:contentReference[oaicite:0]{index=0}

Privacy notice on data processing

(ex article 13 of EU Regulation 2016/679)

Deltatre S.p.A., as Data Controller, processes personal data in compliance with the general principles and special provisions of EU Regulation 2016/679: in compliance with the provisions of article 13 of the aforementioned legislation, we inform you of the following characteristics of the processing, as well as the rights that the law guarantees you.

Personal data subject to processing

The Data Controller may collect and process the following personal data:

  • Personal information of the Data Subject (e.g., name, surname, date of birth, and gender).
  • Contact details (e.g., email address and telephone number).
  • Profile icon or image for profile completion.
  • Browsing data.

Purposes pursued in the processing and legal bases

The Data Controller collects and processes the personal information of the Data Subject for the following purposes:

  • To allow the Data Subject to register on the platform and use the services.
  • To assign personal authentication credentials to the Data Subject, enabling access to the reserved area.
  • To manage any issues related to access to the reserved area (e.g., password reset).
  • To provide assistance and support to the Data Subject.

The Data Controller also processes the identification and contact information of the Data Subject for purposes of commercial communication regarding the services offered. The legal basis for this processing is the consent of the Data Subject.

The legal basis for other processing activities is the performance of contractual obligations between the Parties.

Methods of processing personal data and retention periods

The personal data of data subjects is processed electronically (e.g. through the use of databases, application software). The Data Controller retains the personal information of data subjects as long as needed to meet the purposes for which they were collected and in compliance to the Law.

Internal and external scope of communication of personal data

The personal data may be disclosed to employees of the Controller who need to know it in order to manage the platform, with particular reference to administrative, IT and marketing staff. Our employees have been trained and instructed in the legal requirements for protecting personal information.

The Data Controller shares the personal data of data subjects with certain suppliers who assist the Controller in the management of the platform: if the supplier becomes aware of the data, he shall do so in compliance with the legislation in force on data protection, and with the instructions given by the Controller in the relevant deeds of appointment as External Data Processor. The Data Controller does not disclose personal information to other third parties without the consent of the data subjects, unless required to do so by law or by an Authority (e.g. where it is necessary for reasons of national security, public interest).

Transfer of data outside the EEA

Your data will not be transferred outside the European Economic Area.

The Data Subject’s Rights and How to Exercise Them

The European Regulation on the protection of personal data (Regulation (EU) 2016/679) guarantees you, as a data subject, specific rights. For each processing activity, you may exercise the following rights:

  • Right of access: you have the right to obtain a copy of the personal data held by us and undergoing processing.
  • Right to rectification: you have the right to have your personal data stored by the Data Controller corrected or updated if they are inaccurate or out of date.
  • Right to object to decisions based solely on automated processing: you may request not to be subject to decisions based solely on automated processing, including profiling activities.
  • Right to lodge a complaint with the Data Protection Authority: you have the right to contact the competent Data Protection Authority if you have concerns regarding the processing of your personal data carried out by the Data Controller.

You may also exercise the following rights where certain conditions apply:

  • Right to erasure: you may request that the Data Controller delete your personal data where the purposes of the processing have ceased and there are no overriding legitimate interests or legal obligations requiring their continued processing.
  • Right to object to processing: you may request that the Data Controller cease a specific processing activity involving your personal data.
  • Right to restriction of processing: you have the right to request that the Data Controller restrict the processing operations carried out on your personal data.
  • Right to data portability: you have the right to obtain a copy of your data in a structured, commonly used, and machine-readable format and to transmit such data to another Data Controller.

The data subject may – without any particular formality – exercise their rights by contacting Deltatre S.p.A., with registered office at Via Francesco Millio 41, 10141 Turin (Italy), Tax Code and VAT No. 09489350018, reachable by email at privacy@deltatre.com or by certified email (PEC) at deltatre@pec.pecdeltatre.com. The Data Controller will provide a response to the data subject within the time limits set by law.