PRIVACY POLICY (GDPR)
Last updated: 01/12/2025
Effective date: 01/06/2025

This Privacy Policy is provided pursuant to Articles 13 and 14 of the EU Regulation 2016/679 (“GDPR”) and describes the methods of processing of personal data carried out by Web Solution Group Srl, with registered office in Via Monte Sabotino 2, 24020 Bergamo (BG), Italy, email: help@accessibi.com, telephone: 3490576851 (hereinafter, “Owner”), through the website https://accessibi.com (“Service”).

By accessing or using the Service, you consent to the processing described in this Policy. If you do not intend to provide consent or accept what is stated, please do not use the Service.

1. Types of personal data collected

The Controller processes the following categories of data:

Data provided voluntarily by the user:

• Name
• Email address
• Mobile phone number
• Payment data (managed through external providers complying with security standards)

Automatically collected data:

• Access log
• IP addresses
• Browser and device technical data
• Cookies and similar technologies (see Cookie Policy)

2. Purpose of processing and legal bases

Personal data are processed for the following purposes and on the following legal bases:

If the data controller intends to process the data for further purposes in the future, a new consent will be required where necessary.

3. Data retention

The Data Controller retains personal data for a period of between 90 days and 24 months after the termination of the account or the last use of the Service, or for as long as necessary to fulfil the purposes for which it was collected, as set out in this Policy.

Some data may be kept longer in cases provided for by law (e.g. for tax and accounting obligations, for judicial protection, for fraud prevention and for the exercise or defence of the Controller's rights).

Anonymised or aggregated data that cannot be traced back to the user (either directly or indirectly) may be stored indefinitely.

4. Methods of processing

Personal data are processed by electronic means and, in limited cases, by manual means, taking appropriate technical and organisational measures to ensure the security, confidentiality and integrity of the data.

Despite the measures taken, no system can guarantee absolute security: the transmission of information via the Internet is therefore the responsibility of the user.

5. Extra-EU data transfer

Some technical providers of the Controller (e.g. cloud services, communication platforms, payment gateways or email marketing tools) may be established outside the European Economic Area (EEA).

In such cases, the transfer of data only takes place if there are adequate safeguards under the GDPR, including:

• adequacy decisions of the European Commission;
• Standard Contractual Clauses (SCC) approved by the European Commission;
• any additional security measures where necessary.

6. Disclosure of data to third parties

Personal data may be communicated to

• providers of technical, IT and hosting services;
• payment service providers and credit institutions;
• legal, tax or accounting consultants;
• marketing platforms, CRM and automation tools;
• public authorities and control bodies, in cases provided for by law.

These parties process the data in their capacity as Data Processors (pursuant to Article 28 GDPR) or, where applicable, as autonomous Data Controllers, on the basis of agreements or legal obligations.

7. Rights of the data subject

As a data subject, you may exercise your rights under Articles 15-22 of the GDPR at any time, including:

• right of access to personal data;
• right to rectification of inaccurate data or supplementation of incomplete data;
• right to erasure (“right to be forgotten”);
• right to restriction of processing;
• Right to object to processing based on legitimate interest;
• right to data portability to another data controller;
• right to revoke the consent given at any time, without prejudice to the lawfulness of the processing based on the consent before revocation;
• the right to lodge a complaint with a supervisory authority (in Italy, the Garante per la Protezione dei Dati Personali).

To exercise your rights, you can write to the email address: help@accessibi.com. The Data Controller will reply to your request within the terms provided for by the regulations in force.

The user may also object at any time to the processing of data for direct marketing purposes or deactivate profiling for commercial purposes by writing to the same address.

8. Cookies and tracking tools

The site uses cookies and similar technologies to improve the browsing experience, analyse traffic and personalise content and ads.

For detailed information on the cookies used, their purpose and how to manage consent, please refer to the dedicated Cookie Policy, available on the website.

9. Security Measures

The Controller shall take appropriate technical and organisational measures, including:

• TLS/SSL encryption of communications;
• firewalls and perimeter protection systems;
• authentication and access authorisation procedures;
• periodic backups and system redundancy;
• training of personnel authorised to process.

Despite this, the absolute security of data transmitted via the Internet cannot be guaranteed; information is therefore sent at the user's own risk.

10. Data Protection Officer / Privacy Contact Person

For any queries, clarifications or complaints regarding the processing of personal data, please contact:

Web Solution Group Srl
Via Monte Sabotino, 2 - 24020 Bergamo (BG), Italy
Email: help@accessibi.com

The Controller will respond in accordance with the applicable legislation.

11. Amendments to this Policy

The Owner may update this Privacy Policy from time to time. Changes will become effective 180 days after the updated version is posted on the site.

Continued use of the Service after this period shall constitute acceptance of the new version of the Policy. You are therefore advised to consult this page regularly.