Privacy Policy - Valuelead

Horace Kidman Srl, as Data Controller (hereinafter “Controller”), considers privacy and personal data protection to be important to its business. For this reason, it processes personal data in accordance with both the Federal Data Protection Act (LPD, June 19, 1992) and the provisions of EU Regulation 679/2016, or GDPR, General Data Protection Regulation (hereinafter “Regulation”). Therefore, before providing any personal data to the Controller, we invite you to carefully read this Privacy Policy, as it contains very useful information on the protection of your personal data.

This Privacy Policy:

is intended for the website www.Valuelead.com (hereinafter “Site”) and applies in all cases where reference is made or linked to this policy;
is an integral part of the Site and the services we offer;
This privacy policy is provided to those who interact with the Site’s web services.
The processing of your personal data will be based on the principles of fairness, lawfulness, transparency, purpose and retention limitation, data minimization and accuracy, integrity and confidentiality, as well as the principle of accountability. Your personal data will therefore be processed in accordance with applicable laws and confidentiality obligations.

We inform you that the personal data processed may consist of—also depending on your decisions on how to use the services—textual information, photographic images, or any other information capable of identifying or making the data subject identifiable, depending on the type of services requested.

1. DATA CONTROLLER
The data controller is Horace Kidman Srl, with registered office at Piazza San Sepolcro, 2
20123 – Milan, MI

2. PERSONAL DATA SUBJECT TO PROCESSING
We inform you that the personal data subject to processing may consist of—also depending on your decisions regarding how to use the services—an identifier such as your name, an identification number, or one or more elements specific to your identity that make the data subject identified or identifiable, depending on the type of services requested (hereinafter “personal data”).
The personal data processed through the Site are the following:
a. Browsing data
During their normal operation, the computer systems and software procedures used to operate the Site acquire certain personal data, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, and the Data Controller will not attempt in any way to link the data contained in its server protocols with individuals who have visited the site. However, such data, through processing and combination with data held by third parties, could by their very nature allow users to be identified. By way of example, this category of data includes the IP addresses or domain names of computers used by users connecting to the Site, URI (Uniform Resource Identifier) sequences of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response, and other parameters relating to the user’s operating system. This data is used solely to obtain anonymous statistical information on the use of the Site, to monitor its proper functioning, identify anomalies and/or abuse, and to better structure the Site itself. The data may be used to ascertain liability in the event of hypothetical cybercrimes against the Site or third parties.
b. Data provided voluntarily by you
Unless otherwise specified, this Privacy Policy also applies to the processing of data voluntarily provided by you via the Site. Specifically, you may provide data by completing the form (hereinafter “form”) to subscribe to the newsletter, request information, services, or products, or by submitting data via email. In this regard, we ask you not to include in the forms on the Site any information that may fall within the special categories of personal data referred to in Article 9 of the Regulation (for example, data relating to your political opinions, religious beliefs, or health).
c. Data of third parties voluntarily provided by you
When using certain services, the personal data of third parties, communicated by you to the Data Controller, may be processed. In these cases, you are the independent data controller, assuming all legal obligations and responsibilities. In this regard, you hereby fully indemnify the Data Controller against any complaints, claims, or requests for compensation for damages arising from processing that may be received from third parties whose personal data have been processed through your use of the Site’s services in violation of applicable data protection laws. In any case, if you provide or otherwise process third-party personal data while using the Site, you hereby guarantee—and assume all related liability—that such processing is based on your prior consent to the processing of the information concerning them.
d. Cookies
Information on the cookies used by the Site is available at the following link.

3. PURPOSE OF THE PROCESSING
Your personal data will be processed, where necessary with your consent, for the following purposes:
3.1. Comply with any obligations under applicable laws, regulations, or EU legislation, as well as respond to requests from authorities;
3.2. Allow navigation of the Site and the provision of the Data Controller’s services, in addition to purposes strictly related and/or instrumental and/or necessary for the fulfillment of contracts entered into with the data subject;
3.3. Respond to specific requests addressed to the Data Controller, in order to provide the information, services, or products requested, as well as respond to messages sent by you;

3.4. Newsletter

You can register on the Site to receive the Data Controller’s newsletter. By registering, you will receive informative and promotional communications regarding the Data Controller’s services, activities, and initiatives. You may withdraw your consent to receiving the newsletter at any time by using the unsubscribe link included in each communication received or by contacting the Data Controller.

To manage subscriptions and send newsletters, we use the Brevo email marketing platform, provided by Sendinblue SAS, with registered office at 17 rue de Salneuve, 75017 Paris, France, appointed as data controller pursuant to Article 28 of the GDPR.

The data provided when subscribing to the newsletter (e.g., email address and any other data entered in the form) are processed through this platform in order to enable the sending of communications. The service also allows us to analyze data relating to interactions with sent communications (such as email openings and link clicks) to evaluate the effectiveness of campaigns and improve communication content.

Further information on the provider’s data processing is available in the privacy policy:
https://www.brevo.com/legal/privacypolicy/

3.5. For statistical purposes, without it being possible to trace your identity.
Your data may be processed using manual, computerized, and electronic means, including automated methods for storing, managing, and transmitting them. This processing will be carried out using appropriate tools, to the extent reasonable and state-of-the-art, to ensure security and confidentiality through the use of appropriate procedures that prevent the risk of loss, unauthorized access, illicit use, and disclosure.
The data is stored in computerized, electronic, and, to a lesser extent, paper archives, fully complying with the security measures required by law.
Specific security measures are implemented to prevent data loss, illicit or incorrect use, and unauthorized access.

3.6 Website Visit Analysis

Our website uses technologies from Dealfront (part of Dealfront Group GmbH) to analyze visitor behavior through the Leadfeeder portal. This process processes a visitor’s IP address. This processing is intended to help us understand which companies (B2B) visit our site by enriching IP addresses with associated information such as the company name or industry code.

To this end, at the start of the visitor’s session, their IP address and corresponding session data are compared with public and proprietary databases that associate IP addresses with business organizations.

The service uses analytics cookies configured as first-party cookies.

Processing occurs exclusively with the user’s prior consent pursuant to Art. 6, paragraph 1, letter a) GDPR, expressed via the cookie banner. To prevent this processing, the user (website visitor) can refuse cookies, install and configure appropriate ad blockers, or use no-script plugins in their browser. The data will be deleted as soon as it is no longer needed for the intended purposes. Legal retention obligations may result in a longer retention period for the data in question. The user can withdraw consent at any time by accessing the consent preferences on the site.
The data is retained for the time strictly necessary for the purposes indicated above, subject to any legal obligations. We have entered into a data processing agreement with Dealfront to ensure compliance with applicable data protection standards.

3.7 – Multi-channel direct marketing

3.7. Sending informational and commercial communications relating to the Data Controller’s services via email and communication tools

3.8 – Profiling and lead scoring

3.8. Conduct profiling activities by analyzing the data subject’s interactions with communications sent (e.g., opening emails, clicking links) as well as with the Website, including by assigning lead scores, in order to personalize commercial communications.

4. LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF PROCESSING
The purpose referred to in Section 3.1 constitutes a legitimate processing of personal data because it is necessary to fulfill a legal obligation to which the data controller is subject. Once personal data has been provided, processing is indeed necessary to fulfill legal obligations to which the data controller is subject.
The legal basis for processing personal data for the purposes referred to in Sections 3.2, 3.3, and 3.4 is the need to perform a contract to which the data subject is a party or to take pre-contractual measures at the data subject’s request, as the processing is necessary for the provision of services. Providing your personal data for these purposes is optional, but failure to do so would make it impossible to activate the requested services. With particular reference to the processing of your data belonging to particular categories (such as, for example, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation), in the unlikely event that you provide us with such data despite our advice to the contrary, the legal basis for such processing is your express consent.
Finally, please note that the processing referred to in section 3.5 is not performed on personal data; therefore, it can be freely performed by the Data Controller. Processing for the purposes referred to in points 3.6 and 3.7 is based on the data subject’s consent, freely given by selecting the appropriate checkboxes. Consent may be revoked at any time.

5. RECIPIENTS OF PERSONAL DATA
Horace Kidman Srl does not sell, rent, or otherwise transmit your personal data to third parties.
Personal data may be shared, for the purposes set out in Section 3 of this Privacy Policy, with:
5.1. Parties who typically act as data processors, namely: i) individuals, companies, or professional firms that provide assistance and advice to the Data Controller in accounting, administrative, legal, tax, and financial matters; ii) parties delegated to perform technical maintenance activities; iii) credit institutions, insurance companies, and brokers; iv) parent, subsidiary, and affiliated companies of the Data Controller, limited to the pursuit of administrative and accounting purposes and/or related to the performance of organizational, commercial, administrative, financial, and accounting activities;
5.2. Parties, entities, or authorities to whom it is mandatory to disclose your personal data pursuant to legal provisions or official orders;
5.3. Persons authorized by the Data Controller to process personal data necessary to carry out activities strictly related to the provision of services, who have committed to confidentiality and adopt GDPR-compliant standards. Companies that provide email marketing and marketing automation services (e.g., Brevo), appointed as data processors pursuant to Article 28 of the GDPR.

6. TRANSFERS OF PERSONAL DATA
Your personal data is processed in the country where the Data Controller is based, as well as in Italy. For greater clarity, the Data Controller also ensures that the processing of your personal data by the Recipients complies with the Regulation.

7. RETENTION OF PERSONAL DATA
Personal data processed for the purposes referred to in Section 3.1 will be retained until the time required by the specific obligation or applicable law.
Personal data processed for the purposes referred to in Sections 3.2, 3.3, and 3.4 will be retained for the time strictly necessary to achieve the aforementioned purposes, in performance of the services requested by you. In any case, since the processing is carried out to provide services, the Data Controller will retain personal data for the period of time required and permitted to fulfill contractual, administrative, tax, or judicial requirements.

8. RIGHTS OF THE DATA SUBJECT
You have:
1) the right of access, i.e., to obtain from the Data Controller confirmation as to whether or not personal data concerning you is being processed, as well as information regarding the purposes and methods of the processing, the recipients of the data, the criteria used to determine the data retention period, the source of the data (if not collected from the data subject), and the existence of an automated decision-making process; the Data Controller shall provide a copy of the personal data undergoing processing;
2) the right to obtain the rectification and completion of incomplete personal data, including by providing a supplementary statement;
3) the right to erasure of data; this right may be subject to limitations if processing is necessary for the establishment, exercise, or defense of legal claims;
4) the right to obtain from the Data Controller restriction of processing;
5) the right to withdraw consent, where previously provided, without affecting the lawfulness of processing based on consent before its withdrawal;
6) the right to object, on legitimate grounds, to the processing of your personal data, including processing for direct marketing purposes;
7) the right to data portability;
8) the right to object to automated decision-making concerning individuals, including profiling;
9) the right to lodge a complaint with a supervisory authority.
If your requests are unfounded or excessive, the Data Controller may charge a fee or refuse to comply with the request.
These rights may be exercised by sending an email to the address provided by the Data Controller.

9. EXISTENCE OF AN AUTOMATED DECISION-MAKING PROCESS
The Data Controller may perform profiling activities using automated tools (e.g., marketing automation and lead scoring systems). Such processing does not produce legal effects or significantly affect the data subject.

10. REPRESENTATIVE OF THE DATA CONTROLLER
In order to provide a contact for all matters relating to processing, the Data Controller has appointed a representative established in the EU pursuant to Art. 27 of Regulation (EU) 2016/679, part of the Legal Affairs Office, who can be reached at privacy@valuelead.com.

11. AMENDMENTS
The Data Controller reserves the right to modify or simply update the content of this Privacy Policy, in part or in full, including due to changes in applicable legislation. The Data Controller will inform you of such changes, and they will be binding as soon as they are published on the Website. The Data Controller therefore invites you to visit this section regularly to review the most recent and updated version of the Privacy Policy, so as to remain up-to-date on the data collected and how the Data Controller uses it.

12. CONTACTS
To exercise the above rights or for any other requests, you can send an email to privacy@valuelead.com.

The service uses analytics cookies configured as first-party cookies.

Processing occurs exclusively with the user’s prior consent pursuant to Art. 6, paragraph 1, letter a) GDPR, expressed via the cookie banner. To prevent this processing, the user (website visitor) can reject cookies, install and configure appropriate ad blockers, or use no-script plugins in their browser. The data will be deleted as soon as it is no longer necessary for the intended purposes. Legal retention obligations may result in a longer retention period for the data in question. You can withdraw your consent at any time by accessing the consent preferences on the site.
The data is retained for the time strictly necessary for the purposes indicated above, subject to any legal obligations. We have entered into a data processing agreement with Dealfront to ensure compliance with applicable data protection standards.

This information may be integrated into company CRM systems for B2B sales management and marketing purposes.