Privacy Policy

Information on personal data processing (EU Regulation 2016/679)

Kedos S.r.l. (hereinafter, also “Company” or “Owner“) considers the protection of the personal data of its and / or potential customers and users to be of fundamental importance, ensuring that the processing of personal data, carried out in any manner, takes place in full compliance with the Regulations (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, relating to the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data (hereinafter the “Regulation”) and further applicable rules on the protection of personal data. This privacy policy (hereinafter the “Privacy Policy“) is intended to describe the methods of management of the websites referable to the Company and its corporate products (hereinafter the “Sites”), with reference to the processing of personal data of users / visitors who consult them pursuant to the Regulations.

List of Internet Sites

The following are the websites referred to in the previous point:

• www.kedos-srl.it
• www.kefirma.it
• www.kereception.it
• www.3dera.it
• www.kecert.it
• www.kedos.ai
• landing.kefirma.it

For the management of personal data, the Data Controller is Kedos S.r.l., Via Chiavari 5 / E, 43125 Parma – Email: privacy@kedos-srl.it. In order to facilitate relations between the interested party and the Data Controller, the Regulation provides for the appointment of a control and support figure who, among the various tasks entrusted, also acts as a contact point with the interested party. The Company has adopted this figure of “data protection officer”, so-called “Data Protection Officer” (“DPO”), pursuant to Article 37 of the Regulation. It is possible to freely contact the DPO at the address: dpo@kedos-srl.it.

Processed personal data typology

We may collect the following types of information through our Websites: personal data, anonymous data, and aggregate data. In particular, we can collect the following categories of common personal data:

• Navigation data such as IP addresses, domain names of the computers used by users who connect to the Sites, URI (Uniform Resource Identifier) addresses of the resources requested, time of the request, method used to submit the request to the server, size of the file obtained in reply, numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment;
• Information that the user provides us by communicating by telephone, by e-mail or through our Sites, when requesting information, assistance, commercial proposal etc., such as name, surname, email address, telephone number, region of origin and any other personal information that interested in communicating.

Purposes of processing, legal bases and retention periods

1. Browsing data connection
   During their normal operation, the computer systems and software procedures used to operate the Sites acquire some personal data. This information is not collected to be associated with identified interested parties, but could, through processing and association with data held by third parties, allow users to be identified. This data is used only to obtain anonymous statistical information on the use of the Site and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Sites.Legal basis: legitimate interest of the Data Controller.

    

   Data retention period: for the entire duration of the browsing session on the Sites and for the period indicated in point 5) below.

2. Use of cookies
   Cookies are text files created by some websites on the user’s computer when the user accesses a certain site, with the purpose of storing and transporting information. Cookies are sent from a web server (which is the computer on which the website visited is running) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.). Kedos uses the cookies described in the Cookie Policy and in particular:

    

   • Technical/Browsing/Functionality cookies: these can also be used without the user’s consent as they are necessary to guarantee normal navigation and use of the Sites. They allow the user to browse according to a series of selected criteria (eg language) in order to improve the service provided.These are cookies that are essential for the proper functioning of the Sites and are used to manage various services related to the websites (for example, a login or access to reserved functions on the sites). The duration of cookies is strictly limited to the work session or they can use a longer stay time in order to remember the visitor’s choices. Disabling strictly necessary cookies can compromise the experience of use and navigation of the website.

   The Sites use analytical and profiling cookies for which consent is required.

3. Providing assistance to the data subject
   The interested party can contact the Company by telephone or by e-mail, using the contact details in the “contacts” section or by filling in the data collection forms on the Sites (for example on the main page or in the sections dedicated to the services offered). In these cases, the Company processes personal data in order to recognize the user and respond to his/her requests:

    

   • Of information or support;
   • Of contact because he/she is interested in the services offered by the Company.

   Legal basis: the need to implement pre and/or after sales assistance requests, even after the signing of the contract in order to improve the service to the user and respond to the expectations of the same.
   Data retention period: for the period necessary to manage the request pre and/or after sales assistance and execute any subsequent commercial and / or assistance contract plus the time necessary for manual cancellation.

4. Legal obligations
   To fulfill the obligations established by regulations and by applicable national (laws, regulations, including sector regulations) and supranational legislation.Legal basis: the execution of legal obligations to which the Company is subject.
   Data retention period: for the time necessary for the fulfillment of legal obligations plus the time required for manual cancellation.
5. Judicial defence and extrajudicial debt recovery
   The data processing by the Data Controller can be finalized, if necessary, to ascertain, exercise or defend the rights of the Data Controller in court or to recover a claim against the data subject.
   Legal basis: the legitimate interest of the Company to defend itself in court against the interested party.
   Data retention period: for the entire duration of the same, until the expiry of the terms of enforceability of the appeals plus the time necessary for manual cancellation.

Conferment of data

The conferment of data for the purposes referred to in letters:

• a) The data are acquired automatically during the navigation on the Sites;
• b) The user may object to the recording of cookies on their hard disk by configuring their browser. However, after this operation, some functions of the web pages may not be performed correctly;
• c) Mandatory to allow the recognition of the interested party and the response to requests for information or assistance from the same;
• d) Mandatory to allow the Data Controller to fulfill the obligations established by regulations and national legislation (laws, regulations, including sector) and applicable supranational;
• e) Mandatory to ensure the Data Controller’s legitimate interest in defending himself in court and / or recovering a claim against the interested party.

Categories of recipients of personal data

Your Personal Data will be processed by employees and/or collaborators of the Data Controller who have received adequate operating instructions and who have been expressly authorized to do so.

Your data may be communicated to subjects, autonomous holders of the treatment, such as to:

• Authorities and supervisory and control bodies and in general subjects, public or private, entitled to request the data;
• Legal firms or other companies for the purposes indicated above.

The data may also be processed, on behalf of the Company, by external parties designated as external data processors, such as: companies dealing with the maintenance of the website.
Your data will not be transferred to non-EU countries and in the event that this is foreseen, your consent will be requested in advance.

Your rights

In relation to the processing of personal data carried out by the Data Controller, you can ask the Data Controller, when applicable, to access the data concerning you, their cancellation (except in the hypothesis referred to in point 5), the correction of inaccurate data, the integration of incomplete data, the limitation of processing in the cases provided for by art. 18 GDPR, as well as opposition to processing, for reasons related to your particular situation, in the hypothesis of legitimate interest of the Data Controller.

In the event that the processing is based on consent, you have the right to withdraw the consent given at any time.

In the event that the processing is based on consent or on the contract and is carried out with automated tools, you have the right to receive your data in a structured format, commonly used and readable by an automatic device, as well as, if technically feasible, to transmit them to another holder without impediments.

At any time, you can lodge a complaint with the Personal Data Protection Authority, as well as resort to the other means of protection provided for by the applicable legislation.

In order to exercise your rights, you can contact the Data Controller by sending a written communication to the above address, or an e-mail to privacy@kedos-srl.it

Information updated on 9 September 2024