KAHLBERG Consulting S.r.l. - Società Unipersonale
Piazzale Bacone, 7/A - 20129 Milano (Italia)
Email: info@kahlbergconsulting.com

Kahlberg, for the following purposes is data controller and determines the purposes and means of the processing of personal data:

1. invitation for using the website by European Chemicals Agency for organizations interested in one or more substances;
   • legal ground is the legal obligation set by European Regulation REACH (CE) n.1907/2006;
   • data are retained for 10 years after the last access or after any legal proceedings, according to Italian finance laws and regulations; data may be retainer for a longer time because in backup systems;
2. identification of users and access control;
   • legal ground is the performance of a contract and the need to ensure security to the IT service (this is a legitimate interest pursued by the controller);
   • data are retained for 20 years after the expiration of all identification mechanisms; data may be retainer for a longer time because in backup systems;
3. processing of documents with personal data of users (e.g. name and signature of the author);
   • legal ground is the assurance of the security of documents (this is a legitimate interest pursued by the controller);
   • data are retained for 20 years after the deletion of documents; data may be retainer for a longer time because in backup systems;
4. website management, using cookies (see below);
   • legal ground is the assurance of the quality of the website (this is a legitimate interest pursued by the controller);
   • data are retained in the cookies on user’s PC; cookies are set with expiration after one year.

Cookies are files archived on your browser and set by the visited websites. This site only uses “technical cookies”, needed to improve the quality of the look & feel of our pages. This does not require the consent of the visitors.

All users can stop the use of all or some cookies following some configuration steps for the browser:

• Chrome (https://support.google.com/accounts/answer/61416?hl=en);)
• Firefox Mozilla (https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences);
• Internet explorer and MS Edge (https://support.microsoft.com/en-gb/help/278835/how-to-delete-cookie-files-in-internet-explorer);
• Opera (http://help.opera.com/Windows/10.00/en/cookies.html).

For the above purposes, Kahlberg may transfer personal data to external legal entities or people.

External providers and suppliers agreed, with written contracts, to process data only for the stated purposes and adopt suitable security measures and processing controls.

Personal data may be communicated to authorities or public administration organizations or any other legit organization.

All external subjects ensure, as data processor or controller, their assistance for the fulfillment of the obligations to respond to requests for exercising the data subject's rights and audit right.

Data are not transferred in extra-EEA Countries.

The website is visible from all the world, thus some data, as logs of each document, may be viewed also in extra-EEA Countries.

Data subjects have specific rights. Among them:

• the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data, their rectification and erasure, the restriction of their processing, data portability (i.e. receiving them in a structure accessible with the most common tool); requests will not have any impacts on the provided services;
• the right to revoke the consent, if not against applicable laws or regulations;
• the right to send a complaint to the data controller or the Data protection authority (in Italy it is the Garante per la protezione dei dati personali and its website is www.gpdp.it).

Requests and complaints can be sent to the controller contacts.