Privacy Policy for the “Ksenia SecureWeb” App

The company Ksenia Security Spa, with registered office in Ripatransone (AP), SP Valtesino n. 49, VAT number 02027680442, as the Data Controller,

NOTIFIES
users intending to use the Android / iOS application called « Ksenia SecureWeb » that the data provided by users or automatically acquired by the app will be processed lawfully and fairly, in compliance with the principles established by EU and Italian regulations.

Purpose and methods of processing

The processing activities concern the functioning of the application and connected devices and the data subject’s data are acquired for the sole purpose of allowing the correct execution of operations between the app and our cloud ecosystem.

To take advantage of all the services offered, the app requires users to authenticate through a personal account, which is not created directly through the app. During this phase, the following personal data are requested:

– Email address.

The email address provided at the time of login is processed exclusively to access the app’s features.

During installation, the app collects data from the user’s device (location, app info and performance, app activity and device or other IDs).

The data that is stored within the app is exclusively that relating to the connection with our cloud and stored with the natively encrypted secure store.

Other information is collected by Amazon Pinpoint, as an independent data controller, for the management of statistical data relating to the use and functioning of the app, as fully described in the following paragraph. Where possible, the data is pseudonymised or processed in aggregate form, without the possibility of tracing the identity of the interested party, to reduce processing activities to a minimum.

Event and user activity data

In the context of our commitment to providing excellent service and continuously improving the user experience, we use Amazon Pinpoint to collect and analyze data related to the use of our mobile application Ksenia SecureWeb.

This allows us to better understand how our users interact with the app, which features are most appreciated, and which areas may require improvements.

The types of data collected through Amazon Pinpoint include, but are not limited to, app usage information, such as the frequency of opening, time spent in the app, actions taken, and basic demographic data, such as location and device type. These informations are collected anonymously and in aggregate form, without individually identifying users. We use this data exclusively for internal analysis and to improve the quality and relevance of our service.

Our privacy policy further details how we protect and manage your data, ensuring that your privacy is always respected and that the data is processed in accordance with applicable data protection laws.

Advertising ID Collection

Our app utilizes the « Expo » library, which is designed to offer specific features that enhance the user experience. It is important to note that, as part of its operations, « Expo » has the technical ability to collect the Advertising ID of users’ devices. However, we want to assure our users that, despite this capability, « Ksenia SecureWeb » does not use, process, or share the Advertising ID for any marketing, analysis, or tracking purposes.

Minors’ data

Data of minors are not processed.

Nature of provision

The processing of data is necessary to fulfill the user’s requests. Otherwise, the app would not be able to function and ensure remote control of the control panels. Providing this data is therefore necessary.

The legal basis for processing

The legal basis for processing is the contractual fulfillment related to the installation of the app on the user’s smartphone or tablet, in order to access the offered services.

Retention periods

The app only stores the data necessary to connect to our cloud and is stored through the natively encrypted secure store.

All other data processed is present only in the volatile memory of the device and deleted at the end of the connection session.

Interaction with external platforms

The app interfaces with external platforms only for internal analysis and to improve the quality and relevance of our service by using Amazon Pinpoint. The data exchange takes place over protected communication channels not subject to the control of the Data Controller.

Communication and disclosure

The data processed through the app are of a common nature and are not intended for dissemination. Data is exclusively exchanged with Amazon Pinpoint regarding the use of the service for the purpose of internal analyzes and to improve the quality of our service.

Data may be communicated to third parties, who, based on the type of relationship, may qualify as independent data controllers or processors under Art. 28 of EU Regulation 679/2016. The updated list of data processors is available at the Data Controller’s headquarters.

Rights of the Data Subject

Data subjects are entitled to the rights specified in Articles 15 to 22 of GDPR 679/2016. In particular, the Data Subject has the right to access their data (Article 15), request its rectification, updating, integration (Article 16), and deletion (Article 17), restrict its use by the Data Controller (Article 18), receive a copy in a structured, commonly used, and machine-readable format (Article 20), object to processing under specific circumstances (Articles 21 and 22). These rights can be exercised to the extent that processing is not mandatory due to legal or regulatory requirements. Requests related to the exercise of Data Subject’s rights can be sent to the Data Controller at the address info@kseniasecurity.com. If the Data Subject is not satisfied with the response provided to their requests, they can lodge a complaint with the Data Protection Authority, headquartered in Rome, Piazza Venezia n. 11. Citizens of other EU Member States have the right to contact the supervisory authority of their country.