Privacy Policy for personal data processing
Last update: 01/05/2021
Pursuant to Legislative Decree 196/2003, as amended by Legislative Decree 101/2018, and art. 13 of the EU Regulation n. 679/2016 (“GDPR”)
1 – Owner and manager of the treatment
HOLDER OF THE TREATMENT
Key Design s.r.l.
SS APPIA BR-TA, P.I.P.
Latiano, 72022, Italy
+39 0831 72 79 57
info@key-design.it
RESPONSIBLE FOR THE TREATMENT
Key Design s.r.l.
SS APPIA BR-TA, P.I.P.
Latiano, 72022, Italy
+39 0831 72 79 57
info@key-design.it
2 – Personal data processed
- Data processed for Site functioning purpose
The computer systems and procedures used to operate key-design.it site acquire, during their normal functioning, some personal data whose transmission is involved in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but, by its nature, it could allow users to be identified on the Site, through particular processing and association with data held by Key Design or third parties.
This category of data includes IP addresses or domain names of computers and terminals owned by users who connect to the site, the URI / URL notation addresses of the requested resources, the time of request, the method used to submit the request to the server, the size of the file obtained in response and other parameters relating to the operating system and the user’s IT environment. - Data provided by the user
The optional, explicit and voluntary sending of data as requested by various sections of this site are used in order to process the user’s requests (by way of example, by filling out the subscription to the Newsletter or by sending contact requests through the appropriate contact form or by completing the registration to access to the reserved area) and involve the acquisition of identification and contact data of the sender, necessary to respond to user requests. In particular, within specific sections of the Site, such as the reserved area, the user may voluntarily provide some personal data (eg Name and Surname, email address, company name, telephone number, VAT number, etc.) in order to access to the use of specific services provided through these sections of the Site.
We inform you that, during the registration process, Key Design will ask you to provide an email address to carry out the necessary checks (eg. Key Design sends an email with a verification code necessary to complete your registration) to confirm your identity and in order to be able to contact you in case of need, modification of this privacy policy or risk due to the dissemination of your personal data. - Cookie
The Site uses cookies to ensure normal navigation and use of the Site and to improve the browsing experience of users. For more information on the use of cookies, it is advisable to read the complete information at the following address: www.key-design.it/en/cookie-policy/
3 – Purpose of the treatment
PURPOSE OF PROCESSING | LEGAL BASIS OF PROCESSING | DATA CONSERVATION PERIOD |
Site functioning The data collected during navigation are used to obtain anonymous statistical information on the use of the Site and to check its correct functioning. |
The treatments put in place for this purpose are based on a legitimate interest of the Data Controller in the correct management of the website. | For the duration strictly necessary to obtain valid statistical information and to effectively check the correct functioning of the site. |
Sending of Commercial information The data provided directly by the user is used in order to process his requests (i.e. sending newsletters, marketing communications). |
The treatments put in place for this purpose are carried out with the specific consent provided by the user. | Until the revocation, by the user, of the consent given for sending the Newsletter or commercial information. |
Contractual purposes The data provided directly by the user is used in order to prepare and execute contracts with users (ese: price quotations). |
The treatments put in place for this purpose are based on the execution of a contract where the user is a party. | 10 years from the termination of the contract. |
Use of specific services for the interested party The data collected directly by the user is used in order to provide access to reserved areas and services or assistance services |
Treatments put in place for this purpose are based on the execution of a contract where the user is a party. | 10 years from the termination of the contract |
Purposes related to the exercise the owner’s rights (eg defense in court) | For this purpose, consent is not necessary as the processing of data is related to the exercise of specific rights of the owner. | 10 years |
Purposes related to the fulfillment of the obligations established by law or regulation as well as for the fulfillment of the obligations established by the money anti- laundering legislation | For this purpose consent is not necessary as the processing of data is related to compliance with these obligations / provisions of law and / or regulation. | 10 years |
Profiling activity The data collected is processed in order to analyze and process the preferences, habits and browsing experiences of users. |
The treatments put in place for these purposes are carried out with the specific consent provided by the user. | 12 months from user acceptance |
3 – Nature of of data provision
Navigation data is necessary to carry out the IT and telematic protocols. The data marked as mandatory (e.g. name, surname, email address, telephone number, town, province) on the contact form are necessary for the provision of the services offered (e.g. sending newsletters, sending messages, indicating the nearest showroom) and failure to provide them makes it impossible for the Company to provide the requested service.
We inform you that, depending on the case, we will duly inform you about the mandatory or optional nature of the trasmission of the requested data, highlighting the mandatory information with the following character “*”.
4 – Data recipients
We inform you that your data may be made accessible for the aforementioned purposes to:
- Employees and collaborators of the Data Owner, expressly trained and authorized to data treatment;
- Other Companies, identified, through a specific agreement, as Data Processors;
- Service providers who carry out outsourced activities on behalf of the Data Owner (e.g. management of the Site, management of Newsletters, collaboration with the data controller in accounting, administrative, fiscal, legal, tax and financial subjects, as managers of the Treatment, within the limits of the purposes indicated in this information.
- Public administrations for the fulfillment of regulatory obligations.
In any case, the recourse to these subjects will take place with a commitment on their part to respect the privacy legislation.
The list of data processors can be provided through a specific request to the folloqing e-mail address: info@key-design.it.
5 – Method of treatment
The processing of personal data provided by the user is carried out by means of the operations indicated in art. 4, n. 2) of the GDPR, by personnel expressly authorized to the treatment and properly instructed in order to guarantee the confidentiality of the data processed and to avoid loss, destruction, unauthorized access or unauthorized processing of the same data, and by their respective units as far as they are concerned.
The data provided will be collected through suitable electronic and/ or paper, with logic strictly related to the purposes themselves and, in any case, able to ensure the security, secrecy and confidentiality of the same. We inform you that Key Design reserves the right to delete registered user accounts and all data associated with them, in the event that illegal content is found, harmful to the image of Key Design and/or the products offered by the latter or by third parties, or in any case offensive content promoting illegal or defamatory activities, pornographic content, inciting violence and promoting discrimination relating to race, sex, religion and sexual orientation.
6 – Data Transfer
The data specified above are mainly stored on servers located within the European Union. Data provided to send communications for marketing purposes (eg. “Newsletter”) are, on the other hand, partially stored on servers located in non-EU countries at the following companies:
- MailChimp – the Rocket Science Group, LLC, 512 Means St., Suite 404, Atlanta, Georgia 30318 – which guarantees its adherence to the Privacy Shield.
We guarantee that the transfer of data outside the EU takes place in compliance with the applicable legal provisions and that your data will never be used directly by MailChimp or sold by them to third parties.
7 – Links to other websites
From this Site it is possible to connect to other websites belonging to third parties through specific links (for example social channels, through social plug-ins). The Data Controller declines any responsibility for any request and / or release of personal data to third party sites.
8 – Existence of an automated decision-making process
There is no automated decision making process.
9 – User rights
In the spirit of absolute transparency with which Key Design intends to manage this subject, we grant you our complete availability for any necessary clarification and our collaboration for the appropriate obligations.
We inform you that the Regulation gives users the possibility to exercise specific rights.
As an interested party, you have the right to obtain confirmation that personal data concerning you is being processed or not by the Data Controller. In this case, pursuant to art. 15 of the GDPR, you will have the right to get access to your personal data and to verify the purposes and methods of data processing. You can also exercise your rights to update, rectify, integrate, oppose, limit, and delete your personal data.
Furthermore, the user can deactivate and unsubscribe from the Newsletter service at any time by clicking on the deactivation link in the Newsletter received.
Pursuant to art. 7 of the GDPR, the interested party has the right to withdraw any consent given at any time.
To exercise these rights, please write to Key Design to the attention of the Data Processing Manager, domiciled for the office at the Company’s headquarters or contact us at the email address info@key-design.it.
The data provided will be kept for a period of time not exceeding 1 (one) year from the request for deletion of the user. Once the terms indicated above have elapsed, the Data will be destroyed.
Finally, we reserve the right to keep the so-called data. to log-in and log-out for a longer period, in order to be able to manage any crimes committed against the Website (hacking activities).
Interested parties who believe that the processing of their personal data is in violation of the provisions of the GDPR have the right to lodge a complaint with the Guarantor, as described by art. 77 of the Regulation itself, or to take the appropriate legal actions pursuant to art. 79 of the Regulation.
10 – Changes to the privacy policy
The data controller reserves the right to make changes to this Policy at any time. The date of the last update of this Policy is shown at the top of this page. In the event of substantial changes to this Policy, the data controller will communicate that its privacy policy has been changed on the Site, providing a link to the new version. In the event of substantial changes to its methods of use of the User’s Personal Identification Data, KEY DESIGN SRL will inform the User by e-mail at the e-mail address specified in his account (where applicable) and / or through a notification published on the home page of the Site, offering the possibility to refuse such new or different use. Any changes to the Policy will become effective upon publication of the new version of the Policy on the Site.
Use of the Site after the publication of these changes implies acceptance by the User of the new version of the Policy in force.