This privacy policy describes the treatment of personal data entered or collected in the website https://www.knetproject.com for the purpose of newsletters and is made pursuant to Article 13 of EU Regulation 679/2016 (General Data Protection Regulation, hereinafter “GDPR“) and the applicable national law on privacy and personal data protection.

1. DATA CONTROLLER /// IDENTIFICATION AND CONTACT DETAILS OF THE DATA CONTROLLER

The data controller responsible for treatment of your personal data is KNET PROJECT s.r.l., Via Alberto Nota n. 5, 10122 – Torino (TO), VAT no. 09647420018, (hereafter “Data Controller”).

2. WHAT TYPE OF DATA IS HANDLED

The types of personal data we collect depend on the purpose for which it is collected.

In general, we may collect the following types of personal data (hereinafter “Personal Data“) directly from you:

1. personal contact data, such as first name, last name, email address, address, city, telephone number;
2. data relating to your corporate, business or company organization such as the identification and contact data of shareholders, directors, employees, associates and consultants (such as, by way of example but not limited to, name, surname, e-mail address, certified e-mail address, address, city, telephone number);
3. usage, navigation, functional, session, statistical and profiling data, including the device identifier or the user’s IP address, the time the user visits the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment;

The treatment also involves operations, or set of operations, concerning data collected through the use of cookies, whose policy is recalled in full, viewable at the following link https://www.knetproject.com/cookies-and-privacy/

3. WHY WE HANDLE YOUR DATA AND THE LEGAL BASIS

The processing of your Personal Data by the Data Controller takes place, only after your specific and distinct consent (art. 6 lett. a) and art. 7 GDPR), for the following marketing purposes:

– to send via e-mail, mail and/or sms and/or telephone contacts, newsletters, commercial communications and/or advertising material on products or services offered by the Data Controller and detection of the degree of satisfaction on the quality of services;

If you have denied your consent, it will not be possible to carry out the aforementioned activities and in any case if you have given your consent to the processing activities, you will have the right to revoke, at any time, the consent given.

4. HOW LONG WE STORE AND PROCESS YOUR PERSONAL DATA

Your Personal Data will be processed by the Data Controller only for the period of time necessary to achieve the purposes of the processing referred to in Article 3 above, after which they will be kept only in order to comply with the legal obligations applicable in this case, for administrative purposes and/or to assert or defend a right and, in any case, not beyond the time limits established by law for the prescription of rights. 

In particular, for marketing purposes, the User’s Personal Data will be kept by the Data Controller for a maximum of two years, whereas for profiling purposes for a maximum of one year.

5. DATA HANDLING METHOD

Personal Data are processed both in paper form and electronic and/or automated processing for the time necessary to achieve the purposes for which they are collected by the Data Controller or by persons duly authorized and/or appointed to perform such tasks, constantly identified and/or appointed, properly trained and made aware0of the restrictions imposed by law, as well as trough the use of security measures to ensure the protection of confidentiality and to avoid the risk of loss or destruction, unauthorized access, treatment non allowed or not in accordance with the purposes mentioned above.

6. WHO MAY BE GIVEN YOUR PERSONAL DATA

For the purposes indicated above, your Personal Data may be made accessible or communicated to:

– employees and collaborators of the Data Controller, in their capacity as authorized personnel for processing, within the scope of their respective duties and in accordance with the instructions received. These individuals are, however, subject to the obligations of confidentiality and privacy;

– third parties who carry out activities in outsourcing on behalf of the Data Controller to which are entrusted certain activities, or part of them, functional to the provision and distribution of services offered through the site (eg hosting companies, programmers, systems and database administrators, technical support centers, Internet and telecommunications operators) or whose activities are connected, instrumental or support that of the Data Controller (eg management software and / or marketing in the cloud, etc..);

– to all those public and/or private subjects, natural and/or legal persons ( law firms, administrative and fiscal offices, credit recovery companies, Judicial Offices, Chambers of Commerce, Chambers and Offices of Labor, etc.), if the communication is necessary or functional to the proper fulfillment of contractual obligations assumed, as well as obligations under the law;

– to all those subjects (including Public Authorities) who have access to Personal Data by virtue of regulatory or administrative measures;

In any case, your Personal Data collected will not be resold or transferred to third parties for marketing purposes and will not be disseminated..

7. TRANSFER OF PERSONAL DATA OUTSIDE EU

Personal data are managed and stored on servers within the European Union. However, if the Data Controller hold it necessary, the servers may be moved within Italy and (or in the EU region and/or outside of the EU). In this case, the Data Controller guarantees that the transfer of data outside of the EU will take place in accordance with current law, establishing, if necessary, agreements that guarantee an adequate level of safeguarding and/or adopting the standard contractual clauses laid down by the European Commission.

8. CHILDREN UNDER 18 YEARS OLD

This Site and the Data Controller do not voluntarily collect Personal Data from children under the age of 18. In accordance with applicable laws, the parental responsibility holder must provide consent to the collection of Personal Data from the child. In the event that Personal Data about minors is inadvertently recorded, the Data Controller will delete it in a timely manner upon the request of the parental responsibility holder.

9. USER’S RIGHTS

In accordance with article 15 and subsequent of the GDPR section 7 and in accordance with Italian Privacy Law, the User has the right to obtain:

1)  to obtain from the Controller confirmation as to whether personal data concerning you are being processed and if so, to obtain access to the personal data and the following information:

• the purposes of the processing;
• the categories of Personal Data processed;
• the recipients or categories of recipients to whom the Personal Data have been or will be communicated, in particular if they are recipients in third countries or international organizations;
• If possible, the expected period of retention of the Personal Data or, if this is not possible, the criteria used to determine this period;
• the existence of the data subject’s right to request from the Data Controller the correction or erasure of Personal Data or the restriction of the processing of Personal Data concerning him or her or to object to their processing;
• the right to make a complaint to a supervisory authority;
• where the Personal Data are not collected from the data subject, all available information on their origin;
• the existence of an automated decision-making process, including profiling.

2)  to obtain from the Data Controller the amendment of inaccurate personal data concerning him/her without undue delay. Considering the purposes of the processing, the interested party has the right to obtain the integration of incomplete personal data, also by providing a supplementary declaration

3) Obtain from the Data Controller the cancellation of personal data concerning him/her without undue delay, and the Data Controller is obliged to cancel personal data without undue delay within the limits and in the cases provided for by current legislation.

4) Obtain from the Data Controller the limitation of the treatment.

5) Receive in a structured, commonly used and machine-readable format the personal data concerning him/her provided to the Data Controller and has the right to data portability and therefore to transmit such data to another data controller without any obstruction by the Data Controller to whom he/she provided them if the processing is based on consent or on a contract and the processing is carried out by automated means.

6) To object at any time, on reasons related to your particular situation, to the processing of personal data concerning you if the processing is necessary for the performance of a task carried out in the public interest or in connection with the exercise of official authority vested in the Data Controller, or if the processing is necessary for the pursuit of the legitimate interests of the Data Controller or third parties.

7) If you believe that your rights have been violated by the Data Controller, you may submit a complaint to the Guarantor Authority for the protection of personal data (Piazza Venezia 11, 00187 Rome (RM) – www.garanteprivacy.it) and/or to another competent supervisory authority under the GDPR

The Data Controller, following the rights referred to in paragraphs 2), 3) and 4) communicates to each of the recipients to whom the personal data were transmitted any corrections or cancellations or limitations of treatment within the limits and in the forms provided by current legislation.

To exercise the rights listed above towards the owner, you must submit a written request by sending a registered letter with return receipt to the headquarters of the owner, in Turin, Via Alberto Nota, 5, or by sending a pec to the address: knetproject@pec.it.

10. WHAT HAPPENS IN THE EVENT OF CHANGES TO THE PRIVACY POLICY

This Privacy Policy may be modified and/or updated at any time. If the Data Controller intend to process the Personal Data of Users for purposes other than those stated in article 3, the Data Controller will supply the User, before proceeding to said processing, with adequate information regarding the different purposes, and carry out said processing in accordance with current law.

This Privacy Policy was published on September 28^th, 2021. Any updates will be published on this page.