Privacy Policy di koratherapy.com

Provided pursuant to Article 13, paragraph 1, EU REGULATION 679/2016 for the protection of personal data (GDPR)

I.A.C.E.R. S.r.l., in compliance with the provisions of Article 13, paragraph 1, of EU Regulation 679/2016 (hereinafter GDPR), informs users of the web portal https://koratherapy.com/ as “data subjects” of the purposes of the collection and the methods of processing of personal data.

Data Controller

IACER SRL
Via Enzo Ferrari, 2
30037 Scorzè (VE) – Italy
Owner’s email address: iacer@iacer.it

Data Protection Officer - Identity and Contact Details

Please be informed that the Data Controller has designated, pursuant to Art. 37 of the GDPR, a Data Protection Officer who can be contacted via the following channels: email: m.sacheli@fiscleg.it tel.: +39 049 8771611.

Types of Data collected

The computer systems and application procedures used to operate the aforementioned website automatically acquire the following types of data during their normal operation:

  • First name; Last name; Telephone number; Address; Province; Email; City.
  • Browsing data collected during visits to the website, the transmission of which is implicit in the use of Internet communication protocols. For example: IP address of the device connected to the site, type of browser used, name of the Internet service provider (ISP), date and time of visit, the visitor’s originating and exiting web page, etc.;
  • Data collected through cookies during user navigation on the site. For further information on the cookies used by the web portal, please consult the full cookie policy published on this website.

The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through this Website and guarantees that he or she has the right to communicate or disseminate such data, releasing the Data Controller from any liability to third parties.

Purpose of Processing Collected Data

User Data is collected by the Data Controller for the following specific purposes:

  • a) allow navigation of the web portal https://koratherapy.com/
  • b) manage orders placed through the site and access your personal page to check the status of your orders and the documentation relating to your purchases;
  • c) allow for the commercial promotion and illustration of the products and services offered, with the possible transmission of further offers of services or products;
  • d) provide the user with the information and services requested, including following contact established via the switchboard service;
  • e) Viewing and interaction with social networks and external platforms, interaction with data collection platforms and other third parties;
  • f) traffic optimization and distribution;
  • g) tag management;
  • h) obtain anonymous statistical information on the use of the Web Portal or related services, check its correct functioning, carry out monitoring activities to support its security and identify actions aimed at its improvement;
  • i) Mailing list or newsletter: the specific data processing is governed by a specific policy. Please refer to the specific privacy policy on the site;
  • j) general profiling: the data collected by filling out our forms, while browsing the site, or derived from the type of your purchases, may also be used to identify and define your tastes, preferences, habits, needs, and consumer choices;
  • k) fulfill legal obligations, comply with orders from public authorities, and ascertain any liability in the event of hypothetical computer crimes against the site or its users.

Legal basis for processing

The legal bases for processing are those set forth in Article 6, paragraph 1, of the GDPR.

  • a) “consent” relating to the provision of offers for services and products, and profiling activities;
  • b) “performance of a contract to which the data subject is party” or “execution of pre-contractual measures”;
  • c) “necessary for compliance with a legal obligation to which the Data Controller is subject”;
  • f) processing is necessary for the pursuit of the legitimate interests pursued by the Data Controller or by third parties.

The User may refuse consent and may revoke consent already given at any time. However, refusing consent may make it impossible to provide certain services and the browsing experience may be compromised.

How the collected data is processed

The personal data collected is processed in compliance with the principles of lawfulness, fairness, and transparency, as set forth in Article 5 of the GDPR, including with the aid of IT and telematic tools designed to store and manage the data, and, in any case, in a manner that guarantees its security and protects the data subject’s utmost confidentiality.

Communications are sent, in some cases, using the MailChimp platform (MailChimp is an online marketing platform managed by The Rocket Science Group LLC, a company headquartered in the State of Georgia, USA). For the MailChimp privacy policy, please refer to https://mailchimp.com/legal/privacy.

Categories of subjects authorised to process data and to whom the data may be communicated

In addition to the Data Controller, in some cases, users’ personal data will be disclosed and processed, in compliance with applicable legislation, by other parties involved in the organization of this Website:

  • administrative, commercial, marketing, legal, system administrator personnel, or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed as Data Processors or in charge of Data Processing by the Data Controller. The updated list of Data Processors may be requested from the Data Controller at any time;
  • to Public Security Authorities or other public bodies for the purposes of defense, state security and crime detection or to the Judicial Authority in compliance with legal obligations, where there are suspicions of a crime.

The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located.

Except for the aforementioned cases, personal data will not be communicated or disclosed to third parties in any way or for any reason. Finally, personal data will not be transferred to third-party countries or international organizations unless strictly related to specific requests from the user, for which specific consent will be obtained.

Retention period

Depending on the various purposes for which they were collected, the data will be retained for the time required by applicable legislation or for the period strictly necessary to achieve the purposes. Specifically:

  • browsing data will be stored for a maximum of 365 days;
  • the data collected through cookies will be stored for a period of time no longer than that indicated in the extended information;
  • Personal data collected for purposes related to the performance of a contract between the Owner and the User will be retained until the performance of such contract is completed;
  • Personal data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied;
  • with reference to the pursuit of commercial and profiling purposes, the data will be stored for a period of 5 (five) years.

When processing is based on the User’s consent, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. Furthermore, the Data Controller may be required to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period, the Personal Data will be deleted. Therefore, upon expiration of this period, the right to access, erasure, rectification, and the right to data portability can no longer be exercised.

User Rights

We inform you that, as the interested party, you may exercise the rights provided for by the GDPR with respect to all personal data processed, specifically:

  • Right of access to collected and processed data (art. 15);
  • Right to obtain rectification of data (art. 16);
  • Right to obtain the erasure of data and the right to be forgotten (Article 17);
  • Right to obtain restriction of processing (art. 18);
  • Right to data portability to another owner (art. 20);
  • Right to object to processing (Article 21)
  • Right to withdraw consent (where the processing is based on consent), without prejudice to the lawfulness of the processing based on consent before its withdrawal (Article 7);
  • Right to lodge a complaint with the Supervisory Authority (art. 77);
  • Right to lodge a judicial appeal against the Supervisory Authority (Article 78) and against the Data Controller or Processor (Article 79).

To exercise the rights set forth, Users may submit a request to the Data Controller or DPO using the contact details provided in this document. Requests are submitted free of charge and will be processed by the Data Controller as quickly as possible.

Right to complain

Data subjects who believe that the processing of their personal data through this site violates the Regulation have the right to lodge a complaint with the Data Protection Authority, pursuant to Article 77 of the Regulation, or to take appropriate legal action (Article 79 of the Regulation).

Automated processing and profiling

By providing your consent, the data collected may be subject to an automated decision-making process, using a specific algorithm that will decide which communications are best suited to your profile or which may be of greatest interest.

Nothing proposed will be binding on the user.

The interested party has, in any case, the right to obtain human intervention in the decision-making process by the Data Controller, to express his or her opinion, to obtain an explanation of the decision reached and to contest the decision itself.

Cookie Policy

This website uses tracking tools. To learn more, the user can consult the website’s Cookie Policy.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this Website and, where technically and legally feasible, by sending a notification to Users via one of the contact details available to the Data Controller. Therefore, please check this page frequently, referring to the last modification date indicated at the bottom.

If the changes affect processing whose legal basis is consent, the Data Controller will collect the User’s consent again.

Last modified: June 9, 2026