← Back to home

Privacy Policy

Notice pursuant to Arts. 13-14 of Regulation (EU) 2016/679 (GDPR). Version 1.0 — 05/06/2026.

This notice describes the processing of personal data of users of the website www.gtsu.org, the institutional website of the GTSU group.

1. Data Controllers

The website is jointly operated by the companies of the group:

  • Tecnica – Formazione – Sicurezza S.r.l. — Via Chambery 51, 11100 Aosta (AO), Italy — VAT IT00649260072
  • ICE & FIRE S.r.l. — Via del Teroldego 1/R, 38016 Mezzocorona (TN), Italy — VAT IT02650210228

Contact: support@gtsu.org. Data Protection Officer (DPO): dpo@gtsu.org.

2. Categories of data processed

  • Browsing data: technical data collected automatically by the website (IP address, logs, device/browser data) and technical cookies — see the Cookie Policy.
  • Contact data: the data (name, e-mail, message content) you provide when contacting the group by e-mail. The website is purely informational and does not collect data through online forms.
  • Anonymous statistics: aggregate, anonymous usage data collected via self-hosted Matomo, without cookies and with anonymised IP.

No special categories of data (Art. 9) are processed.

3. Purposes and legal bases

  • Operation, delivery and security of the website — legitimate interest of the Controller (Art. 6.1.f) and technical requirements;
  • Responding to requests sent by e-mail — pre-contractual measures / legitimate interest (Art. 6.1.b / 6.1.f);
  • Usage statistics in exclusively aggregate and anonymous form — legitimate interest (Art. 6.1.f); being anonymous measurement treated as a technical tool, no consent is required.

4. Categories of recipients

Data may be processed by technical service providers (EU hosting, CDN/network security) appointed as Data Processors (Art. 28) and communicated to competent Authorities where required by law. Data are not disseminated or sold to third parties for marketing purposes.

5. Transfers outside the EEA

Data are processed as a rule within the European Union/EEA. Any technical transit to non-EEA countries (e.g. CDN/network security) is covered by appropriate safeguards, in particular Standard Contractual Clauses (Art. 46 GDPR).

6. Retention period

Technical logs are retained for the time necessary to ensure the security of the website; contact data for the time necessary to handle the request; statistics are processed in anonymous, aggregate form.

7. Rights of the data subject

You may exercise the rights of access, rectification, erasure, restriction, objection and portability (Arts. 15-22 GDPR) by writing to support@gtsu.org or dpo@gtsu.org. You have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

8. Cookies

For the use of cookies and similar technologies, please refer to the Cookie Policy.

9. Minors

The website is not directed at minors and does not knowingly collect data of minors.

10. Changes

The Controllers reserve the right to update this notice; the updated version will be published on this page with the revision date.