Privacy Policy REDAELLI TECNA S.p.A.

This document concerns the policies of confidentiality on the personal data processed by REDAELLI TECNA SPA, with registered office in Milan, Piazzale Libia 2, the Controller (hereinafter the Controller or Redaelli) which, through the company BHuman S.r.l. of Milan manages the Internet sites and

The text describes, in accordance with the applicable laws and regulations concerning personal data protection and Reg. (EU) 2016/679 – GDPR –, the procedures of management of the processing of personal data of users of and visitors to our sites as well as the processing of personal data effected by the Controller, which one may contact either in person, by appointment, at the Company’s office or through either of the following means:


The Data Protection Officer (hereinafter DPO) may be reached at the e-mail address

The information provided herein is not valid for other websites that may be viewable through our links, for which the Controller is in no manner responsible.

The Controller adopts the following disclosure required by article 12 GDPR as a means by which to provide the interested party with the information as per article 13 GDPR and the notifications as per articles 15 to 22 and 34 GDPR regarding the processing of the data supplied; such disclosure is to be understood as general, provided to all persons who interact with the site accessible via electronic means and corresponding to the official site’s homepage.

Information note on Data processing

The Controller hereby informs the third party that Personal Data provided through the entry into contact therewith which do not fall within the particular categories of the Personal Data concerning the Controller listed in art. 9 GDPR (including as regards the case of an entity operating in the capacity of an individual enterprise, small businessman, professional) or the employees, agents, representatives or collaborators of same (the “Data”) will be processed in compliance with the provisions of the GDPR. The processing is carried out on the basis of the conditions for lawfulness prescribed under article 6 GDPR, for the purposes inherent in the relations established with the Controller; thus its legal basis as required under article 13 par. c) GDPR finds justification in the reasons for which the relations with the Controller are established; in the specific case, as concerns navigation on the present Site, the data will be acquired and processed consequent to your visit to and related pages visited starting from the homepage. The processing of data conferred to the Controller will comprise: their management, organisation, utilisation, storage, creation of a database, their processing throughout the territory of the EU and in certain non-EU (countries falling within the cases under art. 45 and 46 GDPR), preparation of statistics, communication by our newsletter, from wich you may cancel subscription since the first one received and any time, to partners with which initiatives will be developed – all entities that shall be appointed external managers pursuant to art. 28 GDPR should personal data be transmitted to them. The data will also be transmitted to and processed by the Group Teufelberger. It is hereby recalled that the processing carried out either by the Controller's partner or within the Group is always effected only in favour of the user for purposes other than that of aggressive marketing, the user having the ability not to take part in the initiative proposed, including as from a subsequent date. The processing will also comprise the deletion and modification of data processed at the request of the interested party, the consultation thereof, the announcement of our future initiatives, their elaboration, soft spam via e-mail and light marketing, preparation of statistics, sending of promotional material as well as use to promote conferences and meetings. It is also recalled that the processing of data linked to the web services offered by this site when it is physically hosted by the company Amazon AWS is effected and handled only by employees, collaborators or authorised third parties, including as regards occasional maintenance work or done by our operator.

The data processing will be effected in paper and/or electronic form by specifically persons authorised to data processing. Conferment of data is optional. Certain navigation data (on this point, please see our cookies policy) are, on the other hand, acquired automatically by the system and therefore it is understood that by continuing with navigation without having disabled cookies consent shall be deemed given pursuant to art. 4 section 11. The Controller effects no processing on the basis of automated decision-making processes. The data will be conserved for a maximum of 5 years and in any case for the time required to attain the purpose of their collection.

Rights of the interested parties The Controller, moreover, states that the rights to rectify data under art. 16 GDPR, the right to be forgotten under art. 17 GDPR, the right to limit processing under art. 18 GDPR as well as the right of access to personal data supplied and to all consequential information as per art. 15 GDPR are guaranteed.

The interested parties are also entitled:

1.    To obtain from the Controller access to their personal data and rectification or deletion of same or a limitation of the processing involved;

2.    To preclude the processing;

3.    To data portability under art. 20 GDPR;

4.    Should the processing be based on article 6, sect. 1, par. a) or on article 9, sect. 2, par. a), to revoke consent at any moment without prejudice to the lawfulness of the processing based on consent given prior to such revocation;

5.    To lodge complaints with a supervisory authority;

In order to exercise the aforesaid rights or to obtain further information you will need merely to send an e-mail message to the DPO at the following address:

specifying in the subject line: “exercise of rights under GDPR” and stating in the body of the message the right that you wish to exercise along with your full name and the e-mail address at which you wish to receive Redaelli’s reply. The Controller, once the message received has been processed, will send its reply in the terms specified in art. 12 GDPR.

The Controller, in particular situations, may adopt specific information notes accompanied by the relative forms for consent, the conferment of which will enable the processing of data; moreover, the Controller hereby advises you that, should it intend to process at a later date personal data for a purpose other than that for which they have been gathered, it will, prior to such further processing, supply the interested party with information concerning such purpose and with any other pertinent information, requesting, in the specific case, the relative consent.

It is hereby recalled that the sending by a visitor of the site of an e-mail message to any of the addresses indicated thereat, for the purposes specified from time to time, entails acquisition and subsequent processing of the sender’s address and of any other personal data inserted in such message with the procedures and purposes specified heretofore. Such sending will also imply the cognisance and acceptance of the present information note on privacy.

Job Applicants’ Data In relation to the data which the user provides, either by sending us directly his/her curriculum vitae (hereinafter “CV”) or by filling in our application form available on the website in the area dedicated to vacant positions, we hereby inform you that in our capacity as Controller of the data processing we shall utilise the data contained in the form or in the CV sent to us in order to ascertain whether they correspond to the profile of our ideal candidate; we also specify that for such type of processing the information as per art. 13 GDPR will be provided at the first contact subsequent to the sending of a CV. We also inform you that the data requested in fields marked in the Form by an asterisk will be of obligatory nature for the purpose of our taking your application into consideration with respect to the position vacant, whereas you are not obliged to provide any further data. However, should you provide data in a partial or incorrect manner it may be impossible for us to evaluate your application for the position concerned.

In order to evaluate the suitability of possible employment we must process certain information concerning you, and to this end we ask only for the personal data that are reasonably requisite.

With regard to the Storage of your data, as described in the WP29 guidelines of 8.6.2017, we inform you that your data gathered in the selection phase will be deleted as soon as it becomes clear either that no offer of employment will be made or that such offer will not be accepted by you. With regard to CVs sent spontaneously, irrespective of the existence of a vacant position, we inform you that they will be kept, should see an interest therein, for 2 years; otherwise they will be deleted within 1 year from receipt. We also inform all applicants that the Controller may examine their social profiles should they be of a nature different from the solely private nature and/or should they be strictly personal.

Browsing Data The information technology systems and software procedures employed in the operation of this website acquire, in the course of their normal functioning, certain personal data the transmission of which is implicit in the use of Internet communication protocols. These data are utilised for the sole purpose of gathering anonymous statistical information about the use of the site and to monitor its proper functioning and are deleted immediately after such utilisation. The data could be utilised in order to ascertain responsibility in cases of potential cyber-offences against the site.

Cookies A cookie is a small text file that is deposited by a website on the hard disk of a user’s device; in this way cookies clearly identify the user’s browser. Cookies do not damage the computer and do not contain viruses. Their function is that of streamlining the analysis of Web traffic or of signalling when a specific site is visited, and they enable Web applications to send information to individual users.

The user alone may decide either to delete cookies manually from his/her device or to provide for their automatic deletion upon closure of the browser installed.

For more information please consult our cookies policy.

Copyright  All contents of the present site are protected by the legal provisions regarding copyright and intellectual property. Any reproduction thereof, even partial, in whatsoever form is forbidden. The Controller grants no licence for copyright, patents or any other intellectual property.

Responsibility The Controller assumes no responsibility towards those who navigate on the site with respect to content of the material published thereon (accuracy and completeness of information provided) or to the use which third parties may make thereof. The site’s material and information are subject to change or update, without notice, by the Controller.

Application of laws   The Controller regularly updates the present information note and, in general manner, its compliance with the Privacy Policy, adapting them to new provisions issued. To put any questions or express any concerns regarding the present Privacy Policy you may contact the DPO at any moment by writing to

Complaints We shall reply to users who send formal questions and/or complaints to the address in order to examine problems reported. We undertake to collaborate with the appropriate authorities in order to resolve any matters raised in complaints regarding the processing of personal data that are not resolved directly between the Controller and private individuals.