eliitekey.com

ISTANT DOWNLOAD - customereliite@gmail.com
Log in
Unlock Your Bonus Savings - 5% Off Sitewide!*
Code

5OFF24

Copy Text from Paragraph
*Exclusions apply.

PRIVACY POLICY

In this section, in accordance with the European regulations introduced by the EU Regulation 679/2016 and with Italian legislation (Legislative Decree no. 196/2003), we provide information regarding the processing of personal data of users who visit the pages of the website www.eliitekey.com (hereinafter: “Website”) or make use of the purchasing services provided therein (hereinafter “Users” or “Data Subjects”).

This privacy policy is exclusively for the Website and not for other websites that may be accessed by the user through links on the Website.

Data Controller

The Data Controller of the personal data of the users of the Website www.eliitekey.com is Eliite Key Limited (hereinafter also “Company”), Registration number: [INSERT REGISTRATION NUMBER], located in [INSERT LOCATION], with email address: customereliite@gmail.com.

Email to contact the data controller and request deletion of your data, if collected with your consent: customereliite@gmail.com.

A – Types of Data Processed

Identifying Data In accordance with the European regulations introduced by the EU Regulation 679/2016, browsing the Website and any purchase of products sold on the Website may involve the processing of data capable of directly or indirectly identifying a natural person such as: name, surname, residential address, email address, telephone number, IP address.

The Website does not require the Data Subject to provide so-called “special” data, i.e., according to the GDPR (art. 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data concerning health or sexual life or sexual orientation of the person. In the event that the requested service requires the processing of such data, the Data Subject will receive prior specific information and will be asked to give explicit consent.

Banking Data When purchasing products on the Website, banking data such as credit card number or bank account indicated for payment, cardholder and bank account holder, will also be processed.

Such data may be processed exclusively by third-party companies managing the payment methods used on the site.

Browsing data is data automatically acquired by systems and programs dedicated to the operation of the Website and are necessary for the use of web services [e.g., IP addresses, browser used, domain names of systems used by users to connect to the web portal, URI (Uniform Resource Identifier) addresses of the requested resources, time of the request, method used in submitting the request to the server, size of the file obtained in response, numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment].

Such data is also acquired even without registration on the Website or request for information.

Browsing data is used exclusively in an aggregated manner to generate anonymous statistics on Website usage and to monitor its correct functioning and does not allow identification of the interested users, being also deleted immediately after processing in an anonymous form.

However, it may be used to ascertain responsibility in case of computer crimes committed against the website.

Data Voluntarily Provided by the User Personal data provided voluntarily by the User (such as name, surname, telephone number, email address) for the purpose of sending messages to the Website and/or purchasing the products made available are used solely to respond to the needs of the Data Subject and to comply with legal obligations.

The legal basis for such processing is the performance of services related to the requests made and the purchases made, as well as compliance with legal obligations.

The information that the Website User chooses to make public through the services and tools made available to them are provided knowingly and voluntarily by the User, absolving the Website from any liability regarding any violations of laws.

It is the User’s responsibility to verify that they have permission to enter personal data of third parties or content protected by national and international regulations.

Data Collected through Analytical Cookies The Website also collects data relating to the User through the use of cookies.

For more information on data processed through cookies, on the types of active cookies, and on how to disable them, please refer to the cookie policy.

These cookies are used to track user browsing preferences and for the collection of statistical data. Users can disable these cookies by accessing their browser settings, as indicated in the Website’s cookie policy.

B – Purposes of Processing

The personal data collected is used for:

  • Allowing email delivery of the products purchased by the User;
  • Responding to contact requests sent by the User;
  • Enabling the use of Customer Service by the User;
  • Deriving anonymous statistical information about the use of the web portal;
  • Ensuring the correct functioning of the web portal;
  • Sending communications and newsletters, both in paper and electronic format, to the email address provided by the User: in case the user decides to subscribe to the newsletter of www.eliitekey.com only after any specific consent, personal data will be processed by the Data Controller for sending commercial or promotional communications, updates related, for example, to exclusive offers, special events, and promotions. To unsubscribe from the newsletter, simply click on the unsubscribe link at the bottom of the received emails or write to the address customereliite@gmail.com.
  • Ascertaining liability in case of hypothetical computer crimes against the website;
  • Complying with any other legal obligations not included in the previous purposes.

The communication of data can only be made following a request from the Judicial Authority in accordance with the law.

C – Legal Basis of Processing

The legal basis for the processing of personal data is the performance of services related to the relationship established with the subscription to the Terms and Conditions, the consent of the Data Subject, compliance with legal obligations, and the legitimate interest of the Data Controller to carry out processing necessary for such purposes.

Performance of a Contract The Data Controller processes Personal Data relating to the User when the processing is necessary for the performance of a contract with the User and/or for the performance of pre-contractual measures.

Consent of the Data Subject The optional, explicit, and voluntary sending of emails, messages, or any other type of communications sent to the contacts indicated on this Website entails the subsequent acquisition of the sender’s email address, telephone number, or any other personal data that will be used to respond to requests. This processing is based on the consent of the Data Subject.

It is ensured that such processing will be based on the principles of lawfulness, fairness, transparency, relevance, adequacy, and necessity as per art. 5, paragraph 1 of the GDPR. Specific summary information will be progressively reported or displayed on the pages of the websites prepared for particular services upon request.

III. Compliance with Legal Obligations

The processing of personal data may take place without the consent of the Data Subject in cases where the Data Controller must comply with a legal obligation.

Legitimate Interest of the Data Controller The Data Controller processes Personal Data relating to the User when the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.

Voluntary Provision of Data Apart from what is specified for the performance of the contract or legal obligations, for cookies, and for browsing data, the user is free to provide their personal data or not. However, failure to provide the data may result in the inability to obtain what the service entails.

D – Methods and Duration of Processing

Personal data is processed using computer tools and in accordance with EU Regulation no. 679/2016.

The retention of processed data will last for the time necessary for the purposes described in this privacy policy and, therefore, for the minimum time necessary or until an explicit request from the Data Subject, and in any case in compliance with the time limits imposed by law.

The Data Controller undertakes to adopt all appropriate security measures to prevent the loss and alteration of personal data, as well as any unauthorized and unlawful use of the same.

The data will be processed exclusively by subjects authorized by the Data Controller, including any data processors, representatives, and public bodies for compliance with legal obligations, who carry out their respective processing activities as independent data controllers.

Among the subjects authorized by the Data Controller who may process the data are, by way of example: collaborators of the commercial and legal department, as well as third-party technical service providers, hosting providers, and IT companies (this list is not exhaustive). The processed data will not be disclosed to undetermined recipients.

Among the subjects authorized by the Data Controller who may process the data for profiling purposes are the online marketing platforms “Klaviyo” (https://www.klaviyo.com/legal/privacy-notice) and “Omnisend” (https://www.omnisend.com/privacy/) and “WordPress” (https://wordpress.org/about/privacy).

The security of the information collected cannot be guaranteed against any hacker attacks and, in general, against violations of the security measures implemented for data protection.

However, in case of attacks or violations, they will be communicated to the interested parties and the competent authorities according to the law.

E – Location of Processing

The processing related to the services of the web portal is carried out by identified and specifically appointed personnel for the specific purposes of the requested and subscribed services.

For the processing in question, the Data Controller may use the help of external companies, shipping companies, consultants, consortia, software and service providers operating, through identified and appointed personnel, within the scope of the intended purposes and in such a way as to ensure maximum security and confidentiality of the data. In other cases, the personal data collected will not be disclosed to third parties, except with the express consent of the Data Subject, except in cases where communication to third parties is necessary to comply with obligations imposed by laws, regulations, or measures of control authorities, or is essential to protect the rights of other users or of the website itself.

Personal data will be processed and stored, exclusively for the purposes indicated above and for their safekeeping and archiving, on remote servers managed by leading providers in the industry that ensure compliance with high standards of data protection.

This may involve the transfer of data to non-EU countries, where all or part of the aforementioned servers may be based.

In particular, personal data may be transferred outside the European Union to the company “WordPress” (https://wordpress.org/about/privacy), an e-commerce plugin used by the Website managed by the Data Controller.

The processing and storage of data by the aforementioned provider will be towards a third country “adequate” within the meaning of the decision taken by the European Commission, in particular the decision for the adequacy of the protection provided by the Canadian law on the protection of personal information and electronic documents (Canadian Personal Information Protection and Electronic Documents Act) or Privacy Shield certification (USA), or based on a contractual obligation or standard contractual clauses approved by the European Commission, or on the basis of binding corporate rules approved through the specific procedure referred to in art. 47 GDPR.

For the transfer of data to countries outside the EU, as a rule, it is not necessary to wait for the national authorization of the Guarantor. However, the authorization of the Guarantor will still be necessary if a data controller wishes to use specific contractual clauses, not recognized as adequate through a decision of the European Commission, or administrative agreements entered into between public authorities.

F – Rights of the Data Subjects

In case of processing, the Data Subject can exercise, at any time, the following rights:

  • Obtain confirmation of the existence or not of the same data and, if positive, know their content and origin;
  • Verify its accuracy and request correction of inaccurate data, integration of incomplete data, or updating of obsolete data;
  • Obtain the limitation of processing, where one of the cases provided for in article 18 GDPR occurs;
  • Request the deletion of data processed unlawfully, or if one of the other conditions provided for in article 17, paragraph 1, letters a), b), c), e), and f) GDPR is present;
  • Object in any case, for legitimate reasons, to their processing, or to object to processing in other cases provided for in article 21, paragraphs 2 and 3, and 22 GDPR;
  • Revoke, at any time, their freely given consent to the processing of personal data for the purposes specified below;
  • Obtain the release of personal data subject to processing in a format compatible with standard computer applications, to allow their transfer to other platforms of their choice, without hindrance to direct transmission of the processed data to another Data Controller, where such direct transmission is technically feasible (so-called right to data portability).

Requests relating to the exercise of the aforementioned rights should be addressed to the Data Controller via email (customereliite@gmail.com).

In case of non or partial response from the Data Controller to the above requests, the Data Subject shall have the right to lodge a complaint with the Guarantor for the protection of personal data (www.garanteprivacy.it) or judicial remedy within the terms and according to the methods provided for in articles 77 and following of EU Regulation 2016/679 (GDPR).

G – Updates to the Privacy Policy

Future regulatory updates may lead to changes in the current privacy policy, uploaded to the Website on 20.01.2023.

In case of changes, the Data Controller will notify them on the Website.

Scroll to Top