-
- Privacy
- APP Privacy Policy
PRIVACY NOTICE FOR THE PROCESSING OF PERSONAL DATA
(pursuant to Article 13 of the GDPR)
DATA CONTROLLER DETAILS
Company: Koelnmesse S.r.l.
VAT no.: 03630690968
Registered office: V.le Sarca 336/F Edificio Sedici 20126
Koelnmesse S.r.l. (hereinafter, the “Data Controller” or “Koelnmesse”), in its capacity as the data controller (the “Data Controller”), hereby informs you, pursuant to Article 13 of Regulation (EU) No. 2016/679 (hereinafter, “GDPR”), that your personal data will be processed in the manner and for the purposes described below:
1. Processing information
The Data Controller processes the personal data you provide during the use of the “IHF Italy” application (hereinafter, “personal data” or “Data”), as well as usage data indirectly generated through your use of the application.
The “IHF Italy” app can track the user’s device by storing the so-called “universally unique identifier” (UUID) for statistical analysis purposes and to store user preferences. Furthermore, additional device data and technical information about the network used by the user (e.g., IP address) may be processed.
2. Purpose and Legal Basis of the Processing
Your personal data are processed for the following purposes:
a) to allow the user to use the application;
b) to comply with obligations established by law, regulation, European legislation, or an order of an authority;
c) to allow the user to interact with the contents of the application;
d) to obtain statistics and metrics aimed at ensuring the proper functioning of the application;
e) to manage user requests;
f) to exercise the Data Controller’s rights (for example, the right of defense in court).
The legal bases for the above processing activities are as follows:
With regard to purposes a), c), and e), the processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request;
With regard to purpose b), the processing is necessary for compliance with a legal obligation to which the Data Controller is subject;
With regard to purposes d) and f), the legal basis is the Data Controller’s legitimate interest, namely that of monitoring the application’s correct functioning and exercising the Data Controller’s rights, such as the right of defense in court.
Providing data for the above purposes is mandatory. If you fail to provide the data, the Data Controller will be unable to allow you to use the “IHF Italy” application.
3. Retention period
Personal data will be stored for the time necessary to fulfill the purposes indicated in this notice. In accordance with the provisions of the Italian Civil Code, the Data Controller will store a copy of correspondence having legal and commercial relevance for ten years. Your personal data may also be retained for the time necessary to ensure defense in court or to pursue any misuse of this application.
4. Disclosure of data
Your data will not be disseminated but may be made accessible, when necessary for service provision or by law:
to the Data Controller’s employees and collaborators, both in Italy and abroad, in their capacity as individuals authorized to process personal data and/or system administrators;
to third-party companies or other entities that carry out outsourced activities on behalf of the Data Controller, in their capacity as data processors.
The Data Controller may disclose your data for the purposes stated in Article 2 to supervisory bodies, judicial authorities, and public entities to whom data must be disclosed by law, as well as to those entities to whom disclosure is mandatory by law for the aforementioned purposes.
Below is a list of the main processors and sub-processors employed for the proper functioning of the application:
| Data Processor | Reference |
| Amazon Web Services | One Burlington Plaza, Burlington Road, Dublin 4 |
| Corussoft GmbH | Kurfürstendamm 56 · 10707 Berlin |
5. Permissions requested by the Application
To enable you to use the “IHF Italy” app, we request the following permissions:
| Permission | Purpose |
| Push notifications | Allow the user to receive notifications from the app. |
| Camera | Allow the user to take a photo to capture data from a QR code. |
| Photo Gallery | Allow the user to select a photo from their gallery and use it as a profile image. |
| Internet access | Required by the App to download or upload data and information. |
| Access to contacts | Required by the App to save contacts on the device or to send contacts. |
| Access to calendar | Required by the App to save appointments or import them into the calendar. |
| Access to device storage | Required by the App to save exported files on the device or contact lists. |
The app uses so-called “cookies” (hereinafter, “cookies”) to provide the user with an optimal experience.
Cookies are small data files that are stored on your device when you use the app. Upon subsequent launches, your device will send the contents of the cookies back to the relevant provider, thereby allowing the device to be recognized. This makes it possible, for example, to check whether the same device has previously interacted with our services. Only the cookie stored on your device is identified.
You have the option to block, delete, or disable cookies through the functionalities of your browser or device.
Pursuant to Article 6(1)(f) of the GDPR, we have a legitimate interest in using cookies, as they enable us to make our service more user-friendly, efficient, and secure.
Due to cookie technology, we only receive pseudonymized information, such as the pages visited or the products viewed.
6. Data transfer
Personal data are ordinarily stored on servers located within the European Union, belonging to the Data Controller and third-party companies duly appointed as Data Processors.
If necessary, the Data Controller may transfer the user’s data to countries outside the European Union. Data will only be transferred to countries deemed adequate by the European Commission or to companies that comply with the safeguards provided for in Articles 44-50 of the GDPR.
7. Rights of the Data Subject
The Data Subject may exercise, in relation to the Data Processing, the rights provided for by the GDPR (articles 15-22), including:
a) Access rights - receive confirmation that the User’s Data is held by the Data Controller, and access its content;
b) Right of rectification - update, modify and/or correct the User’s Data;
c) Right to be forgotten and right to limitation - request the cancellation of Data and/or limitation of the Data Processing if the User believe that the Data is being processed in ways that do not comply with the present Privacy Notice;
d) Right to object - oppose the processing of the User’s Data;
e) Submit a complaint to the relevant Supervisory Authority - the Guarantor for the protection of Personal Data (accessible on www.garanteprivacy.it) in case of violation of the regulations on the protection of personal data;
f) Right to Data Portability - receive an electronic copy of the Data concerning the User (when such Data has been rendered in the context of the contract) and request that the Data in question be transmitted to another data controller.
8. How to exercise your rights and the Data Controller’s contact details
The Data Controller is:
Koelnmesse S.r.l., with its registered office in V.le Sarca 336/F Edificio Sedici 20126
You may exercise your rights at any time by sending an email to: privacy@koelnmesse.it
9. Contact details of the Data Protection Officer (DPO)
Koelnmesse’s Data Protection Officer (DPO) can be contacted by sending an email to: dpo.koelnmesse@argobs.com
10. Information not contained in this Policy
Further information regarding the processing of personal data may be requested to the Data Controller using the contact information provided in this Privacy Policy.