Privacy Policy
Last Updated: March 12, 2026
1 — Introduction & Controller Identity
This Privacy Policy explains how KILO BYTE SERVICE SRL (“KILO BYTE SERVICE SRL”, “we”, “our”, or “us”) collects, uses, and protects your personal data when you visit this website, request information about our educational programs, or communicate with us. We operate in Italy and provide professional education in management, business and financial competencies. We are the Data Controller for personal data processed in connection with our site and services.
Legal entity and address (Data Controller): KILO BYTE SERVICE SRL, CORSO XXII MARZO 8, Porta Vittoria, 20135 Milano, Italy. Contact email: [email protected]. Contact phone: +39 02 3668 5401. If you have questions about this Policy or how we handle your information, please contact us using the details above. We do not process special categories of data on a large scale and therefore have not appointed a Data Protection Officer; privacy enquiries are handled by our leadership team.
2 — Personal Data We Collect
We collect only the data necessary to operate our website, respond to enquiries, and deliver our programs. The categories of data we may process include:
- Identity and contact information: name, business role, email address, telephone number.
- Enrollment details and messages: program interest, learning objectives, availability, free‑text messages you provide in our forms or correspondence.
- Technical data: IP address (anonymized or truncated where feasible), browser type and version, device and operating system details, language, and basic diagnostics captured by our hosting environment for security and reliability.
- Usage data: pages visited, time on page, referring/exit pages, and click paths recorded in aggregate to understand content performance when analytics cookies are allowed.
- Cookies and identifiers: essential cookies for session continuity and consent storage; optional analytics and marketing cookies activated only with your consent (see Section 4).
- Conversion events: timestamps of form submissions and basic status (e.g., delivered, responded) necessary for service provision and audit logs.
We do not intentionally collect special‑category data (such as health, religion, political opinions), financial account numbers, or government identification numbers through our website. Please do not include such information in free‑text fields.
3 — Why We Process & Legal Basis (GDPR Art. 6)
- Responding to enquiries and providing program information: necessary for taking steps at your request prior to entering into a contract (Art. 6(1)(b)) and, where applicable, based on your consent (Art. 6(1)(a)).
- Enrollment administration and learner support: performance of a contract (Art. 6(1)(b)).
- Analytics to improve website content and user experience: consent (Art. 6(1)(a)).
- Marketing, remarketing, and audience measurement: consent (Art. 6(1)(a)).
- Security, fraud prevention, and service integrity (e.g., rate‑limiting, threat detection): our legitimate interests (Art. 6(1)(f)) in maintaining a secure service.
- Legal compliance and record‑keeping (e.g., tax and accounting obligations): legal obligation (Art. 6(1)(c)).
Automated decision‑making (GDPR Art. 22): we do not carry out automated decision‑making or profiling that produces legal or similarly significant effects for individuals.
4 — Cookies & Tracking Technologies
Our site uses cookies and similar technologies to operate effectively, understand usage with your permission, and—if you consent—support marketing measurement. Cookies are small text files stored on your device. Pixel tags and server‑side logging may complement cookie data. You can find details about the cookies we use in our Cookie Policy. Categories we use include:
- Essential (no consent required): supports core functions such as session continuity and remembering your cookie preferences. Examples: _site_session (session continuity), cookie_consent (stores your choices). Lifetimes: session to 12 months.
- Analytics (consent required): aggregated usage measurement to improve content. Example cookies may include _ga and _ga_XXXXXXXXXX (two‑year lifetime) used by modern analytics platforms with IP anonymization and a 14‑month retention setting at account level.
- Marketing (consent required): advertising measurement and remarketing identifiers such as _gcl_au, _fbp, or _fbc, typically retained up to 90 days.
You can manage preferences anytime via the “Manage cookie preferences” link in our footer. Rejecting analytics and marketing cookies will not affect essential features. If you later clear cookies, you may need to set your preferences again.
5 — Consent (EU/EEA including Italy)
Visitors in the EU/EEA, including Italy, receive a consent prompt. Analytics and marketing technologies are activated only after explicit, informed, freely given consent (GDPR Art. 6(1)(a)). We record your selection in the cookie_consent cookie for up to 12 months. You may withdraw consent at any time using the controls in our footer or by clearing cookies; withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
6 — Sharing With Advertising & Service Partners
We share limited personal data with trusted service providers who support our operations under written agreements. These include website hosting and security, email delivery, analytics (when consented), and advertising measurement (when consented). Typical recipients and purposes:
- Analytics platforms (e.g., Google Analytics 4): cookie identifiers, usage and event data for aggregated reporting and site improvement.
- Advertising platforms (e.g., Google Ads, Meta): page views, conversions, hashed identifiers and membership in remarketing lists for measurement and audience targeting where permitted by your consent.
- Content delivery and security services (e.g., Cloudflare or equivalent): IP‑based threat detection and performance optimization.
- Operational tools: email and form processing to deliver requested information and support enrollment.
We do not sell personal data. Providers act as processors or independent controllers depending on their tools and terms. We require appropriate safeguards and prohibit partners from using our site data for their independent commercial purposes unrelated to our services.
7 — International Data Transfers
Some providers may process data outside the EU/EEA (for example, in the United States). Where transfers occur, we rely on recognized safeguards such as participation in the EU‑US Data Privacy Framework (and UK/Swiss extensions where applicable) and, where needed, the European Commission’s Standard Contractual Clauses (2021/914) with supplementary measures. We monitor legal developments and adjust safeguards as required.
8 — Data Retention
- Enquiry and enrollment records: retained for up to 2 years from the last interaction unless a longer period is required by law or necessary to resolve a dispute.
- Analytics data: retained in platform settings for approximately 14 months (when consented).
- Marketing identifiers: retained according to cookie lifetimes (typically up to 90 days) or until you withdraw consent.
- Email correspondence: duration of the active relationship plus up to 1 year for reference and audit.
- Server logs and security events: typically up to 90 days unless needed to investigate incidents.
- Financial and tax records: retained per Italian law, generally 10 years where applicable.
- Consent records: retained up to 3 years for audit purposes.
9 — Your Rights (GDPR)
Subject to conditions under the GDPR, you have the following rights regarding your personal data: access, rectification, erasure, restriction, portability, and objection. You also have the right to withdraw consent at any time where processing is based on consent. To exercise these rights, email [email protected] with a clear description of your request. We may ask for information to verify your identity. We aim to respond within 30 days, extendable by up to 60 days for complex requests.
You may lodge a complaint with the Italian supervisory authority, the Garante per la protezione dei dati personali, or with your local EU authority. We would appreciate the chance to address your concerns first and encourage you to contact us directly.
10 — Children’s Privacy
This website and our professional programs are not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data without appropriate consent, please contact us and we will delete such information promptly.
11 — Do Not Track
Some browsers offer a “Do Not Track” (DNT) signal. Our website does not respond to DNT signals. Our use of analytics and marketing technologies is based on your explicit consent via our cookie preferences panel, regardless of browser DNT settings. Third‑party providers may have their own handling of DNT.
12 — Account & Data Deletion Requests
We do not operate user accounts on this website. If you wish to request deletion of data you previously provided (for example, an enquiry or enrollment record), email us at [email protected] with the subject “Data Deletion Request”. Upon verifying your identity, we will complete the request within 30 days unless a longer period is justified, and we will retain only what is strictly required by applicable law (e.g., invoices and tax records in Italy).
13 — Business Transfers
If we undergo a corporate event such as a merger, acquisition, restructuring, asset sale, financing, or insolvency, personal data may be transferred to a successor entity subject to this Privacy Policy or a materially similar policy. We will provide a notice on our website if material changes to data use occur as a result of such a transaction.
14 — California (CCPA / CPRA)
Although KILO BYTE SERVICE SRL is established in Italy, visitors from California may review the following disclosures. Categories of personal information we may collect in the preceding 12 months include: identifiers (name, email, IP address, device identifiers); internet or network activity (pages viewed, interactions); and inferences (general interests derived from site interactions) for marketing when consented. We do not sell personal information as defined by the CCPA/CPRA, but we may “share” personal information for cross‑context behavioral advertising when you consent to marketing cookies. California residents may request access, deletion, correction, and the right to opt‑out of sale/sharing by emailing [email protected] with the subject “California Privacy Request”. We will not discriminate against individuals who exercise their rights.
15 — Virginia (VCDPA)
For visitors from Virginia, you may have the rights to access, correct, delete, obtain a portable copy of your personal data, and opt out of targeted advertising. We do not sell personal data or engage in profiling that produces legal or similarly significant effects. Submit requests to [email protected] with the subject “Virginia Privacy Request”. If we deny your request, you may submit an appeal within 60 days by replying with “Appeal of Refusal — Privacy Request”.
16 — Nevada
Nevada residents may submit a verified request to opt out of the sale of covered information by emailing [email protected] with the subject “Nevada Do Not Sell Request”. We do not currently sell personal information as defined under Nevada law.
17 — Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. Material changes will be announced via a notice on our homepage at least 14 days before the new version takes effect. Please review this page periodically. The “Last Updated” date at the top indicates the latest revision.
18 — Contact Us
For questions, requests, or complaints about this Privacy Policy or our data practices, contact:
- KILO BYTE SERVICE SRL
- CORSO XXII MARZO 8, Porta Vittoria, 20135 Milano, Italy
- Email: [email protected]
- Phone: +39 02 3668 5401
Supervisory authority: Garante per la protezione dei dati personali (Italy). You have the right to lodge a complaint with the authority, although we encourage you to contact us first so we can try to resolve your concern promptly and fairly.
For more information about cookie usage and controls, please see our Cookie Policy. For terms governing the use of this website and our materials, please see our Terms of Use.