- Why Keyless
- Solutions
- ConsumerImprove user experience while minimizing fraudQuick overview →User EnrollmentSecure Device BindingPasswordless LoginPSD2 SCA & Dynamic LinkingStep Up AuthenticationAccount Recovery
- WorkforceImprove workforce security across any systemQuick overview →Passwordless SSOMulti-Factor AuthenticationRemote AccessShared Device Authentication
- Technology
- Industries
- Resources
- Company
Privacy Policy
This privacy policy illustrates the management of the website https://keyless.io/ (hereinafter, the "Site") with reference to the processing of personal data of users.
This is a general information notice provided in accordance with Article 13 of Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, the "GDPR") to all users who to interact with the services provided through the Site by Keyless Technologies S.r.l., with registered office in Viale Luca Gaurico no. 9-11, Rome, in the capacity of data controller (hereinafter, "Keyless" or the "Controller").
This privacy policy explains the purposes and methods by which the Controller collects and processes your personal data, which categories of data are processed, which are the rights of the data subjects and how they can be exercised.
The processing of users’ personal data will be carried out by means of suitable instruments, whether electronic, paper-based or telematic. Processing activities will be conducted with an approach strictly related to the purposes of this document and, in any case, in such a way as to ensure security and confidentiality of data.
Users are invited to read this policy before providing personal information of any kind through the Site.
- Categories of personal data
- Navigation data
Computer systems and software procedures used to operate this Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.
This information is not collected to be associated with identified data subjects, but due to its very nature could allow users to be identified through processing and association with third party data.
This category of data includes IP addresses or domain names of the devices used by users connecting to the website, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and computer environment of the user.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site.
- Data provided voluntarily by the user
Keyless will acquire some of your personal data you voluntarily provided through the form you reach by clicking on the "Schedule demo" button on the homepage of the Site, i.e., name, surname, email address, job title and company, as well as the subject of the message and any other data that the user will communicate, on their initiative, by means of the contact tools made available on the Site.
- Purposes, legal basis of processing and data retention period
- Enabling navigation on the Site
The data indicated in paragraph 1, letter a) will be processed by the Controller to enable the navigation on the Site and the use of related functions. The provision of such data is necessary for the proper functioning of the Site.
- Providing requested services
The data indicated in paragraph 1, letters b) will be processed by the Controller in order to provide the services or information requested by filling in the contact form. The providing of such data is necessary in order to perform the contractual relationship that will be established with the Controller following the user’s request. The provision of any data not included in those required by the forms on the Site is not, in any event, mandatory.
The processing is necessary to fulfill a request made by the user and, therefore, the legal basis falls under Article 6(1)(b) of the GDPR.
The user’s personal data will be processed only for the time necessary to respond to requests of services or information submitted through the Site.
- Marketing activity
The data indicated in paragraph 1, letters b) will be processed by the Controller in order to send to the user, using the email address provided, commercial communications concerning its products or services.
The processing of personal data carried out for this purpose is based on the legitimate interest pursued by the Controller pursuant to Article 6(1)(f) of the GDPR.
- Categories of subjects to whom personal data can be communicated and purposes of communication
The Controller may communicate, for the same purposes above, some of the users’ personal data to subjects designated and expressly authorised to process such data, in accordance with the provision of Article 29, GDPR.
For the same purposes, the Controller may also communicate some of the users’ personal data to third parties, who will process such data as data processors pursuant to Article 28 of the GDPR (e.g., companies that provide marketing services). The complete list of data processors may be requested from the Controller at any time by writing to gdpr@keyless.io.
Furthermore, the data may be communicated to the competent authorities, in the event of specific requests which the Controller is compelled to fulfil. If applicable, these entities will act as autonomous data controllers.
Personal data will not be disseminated or disclosed under any circumstances.
- Rights of the data subject
In their quality of data subjects and in accordance with current regulations, users have the following rights:
- right of access (Article 15, GDPR): you may request and obtain information about the existence of your data available to the Controller and access to such data;
- right to rectification (Article 16, GDPR): you may request and obtain the amendment and/or correction of your personal data if you believe it is inaccurate or incomplete;
- right to erasure / "Right to be forgotten" (Article 17, GDPR): in certain circumstances, you may request and obtain the erasure of your personal data if it is not necessary – or no longer necessary – for the purposes mentioned above, once the retention period indicated in paragraph 4 has expired;
- right to restriction of processing (Article 18, GDPR): in certain circumstances, you may request and obtain a restriction of the processing activities involving your personal data;
- right to data portability (Article 20, GDPR): in certain circumstances, you may request and obtain the personal data concerning you, in a structured, commonly used, machine-readable format. You may also request and obtain that such data be transmitted to another data controller without hindrance by the Controller;
- right to object (Article 21, GDPR): at any time, you may object to processing of personal data concerning you based on Article (1)(f), GDPR.
Requests to exercise your rights may be addressed to Keyless Technologies S.r.l., with registered office in Viale Luca Gaurico no. 9-11, 00143, Rome or to gdpr@keyless.io, as well as by writing to the Data Protection Officer appointed by Keyless, available at the following email address: dpo@e-lex.it.
We would also like to inform you that, in accordance with the regulations in force, you may lodge any complaints regarding the processing of your personal data with the Italian Data Protection Authority.
PSD2/SCA Compliant
GDPR Compliant
CCPA Compliant
FIDO2 Certified
FIDO Biometrics Certified
ISO 27001 Certified