Are you an IT service supplier? Connect with new clients searching for your expertise

I'm a supplier
Vendor Management icon

Vendor Management

Gain full control over your professional services sourcing
Workforce Management icon

Workforce Management

Manage your workforce efficiently and intelligently

Use Case icon

Use Case

Coordinate teams, vendors, and projects from one platform
Pricing icon

Pricing

Find the plan that best fits your needs

IT & Digital icon

IT & Digital Services

Eliminate bottlenecks and keep your projects on track
Banking icon

Banking & Finance

Reduce regulatory risk and simplify compliance

Healthcare icon

Healthcare

Optimize the sourcing of professional services
Construction icon

Construction

Manage vendors and regulations more efficiently

Azienda icon

About us

Discover our team and our story
Carriere icon

Careers

Join our team

Certificazioni icon

Certifications

Explore the quality standards we uphold
Press icon

Press

See what the media are saying about us

Book a Demo
en Freccia menu
IT
Book a Demo

INFORMATION ON THE PROCESSING OF PERSONAL DATA EX ART. 13 AND 14 OF REGULATION (EU) 679/2016 (GENERAL DATA PROTECTION REGULATION - GDPR)

TimeFlow S.r.l. (hereinafter also "TimeFlow") based in Via 95° Reggimento Fanteria n. 9 - 73100 Lecce is the operator of the website www.timeflow.it (hereinafter also "Site") and the web application www.marketplace.timeflow.it (henceforth also "Marketplace") This information is provided only for the Site not also for the Marketplace, the websites, apps or social platforms accessible through hyperlinks (links) contained in the same, also traceable to the domain timeflow.it, for which please refer to the relevant information on the processing of personal data. Contact details of the Data Controller and Data Protection Officer For any information, clarification or further inquiry regarding our data protection policies, as described herein, you may contact us:

For any information, clarification or further inquiry regarding our data protection policies, as described herein, you may contact us:

  1. via our e-mail: privacy@timeflow.it;
  2. or by writing to our registered office address: TimeFlow S.r.l. - Via 95° Reggimento Fanteria n. 9 - 73100 Lecce
  3. to the e-mail address of ourData Protection Officer:andrealisi@studiolegalelisi.it

2. The purposes and legal bases of the processing of your personal data

The data protection legislation allows us to use your personal data only for certain, well-explained purposes, provided that there is a suitable legal basis that allows us to do so. Below, therefore, we provide you with a list of the purposes for which we process your personal data:

(a) to enable the proper functioning of the Site and the usability of its services;
b) to obtain aggregated and anonymized statistical information regarding the use of the Site (such as, for example, most visited pages, number of visitors by time slot or daily, geographical areas of origin, etc.); c) to send you transactional e-mails;
d) manage and acknowledge your requests, sent to the e-mail addresses indicated on the Site or made by filling out contact forms, in relation to the services provided by Timeflow;
e) Evaluate and acknowledge your requests for an appointment with one of Timeflow's contact persons;
f) send you informative newsletters and promotional communications about TimeFlow's services and initiatives;
g) facilitate customer care activities through the live chat service (hereinafter also "Chatbot") and forward your requests to the specific support team; h) collect and record information related to your browsing actions, in order to show you commercial communications through social networks and other web contexts;
i) improve your enjoyment of Timeflow's services and offerings through statistical tracking systems to detect the opening of messages you receive to your e-mail address and clicks on links contained in them. The processing activities carried out for the purposes of (a), (c), (d), (e) and (g) are necessary for the provision of the services offered through the Site.

The legal basis for the processing is, therefore, the performance of a contract to which the data subject is a party or pre-contractual measures requested by the data subject, pursuant to Article 6(1)(b) of Regulation (EU) 679/2016 (GDPR). The processing activities carried out for the purposes of (b), (h) and (i), i.e., the use of browsing tracking tools and profiling for marketing purposes are subject to your consent, which is the legal basis for the processing, pursuant to Article 6(1)(a) of Regulation (EU) 679/2016 (GDPR).

The processing activities carried out for the purposes referred to in point f), may have as a legal basis the performance of a service in your favor, in the event that you have requested to subscribe to the newsletter through the appropriate form on the Site, or the legitimate interest of the Data Controller, pursuant to art. 6, par. 1, lett. f) of Regulation (EU) 679/2016 (GDPR), to use the personal data and e-mail details that you have provided to Timeflow to receive services of an informative nature through the Site.

3. Sources of collection of your personal data

Your personal data may be provided directly by you, actively and knowingly (e.g., data provided in interaction with the Chatbot, data entered in the contact form or newsletter subscription form, etc.). In other cases, your data is provided indirectly, through browsing the Site or using your devices (e.g., traffic data, data about the devices you use, etc.).

4. What personal data we collect and process

4.1 Browsing Data

In the course of browsing the Site, the computer systems responsible for its operation automatically acquire certain information whose transmission is implicit in the use of Internet communication protocols. This category of data includes, for example, the IP addresses or domain names of the devices you use, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the computer environment in use.

You can find more information on Timeflow's use of these technologies within the choices management area, accessible through the appropriate command located in the footer of the Site.

4.2 Data provided through the use of our services

TimeFlow collects personal data conferred through interaction with the Site. Such data includes:

(a) data conferred through the optional and voluntary sending of e-mail messages to the e-mail addresses indicated on the Site (which include, in particular, the sender's e-mail address and any other personal data in the message);
b) data provided by filling out the newsletter subscription form (e-mail address);
(c) data provided in interaction with the Chatbot (name, e-mail address, telephone number, reasons for contact, platform membership and any other data entered within the chat and/or in attached documents);
d) data provided by filling out the contact form (first name, last name, e-mail address, phone number, company affiliation);
e) data provided by filling out the form to book a call (first name, last name, e-mail address, phone number, company to which you belong, need with respect to the services offered by Timeflow and hourly availability). You may also decide to provide us with the e-mail address of one or more guests, who will participate in the call. In this case, please ensure that these individuals have been informed in advance about the processing purposes set out in paragraph 2(e) and that they have consented to the use of their data by Timeflow.

5. Nature of the provision of personal data and consequences in case of failure to provide them

The provision of personal data referred to in paragraph 4.2. is necessary in order to provide the services offered through the Site: in particular, for the purposes of completing the forms on the Site, the provision of data marked with an asterisk is necessary for the management and feedback to the communications.

It should be noted, in any case, that you are free to provide the requested data, in the sense that you are not normatively obliged to provide them: failure to provide the data indicated as necessary, however, makes it impossible for the Data Controller to render the requested service. The collection of personal data referred to in paragraph 4.1. may be necessary to ensure the proper use of the services provided the through the Site, or may serve to offer you additional services and features, but not essential to the proper functioning of the Site.

In the latter case, Timeflow may collect and process your data after acquiring your consent, which is optional, or until your eventual objection to the processing. If you do not authorize us to process this data or you object to its processing, you will still be able to benefit from the services usable as a user of the Site.

6. To whom your personal data may be disclosed

Your personal data may be disclosed to:

  1. specially authorized and trained employees and collaborators of TimeFlow who need access to it in the performance of their duties;
  2. providers of services offered through the Site or related to its operation, including, in particular, Hubspot Inc, for the live chat service, web content management and sending e-mail communications for commercial purposes; Amazon Web Services EMEA SARL for the cloud storage service; Intuit Inc. for sending transactional e-mail communications, managing support and contact requests; Hubspot Inc. and Google Ireland Limited for activities instrumental to the planning and conducting of cognitive meetings; Google Ireland Limited and Fonticons Inc. for displaying content from external platforms.
  3. Google Ireland Limited, Meta Platforms Ireland Limited and LinkedIn Corporation for remarketing and behavioral targeting activities.

Outside of the cases mentioned above, personal data will not be communicated, disseminated, transferred or otherwise transferred to third parties for unlawful purposes or purposes unrelated to the purposes of collection and, in any case, without making appropriate information to the data subjects and acquiring their consent, where required by Law.

Personal data will not be transferred abroad, to countries or International Organizations not belonging to the European Union that do not guarantee an adequate level of protection, recognized, pursuant to Article 45 GDPR, on the basis of an adequacy decision of the EU Commission. In the event that it is necessary for the provision of the Site's services, the transfer of personal data to non-EU countries or International Organizations, for which the Commission has not adopted any adequacy decision pursuant to Article 45 GDPR, will take place only if there are adequate safeguards provided by the recipient country or Organization, pursuant to Article 46 GDPR, and provided that the data subjects have enforceable rights and effective remedies. In the absence of an adequacy decision by the Commission, pursuant to Article 45 GDPR, or adequate safeguards, pursuant to Article 46 GDPR, including binding corporate rules, the cross-border transfer will only take place if one of the conditions set out in Article 49 GDPR is met.

How long we keep your personal data

We will retain your personal data for a period of time not exceeding the time necessary to achieve the purposes for which it was collected and subsequently processed. In particular:

  • the data processed to acknowledge support and contact requests received by e-mail or by filling out contact forms will be kept for a maximum period of 6 months after they are provided; in addition, the personal data and e-mail address provided by filling out the contact form will be kept for the purpose of sending informative and promotional communications until you exercise your right to object to processing
  • the data sub b) of paragraph 4.2. will be kept until the eventual exercise of the right to object to the processing;
  • the data provided in the interaction with the Chatbot will be retained for a maximum period of 24 months; in addition, the master data and e-mail address acquired in the interaction with the Chatbot will be retained for the purpose of sending communications of informative and promotional communications until the eventual exercise of the right to object to the processing;
  • the data processed for the purpose of responding to an appointment request will be kept for a maximum period of 12 months after their provision; in addition, the personal data and e-mail address provided by filling out the form, will be retained for the sending of communications of informative and promotional communications until the eventual exercise of the right to object to the treatment.

TimeFlow will provide, after the expiration of the retention period, according to the indicated criteria, to take measures aimed at the cancellation or anonymization of data that should not be retained for specific regulatory obligations or other legitimate reasons (e.g. pending litigation). To find out the retention time of browsing data, please consult the information available in the choices management area, accessible through the appropriate command located in the footer of the Site.

What are your rights

As a data subject, you have the right to access your personal data, to request its rectification, updating and deletion or restriction, if incomplete, erroneous or collected in violation of the law, as well as to object to its processing for legitimate reasons or to obtain its portability. In particular, you have the right to obtain confirmation of the existence or non-existence of personal data concerning you, even if not yet registered, and their communication in an intelligible form. You also have the right to obtain information on:

(a) the purposes and methods of processing;
b) the logic applied in case of processing carried out with the aid of electronic instruments;
c) of the identification details of the Data Controller, the Data Processors and the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of it in their capacity as authorized persons for the processing.

You have the right to obtain:
(a) the updating, rectification or integration of your data;
b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose storage is not necessary in relation to the purposes of processing;
(c) the restriction of processing, when one of the cases referred to in Article 18 GDPR applies;
d) certification that the operations referred to in letters a), b) and c) have been brought to the attention of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the protected right;
e) the transmission of data concerning you, provided to the Controller and processed on the basis of a contract, in a structured, commonly used and machine-readable format. Pursuant to Article 20 GDPR, you also have the right to transmit such data to another Data Controller without hindrance and, if technically feasible, to obtain the direct transmission of personal data from one Data Controller to another.

You have the right to object, in whole or in part:
(a) on legitimate grounds to the processing of personal data concerning you, even if they are relevant to the purpose of collection;
b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
(c) to automated decision-making processes that significantly affect you personally. Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the Data Protection Authority.

How you can exerciseyour rights

You can exercise your rights by sending an e-mail message to privacy@timeflow.it.Ti we will provide feedback within one month of your request. If we are unable to comply with your request, we will provide you with the reasons why we cannot do so. In order to exercise your rights, you may also avail yourself of non-profit bodies, organizations or associations whose statutory objectives are in the public interest and which are active in the field of the protection of the rights and freedoms of data subjects with regard to the protection of personal data, giving, for this purpose, appropriate mandate. You may also choose to have a trusted person assist you. To find out about your rights, file a complaint, and be kept up-to-date on the legislation on the protection of individuals with regard to the processing of personal data, you can contact the Data Protection Authority by visiting its website at http://www.garanteprivacy.it/.

Last revised June 2024