Targa Telematics S.p.A. (henceforth Targa Telematics) are constantly working to ensure that any user data we process is handled with the utmost security, integrity and confidentiality. We strive to process your data lawfully, correctly and transparently.
Targa Telematics are considered a Data Processor pursuant to GDPR article 4, paragraph 8, as we process personal data on behalf of our customers and at their behest. Targa Telematics are considered a Joint Data Controller, pursuant to GDPR article 4, paragraph 7 and article 26, in any instance in which (at the customer’s behest), Targa Telematics are involved in determining the purpose for or, more often, the manner in which, the personal data is processed.
Personal data shall only be processed lawfully, meaning either the data subject’s explicit consent must be sought (directly or through the principle joint data controller) or that it is being processed for the purpose of pursuing the principle data controller’s legitimate interests, provided that those interests do not compromise the rights and freedoms of the data subject.
The place where the data processing takes place is physically located within the European Union.
GDPR: The General Data Protection Regulation (GDPR) is European Parliament and Council Regulation 2016/679 which protects natural persons when their personal data is processed as well as the free movement of their personal data.
Tele-transmission and/or remote sensing device: in this context, a device that collects data concerning an object, person or animal (usually ones that require monitoring) and that transmit such data to our platform (see definition below), where they are processed in order to provide services pursuant to a contract entered into with Targa Telematics.
Locator: a tele-transmission device. The data it collects and transmits, especially regards its position and the time.
Platform: system for receiving and processing the data collected, which is also the interface that gives users partial or full access, depending on their profile permissions, to Targa Telematics’ services.
App: an application used to log in to access data on the platform. It is optimised for mobile devices such as smartphones and tablets.
Web interface (at times also referred to as Portal for access to the platform from the internet/browsers): a web site that grants access to the services available on Targa Telematics’ platform. Access is granted by inserting log in details into the appropriate browser page.
Customer/Client: a subject that has purchased one or more Targa Telematics service for the purpose of managing one or more objects belonging to them or to third parties. Such a subject is considered the principle data controller for the data collected. A customer/client may have, depending on their contract, one or more users.
User: individual platform user, who accesses the platform using their name and password.
Activity: any action/operation that takes place within the platform and, as such, refers/relates exclusively to the platform, including access or potential access to personal data. Targa Telematics put in place protection systems for the purpose of (a) ensuring that only activities that fall under the services Targa Telematics provide may be carried out by users authorised to access them, (b) blocking any activities for which Targa Telematics services do not provide or (c) blocking users without permission from accessing them.
Administrator Users(for Client’s who may have more than one user) users with specific privileges/permissions allowing them to create other users under that client’s account and allow such users partial access to data within their remit or to see the personal data of other users included under the same client.
Credit/bank card token: code with which the payment systems link a credit card to a single recipient of payments from the card owner. This allows those who require a payment to charge the card owner without ever knowing or storing the number and security code for that card. Users may withdraw a token linked to that recipient at any time without having to change their credit/bank card. Any purchases made from other recipients remain secure.
These form an integral part of the GDPR’s definitions, specifically regarding:
Targa Telematics receive or collect data when Users or Organisations install tele-transmission devices onto objects whether mobile or not (persons, animals) and not while the User or Organisation is using such objects but once they have been deactivated, whether temporarily or permanently. In addition, Targa Telematics receive or collect data when Users access the services that Targa Telematics make available online using applications. Targa Telematics collect such data in order to make available, improve, better understand, personalise, support and (only with the data subject’s explicit consent) market our services.
The type of data Targa Telematics receive and collect depends on the service activated.
Data that Users provide
Data that is collected automatically
We work with third-party providers to install our devices (for example, approved providers for installing locators on client vehicles) to whom we provide the data necessary for contacting the owner/manager of the object upon which the device is to be installed. That data is generally: the person’s name, surname, phone and/or mobile phone number and/or email address so that the provider may contact them.
These companies apply the same policies that we ourselves have adopted in order to guarantee the protection of your data.
Targa Telematics use the information available to us (subject to user preferences) for the following purposes and in the following ways:
It is only when Targa Telematics enter into ad hoc contracts that we might integrate our services thus sharing with customers information relating to their ERP and/or CRM (or database). Except in specific circumstances and upon explicit request, Targa Telematics do not access such data but may send it to the aforementioned ERP and/or CRM.
Lawful bases for processing data
Targa Telematics collect, use and process the data available to us as described above and:
How data subjects can exercise their rights
Pursuant to the GDPR, data subjects have rights of access, rectification, portability and erasure as regards their personal data, as well as the right to restrict or object to certain types of data processing. Data subjects can access or transfer their data simply by sending an email to dpoTarga@targatelematics.com. Such a request shall be met as soon as technically possible or in any case within 90 days of the request being received. In accordance with the permissions granted to each user account, should a data subject become aware that their data is incorrect they may:
Data subjects may object to the processing of their data in the event that it is being processed on the basis of a joint data controller’s legitimate interests. In such an instance, we shall immediately cease processing their personal data unless the processing has a valid legitimate basis or is a legal requirement (art. 6, paragraph 1, letters a) and e)).
We store data as long as is necessary for providing our services or until an account is deleted, whichever is sooner. This is decided case by case and varies on the basis of elements such as the nature of the data, the reason for which it has been collected and processed and legal or pertinent operational requirements to retain information.
If the User wishes to manage, change, limit or erase their data, they may do so in the ways described above.
Targa Telematics may collect, use, store and share User information as long as we have reason to believe that it is reasonably necessary for:
(a) complying with legal proceedings or government or Public Authority requests, in line with the law or any applicable regulations;
(b) applying our Terms and/or other applicable conditions or policies, including for the purpose of investigating a potential breach;
(c) identifying, investigating, preventing and handling fraud and other illegal activities or technical issues or security breaches;
(d) protecting the rights, property and safety of Users, Targa Telematics or third parties, including preventing any incident that could cause physical damage or death.
Targa Telematics will be appointing a “Data Protection Officer” (DPO) and shall issue their contact details accordingly.
Targa Telematics S.p.A
via E. Reginato, 87
I – 31100 Treviso (TV)
You also have the right to file a claim with the Italian Data Protection Authority (l’Autorità Garante per la Privacy Italiana) or with the relevant local authority.
Pursuant to European Law, companies must provide a legal basis for processing data. User rights vary depending on the legal basis in use, as explained below. Regardless of the legal basis applied, Users always and in any case possess the right to request access to, rectify and erase their data pursuant the (GDPR). To exercise this right, please see the section of the present Policy, “How users can exercise their rights”.
For all those legally able to enter into a legally enforceable contract, we process the data necessary for the performance of such a contract (also referred to as “Terms”). The “Contract Terms and/or Conditions” and their relevant Appendices set forth the contractual services for which data processing is necessary. In order to provide our contractual services, we require data principally for the following purposes:
Below you will find other legal bases that we may apply to certain cases for processing User data.
When we process data that Users consensually provide, Users have the right to withdraw their consent at any time and to transfer the data provided to third parties, pursuant to the GDPR. To exercise your rights, you can access the device settings, the app settings or in any case dpoTarga@targatelematics.com.
arga Telematics only enter into contracts with subjects who have reached the age of majority (18 years of age in most EU countries). However, in the event that we unknowingly collect the data of a minor, it is our legitimate interest to carry out all of the operations described in “Our Services”;
This data processing is based on the following legitimate interests:
The purposes for such data processing include:
We take various factors into consideration when evaluating an objection, including: reasonable User expectations; advantages and risk to Users, Targa Telematics, other Users or third-parties; and any other means available for achieving the same purpose that would be less invasive and do not require undue action. User objections shall be accepted and we shall cease to process their data unless the continuation of the data processing has a basis of legitimate motives or is legally necessary.
Complying with a legal obligation, means:
Protecting our vital interests or those of others, means:
Activities pursued in the public interest, are:
Cookies are small text files. Websites ask browsers to save cookies on computers or mobile devices.
You can simply follow the instructions your browser or device provides (usually found under “Settings” or “Preferences”) to change your cookies settings. Please note that if you choose to deactivate cookies in your browser or device, some of our services may not function fully or correctly.
Our Users’ personal data is saved in databases using encryption algorithms that meet the highest levels of protection available on the market. Access to data from the platform is only permitted through https sites with verified certificates from the largest providers in the browser market.
Users are prohibited from directly accessing database information and maintenance and assistance operators may only do so in an encrypted process unless they are accessing it locally.
Data sent from our devices is sent only through dedicated APNs and the servers are encrypted as data is transmitted through them.
The servers are protected by top-of-the-range network protection systems and are regularly updated.
Access is recorded, as are the services used that monitor non-authorised activities and security (or data) breaches.
Data becomes redundant. When this happens, data subjects may exercise their right to erasure. Their personal data shall be erased, including from backups and logs, within a maximum of 180 days, unless the specific contractual agreements state otherwise.