Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
DATA CONTROLLER AND DPO
By browsing this website, personal data relating to identified or identifiable natural persons may be processed.
The “data controller” is Kirey Srl, with registered office in Milan, Via Benigno Crespi 57, 20159.
The appointed DPO domiciled for the office in Milan can be contacted at the following address: firstname.lastname@example.org.
DATA PROCESSING LOCATION
Data processing operation related to the web services of this site takes place at the offices of the data controller and is only handled by authorized technical staff.
TYPES OF DATA PROCESSED
-Web browsing data-
The IT systems and software procedures used by this web site automatically acquire, during their normal operation, some personal data, the transmission of which is implicit in the use of internet communication protocols. This information is not collected with the intent of associating it with users but, by its nature, may lead to the identification of users through processing and association with data held by third parties.
This category of data includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the user’s operating system and computer environment. This data is necessary to obtain anonymous statistical data about the use of the site and to check that it functions correctly; they are deleted immediately after processing. The data could be used to ascertain responsibility in case of computer crimes against the site: except for this possibility, data concerning web contacts are not currently stored for more than seven days.
– Data provided voluntarily by the user –
The optional, explicit and voluntary transmission of personal data by the user in the registration forms on this website entails the subsequent acquisition of the data provided by the sender, necessary to reply to requests. Specific summary information will be progressively shown or displayed on the website pages dedicated to particular on-demand services.
Cookies are small text files sent to the user’s device by the visited websites. They allow the website to function efficiently and improve its performance, as well as to provide information to the owners of the site.
Cookies can be first or third-party.
- First-party cookies are generated and stored by the website owner. The website owner is required to provide the option for obtaining informed consent and a means of blocking cookies.
- Third-party cookies are managed by a third-party other than the site owner. The responsibility for managing consent and providing a means of blocking cookies falls to the individual third-party, while the site owner is required to link on his/her website the relevant policies of the third-party.
COOKIES USED BY THIS WEBSITE
The http: //www.http: //kireygroup.com site uses technical cookies, to the extent strictly necessary for the use and navigation of its website. The use of session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient website browsing. The session cookies avoid the implementation of other technologies that could compromise the privacy of users’ browsing and do not allow the acquisition of personal identification data.
Users’ personal data may be acquired only through their explicit consent. If the user does not wish to receive any type of cookie on his/her device, either from this site or from others, he/she can select the “refusal” option on the banner displayed on the pages of our site.
Below, in detail, the cookies that can be installed.
|PROCESS TYPE||NAME||COOKIE DESCRIPTION||DURATION||LINK|
|Essential||__hs_opt_out||This cookie is set to give visitors the choice to opt out of cookies. It is used to remind not to ask the user to accept cookies again
|Essential||__hs_do_not_track||This cookie can be set to prevent the tracking code from sending any information to HubSpot
|Essential||hs_ab_test||This cookie is used to consistently serve visitors the same version of a test page they’ve seen before
|End of session|
|Essential||hs-membership-csrf||This cookie is used to ensure that content membership logins cannot be forged
|End of session|
|Essential||hs_langswitcher_choice||This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages
|Essential||__cfduid||This cookie is set by HubSpot’s provider, Cloudflare. It helps to detect malicious visitors to the website and minimizes blocking legitimate users||Session cookie that lasts a maximum of 30 days||Link|
|Essential||__cfruid||This cookie is set to check the visitors and count web calls, to prevent the same connection from calling too many pages causing problems to the system
|End of session||Link|
|Third party technician||Google Analytics||This cookie is used to distinguish users by assigning a randomly generated number as a client identifier. It is included in every page request and is used to calculate the number of visitors, sessions and data in order to produce analysis reports
|End of session||Link|
|__hstc||The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session)
|hubspotutk||This cookie keeps track of a visitor’s identity. It is passed to HubSpot on form submission and used when deduplicating contacts
|__hssc||This cookie keeps track of sessions. This is used to determine if it is necessary to increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount and session start timestamp
|__hssrc||Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session
|End of session|
The user can manage the security settings from the following browsers:
- Chrome: https://support.google.com/chrome/answer/95647?hl=it
• Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
• Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies
• Opera: http://help.opera.com/Windows/10.00/it/cookies.html
• Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT
VOLUNTARY PROVIDING OF DATA
Apart from what has been specified for browsing data, the user is free to provide personal data in the request forms or indicated contacts to request the sending of informative material or other communication. Failure to provide data may make it impossible to obtain the requested service. An appropriate notice will be provided in case of data transfer through different forms and / or sessions.
Personal data is automatically processed for the time strictly necessary to achieve the purposes for which they were collected. The expiry duration of cookies is indicated, for each of them, in the summary table.
SHARING, COMMUNICATION AND DISSEMINATION OF DATA
The gathered data can be transferred or communicated to third parties (the list is available at the data management owner) for activities strictly connected and instrumental to the efficiency of the service, such as the management of the information system.
Apart from these cases, personal data will not be either communicated or granted to anybody, unless otherwise provided by the agreement or authorized by the subjects. In this case, personal data could be sent to third parties, but only and exclusively if:
– there is explicit consent to share data with third parties;
– there is a need to share information with third parties in order to provide the requested service;
– this is necessary to fulfil requests from the judicial authority or Public Safety.
No data deriving from the web service will be disseminated.
RIGHTS OF THE DATA SUBJECTS
The data subject has the right to obtain at any time confirmation of the existence of personal data, to know their content and origin, to verify their accuracy or to request data integration, updating or rectification (Article 12 – 22 GDPR 679/16). Pursuant to the same article, the person concerned has the right to obtain deletion, transformation into anonymous form or block of data as well as to oppose, for legitimate reasons, to the treatment itself.
Kirey Srl periodically checks its privacy and security policies and, if necessary, reviews them in relation to regulatory, organizational or changes derived from technological evolution. If the policy should be changed, the new version will be posted in this page of the website.