Privacy Policy

1. Introduction

Civix S.r.l. ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We comply with the General Data Protection Regulation (GDPR) and Italian data protection legislation.

2. Data Controller

The data controller responsible for your personal data is:

3. Information We Collect

We collect information that you provide directly to us and information collected automatically:

• Personal identification information (name, email address, phone number)
• Contact information for municipalities (official addresses, billing details)
• Technical data (IP address, browser type, device information)
• Usage data (features used, time spent, interactions)
• Location data (when submitting reports with geolocation)
• Report content (descriptions, photos, categories)

4. How We Use Your Information

We use the collected information for the following purposes:

• To provide and maintain the Service
• To communicate with you about your account and reports
• To improve and personalize the Service
• To comply with legal obligations
• To detect and prevent fraud and security issues

5. Legal Basis for Processing

Under GDPR, we process your data based on:

• Your consent (for optional features and marketing)
• Performance of a contract (to provide the Service)
• Legitimate interests (to improve and secure the Service)
• Legal obligation (to comply with laws)

6. Information Sharing

We may share your information with:

• Municipalities processing your reports (as necessary for service delivery)
• Service providers who assist in operating our platform
• Law enforcement when required by law or to protect rights

7. Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. For citizen accounts, data is retained for 5 years after last activity. For municipal data, retention follows contractual agreements and legal requirements.

8. Your Rights (GDPR)

Under GDPR, you have the following rights:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restriction of processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time

9. Cookies

We use cookies and similar tracking technologies to track activity on our Service. We use essential cookies for platform functionality, analytics cookies to understand usage (with consent), and preference cookies to remember your settings. You can instruct your browser to refuse all cookies or indicate when a cookie is being sent.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption in transit and at rest, regular security assessments, access controls, and employee training.

11. International Transfers

Your data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure adequate protection through Standard Contractual Clauses or other approved mechanisms.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date. You are advised to review this policy periodically.

13. Contact Us

For privacy-related inquiries or to exercise your rights, please contact our Data Protection Officer:

Email: privacy@civix.app