Kruso Kapital S.p.A., with its registered office at Largo Augusto 1/A, corner of Via Verziere 13 - 20122Milan, VAT No. 10753220960 (hereinafter referred to as the “Controller”), in its capacity as Data Controller, informs you pursuant to Legislative Decree196/2003, as amended by Legislative Decree 101/2018 (the “Privacy Code”) and Article 13 of Regulation (EU) 2016/679 (“GDPR”), that your personal data will be processed in accordance with the principles of fairness, lawfulness and transparency, and in accordance with the purposes and methods set out below,collecting only what is strictly necessary and relevant for the purposes of processing. The Data Protection Officer (DPO) may be contacted at: privacy@krusokapital.com where you may also exercise the rights provided for in Articles 15 and following of the GDPR.
1. Subject of the Policy
This Privacy Policy outlines the processing methods related to the use of the website https://www.krusokapital.com/en. Please note that this policy applies solely to the present website (hereinafter the “Site”) and not to any other websites that may be accessed via links. Further information may be provided where necessary upon requesting a specific service. “Processing of personal data” refers to any operation or set of operations, carried out with or without automated means, applied to personal data or sets of personal data, whether or not included in a database, such as collection, recording, organisation, structuring, storage, adaptation oralteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
2. Types of Data Collected
Pursuant to Regulation (EU)2016/679, by using our services, you consent to our Company collecting certain personal data. This notice explains what data we collect, why and how we use it. We collect and process the following categories of personal data:
a) Data voluntarily provided by the user: throughs pecific sections of the site (e.g., “Contact” form) or by voluntarily contacting the addresses provided, you may provide personal data such as
b) Browsing data: the IT systems and software procedures used for this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified individuals, but due to its nature, could, through processing and associations with third-party data, lead to identification. This includes IP addresses or domain names of the users’ computers, URI (Uniform Resource Identifier) addresses, the time of the request, method used in submitting the request, file size obtained, server response code (success, error, etc.), and other parameters regarding the user’s operating system and IT environment. These data may be used to ascertain liability in case of potential cybercrimes against the site.
c) Data collected via cookies orsimilar technologies: see our Cookie Policy fordetails on the types of cookies used and how to disable them.
3. Purposes of the Processing andLegal Basis
Apart from browsing data, which are necessary for IT protocol purposes, your personal data will be processed for the following:
3.1) Provision of the requested service:
Legal basis: contractual or pre-contractual measures (Art. 6, para. 1, lett. b) GDPR).
3.2) Legitimate interest
Legal basis: legitimate interest of the Data Controller (Art. 6, para. 1, lett. f) GDPR).
3.3) Legal obligations:
Legal basis: legal obligation (Art.6, para. 1, lett. c) GDPR).
4. Processing Methods
Processing is performed using paper and electronic means and includes collection, recording, organisation, storage, consultation, processing, alteration, selection, retrieval, comparison, use, interconnection, blocking, communication, erasure and destruction, as defined by Art. 4(2) GDPR.
5. Data Access and Disclosure
Your data may be made accessiblefor the purposes under point 3 to:
Data may also be disclosed to:
Your data will not be disseminated.
6. Data Retention Period
Browsing data are retained only for the time strictly necessary. After this, they will be deleted or anonymised, unless required for security or legal defence. Data voluntarily provided by users will be processed and stored only for the time necessary to fulfil the purpose for which they were collected, after which they will be deleted or anonymised, unless required for legal defence purposes.
7. Data Transfer
Your personal data may be transferred outside the European Union. Any such transfer will comply with applicable legal provisions:
In particular, please note that the site’s hosting provider, Webflow Inc., uses data centres located in the United States. The provider ad heres to the EU-US Data Privacy Framework, which ensuresan adequate level of data protection and is accessible via: https://www.dataprivacyframework.gov also incorporating the European Commission’s Standard Contractual Clauses.
8. Nature of Data Provision
Providing your data for the purposes in point 3 is mandatory where required by legal or contractual obligations. Refusal to provide such data may make it impossible for the Controller to provide its services. For cookies, see the Cookie Policy.
9. Data Subject Rights and How to Exercise Them
You may, at any time and where applicable, exercise your rights under Articles 15 et seq. of the GDPR:
If you believe your rights have been violated, you may file a complaint with the Data Protection Authority. To exercise your rights, you may contact the Data Controller at compliance&antiriciclaggio@krusokapital.com
or the DPO at privacy@krusokapital.com
DOCUMENTI INFORMATIVI