Privacy Policy
Information pursuant to article 13 and 14 EU
Regulation 2016/679
The modes used to manage the website, regarding processing of site users’ personal data, are described on this page.
N.B.: if the user is under the age of 18 years, a parent or guardian must read the conditions listed here and approve them before starting to use the website and its services.
The information sheet, pursuant to article 13 and 14 of the GDPR, applies only to the herein website and not to other websites that may be consulted by user via links.

The Data Controller
The Data Controller is K-Array S.r.l. which can be contacted using the numbers and addresses provided in this information sheet, where information about the Data Processors appointed by the Data Controller and joint-controllers can be requested.
Joint data controllers are affiliated companies (holding and subsidiary companies) and partners that participate in managing the services provided through the website and in satisfying data subjects’ requests, in addition to providing information and sending commercial communications.

Type of Data processed
After consulting this website, data relating to identified or identifiable persons may be processed.
Browsing data
Information technology systems and software procedures required to operate this website acquire some personal data through normal function, which is implicitly transmitted during use of the Internet communication protocols.
This is not information collected to be associated with identified data subjects, but by its nature could identify the users through processing and associations with data held by third-parties.
IP addresses or domain names of the computers used by users and connecting to the website, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code showing the status of the response provided by the server (successful, error, etc) and other parameters regarding the operational system and the user’s IT environment are included in this category.
These data are used solely to obtain anonymous statistical information about website use and to check correct functioning. The data may be used to ascertain responsibility only in the event of hypothetical cyber crimes against the website and only in this case specific procedures to identify the perpetrator may be activated.
The LEGAL BASIS OF PROCESSING these data is established by the controllers’ legitimate interest in protecting data security and good website operation.
Personal data
All personal data provided by the visitor via the website, for example, by writing to an email address written in the contact area to request information and/or when requesting commercial information and/or registering in a reserved area, etc.
The LEGAL BASIS OF PROCESSING these data comes from the fact that said processing is necessary to meet the data subjects’ requests and/or to fulfill contractual obligations.

Provision of Data
Apart from what is specified for browsing data, the user is free to provide his/her personal data.
as requested during browsing to make requests to the company, to ask for information material or other communications. Not providing the data may mean it is impossible to obtain what has been requested.
Data provided at the user’s discretion
When first accessing the website, an information banner appears for the user that contains the link to this document; interacting with the website is registered (via specific cookie [see below]) with choice to continue browsing.
The optional, explicit and discretionary sending of emails to the addresses provided on this website means the sender’s email address will be acquired - as it is necessary to respond to requests - together with any other personal data included in the letter, and which, unless otherwise duly notified, will be stored for the time required to meet requests.
Please remember that legislation states that specific caution must be taken for certain categories of data (e.g.: personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, membership to a trade union, and processing genetic or biometric data that uniquely identifies an individual, data regarding an individual’s health, sex life or sexual orientation). For this matter, the user is invited to not enter any information that comes under these categories in the first request for contact considering that, without specific consent, it may be impossible to satisfy the data subject’s requests.
If there are pages on the websites set up for particular services on request or through which it is possible to acquire personal data, a link is included that leads to this information document and, if necessary, consent is requested and/or where necessary, specific information on the services available on said pages is provided.

Processing methods and processors
Personal data are processed using automated tools for the time strictly necessary to achieve the purposes for which they were collected. The processing required for this website’s web services is carried out by staff appointed by the Data Controller and by external subjects, appointed as Processors, who have the task of technical management and maintenance of the website and relative IT systems. Specific security measures are observed to prevent data being lost, illegally or incorrectly used and unauthorized access.
No data deriving from the web service is diffused.
Personal data provided by the users who send questions to the company or requests to send information material are used for the sole purpose of carrying out the service requested and are only communicated to third parties if necessary for said purpose.
Processing further to a contact request, registration, or subscription to the newsletter service
Personal data provided spontaneously by the data subject via the contacts area or in the registration area where present, also the possible subscription to the newsletter service:
- are processed with mainly automated tools:
- to ensure a sure, prompt response and to satisfy the data subject’s requests that, if registering or subscribing to the newsletters, he/she has the faculty to interrupt processing at any time;
- fulfill legal, regulatory and EU legislative obligations; fulfillment of judicial authority orders;
- Feed the public knowledge acquisition system that is necessary to check, improve and plan a service that adapts to demand and environmental restrictions
- contact numbers, postal addresses and email addresses provided may be used to send courtesy and/or information material/offer communications regarding products offered and services provided by the Data Controller, of course with the data subject’s consent, also via SMS text or other communication platforms that are accessible via the addresses provided; the data subject will have the right to object to said processing at any time; however, even after providing his/her own consent, the data subject can express his own choices about the channels that can be used to send such communications, with the possibility of entering just one of the requested contacts on the form;
- may be processed by communication and marketing employees, IT system maintenance staff who have the task of guaranteeing system functionality, data security and backup operations, other staff within the limits of their roles and the contents of company procedures and other subjects that provide services to help satisfy the data subject’s requests, within the limits strictly necessary to carry out their own tasks.
- may be communicated or made available:
- to subjects who can access the data due to legal, regulatory or EU legislative provision, within the limits provided for by said legislation;
- to other subjects that provide services for purposes connected with meeting the data subject’s requests, within the limits strictly necessary to carry out said tasks;
- to affiliated companies (including holding and subsidiary companies) for current administrative-accounting purposes connected with satisfying the data subject’s requests
Please remember that filling in the fields marked with an asterisk (*) is mandatory, without this data it will be impossible to meet the requests or respond to the requests of the data subject.

Data storage
The communicated data, unless otherwise duly communicated by the data subject, will be stored for the time required to meet the requests of the data subject and to fulfill legal obligations.
If you register on some website sections or subscribe to some services, the data will be stored until registration is canceled, after which storage will continue only if provided for by legislation and in compliance with administrative documentation storage regulations.
Should the data subject have a contractual relationship with the Data Controller, the data pertinent to the contract will be stored for the duration of the contract, after which storage will continue only if provided for by law and in compliance with administrative documentation storage regulations.
The addresses for which consent was given to send commercial communications will be stored for up to 12 months after the last communication sent or until the data subject withdraws consent.

Rights of data subject
The data subject has the right:
- to ask the data controller to access his/her personal data and to rectify or erase the data or to restrict processing of his/her personal data and to object to them being processed,
- if processing is carried out by automated (computer) means and based on his/her consent, to receive his/her personal data in a structured, commonly-used and machine-readable format and/or have the data sent directly to another data controller, if technically feasible.
- to withdraw his/her consent at any time (without the legality of the processing carried out based on consent prior to withdrawal being affected), naturally for processing carried out based on said consent
- to lodge a claim with a control authority: Garante per la protezione dei dati personali - Piazza di Monte Citorio n. 121 00186 ROME - Fax: (+39) 06.69677.3785 - Telephone switchboard: (+39) 06.696771 - E-mail: garante@gpdp.it - certified email protocollo@pec.gpdp.it
Requests must be sent to the Data Controller:
- by email to: info@k-array.com
- by recorded post to K-ARRAY - Via P. Romagnoli 17, 50038 Scarperia e San Piero (FLORENCE), ITALY;
- by the number (+39) 055 8487222 and stating the nature of the request to the operator, bearing in mind the fact that it will not be possible to respond to requests received by phone wherever the caller’s identity is not certain.

Legal validity
The text in Italian is the reference for correct legal interpretation.
Social Plugins
This website uses “Social Plugins” (hereafter named buttons) from social networks such as Facebook or Youtube. These buttons are deactivated by default, that is they do not send data to the respective social networks without your consent.
Just click on the buttons to activate them. The buttons stays active until it is deactivated again, or if its cookies are deleted. After activation, a direct connection to the respective social network’s server is set up. The content associated with the button is then sent directly by the social networks to your browser and connected by the latter to the web page.
When a button is activated, the respective social network can collected a group of data, regardless of your interaction with the button itself. If you have logged in to a social network, the latter can allocate your visit to this web page to your user profile.
To know the aim and extent of data collected and processed/used by the social networks and third-party websites, which we have no part of, the user can access information sections and privacy policies made available on the social network sites.