loader image
mobile-logo
Top

Partner Privacy Policy

INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA
of users who consult our Website www.kibag.it,
pursuant to Article 13 of (EU) Regulation 2016/679

 

Contents
1. FOREWORD
2. DATA CONTROLLER
3. PURPOSE AND LEGAL BASIS OF PROCESSING
4. COLLECTED DATA
5. COOKIES
6. DATA RETENTION PERIOD
7. TRANSFER OF COLLECTED DATA TO THIRD PARTIES
8. LOCATION OF PROCESSING
9. SECURITY MEASURES
10. USER RIGHTS
11. DISCLOSURE UPDATE

 

  1. FOREWORD
    Pursuant to (EU) Regulation 2016/679 (hereinafter referred to as the “Regulation”), this page describes the manner in which the personal data is treated of users who consult and use the Kibag Website of Con.Fid. Tec S.r.l., (hereinafter Con.Fid. Tec), at the following web address: www.kibag.it, as the providers of the luggage storage service (hereinafter referred to as “Partners”).
    This information does not pertain to other Websites, pages, or online services that can be reached through hypertext links that may be posted on the Website, but refer to resources outside Kibag’s domain.
    By using or consulting the Website, visitors and users approve this privacy policy and consent to the processing of their personal data in the manner and for the purposes described below, including possible disclosure to third parties if necessary for the provision of the service.

 

  1. DATA CONTROLLER
    The Data Controller under current laws is Con.Fid. Tec S.r.l. contacted through the CONTACTS section of https://www.kibag.it/supporto/
    The web hosting service provider Var Group – Via Privata Gaetano Sbodio, 2 – 20141 Milan is located in the European Economic Area and acts in accordance with European standards.

 

  1. PURPOSE AND LEGAL BASIS FOR PROCESSING
    The processing of data collected by the Website is aimed at the following purposes:
    – Access and registration to the Kibag portal: collection of data and information that is instrumental and necessary for the use of services for the partner, including the ability to see the reservations list and the order and services history.
    In particular, within this purpose, Con.Fid. Tec will process personal information, among other things, to:
    enable the user to browse and access the Kibag Website;
    enable the user to register with the Website, creating an account, and to utilise the functions that are reserved for the partners, including, in particular, the ability to view the reservations and the order history;
    maintain and manage your account;
    store in the account data and information related to the storage point, such as, for example, contact details, opening hours, and location.

– Conclusion and execution of the affiliation contract: collection of data and information that is instrumental and necessary for the conclusion of the affiliation contract as a partner, in particular to:
conclude the affiliation contract;
execute the obligations that are the responsibility of the partner regarding the concluded contract, such as, for example, the performance of the service;
to enable the performance of the obligations that are the responsibility of Con.Fid. Tec regarding the concluded contract, such as, but not limited to, payment for the service performed by the partner.

The legal basis for this data treatment is: the conclusion of the contract or pre-contractual measures and the fulfilment of legal obligations.

The data for the above purposes is necessary to enable access and registration in the area reserved for partners and/or the provision of account management and maintenance services as well as the conclusion of the affiliation contract through the Website. Failure to provide this data will therefore make it impossible for the user to access and/or browse the Website and/or register as a partner and/or provide the luggage storage service and conclude the relevant contract.

– Administrative, fiscal and accounting purposes: collection of data and information that is instrumental and necessary for the purpose of performing administrative, accounting and/or tax obligations related to the Kibag services.
The legal basis for this processing is the fulfilment of legal obligations by Con.Fid. Tec S.r.l.

– Security: Collection of data and information in order to protect the security of the Website (spam filters, firewalls, virus detection) and Users and to prevent or expose fraud or abuse against the Website. The data are recorded automatically and may possibly include personal data (IP address) that could be used, in accordance with the relevant laws, in order to block attempts to damage the Website itself or cause harm to other users, or otherwise harmful or criminal activities. This data is never used for identification or profiling of the User and is periodically deleted.

— Ancillary activities: Disclose data to third parties who perform functions that are necessary or instrumental to the operation of the service, and to enable third parties to carry out technical, logistical and other activities on behalf of Con.Fid. Tec S.r.l.. Providers have access only to personal data that are necessary to perform their tasks, and they agree not to use the data for other purposes. They are required to process personal data in accordance with applicable regulations.
The legal basis for this data treatment is: the conclusion of the purchase contract or pre-contractual measures and the fulfilment of legal obligations.

 

  1. COLLECTED DATA
    This Website collects user data in two ways:
    – Data provided by the partner
    The Website collects the data necessary to be able to and manage the provision of the Kibag service and the related obligations of the affiliation contract.
    The data required are email, name of the contact person, name of the business, type of business, capacity of the storage area, telephone number, address, billing address, VAT number, data for payments, data related to the business: opening/closing hours, description (optional), photo (optional).
    Data provided voluntarily through e-mail communications may also be processed.

– Automated data collection: During Users’ browsing, the following may be collected:
Technical data such as IP addresses, type of browser used and other parameters related to the User’s operating system and computer environment.
The data that is collected this way could be used to ascertain liability in the event of any computer crimes against the Website.
This data is used for statistical and analytical purposes, in aggregate form only. The IP address is used for security purposes only and is not cross-referenced with any other data or data collected using cookies or similar technologies. For more information, we invite you to review the “Cookie” policy https://www.kibag.it/cookie-policy
Providing this data, and thus consenting to its collection and processing, is optional. At any time users may withhold consent, and may revoke consent that was given (via the browser settings for cookies, or by contacting the Data Controller). However, denying consent may result in the inability to deliver the service and the Website experience would be compromised.

 

  1. COOKIES
    For information regarding the use of cookies and how to disable them, please refer to the Cookie Policy.

 

  1. DATA RETENTION PERIOD
    The data collected by the Website during its operation are retained for the time that is strictly necessary for the execution and fulfilment of contractual purposes.
    Data required for administrative, tax and accounting purposes, such as invoices and accounting documents, are retained within the mandatory time frame prescribed by law.
    Upon request by the user, the profile will be closed and the data will be deleted or anonymised, unless there is no further purpose for retaining the data.
    Personal data may be transferred outside the European Union for processing by some of our service providers. In this case, we ensure that this transfer takes place in compliance with applicable legislations and that an adequate level of personal data protection is guaranteed by relying on an adequacy decision, standard clauses defined by the European Commission, or Binding Corporate Rules.

 

  1. TRANSFER OF COLLECTED DATA TO THIRD PARTIES AND DISTRIBUTION

The data provided by the user will be disclosed only to competent and duly appointed parties for the performance of services necessary for the proper management of the contract and business relationship, with guaranteed protection of the data subject’s rights and will be processed only by personnel who is authorised by the Controller

The data collected by the Controller may be communicated:
– to public and/or private entities for which the communication of data is obligatory or necessary in fulfilment of legal obligations;
– to companies that perform functions closely related and instrumental to the operation – including technical functions – of Kibag’s services, such as, for example, companies that provide archive, administrative, payment and billing services, companies that provide technical components for the delivery of the online service;
– following a legitimate request by the judicial authority;
– for the execution of security controls or Website optimisation.
Under no circumstances will personal data be given or sold to third parties.
The contact information in the partner profile will be published on the Kibag Website and App. Publication is necessary for the purpose of contract execution and pre-contractual measures.

  1. LOCATION OF PROCESSING
    The data collected from the Website are processed at the Data Controller’s office and at the Data Centre of the web Hosting service, Var Group, which is responsible for data processing, by processing the data on behalf of the Data Controller, and is located in the European Economic Area and acts in accordance with European standards.
    Users’ personal data may be processed outside the area of the European Union, in particular:
    – data to be processed by some service providers of Con.Fid. Tec S.r.l., which perform functions closely related and instrumental to the operation of the Kibag service;
    – the Website may share some of the data with services performed by Google and Facebook through social plugins and the Google Analytics service.
    The transfer is authorised under specific decisions of the European Union and the Italian Data Protection Authority, in particular Decision 1250/2016 (Privacy Shield – the Italian Data Protection Authority’s information page), so no further consent is needed. The companies mentioned above guarantee their adherence to the Privacy Shield.

 

  1. SECURITY MEASURES
    We process visitor/user data lawfully and fairly, taking appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of data. The processing is carried out by means of computer and/or telematic tools, with organisational methods and logic strictly related to the purposes that are indicated. In addition to the Data Controller, in some cases, categories of appointees involved in the organisation of the Website or external parties (such as third-party technical service providers, hosting providers) may have access to the data.

 

  1. USER RIGHTS
    Pursuant to European Regulation 679/2016 (GDPR) and Article 7 of Legislative Decree. June 30, 2003, No. 196, the User may, in the manner and within the limits provided by current legislation, exercise the following rights:
    – oppose in whole or in part, for legitimate reasons, the processing of personal data concerning him/her for the purpose of sending advertising materials or direct selling or for market research or commercial communications;
    – request confirmation of the existence of personal data concerning him/her (right of access); – know the origin;
    – receive intelligible communication;
    – have information about the logic, methods and purposes of treatment;
    – request updating, rectification, integration, cancellation, and transformation into anonymous form, the blocking of data processed in violation of the law, including the data no longer necessary to achieve the purposes for which they were collected;
    – in cases of processing based on consent, the user may receive at the sole cost the support, the user’s data that was provided to the data controller, in a structured form readable by a data processor and in a format commonly used by an electronic device;
    – the right to lodge a complaint with the Data Protection Authority (Privacy Guarantor);
    – as well as, more generally, to exercise all the rights recognised to him/her by current laws.
    The user may exercise his/her rights against the Data Controller at any time by contacting support@kibag.it.

 

  1. UPDATING OF THE POLICY
    This policy may be subject to change as a result of substantial changes to the Data Controller’s use of the data.
    The updated version of the privacy policy will be posted on the Kibag Website, with the date of the latest issue.