This page describes the administrative arrangements used on the kuama.it site for processing the personal data of the users who consult the site. The present notice is provided, including pursuant to Article 13 of Legislative Decree no. 196/2003 (as amended), solely for the site kuama.it and not for other websites which users may consult via links available on the present site.

Controller

Consultation of this site may result in data relating to identified or identifiable persons being processed. The data processing "Controller" is Kuama Srl - Via Germania, 7 - 35010 - Vigonza (PD) VAT ID IT05193790283.

LOCATION OF DATA PROCESSING

Processing will be carried out electronically and manually using methods and tools designed to ensure maximum security and confidentiality by specifically appointed persons in compliance with the provisions of Articles 31 et seq. of Legislative Decree 196/03. The personal data obtained from forms on the site will be archived at the Microsoft Azure (Northern Europe) datacentre and processed on the Controller's premises exclusively by appropriately trained technical office staff appointed to carry out processing. No data arising from the web service is disclosed or distributed to third parties except for the purpose of providing requested services or for promotional and marketing activities closely connected to Kuama. Some data could be transferred to foreign countries, including outside the EU. You can obtain further detailed information about the processing of personal data for each service or contact us at the following address: gdpr@kuama.net

PROCESSING ARRANGEMENTS AND SECURITY OF INFORMATION

Personal data will be retained for no longer than required for the purposes for which the data were collected and subsequently processed, and in any event for no longer than 15 years unless anonymised. The Controller makes no use of automated processes, including profiling, to achieve the purposes set out in the present notice.

We do everything possible to ensure the security of your data. We carry out a series of technical, administrative and physical checks to ensure your data stay confidential and secure. In compliance with the applicable rules, specific security measures are taken to prevent data loss, illegal or improper use and unauthorized access. For any information relating to security, contact gdpr@kuama.net

TYPES OF DATA PROCESSED

In the course of normal operation, the computer systems and software routines used for operating this website obtain some personal data, the transmission of which is inherent to the use of Internet communications protocols.

This is not information which is collected for the purpose of being associated with identified data subjects, but by its very nature could, by processing and association with data held by third parties, allow users to be identified.

This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the timing of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters associated with the user's operating system and computing environment.

These data are used for the sole purpose of obtaining anonymous statistical usage information about the site and to monitor its proper functioning and they are deleted immediately after processing. The data could be used to establish liability in the event of cybercrime causing damage to the site, but web contact data are otherwise stored for no longer than seven days.

Data voluntarily supplied by the user

Sending electronic mail optionally, explicitly and voluntarily to the addresses shown on this site means that the sender's address together with any other input personal data which are required to respond to the request are obtained.

Registration for our newsletter means that the user's email address will automatically be included in a contact list to which email messages may be sent containing information, including of a commercial and promotional nature, which will always solely relate to Kuama Srl.

We use MailChimp as our newsletter service; this archive might be located outside the EU. MailChimp, like any newsletter management platform, provides the Controller with information about who opens the newsletters and clicks on links in order to improve communication between Kuama and its users.

Cookies

What are Cookies?

Cookies are small text files saved to the computer or device during browsing which allow information about online activity to be collected. They have an expiry date, after which they are removed; some are deleted immediately on completion of a session.

What are they for?

Cookies allow us to personalize your browsing and suit it to your preferences. They also allow us to understand how to improve our site to make it even more enjoyable and easier to consult. What kind of cookies do we use?

Technical cookies: these are essential to the functioning of the website. This type of cookies allows you to browse the site properly, see objects and benefit from services.

No personal data about users is obtained by the site in this connection.

No use is made of cookies to transmit information of a personal nature, nor is any use made of any kind of persistent cookies, i.e. user tracking systems.

No cookies?

Explanations about how to manage, check and remove cookies from your device, depending on the browser you use:

OPTIONAL NATURE OF DATA PROVISION

Other than as specified for browsing data, the user is free to supply the personal data mentioned in request forms to Kuama or otherwise indicated in contacts with the office to request the dispatch of the newsletter, information material or other messages.

Failure to provide such data may mean it is impossible to obtain what has been requested.

PURPOSES OF PROCESSING

The personal data supplied will be processed by Kuama in accordance with the provisions of the Italian Civil Code for administrative purposes relating to contractual requirements and for consequent compliance with the resultant legal and contractual obligations, as well as for efficiently managing commercial relationships and compiling statistics, maintaining contact with users and sending email messages.

Processing of the data is thus necessary in order to allow the company to meet its obligations towards users, to comply with the obligations set out in legislation, regulations or EU rules and to exercise its rights in a judicial setting.

Such purposes include:

  • obtaining and managing product and/or service enquiries and related administrative and taxation tasks;
  • obtaining unsolicited applications;
  • sending commercial/promotional/informative communications by post, telephone, SMS, fax or email, as well as via optional registration for mailing lists and newsletters.

RIGHTS OF DATA SUBJECTS

Pursuant to Article 7 of Legislative Decree 196/2003 and Articles 15 to 22 of Regulation (EU) 2016/679, the data subject can at any time exercise the right:

  • to request confirmation of the existence or otherwise of his/her personal data;
  • to obtain information about the purposes of processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed and, when possible, the period of storage;
  • to obtain rectification or erasure of personal data;
  • to obtain restriction of processing;
  • to obtain data portability, namely to receive the personal data from a Controller in a structured, commonly used and machine-readable format and to transmit those data to another Controller without hindrance,
  • to object to processing at any time, including for direct marketing purposes;
  • to object to an automated decision-making process relating to natural persons, including profiling;
  • to request from the Controller access to and rectification or erasure of personal data or restriction of processing concerning him/her or to object to processing as well as the right to data portability;
  • to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • to lodge a complaint with a supervisory authority.

back