TANAZA PRIVACY NOTICE

Tanaza respects your privacy and understands your need to protect the personal information that you share with us. This privacy notice describes the terms and the purposes of the collection, processing, use and disclosure of personal data provided by visitors and customers as they use and login on this website or on any of its subdomains (the “Websites”).

1. Definitions

1.1. Services: TANAZA Services include TANAZA’s Websites and TANAZA’s cloud-based software solutions accessible from TANAZA’s Websites. Such software solutions are made available by TANAZA in the form of “Software as a Service” (“SaaS”), and are aimed at whoever, for whatever professional reason, is willing to provide or share Internet access (or network) with other people (be they customers, guests, passengers, etc.) while being able to configure and manage multiple Internet access points (or network devices) in a centralized manner. TANAZA Services do not include Internet access or hardware provisioning services, which may be provided by other sources, including TANAZA Resellers. TANAZA Services may include licenses for ancillary firmware, software applications, widgets, tools and smartphone apps, necessary for the use of TANAZA’s cloud-based software solutions. TANAZA Services may also include support for the configuration of TANAZA’s software solutions, applications, apps, widgets and tools. TANAZA Services may be provided directly to End Customers, or through TANAZA Resellers or Partners.

1.2. Visitors: those who merely browse TANAZA’s Websites or use interactive demos, to test features or to carry out activities, such as downloading brochures or free firmware authorized by TANAZA and specified in the Websites.

1.3. End Users (or End Customers): those who provide Internet access (or network access) their Wi-Fi Users with access points managed through TANAZA Services; they may be either direct customers of TANAZA or customers of TANAZA Resellers or Partners.

1.4. Resellers and Partners: those who use TANAZA Services to manage the Wi-Fi access points (or network devices) of their End Customers, though which such End Customers provide Internet access (or network access) to Wi-Fi Users.

1.5. Users (or Customers, or You): those who are direct customers of TANAZA and are bound by a Service Agreement with TANAZA; they could be either End Users or Resellers/Partners, depending on who has the direct contractual relationship with TANAZA.

1.6. Wi-Fi Users: those who use Internet access (or network access) services provided or shared by TANAZA End Users. Wi-Fi Users do not enter into any Service Agreement relationship with TANAZA nor with TANAZA Resellers, even when they use software applications, smartphone apps, Facebook apps, captive portals or any other software tool provided by TANAZA in order to access Internet services provided by TANAZA End Users.

2. You

may indifferently refer to Visitors or Customers, but not to Wi-Fi Users (who are not covered by this privacy notice) except when they use Tanaza Facebook App, as explained below.

3. Disclaimer for Wi-Fi Users

For the sake of clarity, this privacy notice does not cover the processing of personal data of Wi-Fi Users in the context of Internet connection (or network access) sharing or provisioning by Customers. Pursuant to specific contractual agreements between TANAZA and its Customers, Controller for the personal data processing carried out in such context will be the Customer providing such services to Wi-Fi Users, while TANAZA will act as Processor designated by the Controller pursuant to art. 28 of Reg. EU no.679/2016 (“GDPR”). Therefore, as to the processing of personal data carried out in the provisioning of Internet connection services by Customers, the specific information pursuant to art. 13 of the GDPR shall be provided by and/or requested to the relevant Customer/Controller.

As an exception, when Wi-Fi Users use Tanaza’s Facebook App to log in with their Facebook account to Wi-Fi services provided by Tanaza Customers, even if, also in such case, Wi-Fi Users do not enter into any Service Agreement with Tanaza (Tanaza provides Services only to its Customers, and Wi-Fi access points are provided to Wi-Fi Users by Customers, not by Tanaza; Tanaza Services are intended only to allow Customers to better manage their Wi-Fi access points), however, for technical reasons, Tanaza needs to be Controller of Wi-Fi Users’ personal data (but only of those data provided through the Facebook App) in order to be able to provide Facebook authentication functionalities for Customers’ Wi-Fi access points. Information on such processing is available at article 5.3 below.

4. Controller

TANAZA S.p.A., with registered office at Milano, Italy, Via Carlo de Cristoforis 13, email privacy@tanaza.com, is the “Controller” for personal data that You provide to TANAZA through the Websites.

5. Processed Data

5.1. Personal Data Automatically Collected Through The Websites 

5.1.1. Data Types. The Websites automatically collect certain data, whose transmission is implied in the use of Internet communication protocols. Such data, due to its nature, could allow identification of data subjects, also through the processing and association with data held by third parties. This category of data includes, for example, IP addresses or domain names of computers You use when connecting to the Websites, the URI (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to make the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (such as, successful, error, etc.) and other parameters regarding Your operating system, network devices, computer environment and communication protocols.

Furthermore, the Website saves cookies in Your devices, according to the cookie policy available at www.tanaza.com/Legal.

5.1.2. Purposes and legal bases. The purposes and legal bases for processing are:

1. the legitimate interest of TANAZA to manage and ensure the security of the Websites and of TANAZA Services (including prevention and detection of abuses, unlawful conducts and service agreement breaches) and to process statistic data in order to improve the Websites and TANAZA Services;
2. the performance of the service contract to which You are party as a Customer, when You register and log in on the dedicated areas of the Websites to activate, access and manage TANAZA Services;
3. Your consent to analyze Your use of our Website through so that we can tailor Your user experience to Your needs according to our Cookie Policy, available at www.tanaza.com/Legal.

5.1.3. Necessity of Data Provision. Provision of Your navigation data occurs automatically and it is necessary to allow navigation on the Websites and managing of TANAZA Services through the Websites.

5.1.4. Data Retention Period. Navigation data of Visitors are deleted shortly after being statistically processed, and in any case such data are stored for no more than 1 year, unless further storage is required to detect crimes; such data, in an aggregate and anonymized form, may be disclosed to third parties and permanently stored for future purposes.

Navigation data of Customers logged in on the dedicated areas of the Websites are stored for a period of 3 years. Anyway, TANAZA can retain all or some Customer navigation data for a longer period if necessary, even only potentially, for the establishment, exercise or defense of legal claims.

5.2. Voluntarily Provided Data. 

5.2.1. Data Types. Through the dedicated contact forms and service administration areas of the Websites, You may voluntarily provide Your personal data (i) in order to ask or provide information or to make requests relatively to TANAZA Services that You are willing to use or that You are already using (ii) in order to request to become TANAZA’s Partner or Distributor or collaborator or employee, and (iii) in order to subscribe to TANAZA’s newsletter and/or to receive commercial information regarding TANAZA Services (for example new features announcements, software updates, special offers and other similar information).

5.2.2. Purposes and Legal Bases. The purposes and legal bases for processing are:

1. the necessity to take steps at Your request prior to entering into a contract with TANAZA, or the performance of a contract to which You are party as a Customer;
2. the legitimate interest of TANAZA concerning direct marketing purposes, in order to send You further commercial material about TANAZA Services which You are already using or about which You have requested information or and/or about similar TANAZA’s products and services;
3. Your consent (where given) to receive newsletters and further commercial information regarding TANAZA.

5.2.3. Necessity of Data Provision. Providing the above-mentioned personal data is optional. Your refusal to provide such personal data, however, might imply that TANAZA will not be able to process Your requests, perform the service agreement and send commercial information.

5.2.4. Data Retention Period. Your personal data will be stored for a maximum period of 10 years (or until consent is withdrawn, as to subscription to receive commercial information) in accordance with the purposes described in this Privacy Notice. Anyway, TANAZA can retain all or some of Your personal data for a longer period if required for the establishment, exercise or defence of legal claims.

TANAZA never collects personal data about minors. Users who are minors must not send or post any data through the Websites. In the event that data referring to minors are unintentionally registered, please contact us at privacy@tanaza.com and we will promptly cancel them.

5.3. Data provided through Tanaza Facebook App 

5.3.1. Data Types. The type of data collected through Tanaza Facebook App depends on Your settings and available information on Your Facebook account. For example, you may allow Tanaza Facebook App to collect Your first name, last name, email address, location (city and geographic coordinates), gender, birthdate, Facebook profile picture and device’s MAC address.

5.3.2. Purposes and Legal Bases. The purposes and legal bases for processing are either of:

1. the performance of a contract to which You are party as a Wi-Fi User (Tanaza is not party to such contract, which is between You and any Tanaza Customer(s); Tanaza only provides its Customers with services necessary for the performance of such contract – i.e. it provides Facebook authentication services for Tanaza Customers’ Wi-Fi access points to which You connect);
2. the legitimate interest of TANAZA to manage and ensure the security of TANAZA Services (including prevention and detection of abuses and unlawful conducts) and to process statistic data in order to improve TANAZA Services.

For the purpose described in article 5.3.2.a above, when You are willing to use Wi-Fi services provided by a specific Tanaza Customer, Tanaza will have to communicate Your personal data to such Customer through Tanaza Services in order to allow such Customer to authenticate You and to provide you with Wi-Fi services.

5.3.3. Necessity of Data Provision. Providing the above-mentioned personal data is optional. Your refusal to provide such personal data, however, might imply that You will not be able to authenticate to Tanaza Customers’ Wi-Fi access points through your Facebook account, but all other functionalities will still be available. In particular, the minimum data that you must provide in order to use Facebook Authentication are first name, last name, email address, and device’s MAC address.

5.3.4. Data Retention Period. Your personal data will be stored for a maximum period of 2 years in accordance with the purposes described in this Privacy Notice. Anyway, TANAZA can retain all or some of Your personal data for a longer period if required for the establishment, exercise or defence of legal claims.

TANAZA never collects personal data about minors. Users who are minors must not send or post any data through the Websites. In the event that data referring to minors are unintentionally registered, please contact us at privacy@tanaza.com and we will promptly cancel them.

6. Disclosure Of Your Personal Data

Data will be exported to the United States only under approved Standard Contractual Clauses as approved by the European Commission Decision of 4 June 2021 on standard contractual clauses for the transfer of personal data to processors established in third countries under the Directive (“Standard Contractual Clauses”) and provided that we will take additional safeguards to ensure that the rights of the data subjects will be sufficiently protected within such part of the processing as mandated by Art. 45-49 of the GDPR, such as anonymization, pseudonymization, minimization and encryption.

Your personal data will be stored and processed in servers located in Northern Virginia (USA), provided by the Amazon Group Companies,  The Amazon AWS GDPR Data Processing Addendum incorporates the Standard Contractual Clauses, providing that the latter prevail on any other provision of the AWS GDPR DPA.

TANAZA‘s and Processors’ (where appointed) staff may become aware of Your personal data. In particular, the data may be disclosed under the Controller’s or Processors’ (where appointed) authority: to the IT systems repair and maintenance staff, to the marketing and commercial staff and to the personnel responsible for invoicing and accounts.

Moreover, the data may be communicated to TANAZA’s subsidiaries, authorized distributors, resellers and partners that are located nearer to You and/or that are focused on Your specific market segment, in order to best respond to Your requests.

In no circumstances will Your personal data be disseminated and/or communicated to third parties, other than TANAZA’s subsidiaries, authorized distributors, resellers and partners, and those who need to receive data for compliance with compulsory provisions of the law.

7. Accuracy Of User Information

TANAZA will reasonably endeavor to ensure that personal data about users is accurate and comprehensive. You can help TANAZA to keep accurate records by informing TANAZA of any changes to Your personal information.

8. Modifications

This notice and the Cookie Policy referred to in this notice may be altered occasionally at TANAZA’s discretion in order to adapt to changes at TANAZA, ongoing technological developments and amendments to the law.

You will receive a notification about these changes through the email address You have previously provided TANAZA with.

TANAZA will collect, use and disclose Your personal data in accordance with the version of this notice that is in force from time to time. All new versions of the notice will be published on the Websites. When using the Websites, it is advisable to check the date of the notice and any changes that have been made since the last version, as well as to bookmark this page and regularly check the notice in force so that You are always aware of the version in use.

9. Your Rights

In accordance with Articles 7, 13, 15, 16, 17, 18, 19, 20, 21, 22 of the UE Regulation 679/2016 You can, at any time, exercise the following rights, by contacting TANAZA at privacy@tanaza.com:

• the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
• the right to obtain from the Controller confirmation as to whether or not personal data concerning You are being processed;
• the right to obtain the access to Your personal data;
• the right to request the Controller to correct or delete Your personal data;
• the right to request the Controller to restrict processing of Your personal data;
• the right to object to the processing of Your personal data;
• the right to receive a copy of the personal data concerning You, which You have provided to Controller, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (data portability).
• Furthermore, if You believe that Your rights have been violated, You can file a complaint with the competent Supervisory Authority.

Last Modified: Feb 19th, 2024