Our privacy policy

We take your privacy very seriously and are committed to protecting it.

The following is the privacy policy adopted by Spindox Labs. Namely, the information for the processing of personal data, pursuant to and in accordance with Article 13 et seq. of EU Regulation No. 679/2016 of April 27, 2016, (General Data Protection Regulation – GDPR). The aim is to clarify the purposes and methods of processing personal data we collect when you access our website.

Data Controller

The Data Controller is Spindox Labs s.r.l. and can be reached by sending a written communication to Spindox Labs s.r.l., based in Trento, via alla Cascata 56/c, 38123, or by sending an e-mail to the following address: spindoxlabssrl@legalmail.it

Data Protection Officer

The Data Protection Officer of the Spindox Labs s.r.l., appointed by the Data Controller, can be reached via e-mail at the following address: dpo@spindox.it

Purpose and Nature of the Treated Data

Data provided by users

If visitors of the website send their personal data to access certain services of this site, i.e., to make e-mail requests, this will result in the acquisition of such data by Spindox Labs. It will be processed exclusively for the purpose of responding to the query, i.e., for the provision of the service in accordance with this policy and the specific Privacy Information provided when subscribing to individual services.

Possible purposes for processing personal data provided include:

  • Responding to requests for information about services provided by the Controller and/or presenting a commercial offer and/or drafting and managing a contract.
  • Inviting users, including via email, to participate in training courses, conferences, events, and exhibitions organized by the Controller.

Possible personal data processed include:

  • Name and surname
  • Company affiliation
  • Phone number (landline and/or mobile)
  • Email

Navigation data

The IT systems and software procedures responsible for the operation of this website collect, during normal operation, certain data that is implicitly transmitted through the use of Internet communication protocols.

These data are not collected with the intention of associating them with users, but they could allow identification through processing and association with data held by third parties. These data are used solely to obtain anonymous statistical information on the use of the site and to verify its proper functioning. Additionally, in the event of hypothetical computer crimes against the site, the data may be used to ascertain any liability.

Categories of these data include:

  • IP addresses
  • Domain names of computers used by users who connect to the site
  • URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the server’s response (success, error, etc.), and other parameters related to the user’s operating system and IT environment.

The data described above are referred to as technical cookies, and they do not require the user’s consent. For more clarification on the data collected during navigation and the purposes, please refer to the “COOKIE POLICY” section.

Legal Basis for processing

Aside from what is specified for navigation data classified as technical cookies, the personal data indicated on this page are processed by the Controller based on the user’s consent to processing or for fulfilling a contract. Failure to provide such data may only result in the inability to obtain the requested service.

Recipients

The data will be processed exclusively by personnel and collaborators of Spindox Labs and, if necessary, by companies expressly appointed as data processors (e.g., for the technological maintenance of the site). If necessary, a complete list of data processors can be requested by contacting the Data Controller via e-mail.

Personal data provided by users will only be communicated to third parties if the communication is necessary to fulfill the user’s requests, without prejudice to what is provided in specific privacy notices for individual services.

For more information on navigation data, refer to our “COOKIE POLICY” section for details about recipients.

Transfer of Personal Data to non-EU Countries

The processing of personal data takes place at the Data Controller’s headquarters. However, the Controller reserves the right to use cloud services for security purposes. The processing of such data, if transferred outside the EU, is regulated by specific agreements: DPA and SCC, in which security measures and procedures required by the GDPR are defined.

In general, in the case of transfers outside the EU, service providers will be selected from those providing adequate guarantees as specified in Article 46 of the GDPR.

Data Retention Period

The personal data indicated on this page will be retained for no longer than is necessary to achieve the purposes mentioned above.

Rights of the Data Subject

Users may exercise certain rights concerning their personal data processed by the Controller. In particular, the user has the following rights:

  • Access: You can be informed about the processing of your personal data and possibly receive a copy (Article 15 of the EU Regulation).
  • Rectification: You can modify inaccurate data about you (Article 16 of the EU Regulation).
  • Right to be Forgotten: You can request that your data be deleted at any time (Article 17 of the EU Regulation).
  • Restriction: Under certain conditions, you can request that the processing of your personal data be limited. In this case, the Controller will not process the data for any purpose other than storage (Article 18 of the EU Regulation).
  • Data Portability: You can receive your data or have it transferred to another Controller (Article 20 of the EU Regulation).
  • Objection: You can object to the processing of your data when it is based on a legal basis other than consent (Article 21 of the EU Regulation).
  • Automated Processing: You have the right not to be subjected to automated decision-making processes (Article 22 of the EU Regulation).

For further information about the rights of the data subject, please refer to the website www.garanteprivacy.it or request a complete extract of the articles mentioned from the Controller. These rights can be exercised in accordance with the Regulation by:

  • Sending an email to the PEC:

spindoxlabssrl@legalmail.it and/or dpo@spindox.it, to the attention of the Data Protection Officer, or

  • Sending a registered letter to the Controller’s legal office at:

Via alla Cascata 56/c, 38123 Trento.

In compliance with Article 19 of the EU Regulation, Spindox Labs s.r.l. will inform the recipients to whom personal data have been communicated of any rectifications, erasures, or limitations requested, wherever possible.

Pursuant to Article 7 of the EU Regulation, the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complain

If the data subject believes their rights have been violated, they have the right to lodge a complaint with the Data Protection Authority, following the procedures indicated by the Authority at the following web address: www.garanteprivacy.it

Automated Decision-Making Processes

The Controller does not carry out any automated decision-making processes on the personal data processed. The only profiling on this site pertains to navigation data, provided there is explicit consent for profiling and marketing cookies.

For more clarification, refer to the “COOKIE POLICY” section.

Cookie Policy

Spindox Labs s.r.l.’s website use cookies or tags to improve the user experience and make its services simple and efficient for all those who visit the website’s pages.

Cookies are small text files sent from the website to the subject’s computer or smartphone (usually the browser), where they are stored and then sent back to the site the next time the same user visits. A cookie cannot retrieve any other data from the user’s computer or deliver computer viruses. Each cookie is unique to the user’s web browser. Some cookie functions may be delegated to other technologies. In this document, the term “cookies” refers both to proper cookies and to all related technologies.

At any given time, you can change or revoke your consent from the Privacy Policy of our websites, also on the same page you can find out more about who we are, how you can contact us and how we process personal data.

Cookie Lifetime​

Cookies have a lifetime dictated by the expiration date set when they are installed or by a specific action such as closing the browser.

Cookies can be:

  • Temporary or session-based (session cookies): they are used to store temporary information, allowing you to link actions performed during a specific session, and are removed from your computer when you close your browser.
  • Permanent (persistent cookies): these are used to store information, such as the login name and password, so the visitor does not have to type them in each time user visits a specific site. These remain stored on the computer even after closing the browser.

Cookies Classification

Cookies can be broken down into two macro-categories:

  • Necessary cookies are useful for the proper functioning of the site and are essential to allow the user to navigate within it, using all the different functionalities. This type of cookie does not require explicit consent as they are functional for the purpose of a correct fruition of the website.
  • Unnecessary cookies: profiling, statistics, and marketing. They are aimed at monitoring visitor behavior and creating profiles related to the user to send them personalized ads. These require explicit consent from the user.