INFORMATION FOR THE PROCESSING OF PERSONAL DATA D.L. 1/ 2022
The society Incloodo srl registered office Via Luigi Majno 28, 20129 Milano IT, as the owner of the personal data processing (hereinafter the “Owner”) of the mobile application (hereinafter the “App”), informs you, as the user of the app (hereinafter the “Data Subject”) pursuant to art. 13 of the European regulation n. 2016/679, the General Data Protection Regulation (GDPR).
The Data Controller is aware of the importance of processing the personal data of the interested parties and, for this reason, takes care to indicate which data are processed and how they are processed. Proceeding to use the App or indicating the desire to use the service provided by the same, (hereinafter “Services”) the interested party declares to have read and accepted this information (hereinafter “Information”), thus issuing consent for the processing of personal data by the Data Controller.
For any information, doubt or request relating to this Notice, the Data Controller makes the following email address available to the interested parties:
Description:
Incloodo allows its users to use, within the App, some Services such as:the ability to upload content through the publication of posts, images and videos, texts and comments, the ability to interact with other users through the exchange of information and content, the ability to access specific interest groups and be part of of a growing community.
In order to use the Services, you will be required to register by entering your username and password, contact details such as email address, telephone number, gender and date of birth. You will be given the opportunity to specify and describe three areas of interest that will help the App redirect you to common interest groups.
You will have the opportunity to meet numerous users and enhance your experiences, share them with the platform and expand your knowledge base.
What are your rights in relation to the processing of personal data?
The data subject has the following rights:
- the right to be informed that there is data processing in place concerning him and, if so, to access the personal data processed;
- right to rectify personal data;
- right to cancellation (right to be forgotten) of personal data concerning him;
- right to limit the processing of personal data concerning him;
- right to data portability to receive, or have it transmitted to another Data Controller, personal data concerning him in a structured format, commonly used and readable by an automatic device;
- right to object to the processing of personal data;
- right to withdraw consent previously issued;
- right to complain to the competent authorities for violation of personal data processing.
How to exercise the rights?
The interested party may exercise their rights by writing to the email address indicated above.
The Data Controller does not intend to incur any costs for the Data Subjects to exercise one of their rights, but to do this the Data Controller may request specific information to follow up on the data subject’s communications in relation to the rights.
The aforementioned communications are usually found within 30 days of receipt of the communication itself, but if this deadline cannot be respected (eg due to an excessive load of requests or complexity of the response) it will be the Data Controller’s responsibility to communicate it to the interested party and keep him updated on the developments of the communication sent.
What personal data are processed?
The Data Controller processes the personal data provided to him by both the Data Subject and by third parties to be able to follow up on the Data Subject’s contact requests received through the App.
- Data provided directly by the interested party
| Personal data category | Types of data |
| Identification and contact data | Name, surname, sex, residence / domicile, email address, telephone, contact list from your device. |
| Technical data | Mobile device, |
| Audiovisual data | Image, video, voice recording |
| Professional and study data | Professional experience, study path, CV |
- Data collected by third parties
| Third party source of personal data | Types of data |
| External suppliers | Contact detailsTechnical data |
Aggregated data
The Data Controller may collect, use and share aggregate data, such as statistical or demographic data, for any purpose.
The aggregated data may derive from the personal data of the interested party, but once aggregated they do not constitute personal data pursuant to the GDPR as they are not able to identify the interested party directly or indirectly. However, if the Data Controller combines or connects the aggregated data with the personal data of the Data Subject to allow the identification of the Data Subject, directly or indirectly, the Data Controller will process the resulting data in accordance with the provisions of the Information.
Particular Data
The Data Controller does not process any category of data of the interested party (by particular data we mean data relating to ethnic or racial origin, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, genetic, biometric and health data), as it does not process any data relating to criminal convictions and offenses relating to the interested party.
Why are personal data processed?
The Data Controller processes personal data for the following purposes indicated in the following table.
The GDPR requires that, for each purpose of processing personal data, the Data Controller has a legal basis for carrying out the processing.
The Data Controller may carry out the processing of the personal data of the Data Subjects through the consent of the latter as a legal basis for the processing. The consent can be revoked at any time, but the processing carried out until the consent is revoked cannot be influenced.
Below is a summary table of the finals and their description:
| Purpose | Description | storage |
| Provide the Services | Post common comments of the App, | The content published by users will remain on the platform until the user is registered with the app, if the user closes their account, personal data will be kept for a maximum period of 12 months. |
| Publication of posts with audio, video, and images. | ||
| Receive information. | Until the requested information and any necessary support are obtained. | |
| Geolocation | Publication of contents with references to geographical positions, (latitude, longitude, altitude), map reference of the device and time of registration of the position. | The user independently enables geolocation from their device, and has the option to disable it when not using the app. The data will be kept for a maximum of 18 months. |
| Profiling | Divide users into behavior groups, provide personalized content or advice on interest groups through automated processing. | Time necessary for the purposes for which they are processed and, in any case, not exceeding 12 months. |
| Provide support to Data Subjects | Solve technical problems encountered by the interested parties during navigation, their requests for assistance, improve the Services and the Appe provide the support requested by the interested parties. | The data will be kept until the request for support from the interested parties is processed. |
| Marketing | The Data Controller may send updates, with commercial content, to inform the interested party regarding promotions, discounts, concessions for their business. | The data will be kept for 12 months. |
| Newsletter | The Data Controller may send updates, not of commercial content, to inform the interested party regarding the developments of their business such as agreements with commercial partners and participation in events. | The data will be kept for 24 months. |
| Respect the legal, regulatory and protection obligations of the Controller | The Data Controller may process the personal data of the interested party to comply with legislative and regulatory obligations, as well as to comply with the provisions of the judicial and administrative authorities. Furthermore, the Data Controller may process the data to protect their rights and interests such as, for example, in the case of judicial protection or due diligence in the event of a change in the corporate structure. | Personal data will be kept for the period determined by law, regulation and / or the reference authority. |
What happens if the interested party does not provide the necessary personal data?
If the data are necessary to provide the Services and to provide support to the interested parties, the Data Controller will not be able to provide them and support the interested party in their requests. In this case, the Data Controller may, alternatively, request the integration of personal data or delete the personal data of the interested party, preventing the provision of the Services.
For purposes other than the provision of the Services and from Providing support to the Data Subjects, the provision of data is optional and failure to provide personal data will not affect the aforementioned processing purposes.
To whom is the personal data communicated and disclosed?
- Communication
The personal data of the interested parties may be disclosed to third parties with respect to the Data Controller, as better indicated in the following table:
| Recipients | Purpose of the communication |
| External suppliers | The Data Controller’s suppliers support him in the provision of the Services with, by way of example but not limited to, App development, maintenance, backup, virtual infrastructure. |
| External consultants | In the event of legal obligations or obligations relating to a relationship established with the interested party, the Data Controller may communicate personal data to external consultants, such as, for example, the accountant and the lawyer. |
| Authorities and judicial proceedings | The Data Controller may communicate the personal data of the interested parties to state and / or administrative and / or judicial authorities if this is mandatory based on the law, regulations, or provisions of the authorities or to defend one’s right and / or interests. |
- Diffusion
The personal data of the interested parties will not be disclosed.
Where do we store personal data?
The owner keeps the personal data in paper archives within the headquarters of the Data Controller, as well as computer archives located both within the European Union and outside if this is instrumental to the pursuit of the purposes. In the latter case, the Data Controller ensures that companies not having offices within the European Union are treating personal data with the utmost confidentiality in compliance with the adequacy decisions of the European Commission, any Privacy Shield or, if necessary, entering into agreements. that guarantee an adequate level of protection.
How are personal data processed?
The Data Controller processes the personal data of the interested parties by adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification and destruction.
The data processing is performed through IT procedures, telematic means and, residually, on paper supports by specifically authorized internal subjects as well as by external managers if appointed, and this also on the basis of the contractual agreements in place.
What is the children’s data processing policy?
The Data Controller is aware of the sensitivity of the data processing of minors. In particular, the Services do not want to be provided to children under the age of 14 and the Data Controller does not voluntarily process the data of children under the age of 14: in this sense, the interested parties are requested not to request the provision of the Services if the age is less than 14 years.
The Data Controller encourages those who exercise parental responsibility on minors under 14 to check that they do not request the provision of the Services and, in any case, to educate minors under 14 not to release their personal data through the App.
If the Data Controller becomes aware that some personal data refer to minors under the age of 14, the Data Controller will take steps to delete the personal data.
What happens if there are links to other websites?
The Data Controller informs the interested parties that this information applies only to APE, if there are links to other websites, the interested party must check the information of these sites before releasing their personal data.
The Data Controller does not take any responsibility for the personal data provided by the Data Subjects on other websites.
Changes to the Policy
The Owner reserves the right to modify this Information at any time. In the event of changes, the Data Controller will upload the new information to this page and, in this sense, if it urges the interested party to check the changes to the Information: the interested party will be able to see the information history by checking the date.
By continuing to use the App following the changes, the interested party accepts these changes and agrees to the data processing as modified.
English 
German