https://www.garanteprivacy.it/home/doveri
• Page with links to the text of EU Regulation 2016/679 of April 27, 2016 GDPR and subsequent amendments https://www.garanteprivacy.it/il-testo-del-regolamento

COOKIE

This website uses cookies. Cookies allow to store information about visitors preferences, allow to check the website to function properly and improve users experience by customizing the content of the pages according to the type of browser used, or simplify navigation by automating procedures (e.g. Login, site language) and for the analysis of the use of the site by visitors. This site makes use of the following categories of cookies:

Technical cookies

Cookies in this category include both persistent cookies and session cookies, they allow to distinction between the connected users by preventing a service from being provided to the wrong User. They are therefore a consequence of an express request from the user, and also are used for the security of the website and the users themselves. In the absence of such kind of cookies, the website or sections of it may not run properly. Cookies in this category are always sent from our domain, and no consent is needed.

Analytical cookies

Cookies in this category are used to collect information about proper website usage and user behavior for statistical analysis purposes, to improve the website and simplify its use. This type of cookie collects information anonymously about users' activity on the website and how they arrived at the site and the pages they visited. Cookies in this category are sent from the website itself or third-party domains.

Third-party coockies

This site also acts as an intermediary for third-party cookies, which are used to provide additional services and features to visitors and to improve the use of the website itself, such as social buttons. Some of these cookies are profiling cookies, i.e., used by third parties to collect information about user's behavior and interests to provide personalized advertising.

C1. Consent for the use of cookies

By using the website or by clicking on the banner present when first accessing the site, visitors expressly consent to the use of cookies, and in particular to the recording of such cookies on their computer's hard drive for the purposes indicated above, or to access through cookies to information on their computer's hard drive.

C2. Refusal or revocation of consent to cookies

The user may refuse the use of cookies and at any time may revoke the consent already given. Since cookies are linked to the browser being used, they can be disabled directly from the browser, thus refusing/withdrawing consent to the use of cookies.
Disabling cookies may prevent the proper use of some functions of the website, in particular services provided by third parties may not be accessible, and therefore may not be viewable: i.e. videos from YouTube or other video sharing services; social buttons from social networks; Google maps.

C3. Third-party cookies

This privacy policy does not apply to services provided by third parties, and this website has no control over their cookies, which are entirely managed by the third parties, and has no access to the information collected through said cookies. As a result of this, information about the use of third-party cookies, their purposes, and how to disable them, if any, is provided directly by the third parties on the pages indicated below. Generally, the tracking of users does not involve identification of the same, unless the User is already subscribed to the service and is also already logged in, in which case it is understood that the User has already expressed his or her consent directly to the third party when subscribing to the relevant service (e.g. Facebook). In particular, this site uses cookies from the following third parties.