This policy pertains to the processing of personal data of users data subjects ) who access and use the services provided through the apps and social platforms of Digitalmoka (collectively "Services").
The Services are accessible through apps that can be downloaded from stores for mobile devices (eg. App Store or Google Play Store, hereinafter referred to as "Apps") or through online gaming platforms connected to social networks (e.g. Facebook, hereinafter referred to as "Social platforms")
This policy is provided only for the Apps and Social Platforms through which Digitalmoka delivers its Services and not for the Apps, Social Platforms and third-party websites accessible through hyperlinks contained therein, for which the Controller is in no way liable.
We specify, as of now, that the personal data of users who access and use the Services may also be processed by third parties, as independent Controllers. Concretely, this occurs for the managers mobile device stores (eg. Google Ireland Limited, Apple Distribution International Ltd., etc.) or of the Social Platforms (e.g. Facebook Ireland Limited) which process user data for their own purposes and with autonomously determined means (for example, to allow the acquisition of additional content or services or in the context of their own marketing activities), as better specified in the rest of this disclosure.
The Controller is "Digitalmoka S.r.l.", with registered office in via Anguillarese 186, 00123 Rome (hereinafter "DIGITALMOKA" or "Controller").
To use the Services, the user may be required to provide the personal data necessary to ensure their use: for example, in order to fill in the contact forms available on the Apps and Social Platforms, users must provide their e-mail address, in order to respond to communications sent. In any case, it is specified that the user is free to provide the requested data or otherwise, in the sense that he/she is not legally obliged to provide them: failure to provide the data indicated as necessary, however, makes it impossible for DIGITALMOKA to provide the service required.
The processing operations are carried out with reference only to data attributable to the user's identity, which can be classified as personal data pursuant to art. 4, par. 1 n. 1 of Regulation (EU) 679/2016 (GDPR), to be understood as "any information relating to an identified or identifiable natural person".
Indeed, the use of the Services does not necessarily require the identification of the user. In particular:
Given the above, it is specified that the types of data listed below can be considered personal data and are, therefore, subject to processing only when they can be associated with the identity of the data subject (for example, in the event that the chosen nickname contains data susceptible to identify the user, such as name and surname, or if the User logs in via the Social Platform or associates the DIGITALMOKA Account with their Social Account with a profile photo that makes it identifiable).
The types of data processed include, in particular:
During the user's navigation on the Apps and on the Social Platforms, the computer systems used to operate them automatically acquire some information whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of devices used by Users, URI/URL (Uniform Resource Identifier/Locator) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters relating to the User's operating system and computer environment.
These data are processed for the purpose of:
DIGITALMOKA processes the data submitted voluntarily by the user for purposes related to the provision of the Services. The legal basis of the processing is, therefore, constituted by the execution of a contract of which the data subject is a party, pursuant to art. 6, par. 1, lett. b) of Regulation (EU) 679/2016 (GDPR).
In particular, the personal data provided by the data subject may be processed for the following purposes:
DIGITALMOKA collects some personal data generated through the user's interaction with the Apps and Social Platforms, for purposes related to the provision of the Services. The legal basis of the processing is, therefore, constituted by the execution of a contract of which the data subject is party, pursuant to art. 6, par. 1, lett. b) of Regulation (EU) 679/2016 (GDPR). Such data could be viewed by other users, in order to improve the User experience of the Services and encourage interaction between users and include, by way of example:
DIGITALMOKA receives some personal data regarding the user from third parties and processes them for purposes related to the provision of the Services. The legal basis of the processing is, therefore, constituted by the execution of a contract of which the data subject is a party, pursuant to art. 6, par. 1, lett. b) of Regulation (EU) 679/2016 (GDPR), or, in some cases, by virtue of the consent of the data subject, pursuant to art. 6, par. 1, lett. b) of Regulation (EU) 679/2016 (GDPR). Such data may include, for example:
The processing will be carried out using paper and / or IT tools, by natural person authorized to do so, who operate under the direct authority and according to the instructions given by the Controller, with processing strictly related to the purposes indicated and, in any case, in such a way as to guarantee the security and confidentiality of the data processed.
The processing operations are carried out in such a way as to guarantee the security of data and systems. Specific security measures are adopted in order to minimize the risk of destruction or loss, even accidental, of the data, of unauthorized access, of processing that is not permitted or does not comply with the purposes indicated in these guidelines.
However, the security measures adopted do not allow for the risk of interception or compromise of personal data transmitted via telematic devices to be absolutely ruled out. It is therefore recommended to verify that the device employed by the user is equipped with software systems suitable for the protection of the telematic transmission of data, both inbound and outbound (such as, for example, updated antivirus systems, firewalls and spam filters).
The data being processed will be kept for a period not exceeding that necessary to achieve the purposes for which they were collected and subsequently processed. In particular:
It is also specified that the DIGITALMOKA Account will be deleted in the event of user inactivity for a period equal to or greater than 180 days: in this case, all personal data associated with the same DIGITALMOKA Account will be deleted or made anonymous.
The personal data of the data subject may be communicated to:
Under no circumstances will personal data be communicated, disseminated, sold or otherwise transferred to third parties for illegal purposes and, in any case, without providing suitable information to the data subject and obtaining their consent, where required by law. Any communication of data at the request of the judicial or public security authorities, in the manner and in the cases provided for by law, remains unaffected. Personal data will not be transferred abroad, to Countries or international Organizations not belonging to the European Union that do not guarantee an adequate level of protection, as recognized, pursuant to art. 45 GDPR, through an adequacy decision of the EU Commission. Should it be necessary for the provision of the Services, the transfer of personal data to Countries or international Organizations outside the EU, for which the Commission has not made an adequacy decision pursuant to art. 45 GDPR, will take place only in the presence of adequate guarantees provided by the recipient Country or Organization, pursuant to art. 46 GDPR and provided that the data subjects have enforceable rights and effective remedies. In the absence of an adequacy decision by the Commission, pursuant to art. 45 GDPR, or adequate guarantees, pursuant to art. 46 GDPR, the cross-border transfer will take place only if one of the conditions indicated in art. 49 GDPR is fulfilled.
The data subject has the right to access their personal data, to request their correction, updating and deletion or limitation, if incomplete, erroneous or collected in violation of the law, as well as to oppose the processing for legitimate reasons or obtain portability.
Specifically, the data subject shall have the right to obtain from the controller confirmation as to whether or no personal data concerning him or her are being processed , even if it has not yet been recorded, and to its communication in intelligible form.
The data subject concerned also has the right to obtain information on:
The data subject has the right to obtain:
The data subject has the right to object, in whole or in part:
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their usual residence, place of work or place of the alleged infringement.
The above rights are exercised with a request addressed to the Controller, by sending an e-mail message to the address email@example.com. The request is formulated freely and without formalities by the data subject, who has the right to receive suitable feedback within a reasonable timeframe, depending on the circumstances of the case.
The data subject may make use, for the exercise of their rights, of non-profit bodies, organizations or associations, whose statutory objectives are of public interest and which are active in the field of protection of the rights and freedoms of the interested parties with regard to the protection of personal data, providing, for this purpose, a suitable mandate. The data subject may also be assisted by a person of trust.
It is possible to receive more information on the purposes and methods of processing personal data by writing to firstname.lastname@example.org and indicating "Privacy" in the subject line.
To find out about your rights, lodge a complaint and always be updated on the legislation on the protection of individuals with regard to the processing of personal data, the data subject can contact the personal Data Protection Authority, by consulting the website at the address http://www.garanteprivacy.it/.
The original text of this information is drawn up in Italian and the Italian text is the only one that will be authentic in the relationship between the data subject and the Controller.
It should be noted that, for the convenience of the data subject, this information is also available in English: it is understood, in any case, that any translation is provided solely for facilitative purposes and that in any case of conflict or discrepancy, the Italian version will remain prevailing and legally binding in the relations between the Controller and the data subject, without prejudice to DIGITALMOKA's exemption from any liability deriving from translation defects.
Information updated in June 2021