Updated Privacy Policy February 2026

This Privacy Policy is provided in accordance with Article 13 of the European Regulation No. 679/2016 and applies exclusively to all data collected through the geosnap.ai application. This Privacy Policy is subject to updates that will be published periodically on the application.

This Privacy Policy, along with the Terms and Conditions, any referenced documents, and the Cookie Policy, establish the foundations on which the personal data of the data subject will be processed.

Data Controller

The Data Controller of the data collected by this application is Maind Group S.r.l., located in Nembro (BG), Via Vincenzo Bellini 5, VAT number 04822780161, email info@geosnap.ai.

Personal Data Processed

Personal Data is any information regarding an identified or identifiable natural person, pursuant to Article 4, paragraph 1, No. 1 of Regulation (EU) 2016/679 (GDPR). GeoSnap.ai is intended exclusively for brands and companies and is not intended for use by individuals for personal or consumer purposes.

Categories of Personal Data Processed

In the use of the Application, the Controller processes only common personal data, related to representatives, contacts, or agents of the Client (legal entity), in the following categories:

Identification and contact data

• name and surname of the contact person

• email address

• phone number

Account and authentication data

• login credentials

• account identifier

• information regarding the access and use of the application

  
  

Administrative and billing data

• company name

• billing address

• tax and accounting data

• payment information, managed through external payment service providers

Technical and usage data

• IP address

• access logs

• device and browser data

• information on the use of application features

These data are processed to enable access to the application, service delivery, manage the contractual relationship, and fulfill legal obligations.

Data not processed

• special data referred to in Article 9 GDPR;

• data concerning third parties in relation to the Client;

• data of minors;

The analyses, buyer persona profiles, socio-demographic and behavioral characteristics generated by the application constitute simulated and hypothetical processing, not related to real, identified, or identifiable individuals, and do not constitute personal data processing under GDPR, as clarified in the Terms and Conditions of the Service.

Methods of Processing Personal Data

Personal Data is processed by the Controller in compliance with the principles of lawfulness, fairness, transparency, minimization, and confidentiality, pursuant to Regulation (EU) 2016/679 and applicable data protection legislation. The processing is mainly carried out using IT and telematic tools, with organizational and logical methods strictly related to the purposes indicated in this statement and, in any case, suitable to guarantee the security and confidentiality of Personal Data. The Controller adopts technical and organizational measures appropriate pursuant to Article 32 GDPR, aimed at preventing unauthorized access, disclosure, modification, or destruction of Personal Data, considering the nature of the data processed, the purposes of processing, and associated risks. Processing may be carried out by authorized personnel of the Controller, as well as by third parties expressly appointed Data Processors pursuant to Article 28 GDPR, exclusively for purposes related to the provision of the service and management of the contractual relationship.

Purpose of Processing Personal Data and Legal Basis

Personal Data may be collected directly by the Controller or through third parties acting on its behalf, as Data Processors. The IT systems and software procedures that enable the operation of the application automatically acquire certain Personal Data of a technical-informative nature, whose transmission is implicit in the use of Internet communication protocols. These include, by way of example, IP addresses, the type of browser used, the operating system, domain name, and information relating to the access and use of the application. These data are processed to ensure the correct functioning of the application, system security, abuse prevention, and where possible, for statistical purposes on aggregated or anonymized data. The Personal Data voluntarily provided by the data subject during registration or use of the application is processed in compliance with the legality conditions set out in Article 6 GDPR, exclusively to enable service delivery, manage the contractual relationship, and pursue the purposes indicated in this statement. The data is stored for the time necessary to achieve these purposes and subsequently, in compliance with applicable legal terms.

1) Responding to queries and providing information

Data will be processed to be contacted or to respond to specific requests addressed to the Data Controller by the data subject for communications relating to the services and/or content of the Controller, via email or other communication tools such as phone or WhatsApp Business messaging.

Legal basis: this processing is optional and based on the data subject's consent, however, providing the data is necessary to pursue the indicated purpose.

Data retention period: until the consent is revoked by the data subject.

2) Application registration

The registration process, by creating an account, is aimed at allowing use of the application as a "Registered User." Application registration by creating an account enables the registered user to:

• make quicker purchases by saving billing and shipping data;

• store previous purchases and retrieve the cart in case of disconnection;

• access order history and manage purchase preferences.

Legal basis: execution of a contract or pre-contractual measures (Art. 6.1 letter b GDPR) since account registration and cart management are necessary to allow the user to purchase and use the services offered by the application.

User consent (Art. 6.1 letter a GDPR) for the possible extended storage of access data and purchase preferences. The user can revoke consent at any time by contacting the Controller.

Data retention period: account data will be stored until:

• revocation of consent by the User for the storage of preferences;

• deletion of the account at the User's request;

• 10 years for purchase-related information, in compliance with tax and accounting obligations.

3) Pre-contractual information and compliance

Data will be processed to contact the data subject and respond to their specific requests for information, such as informative communications on products and services offered by the Controller, estimates, and/or pre-contractual assistance for the purchase of products. Contact may occur via email, phone, or form completion on the application.

Legal basis of processing:

• execution of pre-contractual measures at the request of the data subject (Art. 6.1 letter b GDPR) when processing is necessary to respond to requests for information or estimates;

• consent of the data subject (Art. 6.1 letter a GDPR) when data is collected for further commercial contact and/or promotional offers.

Data retention period: data provided for information or estimate requests will be kept for a maximum of 12 months, unless a contractual relationship occurs.

If the data subject has provided consent to be contacted for future offers, the data will be kept until consent is revoked.

4) Processing required within a contract

Data will be processed for the following purposes:

• execution of the contract concluded between the data subject and the Data Controller for the sale of Products/Services present in the application;

• management of the contractual relationship, including communications related to orders, billing, and shipping;

• post-sale assistance, including requests for legal guarantees, withdrawal, and contract termination;

• compliance with legal, administrative, and fiscal obligations arising from the sale of products/services.

Legal basis of processing:

• execution of the contract (Art. 6.1 letter b GDPR);

• legal obligation (Art. 6.1 letter c GDPR).

Data retention period

Personal data processed for contractual and administrative purposes will be kept for the time necessary to execute the contract and, subsequently, for a maximum of 10 years, in accordance with legal obligations in fiscal and accounting matters. Online payments are processed by external payment service providers (e.g. PayPal, Stripe, Shopify Payments). The Data Controller does not directly store credit card or payment data of the data subject, but only receives confirmation of successful payment from the service provider.

5) Compliance with any obligations provided by current laws

Data will be processed to fulfill any type of obligation contemplated and envisaged by current laws, regulations, related rules, commercial uses, and tax/fiscal matters, including for the purposes provided by the regulations on anti-money laundering Legislative Decree 231/2007 and subsequent amendments.

Legal basis: this processing is necessary to fulfill a legal obligation to which the Data Controller is subject.

Data retention period: period indicated by law and, in any case, for a maximum term of 10 years for fulfilling related administrative and fiscal obligations.

6) Soft spam

The Data Controller may send the data subject commercial and promotional communications via email regarding Products/Services similar to those already purchased by the data subject, without the need for prior consent, pursuant to Article 130, paragraph 4, of the Privacy Code, as amended by Legislative Decree 101/2018. The data subject has the right to object at any time to such communications, using the unsubscribe link present in every email received or contacting the Controller at its email address.

Legal basis of processing: processing is based on the Data Controller's legitimate interest (Art. 6, letter f GDPR) to promote products or services similar to those already purchased by users.

Data retention period: data of the data subject will be processed for this purpose until the data subject exercises the right to object.

7) Newsletter

Personal data provided by the data subject will be processed for sending newsletters containing promotional, commercial, and advertising communications, as well as updates on initiatives and events of the Data Controller. For newsletter sending, the Data Controller may process the name and surname (if provided by the user), email address. The Controller may also interact with the emails sent (e.g. opening the newsletter, clicking links), as provided by the tracking systems used by the Controller.

Legal basis of processing: processing is based on the explicit and free consent of the data subject, pursuant to Art. 6, para. 1, letter a GDPR. Newsletter subscription is optional and the lack of data provision does not affect the use of other application services.

Data retention period: data will be processed until consent is revoked by the data subject, who can exercise the right to unsubscribe at any time:

• via the cancellation link at the bottom of each newsletter received;

• via direct request to the Data Controller, by sending a communication to the email address.

The data subject may revoke consent at any time.

8) Statistics

Data will be processed to carry out statistical analysis and market research aimed at understanding user preferences and behaviors to improve the products and services offered, analyze user interaction with the application to optimize navigation and user experience. Analyses will be conducted on aggregated and anonymous data, where possible. If data cannot be fully anonymized, it will be processed pseudonymously and subject to GDPR protections.

Legal basis of processing:

• consent of the data subject (Art. 6, para. 1, letter a GDPR) if data is collected through analysis tools that track user behavior;

• legitimate interest of the Data Controller (Art. 6, para. 1, letter f GDPR) if analyses are conducted only on anonymous and aggregated data.

The data subject can revoke consent at any time and disable tracking via:

• the cookie management banner on the application;

• browser settings, which allow blocking tracking cookies;

• direct request to the Data Controller at the email address.

Data retention period: data will be kept until consent is revoked or for the maximum period set in each analysis tool.

9) Profiling for advertising campaigns

Personal data of the data subject will be processed for the analysis and evaluation of interests, habits, and consumption choices, in order to create personalized profiles based on user preferences, send informational and promotional material on Services/Products offered by the Controller, display personalized advertisements on third-party platforms (e.g. Facebook Ads, Google Ads, email marketing).

Legal basis of processing: processing is based on the explicit and free consent of the data subject, pursuant to Art. 6, para. 1, letter a GDPR. The data subject has the right to revoke consent at any time, without affecting the lawfulness of processing based on consent before revocation.

The data subject can oppose profiling and stop processing via:

• privacy management settings in their account (if available);

• unsubscribe link in each promotional communication received;

• direct request to the Data Controller at the email address.

Data retention period: data of the data subject will be processed until consent is revoked.

Communication of Data

In some cases, Data may be accessible to:

• categories of Personnel specifically trained involved in the organization of the application (administrative, commercial, marketing, legal, system administrators);

• external parties (like third-party technical service providers, hosting providers, IT companies, communication agencies) also appointed as Data Processors by the Data Controller ex Article 28 GDPR;

• public or private parties who may access Data in accordance with legal obligations;

• entities performing accessory and instrumental tasks to the Data Controller's activity.

Data Processing Timelines

As expressly provided by Article 5, co. 1, lett. e) GDPR, Data is stored for the time necessary for processing in relation to the performance of the service requested by the data subject, or requested by the purposes described in this document. At the end of the retention period, Personal Data will be deleted and rights of access, deletion, correction, and portability of Data will no longer be exercisable.

Cookies

This application uses cookies. Cookies are small text files that websites can use to make the experience more efficient for the data subject and to personalize content and advertisements, provide social networking features, and analyze traffic. Cookie Policy

Location of Processing and Data Transfer Abroad

Data is processed at the Data Controller's operational site. For more information, you can contact the Data Controller. Data may be processed by individuals and/or legal entities operating on behalf of the Data Controller and in specific contractual constraints, located in EU or non-EU countries. If Data is transferred outside the EEA, the Controller will adopt all contractual measures suitable to ensure adequate Data protection.

Exercise of the data subject's rights

The data subject has the right to exercise the faculties provided in Articles 7, 15-22 of the European Regulation 679/2016. Specifically, the data subject has the right to revoke his consent at any time and, upon simple request to the Data Controller, can request access to Personal Data, receive the Personal Data provided to the Data Controller and, where possible, transmit them to another Data Controller without hindrance (so-called portability), obtain the update, limitation of processing, correction of Data, and deletion of those processed in violation of current legislation. The data subject has the right, for legitimate reasons, to object to the Processing of Personal Data that concerns him and to Processing for advertising, direct sales, and market research. The data subject also has the right to lodge a complaint with the Privacy Guarantor as a supervisory authority in the matter of personal data protection or to take the appropriate judicial steps. The data subject can exercise his rights by contacting the Data Controller by email at: info@geosnap.ai.

Tools Used for Personal Data Processing

Web Hosting

The GeoSnap.ai application is hosted on cloud infrastructure provided by Netlify Inc., a web hosting and application distribution service that allows deploy, management, and distribution of the application's contents. During use of the application, Netlify may process technical and usage data, such as, by way of example, IP address, access logs, server requests, browser information and device used, in order to ensure the correct functioning, security, stability, and performance of the application.

Legal basis of processing

The processing of technical data is carried out based on the Data Controller's legitimate interest (Art. 6, para. 1, lett. f GDPR) to ensure system security, correct application functioning, and prevention of unauthorized access or abuse.

Location of processing and data transfer

Netlify Inc. is based in the United States and uses a globally distributed infrastructure. Personal data may therefore be subject to transfer to non-EEA countries. Such transfers occur in compliance with Articles 44 et seq. of GDPR, through the adoption of adequate guarantees, such as Standard Contractual Clauses (SCC) approved by the European Commission and/or other compliant transfer instruments.

Retention Period

Technical data and access logs are kept for the time strictly necessary for security, maintenance, and monitoring of the application, according to the hosting provider's policies. Privacy Policy Netlify: https://www.netlify.com/privacy/

Application Infrastructure and Cloud Services

The GeoSnap.ai application is developed on customized software architecture and does not use third-party standard CMS platforms. For the operation of specific technical and application functionalities, the Controller uses cloud computing services provided by Amazon Web Services (AWS), offered by Amazon Web Services, Inc., which allow the provision of computing, storage, network services, and other necessary infrastructure services for the application's operation. Within these services, AWS may process technical and usage data (such as, for example, IP addresses, system logs, server requests, and traffic information) exclusively on behalf of the Controller and according to the instructions provided by the same.

Legal basis of processing

The processing of data is carried out based on the Data Controller's legitimate interest (Art. 6, para. 1, lett. f GDPR) to ensure correct functioning, security, scalability, and reliability of the application.

Location of processing and data transfer

Amazon Web Services, Inc. is based in the United States and operates through globally distributed data centers. Personal data may therefore be subject to transfer to countries outside the European Economic Area. Such transfers occur in compliance with Articles 44 et seq. of GDPR, by adopting adequate guarantees, including Standard Contractual Clauses (SCC) approved by the European Commission.

Retention Period

Technical data processed via AWS services is retained for the time strictly necessary for the application's operation, security, and maintenance, according to the provider's policies and the configurations adopted by the Controller. Privacy Policy AWS: https://aws.amazon.com/privacy/

Database and Backend Services (Supabase)

The GeoSnap.ai application uses Supabase, a backend-as-a-service platform that provides database, authentication, storage, and API management services, offered by Supabase Inc. Supabase is used exclusively for the technical and application management of the data necessary for the application's operation, such as, by way of example: User account and authentication data; application usage data; administrative and technical data connected to service delivery. Supabase processes Personal Data on behalf of the Controller, as a Data Processor pursuant to Article 28 GDPR, according to specific contractual instructions.

Legal basis of processing

The processing of data is carried out based on contract execution (Art. 6, para. 1, lett. b GDPR) and the Data Controller's legitimate interest (Art. 6, para. 1, lett. f GDPR) to ensure the correct functioning, security, and operational continuity of the application.

Location of processing and data transfer

Supabase Inc. is based in the United States. Data may be processed on cloud infrastructure located outside the European Economic Area. Data transfer to non-EEA countries occurs in compliance with Articles 44 et seq. of GDPR, through the adoption of Standard Contractual Clauses (SCC) or other guarantee instruments provided by the current legislation.

Retention Period

Data is kept in the Supabase database for the time necessary to provide the Service and manage the contractual relationship, in compliance with the principles of minimization and storage limitation as per Article 5 GDPR. Privacy Policy Supabase: https://supabase.com/privacy

Contact and Communication Tools (TawkTo)

The GeoSnap.ai application uses TawkTo, an integrated communication tool in the application that allows users to start a direct conversation with the Controller's team via a chat window. The service is used exclusively for managing information requests, assistance, and support related to the use of the application. Conversations are managed directly by human operators and do not involve the use of automated systems or AI-based chatbots. Personal Data eventually provided by the user in the chat (such as, by way of example, name, email address, and message content) are processed exclusively to respond to user requests and provide the requested support.

Legal basis of processing

The processing of data is carried out based on the execution of pre-contractual or contractual measures requested by the data subject (Art. 6, para. 1, lett. b GDPR) and, where applicable, based on the Data Controller's legitimate interest (Art. 6, par. 1, lett. f GDPR) to provide assistance and support to application users.

Location of processing and data transfer

Data processed via TawkTo may be kept on the service provider's servers, including outside the European Economic Area. Any transfers to non-EEA countries occur in compliance with Articles 44 et seq. of GDPR, through the adoption of adequate guarantees, such as Standard Contractual Clauses (SCC).

Retention Period

Conversation data is kept for the time strictly necessary to manage the request and subsequently, according to the service provider's policies and the Controller's organizational needs, in compliance with the principles of minimization and storage limitation. Privacy Policy TawkTo: https://www.tawk.to/privacy-policy/

Email Outreach and Commercial Communications (Lemlist)

The Controller uses Lemlist, an email outreach platform provided by Lemlist SAS, for sending email communications addressed to professional contacts (B2B) to present the service, initiate commercial contacts, or respond to information requests. Communications are addressed exclusively to company representatives and concern services relevant to the recipient's professional activity. Data processed may include, by way of example, name, surname, professional email address, company role, and information about the company. Lemlist may also process technical data related to sending and managing communications if these functionalities are activated by the Controller.

Legal basis of processing

The processing of data is carried out based on the Controller's legitimate interest (Art. 6, para. 1, lett. f GDPR) to establish and develop commercial relations with legal entities and professionals, and where applicable, based on the execution of pre-contractual measures requested by the Interested Party (Art. 6, para. 1, lett. b GDPR). In each communication, the possibility is guaranteed to oppose the receipt of further emails at any time.

Location of processing and data transfer

Lemlist SAS is based in the European Union (France). Data may also be processed via cloud infrastructure located outside the European Economic Area. Any transfers to non-EEA countries occur in compliance with Articles 44 et seq. of GDPR, through the adoption of adequate guarantees, such as Standard Contractual Clauses (SCC).

Retention Period

Personal data processed via Lemlist is kept for the time strictly necessary to pursue contact and commercial relationship purposes, except for opposition by the data subject or additional legal obligations. Privacy Policy Lemlist: https://www.lemlist.com/privacy-policy

Application Registration

Registration to the GeoSnap.ai Application occurs directly via the application itself, without using authentication or third-party login tools (such as, by way of example, social networks or single sign-on services). During registration, the user is only asked for the following Personal Data:

• name and surname of the contact person;

• email address;

• phone number;

• password chosen by the User.

Legal basis of processing

The processing of Personal Data collected during registration is necessary for the execution of pre-contractual and contractual measures requested by the data subject (Art. 6, para. 1, lett. b GDPR), as it is essential for the creation of the Account and provision of the Service. Failure to provide the required data prevents completion of registration and access to the application.

Retention Period

Personal Data related to the Account are kept for the entire duration of the contractual relationship and subsequently for the time necessary to fulfill any legal obligations or until the User requests account deletion, subject to any retention periods required by applicable law.

Statistics

Statistical services allow the Data Controller to exclusively monitor and analyze traffic data and serve to track the data subject's behavior. This application uses the following services:

Google Analytics 4

Google Analytics 4 (GA4), a service provided by Google LLC, collects anonymous statistical information on the use of the application to improve the services offered. Google uses the Personal Data collected to track and examine the use of this application, compile reports on application activities, and share data with other Google services for analysis and optimization. In Google Analytics 4, IP addresses are used only at the time of collection and then deleted before storage.

Legal basis of processing

• consent of the data subject (Art. 6, par. 1, lett. a GDPR) if data is collected through non-anonymized tracking cookies;

• legitimate interest of the Controller (Art. 6, par. 1, lett. f GDPR) if data is collected anonymously and aggregated without identifying the user.

Personal Data Collected

Usage Data (information on user interactions with the application) and Cookies (if enabled).

Data retention period

Data collected via Google Analytics is kept for a maximum period of 14 months, unless otherwise configured by the Controller.

The data subject can deactivate tracking via:

• the cookie management banner on the application;

• the browser add-on for Google Analytics deactivation: https://tools.google.com/dlpage/gaoptout?hl=en.

Processing Location: USA – Ireland. Privacy Policy: https://policies.google.com/privacy?hl=en

Meta Conversion Tracking Pixel (Meta Platforms, Inc.)

This application uses the Facebook Pixel, a conversion tracking service provided by Meta Platforms, Inc., which allows measuring the effectiveness of advertising campaigns carried out via Facebook and Instagram.

Personal Data Collected

Cookies and Tracking Tools and usage data (user interactions with the application and ads).

Legal basis of processing

• explicit consent of the data subject (Art. 6, par. 1, lett. a GDPR) activated only by consent through the cookie banner;

• legitimate interest of the Controller (Art. 6, par. 1, lett. f GDPR) if tracking is limited to anonymous statistical analyses.

Data retention period

Data collected by Facebook Pixel is kept for a maximum period of 180 days, unless otherwise set by Meta.

The data subject can revoke consent and deactivate Facebook Pixel via:

• the cookie management banner on the application;

• the Facebook account settings, in the "Ad Preferences" section;

• Facebook opt-out tool: https://www.facebook.com/settings/?tab=ads.

Processing Location: Ireland - Privacy Policy: https://www.facebook.com/about/privacy/

Remarketing and Retargeting

These services allow this application to communicate, optimize, and serve ads based on past use of this application by the data subject. This activity is carried out through the tracking of Usage Data and use of Cookies or Tracking Tools.

Facebook Remarketing (Meta Platforms, Inc.)

The application uses Facebook Remarketing, a service provided by Meta Platforms, Inc., which connects user activity on the application with Facebook and Instagram advertising network. The application uses Facebook Pixel to display personalized ads, create audience groups, and analyze conversions.

Personal Data Collected

• Cookies and Tracking Tools.

• Usage data (user interactions with the application and advertising).

Legal basis of processing

• explicit consent of the data subject (Art. 6, par. 1, lett. a GDPR) via cookie banner;

• legitimate interest of the Controller (Art. 6, par. 1, lett. f GDPR) if data is collected only anonymously.

Information collected by Facebook Pixel is anonymous for the application Controller, but Facebook can link them to the user's profile and use them for its advertising purposes.

Data retention period

Data collected by Facebook Pixel is kept for up to 180 days, unless otherwise set by Meta.

The data subject can revoke consent and deactivate Remarketing via:

• the cookie management banner on the application;

• Facebook account settings, in the "Ad Preferences" section;

• Facebook opt-out tool: https://www.facebook.com/settings/?tab=ads.

Processing Location: Ireland - Privacy Policy: https://www.facebook.com/about/privacy/

Content on external platforms

These services allow viewing of content hosted on external platforms directly from the application pages and interact with it. If a service of this type is installed, it is possible that even if users do not use the service, the same collects traffic data related to the pages where it is installed.

YouTube

The application incorporates videos via YouTube, a platform owned by Google Ireland Limited, which allows the viewing of content directly within web pages. When a user accesses a page that contains an embedded YouTube video, the service may collect usage data, place cookies, and track activity, even if the video is not actively played.

Legal basis of processing

• consent of the data subject (Art. 6, par. 1, lett. a GDPR), required through the cookie banner for activation of third-party content;

• legitimate interest of the Controller (Art. 6, par. 1, lett. f GDPR), to improve the application's usability and provide multimedia support content.

Data retention period

Cookies and data collected by YouTube may be stored according to Google's policy and YouTube account settings, if present.

Processing Location: Google Ireland Limited, with possible transfer to servers located in the United States. Privacy Policy: https://policies.google.com/privacy

Payment Management

Payment management services allow this application to process payments via credit card, bank transfer, or other instruments. Data used for payment is acquired directly from the requested payment service manager without being in any way processed by this application.

Stripe

Service provided by Stripe Payments Europe, Ltd., to manage electronic payments via credit card, debit, or other digital methods. During the payment procedure, Stripe collects and processes the user's Personal Data, including banking information, card data, email address, billing address, IP address, and device data.

Legal basis of processing

• execution of a contract (Art. 6, par. 1, lett. b GDPR), to process payments requested by the user;

• legal obligation (Art. 6, par. 1, lett. c GDPR), to comply with tax and accounting obligations;

• legitimate interest of the Controller (Art. 6, par. 1, lett. f GDPR), to prevent fraud and ensure the security of online payments.

Data retention period

Payment data is retained by Stripe according to the terms established in its privacy policy. The Controller retains only data necessary for billing and legal compliance for a maximum period of 10 years.

Processing Location: Stripe Payments Europe is based in Ireland, but data may be transferred to Stripe Inc. (USA) and other sub-processors in third countries. Privacy Policy: https://stripe.com/it/privacy

Changes to this Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time, publicizing them to Users on this page. Please consult this page often, referring to the date of last modification indicated at the bottom. In case of non-acceptance of the changes made to this Privacy Policy, the data subject is required to cease using this application and can request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous Privacy Policy will continue to apply to Personal Data collected up to that time. The Data Controller is not responsible for updating all links visible in this Privacy Policy, so whenever a link is not working and/or updated, Users recognize and accept that they must always refer to the document and/or section of the websites referenced by such link.

Privacy Policy updated to February 2026