Privacy Policy of Kampaay

The Data Controller of the personal data collected through the Site is Kampaay S.r.l., with registered office atViale Cassala, no. 30, 20143 Milan (MI), VAT no. 11046500960, e-mail address: amministrazione@kampaay.com

Pursuant to article 37 of the GDPR, Kampaay has appointed a Data Protection Officer (also known as “Data Protection Officer” or “DPO”), who can be contacted for specific privacy-related queries at the dedicated e-mail address: dpo@kampaay.com

From the moment you created a Account On Platform on behalf of or in the interest of Customer, are you considered a User and we process your data for the following purposes.

If you have been invited to participate in a Event, we process your data as accountable on behalf of Customer typically for the purposes below. The types of data collected and the purposes depend on the type of Event and from the instructions we receive from Customer.

If you have been chosen as Vendor Of a Event ofthe Customer (e.g. location, catering, transport, etc.), we process your data as titular as specified below.

Your data may be stored, consulted, used, processed and disclosed outside your jurisdiction, including within the European Union, the United States of America or any other country where our Managers and our sub-Managers, or where their servers or cloud computing infrastructures can be hosted. We strive to ensure that the processing of your data by our Recipients (as defined in the tables above) complies with applicable data protection laws, including the Italian laws to which we are subject. Where required by Italian and/or European Union data protection law, transfers of your data to Recipients outside the European Union will be subject to adequate guarantees (such as the standard contractual clauses of the European Union for data transfers between the European Union and countries not belonging to the European Union), and/or to other legal bases according to European Union legislation. For more information on the appropriate guarantees that we have implemented in relation to data transferred to third countries, you can write to: dpo@kampaay.com 

This Information explains and covers the processing operations that we carry out as titular. Some illustrated icons are below Free license or CC BY 4.0 of the University of Maastricht.

The Information does not cover treatments carried out by subjects other than Kampaay and in particular it does not cover treatments carried out by our Business Partners, Customers and Suppliers In the capacity of Holders autonomous, including those carried out by social media platforms within our Pages. In this regard, we do not assume any responsibility for the processing of your data not covered by this Policy.

This Policy is effective as of the date indicated at the beginning of the document. We reserve the right to modify or update this Policy, in whole or in part, at our discretion or as a result of changes in applicable regulations. We will notify you of material changes using your contact details.

Other tracking technologies: pixel tags (trackers used with cookies and embedded in images on web pages to track certain activities, such as displaying Content that may be useful to you, or to see if an e-mail has been read) or Unique Identifiers incorporated into links to promotional communications that send us information when they are clicked.

Authority: refers to a government, whether supranational, federal, state or governmental, prefectural or local, a statutory, administrative or regulatory body, a court, an agency, including law enforcement agencies, or any other authority anywhere in the world (even outside your jurisdiction) whose regulations, directives, notices, resolutions, orders, decrees, injunctions, warrants, subpoenas or judgments are binding on us and require us to disclose your Personal Data. We will not share your data without your consent, unless we have a legal obligation to comply with those regulations.

Browser: refers to programs used to access the Internet (for example, Safari, Chrome, Firefox, etc.).

Combination and/or intersection: this is the set of fully automated and non-automated operations that we have used to create derived data about you. We may also combine and/or cross-reference information from different sources.

Content that may be useful for you: for example, if you search for a certain Event, we can display similar Events on our Pages or through Programmatic Advertising. The personalization of the content can take place through the combination and/or the crossing of data.

Cookie: A cookie is a small text file that is downloaded to your Device (for example, smartphone, computer) when you access our Pages. It allows websites to recognize your Device and to store information about your preferences or past actions (for example, the fact that you visited our Pages, your language and other information). The information collected through cookies may relate to you, your preferences or your Device and is primarily used to make our Pages work as you expect. The information collected through cookies does not usually identify you directly, but it can offer you a more personalized experience on our Pages that you are visiting, as it could be used to record your preferences on the use of cookies (technical cookies), analyze and improve our Services and create new services and features or customize our Services, including Content that may be useful to you.

Aggregate Data: they refer to statistical information about you that does not contain your Personal Data. We use this information to analyze and improve our Services and create new services and functionality and to create statistical reports for Business Partners.

Personal Data: means any information relating to an identified or identifiable natural person, directly or indirectly, as well as any information linked to or reasonably linked to a particular individual or family unit. For example, an email address (if it relates to one or more aspects of a person), IP addresses, and unique Identifiers are considered Personal Data.

Sensitive Data: in general, we mean Personal Data that reveals racial or ethnic origin, political opinions, religious or philosophical convictions, trade union membership and the processing of genetic data, biometric data aimed at uniquely identifying a natural person, data relating to health or data relating to the sexual life or sexual orientation of a natural person. For the purposes of this Policy, we typically mean data on food preferences at Events.

Device: refers to the electronic device (for example, iPhone) that you use to visit our Pages or Apps.

Events: refer to any physical or digital event organized or managed by us as Customer Manager.

Managers: refers to subjects that we commission to process your Personal Data exclusively on behalf and based on written instructions provided by us or to external parties (contractors) to whom we delegate certain processing activities. For example, providers of security systems, accounting, administrative, legal, tax, financial and debt collection consultants, providers of data hosting platforms, etc. Kampaay is also Responsible on behalf of the Customer (Owner) for certain purposes. You can request the disclosure of service providers that process your Personal Data using an easy-to-use web form. hither.

Unique Identifiers: consist of information that can uniquely identify you through your Browser and your Device. On the Browser, the IP address and Cookies are considered unique identifiers, which we use to analyze and improve our Services and to create new services and features, including Content that may be useful to you, are considered unique Identifiers. Please note that for these purposes and in line with the opinions of the European and Italian Authorities, we do not use other Unique Identifiers such as MAC addresses and IMEI, as they are not resettable by you.

IP address: it is a unique number used by your Browser or Device to connect to the Internet. The internet service provider provides this number that allows you to identify the provider and/or the approximate area where you are located. Without this data, you cannot connect to the internet and use our Services or Content that may be useful to you.

Form: any form through which we can directly collect your data (for example, Account registration, memberships and data for Events, etc.)

Pages: includes our website (https://www.kampaay.com) and our social media pages.

Business Partners: these are third-party entities that communicate your Personal Data to us only after having contractually assured us that they have obtained your consent or that they have another legal basis that justifies their communication/sharing of such data with us. This definition includes Users or Customers who suggest referrals but also selected partners with whom we may share aggregated data for business intelligence or partnership purposes.

Personal: our employees and collaborators who have assumed an obligation of confidentiality and comply with specific rules relating to the processing of your Personal Data. This category also includes our system administrators or our service providers who assist us in the management of our computer systems and who therefore can access, modify, suspend and limit the processing of your Personal Data. These people have been previously selected, properly trained and their activities are monitored by systems that they cannot modify.

Programmatic Advertising: these are platforms that share the information collected about you, such as your IP address and data collected by Cookies, and Other Tracking Technologies, with entities that are interested in showing you Content that may be useful to you. In our case, if you view a particular product on our Pages, we will ask the participants in Programmatic Advertising to grant us advertising space on one of the websites you visit, in order to show Content that may be useful to you. In this regard, we would like to reiterate that the communication of your Personal Data to the participants in Programmatic Advertising is based on your prior and specific consent provided on the banner at the time of the first visit to our Pages. If I want to know how you can object to these communications, follow the instructions in the “How you can control your data and manage your choices” section above.

services: collectively, we mean all services/products available and accessible through the Platform. Therefore, those indicated in the Terms and Conditions and their respective annexes are included.

Owner or joint owner (s): refers to the legal person, public authority, service or other entity that, individually or jointly, determines the purposes and means for the processing of your Personal Data. In other cases, you may be preceded by the word 'autonomous' (for example, 'independent controller') to indicate that your Personal Data is being processed by a person other than us.

User: a Visitor who has registered an Account on the Platform by accepting the Terms and Conditions on behalf of or in the interest of a Customer.

Participant: the natural person employee/collaborator or third party invited by the User or Customer to participate in the latter's event.

Customer: the legal entity that has signed Kampaay's Terms and Conditions for the provision of Services.Platform: Kampaay's software as a service for the organization and management of Customer Events to which the User can access. Terms and conditions: the contractual conditions and respective attachments signed by the Customer for the provision of the Services.