(Information pursuant to Article 13 of EU Regulation 2016/679 – GDPR)

1. Who is responsible for your data?
The Data Controller is:


Xcope S.r.l.


Registered office: Via Savona 97,  20144 Milano (MI), Italy

Legal Representative: Paolo Taddei


Contacts:


Phone: 3407766987


Email: paolo.taddei@xcope.it

Certified email (PEC): xcopesrl@legalmail.it

2. Data Protection Officer (DPO)
Xcope is not required to appoint a Data Protection Officer pursuant to Article 37 of the GDPR.
Therefore, no DPO has been designated.

3. Why do we collect your data?
We process your personal data to:
provide the services you request and manage communications;
send notifications related to your activities on our platform;
carry out statistical analyses, market research, and service improvements;
comply with legal obligations;
send promotional or informational communications (only with your prior consent).
Providing your data is necessary to use the services offered by Xcope. Without it, we may not be able to complete your registration or provide support.

4. What is the legal basis for processing?
We process your data only when one or more of the following conditions apply (Art. 6 GDPR):
you have given explicit consent for one or more specific purposes;
the processing is necessary to execute a contract or take pre-contractual measures;
the processing is required by law;
we have a legitimate interest, such as ensuring proper service functionality.

5. Who has access to your data?
Your data is processed only by authorized personnel and may be shared with:
external consultants (e.g., legal, tax, labor advisors);
IT service providers and digital platforms used by Xcope;
third parties with whom Xcope has service agreements.
All external parties act as Data Processors, bound by specific contractual obligations.

6. Is your data transferred outside the EU?
In some cases, your data may be transferred to affiliated companies or partners located in non-EU countries.
In these cases, we ensure that:
the destination country guarantees an adequate level of protection as defined by the European Commission,
or we adopt appropriate safeguards, such as Standard Contractual Clauses (SCCs).
You can request more details by writing to info@xcope.it.

7. How long do we keep your data?
We retain your data only as long as necessary to fulfill the purposes for which it was collected, or as required by legal or contractual obligations. 
Once no longer needed, your data will be deleted or anonymized.

8. What are your rights?
You have the right to:
Access your personal data;
Request rectification or updates;
Request erasure ("right to be forgotten");
Restrict data processing;
Object to the processing;
Port your data (if processed electronically).
If processing is based on consent, you can withdraw it at any time by writing to info@xcope.it.
Withdrawal does not affect the lawfulness of processing based on consent before withdrawal.

9. Want to lodge a complaint?
You can file a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali):
 www.garanteprivacy.it

10. Is providing your data mandatory?
Yes. Your personal data is required to conclude a contract or access our services.
 Failure to provide it may result in inability to proceed with registration or service provision.

11. What if we change our purposes?
If we intend to use your data for purposes other than those originally stated, we will inform you in advance and obtain new consent where required.

12. Do we use profiling?
We may use automated tools to analyze preferences and behaviors in order to offer more personalized services or communications. 
These activities do not involve automated decision-making with legal or significant effects.

13. What do we mean by "personal data"?
"Personal data" refers to any information that identifies you, directly or indirectly (e.g., name, email, IP address, location, customer ID, etc.).

Have questions or need more info?


Write to us at info@xcope.it