Confidentiality and Personal Data Protection Policy

To allow access and use of the services available on the platform, it is necessary to collect and process various types of personal information, divided as follows.

Identifying data and contact information

This category includes data voluntarily provided by the user during profile creation or when filling out information forms, such as full name, date of birth, residential or mailing address, email address, and mobile phone number. This data is essential for identifying the user and enabling operational communications.

Usage and browsing data

The computer systems responsible for the platform's operation acquire, during their normal operation, certain data whose transmission is implicit in the use of Internet communication protocols. This data includes IP addresses, access times, pages visited, time spent on the site, and internal navigation paths.

Device data and technical transactions

Specific information about the type of device used by the user to access the platform is collected, including the operating system, browser type, screen resolution, and data related to technical transactions performed to use the service's functionalities, ensuring traceability and security of operations.

Communications with customer support service

All data, texts, and details shared by the user when sending messages or support requests to the assistance service are stored. This allows for the examination of the history of issues and provides accurate and efficient responses to user requests.

The processing of the user's personal data is carried out exclusively in the presence of at least one of the following legitimate legal conditions:

Execution of a contract to which the user is a party or execution of pre-contractual measures taken at their request.

Compliance with a legal obligation to which the data controller is subject under national regulations.

Pursuit of the legitimate interest of the controller, such as protecting system security, preventing cyber fraud, and continuously improving service performance.

Explicit consent given by the user for specific purposes, such as sending commercial or promotional communications.

The collected data is processed for precise purposes strictly related to the provision of the service:

Technical and administrative management of account registration and user profile.

Monitoring of platform security and prevention of illicit activities, unauthorized access, or fraudulent conduct.

Processing of internal statistics in aggregate form aimed at evaluating service performance and the effectiveness of introduced features.

Provision of timely customer support in case of anomalies or requests for clarification.

Sending of technical updates, security notifications, and information on contractual changes.

Personal data is kept for the time strictly necessary to achieve the purposes for which it was originally collected, or in accordance with what is established by applicable legal terms in Italian territory. Data related to the user account is maintained active for the entire duration of the contractual relationship; following profile closure, certain personal information may be retained exclusively to comply with regulatory or fiscal obligations, or for the protection of the data controller's rights in legal proceedings.

Personal data is not subject to indiscriminate dissemination or sale to external parties. However, it may be communicated to providers of technical and infrastructural services, legal consultants, companies specializing in fraud prevention, or remote assistance system managers, who act as data processors bound by strict confidentiality agreements. Data may also be made available to competent authorities if there is an explicit legal obligation or a formal judicial order.

The management and storage of personal data primarily take place on servers located within the European Union. Should it become necessary to transfer certain data to third countries outside the European Economic Area, the data controller adopts all appropriate legal safeguards, including the Standard Contractual Clauses approved by the European Commission, to ensure that the level of data protection remains equivalent to that guaranteed by European regulations.

Appropriate technical and organizational security measures are applied to safeguard personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access. These protocols include data encryption in transit, the implementation of multi-level authentication systems, and strict control of internal access by authorized personnel. However, it is reminded that no method of transmission over the Internet or electronic storage can be guaranteed 100% secure.

In accordance with applicable legal provisions, users have the right to exercise specific faculties regarding their personal information:

Obtain confirmation of whether or not data concerning them is being processed and access the processed information.

Request the rectification of inaccurate data or the integration of incomplete data.

Obtain the erasure of personal data if they are no longer necessary for the stated purposes or in the absence of a legal basis for processing.

Request the restriction of processing in specific cases provided by law.

Object at any time to the processing of data conducted on the basis of the data controller's legitimate interest or for marketing purposes.

Receive their data in a structured, commonly used, and machine-readable format (data portability).

To submit questions, request clarifications, or exercise the legal rights described above, the user can send a written communication directly to the official contacts:

Support Email: sportuna_support@gmail.com

Office Phone: +39 02 8734 2210

Sede amministrativa: Via Monte Napoleone 8, 20121 Milano, Italia

This policy may be modified over time to adapt to the introduction of new services or changes in industry regulations. Users will be informed of any significant updates through targeted communications within the platform or via email, inviting them to review the updated text.