Privacy policy
Data Controller
Diana Savino
Via Pasitea, 319
84017 – Positano (SA), Italy
Email address of the Controller: [email protected]
Types of Data Collected
Among the Personal Data collected by this Application, either autonomously or through third parties, there are: Tracking Tools; Usage Data; first name; last name; phone number; email; device information; payment information; Data communicated during the use of the service; various types of Data; unique device identifiers for advertising (such as Google Advertiser ID or IDFA); date of birth.
Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information notices displayed prior to data collection.
Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically during the use of this Application.
Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to provide them, it may be impossible for this Application to provide the Service. In cases where this Application indicates that certain Data are optional, Users are free to refrain from providing such Data without affecting the availability or operation of the Service.
Users who are uncertain about which Data are mandatory are encouraged to contact the Controller.
Any use of Cookies—or other tracking tools—by this Application or by third-party service providers used by this Application, unless otherwise specified, is intended to provide the Service requested by the User, as well as the other purposes described in this document and, if available, in the Cookie Policy.
The User assumes responsibility for third-party Personal Data obtained, published, or shared through this Application and guarantees that they have the right to communicate or disseminate such Data, releasing the Controller from any liability toward third parties.
Methods and Place of Processing the Collected Data
Methods of Processing
The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.
Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Controller, in some cases, other parties involved in the organization of this Application (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, postal carriers, hosting providers, IT companies, communication agencies) may have access to the Data and may be appointed, if necessary, as Data Processors by the Controller. The updated list of Data Processors may always be requested from the Controller.
Legal Basis of Processing
The Controller processes Personal Data relating to the User when one of the following conditions applies:
The User has given consent for one or more specific purposes. Note: in some jurisdictions, the Controller may be allowed to process Personal Data without the User’s consent or without another legal basis listed below, until the User objects (“opt-out”) to such processing. This does not apply when the processing of Personal Data is regulated by European data protection law.
Processing is necessary for the performance of a contract with the User and/or for pre-contractual measures.
Processing is necessary to comply with a legal obligation to which the Controller is subject.
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
Processing is necessary for the purposes of the legitimate interest pursued by the Controller or by a third party.
Users may always request clarification regarding the specific legal basis of each processing activity, and in particular whether the processing is required by law, provided for by a contract, or necessary to conclude a contract.
Place of Processing
Data are processed at the Controller’s operational offices and in any other location where the parties involved in the processing are located. For further information, contact the Controller.
The User’s Personal Data may be transferred to a country different from the one in which the User is located. To obtain further information regarding the place of processing, Users may refer to the section on details of Personal Data processing.
Users have the right to obtain information regarding the legal basis of Data transfers outside the European Union or to an international organization governed by public international law or composed of two or more countries (e.g., the UN), as well as regarding the security measures adopted by the Controller to protect the Data.
Users may verify whether any such transfers occur by examining the relevant sections of this document or by contacting the Controller.
Retention Period
Data are processed and stored for the time required to fulfill the purposes for which they were collected.
Accordingly:
Personal Data collected for purposes related to the performance of a contract between the Controller and the User will be retained until the contract has been fully executed.
Personal Data collected for purposes related to the Controller’s legitimate interests will be retained until such interests are satisfied. Users may obtain further information regarding the legitimate interests pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When processing is based on the User’s consent, the Controller may retain the Data for a longer period until such consent is withdrawn. Furthermore, the Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or upon order of an authority.
At the end of the retention period, Personal Data will be deleted. Therefore, after this period expires, the rights of access, deletion, rectification, and data portability can no longer be exercised.
Purpose of Data Processing
User Data are collected to allow the Controller to provide the Service, comply with legal obligations, respond to requests or legal actions, protect its rights and interests (or those of Users or third parties), detect malicious or fraudulent activities, and for the following purposes: Statistics; Platform and hosting services; Displaying content from external platforms; Registration and authentication; Remarketing and behavioral targeting; Access to third-party accounts; Advertising; Management of data collection and online surveys; Interaction with live chat platforms; A/B testing of content and functionality.
For detailed information on the purposes of processing and the Personal Data processed for each purpose, Users may refer to the section “Details on the Processing of Personal Data”.
Facebook Permissions Required by this Application
This Application may request certain Facebook permissions that allow it to perform actions with the User’s Facebook account and to collect information, including Personal Data, from it. This service allows the Application to connect with the User’s account on the Facebook social network, provided by Facebook Inc.
For further information on the permissions listed below, refer to Facebook’s permissions documentation and Facebook’s privacy policy.
Requested Permissions
Basic Information
Basic information of the User registered on Facebook, typically including the following Data: id, name, picture, gender, language settings and, in some cases, Facebook “Friends”. If the User has made additional Data public, such Data will be available.
Access to Private Data
Allows access to the User’s and their friends’ private data.
Diana Savino
Via Pasitea, 319
84017 – Positano (SA), Italy
Email address of the Controller: [email protected]
Types of Data Collected
Among the Personal Data collected by this Application, either autonomously or through third parties, there are: Tracking Tools; Usage Data; first name; last name; phone number; email; device information; payment information; Data communicated during the use of the service; various types of Data; unique device identifiers for advertising (such as Google Advertiser ID or IDFA); date of birth.
Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information notices displayed prior to data collection.
Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically during the use of this Application.
Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to provide them, it may be impossible for this Application to provide the Service. In cases where this Application indicates that certain Data are optional, Users are free to refrain from providing such Data without affecting the availability or operation of the Service.
Users who are uncertain about which Data are mandatory are encouraged to contact the Controller.
Any use of Cookies—or other tracking tools—by this Application or by third-party service providers used by this Application, unless otherwise specified, is intended to provide the Service requested by the User, as well as the other purposes described in this document and, if available, in the Cookie Policy.
The User assumes responsibility for third-party Personal Data obtained, published, or shared through this Application and guarantees that they have the right to communicate or disseminate such Data, releasing the Controller from any liability toward third parties.
Methods and Place of Processing the Collected Data
Methods of Processing
The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.
Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Controller, in some cases, other parties involved in the organization of this Application (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, postal carriers, hosting providers, IT companies, communication agencies) may have access to the Data and may be appointed, if necessary, as Data Processors by the Controller. The updated list of Data Processors may always be requested from the Controller.
Legal Basis of Processing
The Controller processes Personal Data relating to the User when one of the following conditions applies:
The User has given consent for one or more specific purposes. Note: in some jurisdictions, the Controller may be allowed to process Personal Data without the User’s consent or without another legal basis listed below, until the User objects (“opt-out”) to such processing. This does not apply when the processing of Personal Data is regulated by European data protection law.
Processing is necessary for the performance of a contract with the User and/or for pre-contractual measures.
Processing is necessary to comply with a legal obligation to which the Controller is subject.
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
Processing is necessary for the purposes of the legitimate interest pursued by the Controller or by a third party.
Users may always request clarification regarding the specific legal basis of each processing activity, and in particular whether the processing is required by law, provided for by a contract, or necessary to conclude a contract.
Place of Processing
Data are processed at the Controller’s operational offices and in any other location where the parties involved in the processing are located. For further information, contact the Controller.
The User’s Personal Data may be transferred to a country different from the one in which the User is located. To obtain further information regarding the place of processing, Users may refer to the section on details of Personal Data processing.
Users have the right to obtain information regarding the legal basis of Data transfers outside the European Union or to an international organization governed by public international law or composed of two or more countries (e.g., the UN), as well as regarding the security measures adopted by the Controller to protect the Data.
Users may verify whether any such transfers occur by examining the relevant sections of this document or by contacting the Controller.
Retention Period
Data are processed and stored for the time required to fulfill the purposes for which they were collected.
Accordingly:
Personal Data collected for purposes related to the performance of a contract between the Controller and the User will be retained until the contract has been fully executed.
Personal Data collected for purposes related to the Controller’s legitimate interests will be retained until such interests are satisfied. Users may obtain further information regarding the legitimate interests pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When processing is based on the User’s consent, the Controller may retain the Data for a longer period until such consent is withdrawn. Furthermore, the Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or upon order of an authority.
At the end of the retention period, Personal Data will be deleted. Therefore, after this period expires, the rights of access, deletion, rectification, and data portability can no longer be exercised.
Purpose of Data Processing
User Data are collected to allow the Controller to provide the Service, comply with legal obligations, respond to requests or legal actions, protect its rights and interests (or those of Users or third parties), detect malicious or fraudulent activities, and for the following purposes: Statistics; Platform and hosting services; Displaying content from external platforms; Registration and authentication; Remarketing and behavioral targeting; Access to third-party accounts; Advertising; Management of data collection and online surveys; Interaction with live chat platforms; A/B testing of content and functionality.
For detailed information on the purposes of processing and the Personal Data processed for each purpose, Users may refer to the section “Details on the Processing of Personal Data”.
Facebook Permissions Required by this Application
This Application may request certain Facebook permissions that allow it to perform actions with the User’s Facebook account and to collect information, including Personal Data, from it. This service allows the Application to connect with the User’s account on the Facebook social network, provided by Facebook Inc.
For further information on the permissions listed below, refer to Facebook’s permissions documentation and Facebook’s privacy policy.
Requested Permissions
Basic Information
Basic information of the User registered on Facebook, typically including the following Data: id, name, picture, gender, language settings and, in some cases, Facebook “Friends”. If the User has made additional Data public, such Data will be available.
Access to Private Data
Allows access to the User’s and their friends’ private data.