Complexity Intelligence LLC recognizes the value of your data and your privacy. For
this reason, it is constantly
committed to their protection and defense, always offering maximum security and
In this regard, it adheres with satisfaction to the EU's data protection law, also
known as GDPR (General Data Protection Regulation),
and undertakes to take all necessary measures to ensure the compliance of its platform
and of its product / service portfolio with
What is the GDPR ?
The GDPR, which stands for General Data Protection Regulation, is a European Regulation
which will supersede the Data Protection
Directive 95/46/EC and which will be applied from 25 May 2018.
What are its goals?
- strengthen the security and protection of personal data in the EU;
- harmonize data protection law across the EU;
- guarantee the same level of data protection and security either across all the EU Member
States and across all third countries,
outside the Union, where EU citizens' personal data are transferred, in order to
allow their free and safe movement.
What is "Personal Data" ?
Personal Data refers to any information elating to an identified or identifiable natural
person (Data Subject), providing details on
his physical and psychological characteristics, on his political, religious opinions,
preferences, hobbies, passions, on his
relationships, on his economic and financial situation ...
Personal data can be classified into:
- Identification data: any data relating the natural person identification like name and surname, telephone
number, date of birth,
residential address, credit card number ... Although some of this data, taken individually
(e.g. date of birth, address, name and surname),
does not uniquely allow the identification of the natural person, however, their
combination can help achieve this goal.
- Special categories of personal data: any sensitive data revealing racial or ethnic origin, political opinions, religious
philosophical beliefs, or trade union membership, genetic data, biometric data,
data concerning health or data concerning a natural
person’s sex life or sexual orientation. ue to the particular nature of these data, their processing
is allowed only with the explicit
consent of the data subject, with the exception of the cases listed under Article
- Judicial data: any data that may disclose that a natural person is the subject of judicial measures
the law. Therefore, their
processing must be under the control of the public authority.
Personal data processing principles
The processing of personal data must be based on the principles of lawfulness, fairness
- LAWFULNESS: the processing is lawful if the natural person has given his consent to the processing
of his personal data for one or
more purposes; if the processing is necessary for the performance of a contract; if
the processing is necessary for compliance with a
legal obligation; if the processing is necessary in order to protect the vital interests;
if the processing is necessary for the
performance of a task carried out in the public interest; if the processing is necessary
for the purposes of the legitimate interests.
(looking at Article 6 GDPR).
- FAIRNESS: in cases where explicit consent is required for data processing, the consent must
be demonstrable, discernible if given
for more purposes, freely given, revocable at any time.
- TRANSPARENCY: any information, communications and methods relating to the processing of personal
data must be provided in a
concise, accessible, unambiguous and easy to understand, using a plain and clear
Who are "Data Subject"," Data Controller" and "Data Processor" ?
- Data Subject : any living individual identified and identifiable through his / her personal data;
- Data Controller : natural person, legal entity (companies, associations ...), authority that determines
the purposes for
which and the manner in which any personal data are, or are to be, processed.
- Data Processor : natural person, legal entity (companies, associations ...), authority authorized
by the Data Controller to
process, on their behalf, the personal data of the data subject.
What are we doing to keep your data secure and safe ?
As an ICT company, Complexity Intelligence LLC, through its DataKnowl platform and
through the development of new products / services,
manages your data with high security. DataKnowl platform is designed according to
the highest safety standards, adopting all the
technological tools and operating procedures to ensure maximum safety, according
to the "by design and by default" philosophy.
We have identified the following areas on which we will focus:
1. ACCESS CONTROL: access to the data is allowed only to staff or automated systems authorized and
exclusively for work-related
purposes. The persons authorized to access the data are bound by contract to the
utmost secrecy and confidentiality.
2. DATA PROCESSING AND STORAGE: data are kept for a limited period of time strictly necessary for the purpose of
and / or for the provision of the service, unless a longer time is established by
legal obligations. The data are stored in data
centers with the following certifications: ISO 27001, PCI DSS 3.2, ISO 27017, ISO
3. DATA DELETION: upon request, and if there are no legal obligations for the conservation, it is
possible to proceed with the cancellation
of the data according to the procedures established by the GDPR.
4. ENCRYPTION: the user access to DataKnowl platform through the secure protocol HTTPS. The data
in transit between the user's browser
and the servers are therefore encrypted. Complexity Intelligence LLC uses cryptographic
hash functions to protect access data. In the
event of a security breach, the original password can’t be recovered from our servers. We
use the EU-US Privacy Shield Framework
(EU-US Privacy Shield). We adhere to the principles of privacy protection, regarding
the collection, use and storage of personal data
transferred from the EU to the US.
5. AUDIT & LOG: Complexity Intelligence LLC uses logging solutions, monitoring and continuous auditing
of all the components
of the DataKnowl platform, in order to guarantee maximum safety and efficiency. Through
these tools and operating procedures,
Complexity Intelligence LLC is able to detect anomalous activities, up to any unauthorized
access to data ("data breach"). In this event,
Complexity Intelligence LLC will promptly notify you according to the procedures
and timings defined in the GDPR.
This document is the result of a free interpretation of the rules set out in the GDPR.
The contents of this page do not constitute a legal opinion. Subsequent modifications
and additions are not excluded.