DATEV KOINOS S.R.L. manages data supplied by its users in compliance with the provisions of the European General Data Protection Regulation no. 679/2016 (“GDPR”). This document is meant to provide information, in compliance with the provisions of article 13 of the afore-mentioned GDPR, to those who interact with the Website owned by DATEV KOINOS S.R.L., login.datev.it, during their online activities.

The Privacy Policy only applies to this Website. It does not apply to any other third-party Websites that users might access by clicking on links which may be present on this Website, for which a corresponding notice shall be supplied.

During navigation of this Website, data related to identified or identifiable people may be treated.

1. DATA CONTROLLER

The Data Controller is DATEV KOINOS S.R.L., Milan, Corso Garibaldi 86, VAT Number 03336420967.

2. TYPES OF PROCESSED DATA

Navigation data
During normal activity, the computer systems and software procedures required for the functioning of this Website shall acquire some personal data whose transmission is implicit in the use of Internet communication protocols. Such data are not gathered to be associated to identified interested parties; however, because of their own nature, they could allow the identification of users, by means of their elaboration and association with data held by third parties. This data category includes IP addresses or dominion names of the computers used by users while connecting to the Website, URI (Uniform Resource Identifier) addresses of the resources required, the time of request, the method used to provide the request to the server, the size of the file obtained in response, the number code indicating the status of the server data response (obtained, error, etc.), as well as other parameters connected to the operative system and to the user’s computer environment.

Data supplied to create user accounts, to access the Data Controller’s software and services, and to process purchase orders
Users who are interested in accessing the software and services supplied by the Data Controller and/or in purchasing them shall have to log in after registering their profile on the Website.

Data treated for the aims of registration include: first name, last name, e-mail address. A username and a password will also be required.

3. PURPOSE OF DATA PROCESSING

Personal data, as identified at point 2, letter a), are treated for the sole aim of gathering anonymous statistical information on the use of the Website and to check its correct functioning. Furthermore, navigation data might be used to ensure responsibility in case of alleged computer crimes against the Website.

Data as identified at point 2, letter b) are treated in order to allow the registration and the creation of client accounts, as well as access to the Data Controller’s software and services, and the processing of purchase orders.

4. LEGAL BASIS OF DATA PROCESSING

Personal data as identified at point 2, letter a) are treated by the Data Controller on the basis of their legitimate interest, in compliance with the provisions of article 6, par. 1, letter f) of the GDPR (such as, for example, in order to guarantee the correct functioning of the Website, as well as to keep computer systems safe, and to prevent unauthorised access or cyberattacks).

Personal data as identified at point 2, letter b) are treated by the Data Controller for the execution of pre-contractual measures, upon request of the interested party (such as a profile creation) and/or to implement the contract relationship, in compliance with the provisions of article 6, par. letter b) of the GDPR.

5. DATA COMMUNICATION

Users’ personal data shall be treated by employees and cooperators of the Data Controller, in their role of people authorised to and/or in charge of data treatment. Such data can be communicated to other parties only when it is necessary in order to carry out the required performance. Should DATEV KOINOS S.R.L. need to cooperate with said third parties, they shall be carefully selected on the basis of their skills, expertise and reliability, so as to offer adequate guarantees of the compliance with the applicable provisions related to data treatment. Said third parties shall be appointed as Data Controllers and/or as people authorised to the treatment of data. DATEV KOINOS S.R.L. shall regularly check to ensure the correct execution of the tasks carried out by said subjects and their compliance with the required safety measures for personal data. Should you wish to obtain and consult an updated list of subjects who were appointed as Data Controllers, please write to: privacy@datevkoinos.it.

In any case, data treatment by third parties shall have to be carried out in accordance with the principle of propriety and in compliance with the provisions of applicable legislation, including EU Regulation no. 679/2016.

6. DURATION OF PROCESSING

The personal data acquired by the Website or voluntarily supplied by users shall be preserved by DATEV KOINOS S.R.L. for the time necessary to carry out the indicated actions, save the need to preserve such data even after the end of data treatment, in order to comply with the obligations as per the applicable legislation.

Please notice that the system creates a log of anomalous events and of accesses, which are memorised for no longer than 30 days, and which are used to ensure responsibility in case of alleged computer crimes against the Website.

Furthermore, the personal data provided for the creation of an account and to allow the processing of a purchase order shall be preserved for the time required in compliance with the provisions of the applicable legislation related to the products which are object of the orders, as well as of administrative and fiscal legislation and, in any, case, for no longer than a 10-year period. Your consent is not required, since such data are necessary to implement the contract.

7. PROVISION OF DATA

Apart from what was specified for navigation data, the user is required to provide data in order to register on the Website, to purchase the products and services of the Data Controller and to use them. Should such data not be provided, the user shall not be able to purchase and use the products and services provided by DATEV KOINOS S.R.L.. Please also notice that, in certain cases (which are not part of the ordinary management of this Website), the Authorities can request data and information, in compliance with the provisions of article 58 paragraph 1, letter a) of EU Regulation no. 679/2016, for the aims of control of personal data processing. In such cases, response is mandatory, and, should it not be provided, the company shall be subject to an administrative sanction.

8. METHODS OF PROCESSING

The processing of personal data is based on the principles of honesty, legitimacy and transparency. Personal data are treated with automatised tools for the time that is strictly necessary to meet the aims for which they were gathered. Specific safety measures are observed, among other things, to guarantee the safety, privacy, integrity and availability of the systems and services and to prevent the risk of data loss, illicit or incorrect use and unauthorised access.

9. RIGHTS OF DATA SUBJECTS

The subjects to whom personal data refer have the right to obtain, at any time, confirmation of the existence of their personal data and to know their content and origin, to check their accuracy or to request their integration or update, or their correction (articles 15-22 of EU Regulation no. 679/2016). In compliance with the provisions of said articles, data subjects have the right to request the cancellation, limitation, and portability of their data, to revoke their consent, as well as to oppose, in any case, for legitimate reasons, to their treatment. We would furthermore like to inform you that, in compliance with the provisions of article 77 of the afore-mentioned EU Regulation, should you believe that the treatment of your data is in violation of the afore-mentioned Regulation, you have the right to lodge a claim to a supervisory authority, more specifically in the Member State in which you usually reside, work or where the alleged violation took place. In Italy, said authority is the Italian Data Protection Authority (Garante per la protezione dei dati personali).

You may, at any time, exercise your rights by sending:

  • a registered letter with return receipt to the legal headquarters of DATEV KOINOS S.R.L. at the following address: DATEV KOINOS S.R.L. in Milan, Corso Garibaldi 86;
  • an e-mail to the following e-mail address: privacy@datevkoinos.it.