Privacy Policy

PRIVACY POLICY

updated in accordance with EU Regulation 2016/679

Introduction

Caleidos takes user privacy seriously and is committed to respecting it. This privacy policy describes the personal data processing activities carried out by Caleidos through the website www.caleidos-nexxus.it and the related commitments undertaken by the company in this regard.
Caleidos may process users’ personal data when they visit the website and use the services and features available on the website. In the sections of the website where users’ personal data is collected, a specific privacy policy is normally published in accordance with Articles 13 and 15 of EU Regulation 2016/679.
Where required by EU Reg. 2016/679, the user’s consent will be requested before proceeding with the processing of their personal data. If the user provides personal data of third parties, they must ensure that the communication of the data to Caleidos and the subsequent processing for the purposes specified in the applicable privacy policy complies with EU Reg. 2016/679 and applicable legislation.

2) Identification details of the data controller and data processor

Data controller:
Caleidos
Via della Moscova 40
20121 Milan
ronchi@caleidos-nexxus.it

You may obtain information about the data stored by us at any time and free of charge, and exercise your right to correction, blocking, restriction of use, indication of origin, portability and erasure of data by contacting us by email or telephone at the contact details above.

3) Type of data processed

Visiting and browsing the website does not generally involve the collection and processing of the user’s personal data, except for navigation data and cookies as specified below. In addition to the so-called “navigation data” (see below), personal data voluntarily provided by the user when interacting with the website’s features or requesting to use the services offered on the website may be processed. In compliance with the Privacy Code, Caleidos may also collect the user’s personal data from third parties in the course of its business.

4) Cookies and browsing data

The website uses cookies. By using the website, the user consents to the use of cookies in accordance with this Privacy Policy. Cookies are small files stored on the user’s computer hard drive. There are two main categories of cookies: technical cookies and profiling cookies.
Technical cookies are necessary for the proper functioning of a website and to allow the user to navigate; without them, the user may not be able to view the pages correctly or use certain services.
Profiling cookies are used to create user profiles in order to send promotional messages in line with the preferences expressed by the user while browsing.

Cookies can also be classified as:

_ “session” cookies, which are deleted immediately when the browser is closed;
_ “persistent” cookies, which remain in the browser for a certain period of time. They are used, for example, to recognise the device connecting to a website, facilitating authentication operations for the user;
_ “first-party” cookies, generated and managed directly by the operator of the website on which the user is browsing;
_ “third-party” cookies, generated and managed by parties other than the operator of the website on which the user is browsing.

5) Cookies used on the website

The website uses the following types of cookies:

1) first-party cookies, session cookies and persistent cookies, necessary to enable navigation on the website, for internal security and system administration purposes;

2) third-party cookies, session cookies and persistent cookies, necessary to enable the user to use multimedia elements on the website, such as images and videos;

3) persistent third-party cookies, used by the website to send statistical information to the Google Analytics system, through which Caleidos can perform statistical analyses of accesses/visits to the website. The cookies used are for statistical purposes only and collect information in aggregate form.
Through a pair of cookies, one persistent and the other session-based (expiring when the browser is closed), Google Analytics also saves a record of the times when the site was visited and exited. You can prevent Google from collecting data via cookies and subsequently processing it by downloading and installing the browser plug-in from the following address:
https://tools.google.com/dlpage/gaoptout?hl=it

4) persistent third-party cookies, used by the website to include buttons for certain social networks (Facebook, Twitter and Google+) on its pages. By selecting one of these buttons, the user can publish the contents of the web page they are visiting on their personal page on the relevant social network.
The website may contain links to other websites (so-called third-party websites). Caleidos does not access or control cookies, web beacons and other user tracking technologies that may be used by third-party websites that the user can access from the website. Caleidos does not control the content and materials published by or obtained through third-party sites, nor the methods used to process the user’s personal data, and expressly declines any responsibility for such eventualities. The user is required to check the privacy policy of the third-party sites accessed through the site and to find out about the conditions
applicable to the processing of their personal data. This Privacy Policy applies only to the site as defined above.

6) How to disable cookies in browsers

In accordance with Provision no. 231 of 9 June 2021 issued by the Italian Data Protection Authority, the company has activated a selection or deletion function for the collection of cookies. This function is offered directly to the user when accessing the website and can be modified over time.

7) Retention of personal data

Personal data is stored and processed using IT systems owned by Caleidos and managed by Caleidos or third-party technical service providers. For further details, please refer to the section entitled ‘Scope of accessibility of personal data’ below. Data is processed exclusively by specifically authorised personnel, including personnel responsible for performing extraordinary maintenance operations.

Translated with DeepL.com (free version)

8) Purposes and methods of data processing

Caleidos may process the user’s common, personal and special personal data for the following purposes:

  • use by users of services and features on the website;
  • management of requests and reports from its users;
  • sending newsletters;
  • management of applications received through the website;

Furthermore, with the user’s additional and specific optional consent, Caleidos may process personal data for marketing purposes, i.e. to send the user promotional material and/or commercial communications relating to the company’s services, to the contact details provided, either through traditional methods and/or means of contact (such as paper mail, telephone calls with an operator, etc.) and automated means (such as communications via the internet, e-mail, text messages, applications for mobile devices such as smartphones and tablets – so-called APPS -, social network accounts – e.g. via Facebook or Twitter -, telephone calls with an automated operator, etc.).
Personal data is processed in both paper and electronic form and entered into the company’s information system in full compliance with EU Regulation 2016/679, including security and confidentiality profiles, and inspired by the principles of fairness and lawfulness of processing. In accordance with EU Regulation 2016/679, data is stored and retained for the period of time necessary for processing.

9) Security and quality of personal data

Caleidos is committed to protecting the security of users’ personal data and complies with the security provisions set out in the applicable legislation in order to prevent data loss, unlawful or illegal use of data and unauthorised access to data, with particular reference to the technical documentation to which reference is made.

Furthermore, the information systems and computer programs used by Caleidos are configured in such a way as to minimise the use of personal and identifying data; such data is processed only for the specific purposes pursued from time to time. Caleidos uses multiple advanced security technologies and procedures to promote the protection of users’ personal data; for example, personal data is stored on secure servers located in secure and controlled access locations. Users can help Caleidos to update and maintain their personal data by communicating any changes to their address, job title, contact information, etc.

10) Scope of communication and access to data

The user’s personal data may be disclosed to:

  • all parties whose right to access such data is recognised by law;
  • our collaborators and employees within the scope of their duties;
  • all natural and/or legal persons, public and/or private, when disclosure is necessary or functional to the performance of our activities and in the manner and for the purposes described above.

11) Nature of personal data provision

The provision of certain personal data by the user is mandatory in order to allow the company to manage communications, requests received from the user or to contact the user again to follow up on their request. This type of data is marked with an asterisk [*] and in this case, its provision is mandatory in order to allow the company to follow up on the request, which otherwise cannot be processed. On the contrary, the collection of other data not marked with an asterisk is optional: failure to provide such data will not have any consequences for the user.
The provision of personal data by the user for marketing purposes, as specified in the section “Purposes and methods of processing” is optional and refusal to provide such data will have no consequences. Consent given for marketing purposes is understood to extend to the sending of communications by both automated and traditional methods and/or means of contact, as illustrated above.

12) Rights of the data subject

The rights of the data subject are governed by Articles 15-22 of GDPR 2016/679, to which reference should be made.

In particular, the aforementioned articles can be identified as follows:

  • 15: Right of access by the data subject
  • 16: Right to rectification
  • 17: Right to erasure (right to be forgotten)
  • 18: Right to restriction of processing
  • 19: Obligation to notify in case of rectification or erasure of personal data or restriction of processing
  • 20: Right to data portability
  • 21: Right to object
  • 22: Automated decision-making relating to natural persons, including profiling

13) Exercise of data subject rights

The data subject has the right to exercise the above rights regarding the processing of their personal or special data by sending a communication to the following address: Caleidos – Via della Moscova, 40 – 20121 Milan or to the following email address ronchi@caleidos-nexxus.it, accompanied by a photocopy of their identity document, expressly indicating which right they intend to exercise.

Upon completion of this operation, Caleidos undertakes to implement the data subject’s request.