Skip to Content

Privacy Policy

(pursuant to Articles 13-14 of EU Regulation 2016/679 - GDPR)

This Privacy Policy describes how your personal data is collected, used, and shared when you visit, request assistance, use the tools, or make a purchase on www.keletes.com (the “Site”), when you use the product configurator on third-party websites (the “Configurator”), or when you contact us through other channels, such as WhatsApp, LinkedIn, Instagram, or other social networks (the “Social”).

Our services are intended exclusively for professionals, businesses, and commercial operators (B2B customers). The personal data collected primarily concerns company representatives and contact persons acting on behalf of legal entities.

1. Data Controller

The data controller is:

Keletes S.a.s. di Daniele Draganti & C.

Via Donatori del Sangue, 55
21052 Busto Arsizio (VA) - Italy

Tel: +39 0331 1816157

2. What Personal Data We Collect

2.1 Device Information

When you visit the Site or use the Configurator, we automatically collect certain information from your device, including:
  • IP address
  • Browser type and version
  • Operating system
  • Time zone
  • Web pages viewed
  • Products consulted
  • Websites or search terms that directed you to the Site
  • Interaction methods with the Site (clicks, scrolling, time spent)
This information is collected through:
  • Cookies: data files placed on your device that include a unique anonymous identification code. For more information, see our Cookie Policy.
  • Log files: automatic recordings of actions on the Site (IP address, browser type, internet service provider, referring/exit pages, timestamps).

When you use the Configurator, even on third-party sites, we collect log information about the configuration combinations you generate and the product information requested. This data is collected anonymously and in aggregate form for statistical purposes.

2.2 Contact Information

When you request information through the form on the Site, register, are added as a contact by your company, make a purchase, or contact us via Social, we collect:
  • First and last name of the company representative
  • Business email address
  • Phone number
  • Company name
  • VAT number
  • Tax ID number
  • Registered office and/or operational address
  • Billing and shipping address
  • Recipient code/PEC for electronic invoicing
  • Order information and product preferences
  • Company role of the representative
  • Communication history with us

2.3 Payment Data

For payments, we collect:
  • Bank details (IBAN) for wire transfers
  • Information related to RiBa/SDD (if applicable)
  • Data necessary for issuing electronic invoices
Any payments via credit/debit cards or other electronic payment instruments are processed directly by our PCI-DSS certified payment processors (Stripe/PayPal/Revolut). We do not store complete credit card data on our servers.

2.4 Data Collected Via Social Media

When you contact us via WhatsApp, LinkedIn, Instagram, or other social networks, we collect:
  • Username or profile name
  • Content of exchanged messages
  • Any information you choose to share voluntarily

3. Legal Basis And Purposes of Processing

We process your personal data based on the following legal bases and for the following purposes:

3.1 Contract Performance (Article 6, paragraph 1, letter b GDPR)

  • Processing and fulfillment of orders
  • Providing customer assistance and technical support
  • Managing requests, complaints, and warranties
  • Communications related to your orders

3.2 Legal Obligation (Article 6, paragraph 1, letter c GDPR)

  • Tax and accounting compliance (invoice issuance, mandatory registrations)
  • Compliance with legal obligations in commercial and civil matters
  • Response to requests from competent authorities

3.3 Legitimate Interest (Article 6, paragraph 1, letter f GDPR)

  • Prevention of fraud and security risks
  • Statistical analysis and improvement of the Site and Configurator
  • Defense of our rights in court
  • Management and optimization of business operations

3.4 Consent (Article 6, paragraph 1, letter a GDPR)

  • Sending commercial communications to contacts who are not active customers
  • Use of non-technical cookies (analytics, marketing, profiling)
  • Personalized marketing activities based on your preferences
  • Behavioral advertising

3.5 Legitimate Interest for B2B Marketing

For active customers or those with a pre-existing business relationship with us, we may send commercial communications related to products and services similar to those already purchased, based on legitimate interest (soft spam). You can object to such communications at any time.

Consent can be withdrawn at any time without affecting the lawfulness of processing based on consent given before withdrawal.

4. How We Use Your Personal Data

We use your personal data to:
  • Process and manage orders and commercial contracts
  • Provide customer assistance and technical support
  • Communicate with you regarding orders, requests, or contractual matters
  • Verify the absence of potential risks or fraud
  • Improve and optimize the Site and Configurator through statistical analysis
  • Evaluate the success of advertising and marketing campaigns
  • Send you B2B commercial and promotional information (only with prior consent or based on legitimate interest)
  • Personalize your experience on the Site
  • Fulfill tax and accounting obligations
  • Protect our legal rights
  • Manage the business relationship with your company

4.1 Note On B2B Data Processing

In the context of business-to-business (B2B) relationships, the data of company representatives (name, surname, business email, phone, role) are processed both as:
  • Personal data of the individual (subject to GDPR)
  • Corporate contact data functional to the business relationship

Even in B2B contexts, we fully respect all rights provided by GDPR for natural persons.

5. With Whom We Share Your Data

Your personal data may be communicated or accessible to the following categories of recipients:

5.1 Service Providers (Data Processors)

  • IT and Site hosting service providers
  • Web analytics platforms (Google Analytics)
  • Email marketing and CRM service providers
  • Payment system managers (Stripe/PayPal/Revolut)
  • Customer assistance platforms

5.2 Social Media Platforms

When you contact us via social networks (WhatsApp, LinkedIn, Instagram), data is also processed by Meta Platforms Ireland Limited, Microsoft Ireland Operations Limited, and other platform managers, according to their respective privacy policies.

5.3 Other Parties

  • Consultants and professionals (accountants, legal consultants, auditors)
  • Public authorities and supervisory bodies, upon request and within the limits provided by law
  • Parties who need to access data for purposes auxiliary to the relationship (e.g., banking institutions)

All service providers are appointed as Data Processors pursuant to Article 28 GDPR and process data only according to our documented instructions.

5.4 International Data Transfers

Some service providers (including Google Analytics) may transfer personal data to countries outside the EU, including the United States. Such transfers are made based on:
  • European Commission adequacy decisions (EU-US Data Privacy Framework for certified companies)
  • Standard contractual clauses approved by the European Commission
  • Other appropriate safeguards pursuant to Article 46 GDPR

For more information on Google Analytics: https://www.google.com/intl/en/policies/privacy/

You can opt out of Google Analytics here: https://tools.google.com/dlpage/gaoptout

6. Data Retention Period

We retain your personal data for the time strictly necessary for the purposes for which it was collected:

  • Contractual, billing, and tax data: 10 years from the last transaction (legal obligation)
  • Business contact data for marketing purposes with consent: until consent is withdrawn or for 36 months from the last active contact
  • Data for marketing purposes based on legitimate interest (active customers): 24 months from the last order, subject to objection
  • Analytics cookies: anonymous aggregate data retained for 26 months
  • Security and fraud prevention logs: 12 months
  • Data related to disputes: until resolution of the dispute and prescription terms

After the retention periods expire, data will be deleted or anonymized irreversibly.

7. Your Rights

As a data subject, you have the right to:
  • Access (Article 15 GDPR): obtain confirmation that processing of your personal data is taking place and receive a copy
  • Rectification (Article 16 GDPR): obtain rectification of inaccurate data and completion of incomplete data
  • Erasure (Article 17 GDPR): obtain erasure of your data (“right to be forgotten”), subject to exceptions provided by law
  • Restriction (Article 18 GDPR): obtain restriction of processing in specific cases provided by law
  • Portability (Article 20 GDPR): receive data in a structured, commonly used format and transmit it to another controller
  • Objection (Article 21 GDPR): object to processing based on legitimate interest or for marketing purposes
  • Withdrawal of Consent: withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal
  • Complaint: lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it)
To exercise these rights, you can contact us at:

We will respond to your request within 30 days. In complex cases, the deadline may be extended by an additional 60 days, providing you with prompt notification.

8. Cookies And Similar Technologies

The Site uses technical cookies (necessary for operation) and, with your consent, analytics and marketing cookies. For detailed information, see our Cookie Policy available on the Site.

You can manage your cookie preferences through the banner displayed on first visit or through your browser settings.

You can also opt out of some behavioral advertising services by visiting:

9. “Do Not Track” Signal

We currently do not alter our Site’s data collection methods in the presence of the browser’s Do Not Track signal, as there is no universally recognized standard for this functionality.

10. Data Security

We adopt adequate technical and organizational measures to protect your personal data from unauthorized access, loss, destruction, or alteration, including:
  • Encryption of communications (HTTPS protocol)
  • Authentication and access control systems
  • Regular backup procedures
  • Staff training on data protection
  • Periodic risk assessments

11. Changes To The Privacy Policy

We may periodically update this Privacy Policy to reflect changes to our practices, services offered, or regulatory adjustments.

The updated version will be published on this page with an indication of the “Last updated” date. We encourage you to check it regularly.

In case of substantial changes, we may provide more prominent notice (for example, via email or banner on the Site).

12. Contacts

For any questions, information requests, or to exercise your rights regarding this Privacy Policy, you can contact us at:

Keletes S.a.s. di Daniele Draganti & C.

Via Donatori del Sangue, 55
21052 Busto Arsizio (VA) - Italy

Tel: +39 0331 1816157

Supervisory Authority:
Italian Data Protection Authority (Garante per la Protezione dei Dati Personali)
Piazza Montecitorio, 121, 00186 Rome - Italy

Web: www.garanteprivacy.it

Last updated: 13/12/2025

Version: 1.0