Personal data protection notice

The data controller is:

Tikon S.r.l.
Via Fondo Ausa 28
47891 Dogana (RSM) — Republic of San Marino
COE SM31126
Email: info@tikon.sm

We collect the following categories of personal data:

Data voluntarily provided by the user: name, surname, company, email address and message content when you fill out the contact form on the Contact page.

Application data: data you send us via email for spontaneous applications or open positions (CV, cover letter, etc.).

Browsing data: IP address, browser type, device used, pages visited, time spent. This data is collected exclusively in aggregated and anonymous form for statistical and security purposes.

We process your data for the following purposes:

• Respond to contact requests and provide the information requested
• Evaluate applications received
• Manage commercial and contractual relationships
• Comply with legal obligations
• Ensure the security and proper functioning of the site

The processing of your personal data is based on the following legal grounds:

• Consent for sending communications and for non-essential cookies
• Performance of pre-contractual or contractual measures for information requests and applications
• Legitimate interest for site security and aggregated statistical purposes
• Legal obligation for compliance with applicable regulations

Data collected through the contact form is kept for the time strictly necessary to respond to the request and, if a commercial relationship arises from it, for the duration of that relationship and for the following 10 years as required by tax regulations.

Application data is kept for a maximum of 24 months, unless early deletion is requested.

Technical browsing logs are kept for a maximum of 12 months.

Your data is not disseminated and is not transferred to third parties for marketing purposes.

We may share data exclusively with:

• Technical service providers necessary for the site's operation (hosting, email, form submission) — all bound by data processing agreements under Art. 28 GDPR
• Competent authorities, where required by law

As a data subject, you have the right to:

• Access your personal data (Art. 15 GDPR)
• Request rectification (Art. 16 GDPR)
• Request deletion (Art. 17 GDPR)
• Restrict processing (Art. 18 GDPR)
• Object to processing (Art. 21 GDPR)
• Receive your data in a structured format (Art. 20 GDPR)
• Withdraw consent at any time
• Lodge a complaint with the competent supervisory authority

To exercise these rights you can write to info@tikon.sm. We will respond within 30 days.

Data is processed mainly within the European Economic Area. Some of our service providers (e.g. hosting on Vercel infrastructure) may process data in the United States, always in compliance with the safeguards provided for by the GDPR (standard contractual clauses, adequacy certifications).

We adopt appropriate technical and organisational measures to protect your data from unauthorised access, loss, alteration or destruction. The site uses the HTTPS protocol to encrypt communications and data is hosted on ISO 27001 certified infrastructures.

This notice may be updated over time to reflect regulatory or organisational changes. The current version is always available on this page, indicating the date of the last update.

For any questions regarding this notice or the processing of your data, write to:

info@tikon.sm

or to the postal address indicated at the top of this page.