With this document Comelit Group S.p.A. provides you, in accordance with Articles 13 and 14 of European Regulation no. 2016/679 on the protection of individuals with regard to the processing of personal data (hereinafter, “GDPR”), with certain information relating to the processing of your personal data requested whenever you come into contact with Comelit Group S.p.A. or companies controlled by it in connection with the use of the Comelit website www.comelitgroup.com, the services offered by Comelit and the Comelit applications (hereinafter, only App”).
Our Rules on privacy explain:
– Data collected and purpose.
– Mode of use of said information.
– The options that we offer, including the manner of accessing and updating the information.
2. PROCESSED DATA
2.1 Data necessary for using the website and for using the applications
Personal information is data that can be used to identify or contact a given person, to offer better services to all our customers/users. You might be asked to provide your data whenever you come in contact with Comelit or with a company affiliated to Comelit.
Here are some types of personal data that Comelit might collect, and the respective uses:
Access data collected anonymously
Data supplied voluntarily by the user
If you choose to register and create your own account for using the site and applications connected to Comelit products, we ask you to send and/or supply some personal information with which you can be personally identified, including your name and surname, e-mail address, year of birth, tax code, account name and password, telephone and postal address, which are necessary for the creation and management of the Users/Customers/users master file (hereinafter CRM supported with the PROCAL system). The same data are requested for interventions carried out by the technical assistance centre (SATCO) and by employees providing assistance for the supply of Comelit services. The user is responsible for the exactness of the personal information sent/supplied to Comelit.
In these cases you will be asked for explicit authorisation for the processing of the data supplied (for example on the registration page, on the intervention sheet or at the time of requesting telephone assistance).
The data provided voluntarily also include images and videos collected by our customers using Comelit equipment (i.e. door entry monitors, video surveillance systems) whose images, if the facial recognition service is activated, can be kept in absolutely anonymous form and after converting the images into algorithms that do not allow the reconstruction of the original images. The data extracted from the images can be used to compare other images.
We will use the information you provide about your users to enable your device to perform facial recognition. For this purpose, the user must receive a specific notice on the use of the facial recognition system, if active.
Data on position
When Comelit applications and services are used, we could collect and process information on your position and on the position of your systems. If you activated the geolocalisation services at the time of installing the system or application, and if you expressly consented to the processing of geolocalisation data, the applications, when active, will acquire the data on the geographical position of the Comelit system and/or of your appliance (GPS, Wi-Fi, GSM network).
However, you can decide later to deactivate the geolocalisation services of your appliance by accessing the special sector dedicated to localisation authorisation in the operating system of your device (Android or IOS). From that moment it will no longer be able to collect geolocalisation data for the use of the service.
If you did not activate the geolocalisation services at the time of installation, if you did not consent to the processing of geolocalisation data at the time of registration, or if you decide to deactivate the geolocalisation services, you will not be able to use some functions of the applications.
Information that we collect from third parties
We can also collect information on you from third parties, including information from our partners (external SATCO Technical Support Centres, installers, etc.) and from other partners; from social media services (for example, but without limitation, Facebook, LinkedIn, Instagram) consistently with your settings on said services; and from third party sources. We can add this information to data that we already have in our archives and share it with others based on the policy established in this Note.
The supply of registration data is optional (art. 6 lett. b), e) GDPR), however the failure to supply them may prevent your registration and the use of the functions of the Comelit applications and account, as well as the provision of services (art. 7 GDPR).
The data could be used to ascertain criminal responsibilities, where required by the competent authorities.
3. PURPOSES OF PROCESSING AND LEGAL BASIS
By legal basis of processing we mean the source/origin/justification of processing after consent of the party concerned in accordance with art. 4 of the GDPR.
3.1 I Your data will be processed:
– for the technical management of the Comelit systems and of the applications;
– for the management of your registration;
– to allow you to use the functions of the applications, including the facial recognition service, with which some door entry monitors are equipped;
– to send you news;
– for marketing activity,
– to fulfil the legal obligations to which the Data Controller is subject.
With relation to these purposes, the legal basis of processing is the execution of a contract in which the data subject is a party, the execution of precontractual measures adopted on the request of the same, or the satisfaction of a request of the data subject.
3.2 Comelit Group S.p.A. will process your data, following your specific consent. With relation to these purposes, the legal basis is the consent of the parties concerned.
Consent to the processing of personal data is purely optional, while it remains understood that, in the absence of such consent, you will not be able to use the services and the applications.
3.3 Comelit Group S.p.A. may also use the user’s information (which may include personal data and videos) for the following purposes.
– To provide the motion detection function with push notifications it can use videos in the cloud cache or uploaded by the user to provide the motion detection alarm function to the user with a push notification message. The video in the cloud cache will be saved on the server for no longer than 24 hours.
– To provide remote access to real-time video or video playback in thecloud When the user watches a real-time video or video playback, a p2p channel will be configured to transfer the video stream. If errors occur in the setting of the p2p channel, we can use our server to retransmit the data. All streaming data will not be saved on the server.
– To query the status of the device: to verify that user access is authorized.
– To provide the facial recognition service: if activated by the customer, the facial recognition function for each door entry monitor system detects the image of the caller; this image can be associated on the customer’s device with a name and/or pseudonym and will be converted into an algorithm saved anonymously on a cloud server. After conversion, the image will be permanently deleted. This algorithm will be retrieved by the device used by the customer for comparison with the images of other video calls.
– The personal data that we collect allow us to keep you up to date on the adverts for the latest Comelit products, the software updates and the coming events. If you do not want to be included in our mailing list, you can remove your name at any time.
– We also use personal data to develop, supply and improve our products, services, contents and advertising materials, and to prevent losses and frauds.
– Personal data, including the date of birth, can be used to check the identity, facilitate user identification, and establish which services are appropriate. For example, the date of birth can be used to establish the age of the holders of Comelit ID accounts.
– We can use your personal data periodically to send important notices, such as communications concerning modifications to our terms, as well as to our conditions and policies. Since this information is important for your interaction with Comelit, it is not possible to deactivate the receipt of these communications.
– We can also use personal data for internal purposes, for checks, data analysis and research to improve products, services and communications with Comelit customers/users.
– If you take part in a competition or similar promotions, we can use the data you supply to manage these activities.
In addition, in order to provide our services to the user, it is necessary that the same provides the necessary personal information. If the user does not share his or her personal information with us, we will not be able to provide our products or services. We shall only collect information that is necessary for its specified, legitimate and explicit purposes and the data and information provided will not be processed.
The information collected will be of this type (which may or may not be personal information):
– Information about your device: data about your device’s hardware, performance, status and settings. For example, device name, device ID, device settings, device status (online/offline), IP address, MAC address, Wi-Fi RSSI, router SSID, firmware version.
– Information provided or uploaded by the user: we may collect personal information provided by the user, such as Comelit account details.
– Videos in the cloud cache: during the use of Comelit systems, if the detection function is enabled, when motion is detected we can collect video clips that will be stored in the cloud. By default, each video will be saved as required by law. The user can deactivate this function at any time.
– Local videos: to provide door entry monitor and video surveillance services, we can collect the user’s video information saved in the memory card inserted by the user, or in the internal memory of the device itself, in order to view the history.
The data collected anonymously or that are not in such a form as to allow a direct association with a specific individual, purely as an example the profession, language, postcode, telephone dialling code, the unique identification code of the device, reference ORL, place and time zone in which a Comelit product is used in order to have a better understanding of the conduct of customers/users and to improve our products, services and advertising materials, are collected by us, transferred and disclosed for any purpose.
4. PERIOD OF STORAGE
Your data will be processed for the whole duration of the contract and/or validity of the account and for the period contemplated by the law on taxation. With reference to personal data processed for marketing purposes, they will be kept in accordance with the principle of proportionality and until the purposes of processing have been completed, or until specific consent is withdrawn by the party concerned, if this occurs previously.
The images and videos will be stored for a maximum period of 24 hours.
5. METHODS OF PROCESSING AND THEIR USE
The data will be processed with the following methods, respecting their necessary safety and confidentiality: collection of data from the party concerned, collected and recorded for determined, explicit and legitimate purposes and used in further processing operations in terms compatible with these aims; processing will be carried out with the aid of electronic and automated instruments (data collected via computer, directly from the interested party)
Data processing is based on principles of correctness, lawfulness and transparency in conformity with the provisions of the GDPR; it may be carried out either manually or using automated methods suitable to store them, process them and transmit them and suitable technical and organisational measures will be applied, as reasonable and commensurate with the state of the art, to guarantee, among other thins, the safety, confidentiality, integrity, availability and resilience of the systems and services, avoiding the risk of loss, destruction, unauthorised access or disclosure, or any illegal use, as well as applying reasonable measures to delete or promptly correct any incorrect data with respect to the purposes for which they are processed.
Access to data
Your data can be made accessible for the purposes described in art. 3: (i) to employees and collaborators of Comelit or of companies in the Group in Italy and abroad, in their capacity as appointees and/or internal data supervisors and/or system administrators; (ii) to third party companies or other subjects (for example, banks, professional studios, consultants, insurance companies for the supply of services, etc.) who perform outsourced activities on behalf of Comelit, in their capacity as external data supervisors.
Without the necessity of express consent (pursuant to art. 6 lett. b) and c) GDPR), Comelit may communicate your data for the purposes described in art. 3 to judicial Authorities and to subjects to whom communication is obligatory by law for achieving said purposes. These subjects will process the data in their capacity as autonomous data controllers.
Transfer of data
Your registration data will be stored in your Comelit devices and in the devices that use the applications. Comelit may communicate your data for the purposes described in art. 3 without the necessity of express consent (pursuant to art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR).
Personal data are stored on servers located in the European Union. In any case it remains understood that, where necessary, Comelit, as data controller, shall have the faculty to transfer the servers also outside the EU. In this case, the Controller ensures forthwith that the transfer of data outside the EU will take place in conformity with the applicable provisions of the law, after stipulating the standard contractual clauses envisaged by the European Commission.
6. RECIPIENTS OF THE DATA
6.1 Your data will be processed by the employees and collaborators of Comelit Group S.p.A. who carry out the activities linked to the pursuit of the aims indicated above. Said employees have been designated data processing appointees, and have received adequate operating instructions for the purpose.
6.2 Comelit shares users’ personal data with companies that provide services such as data processing, data storage, clearing of the orders of customers/users, home-delivery of products, management and improvement of the data of customers/users, assistance of customers/users, evaluation of the interest in our products and services, market researches or surveys of user satisfaction. These companies are obliged to protect your data and could be located wherever Comelit operates.
7. YOUR RIGHTS
In relation to the processing of personal data by Comelit, you can request access to the data concerning you, correct or delete them as per art.17 of the GDPR, integrate incomplete data, or limit their processing; you can ask to receive the data in a structured form, commonly used and legible with an automatic device, and, if technically feasible, to transmit them to another data controller without impediments if there are the conditions for exerting the right to portability contemplated in art. 20 of the GDPR (processing is based on consent pursuant to art. 6.1 lett. a) or art. 9.2, lett. a) or on contract pursuant to art. 6.1, lett. b) of the GDPR and is carried out with automated instruments; you can withdraw the consent given at any time for the purposes described above in art. 3 and oppose processing, in whole or in part, in the cases allowed; you can lodge a complaint with the Authority and exert all the other rights recognised by the applicable discipline (art. 16-21 GDPR).
These rights may be exerted by sending a written communication to the address given below or an e-mail to: [email protected], or by using the access tools available in each application.
Comelit or our monitoring services company also uses “web beacons” to collect information about the use of our sites and apps on the websites of published sponsors and sponsors and its use of emails, special promotions or newsletters that we send. Web beacons are small graphic files incorporated in a web page or an e-mail that provide a presence on the web page or via e-mail and return the information to the home server from the user’s browser. The information collected by web beacons allows us to monitor statistically how many people open our e-mails, use our sites and services, the sites and communications of affiliates and sponsors, and the sites of advertisers and for what purposes. Our web beacons are not used to monitor your activity outside our sites or applications or those of our affiliates or sponsors. We do not connect personal information from web beacons to personal information without your consent, save in relation to our marketing activity, promotion or similar initiatives, alone or in collaboration with our commercial partners and affiliates.
We can automatically collect the following categories of information when you visit our website or the applications: (1) IP addresses; (2) domain servers; (3) types of computers that access the website; (4) types of web browsers used to access the website; (5) reference source that might have been sent to the website; and (6) other information associated with the interaction of the browser and of the website and app with the systems installed (collectively “data on the traffic and/or use of the systems”). We do not connect non-personal information from traffic data to personal information without your consent, save in relation to our marketing activity, promotion or similar initiatives, alone or in conjunction with our commercial partners and affiliates.
9. INFORMATION NOT CONTAINED IN THIS POLICY
Further information on the processing of Personal Data may be requested from Comelit at any time, using the contact information.
11. DATA CONTROLLER AND CONTACT DATA
The Data Controller is Comelit Group S.p.A. – Via Don Arrigoni 5 – 24020 Rovetta S. Lorenzo BG Italia e-mail [email protected] .
Latest update: July 2019
Comelit Group S.p.A.