Privacy policy

About this document

This document has been written in English and Italian (by a native Italian speaker), these two languages ​​are the only ones for which slamin.it can be held responsible.

Any translation of this Privacy policy is to be considered a community effort to make information accessible in other languages, and therefore must be taken in these terms, with no other value than informational.

Definitions used in this document

GDPR:

General Data Protection Regulation, EU 2016/679

Data:

according to GDPR, data is all information that can be used to identify a person, either directly (name, phone number, IP address, etc.) or indirectly (any combination of the above in addition to biometric device parameters, cookies, etc.). In the specific context of use on our platform, they are the minimum information necessary for the system to function. Any accessory information is superfluous, therefore not acquired by the system;

Services:

the set of platform functionalities managed by slamin.it, and the exchange of information between them;

User or you:

any person or external entity that accesses or uses the services offered by slamin.it;

Slam in, slamin.it or we:

Slam In It OU and anyone who works or offers voluntary labor on its behalf;

Platform:

the set of services offered by slamin.it

Credentials:

the set of login data created and used by the user to access our services;

Attacks:

any attempt at computer access to the services provided

Data protected by this Policy

This policy applies to all services offered by slamin.it and all its subdomains. It does not extend to other domains or external services accessible from the platform. These services may use protocols that, to function, require data exchange: this exchange is not covered by this policy.

It is important to note that data exchange with external services is a user choice (see 1. What data do we collect?) and is configurable by users through the settings of the services themselves, including the choice of which data to share and with whom.

1. What data do we collect?

If a person or organization decides to use our services, the following data will be necessary (and will be kept by slamin.it):

• a valid and active email address: necessary for account creation on the platform. The address will be necessary for data and password recovery, for this reason it is archived and managed by slamin.it, only for internal and management use;
• a password: necessary to identify and certify the user, so that they can access the platform and use it.

Any additional data, including payment data, that a user chooses to enter and/or share on the platform, are optional, consensual and are not used for profiling or other purposes (read on for any clarification on this aspect)

1.1 What do we do with the data?

The use of data is solely for the operation of the platform.

We keep track of the activities carried out by users during the use of the platform, purely for internal statistical/playful purposes (useful parameters for gamification), for continuous system diagnosis, to keep the platform safe from intrusions and to monitor the health of the software.

1.2 How do we store data?

To protect your data we use the following security measures:

• we rely on data encryption on Hetzner hard disks, to prevent data leaks in case of theft, seizure or manipulation of servers;
• we provide and require SSL/TLS encryption on all "user-server" and "server-server" communications;
• we use "end-to-end" and/or "server-side" encryption when available from services that allow it, to provide maximum security to users.

1.3 How do we backup your data?

To attempt data recovery in case of disasters or problems, we create backups on remote servers managed by Hetzner. Backups are daily and are kept active for a period of 7 days.

2. What we do NOT do with your data!

• NON collect any other data that is not needed to offer our services;
• NON process or analyze in any way your behaviors or your characteristics for profiling you or the use you make of our services; NON do advertising, NON host advertising and NON have, or want to have, relationships with entities that deal with advertising;
• NON transfer or sell your data to anyone;
• NON share your data with third parties except in case of identification for payments or other external services that require its use;
• NON request additional information that is not necessary for the operation of services (if requested, it could be a fraud attempt, we recommend contacting us or otherwise verifying the authenticity of the request);
• NON read or process, manually or automatically, data and files entered on the platform except for reasons necessary for the operation of the service, for problem solving or for disambiguation in case of suspected violation of the Terms of Use, but in this case we will communicate it in advance or request permission, giving account of any action taken in a transparency report sent to the user.

3. Where is the data stored?

All data is stored on Hetzner servers, in Germany.

4. Your rights

Under GDPR you have a number of rights regarding your data:

• right of access: the right, at any time, to request a copy of personal data AND to access any information entered in our system that we possess;
• right of rectification: the right to rectify data in case of inaccuracy or incompleteness;
• right of erasure: the right to request the deletion or removal of data from our servers*;
• right to restrict the use of your data: the right to limit profiling and the use we make of your data;
• right to data portability: the right to move, copy or transfer your data;
• right to object: the right to object to our use of your data;

*Despite the fact that when an account is deleted, all your data in our possession is deleted, the email used for login undergoes a soft removal, i.e. it remains in our databases, to prevent malicious people from attempting to impersonate or steal the data of those who are no longer on the platform in the future.

You have the right to send us criticisms or requests, ask questions, exercise any of the aforementioned rights, or withdraw consent to the use of your data (given that your consent is the legal basis for the use of data), by contacting us at mail@slamin.it

For the purposes of GDPR, slamin.it is the "data controller". This means that Slam In It OU determines the purposes and means by which your data is processed.

4.1 Access to your information

Access to your personal data, uploaded files and other information you provide is under your direct control. This means that any data related to personal information entered into our services that require access is available to you for download for archiving or migration to another service.

You can access all your data in the Edit profilesection, in the menu that appears by clicking on your name or avatar in the top right.

5. Changes to this policy

Any changes to this privacy policy will be publicly available and communicated to all users via the platform and other channels. We recommend periodically checking this document to keep track of changes.

Different versions will be archived and listed below for consultation, transparency and security.