Privacy Policy

1. Object of Processing

The Data Controller will process personal data — including identifying information — provided by the Data Subject or obtained from third parties during the completion of online contact request forms, during registration on the platform published on www.coderblock.com (hereinafter "Platform"), or during use of the Platform, for the provision of requested online services.

In particular, the data processed may include: name, surname, email address, telephone number, image, IP address, navigation choices, and technical cookies.

If the Data Subject uses the artificial intelligence service available on the Platform, they consent to the processing of data shared during the use of said service. The data entered within the artificial intelligence service may be used to improve the service itself, in compliance with applicable regulations.

The website is intended for users over 18 years of age. The Data Controller does not knowingly collect personal data from minors. If the Data Controller becomes aware that personal data has been collected from a minor without the consent of a parent or guardian, it will take steps to delete such data.

2. Cookie and Site Tracking

Cookies are small text files that are placed on the user's computer by websites visited by the user. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The use of cookies is now standard for most websites. If you are uncomfortable with the use of cookies, you can manage and control the use of cookies through your browser, including removing cookies by deleting them from your "browser history" (cache) when you leave the site.

In compliance with EU Directive 2009/136/EC, we inform you that the WorldGenie Platform and the websites managed by Coderblock S.r.l. may use cookies and similar tracking technologies.

There are different types of cookies: session cookies (which are erased when the user closes the browser), persistent cookies (which remain on the user's device for a set period of time or until they are deleted), first-party cookies (which are set by the website being visited), and third-party cookies (which are set by a domain different from the one being visited).

The Platform uses technical cookies that are strictly necessary for navigation and for providing the service requested by the user. These cookies do not require prior consent. In addition, the Platform may use analytics cookies to collect aggregated information about the number of users and how they visit the site, as well as profiling cookies, subject to the user's consent, to create profiles related to the user and send advertising messages in line with the preferences expressed during navigation.

For further general information on cookies, you can visit www.allaboutcookies.org.

3. Legal Basis and Purpose of Processing

The processing of the Data Subject's personal data is based on the following legal grounds:

• Art. 6.1.b GDPR — Contractual necessity: the processing is necessary for the performance of a contract to which the Data Subject is a party, or in order to take steps at the request of the Data Subject prior to entering into a contract. This includes registration on the Platform, provision of the requested services, management of the contractual relationship, customer support, and sending of service communications strictly connected to the use of the Platform.
• Art. 6.1.a GDPR — Consent: for purposes that go beyond what is strictly necessary for the performance of the contract, including:
  • Marketing: sending promotional communications, newsletters, commercial information about products and services offered by Coderblock S.r.l. and/or the WorldGenie Platform, by automated means (email, SMS, messaging apps, push notifications) and/or traditional means (postal mail, telephone with operator).
  • Profiling: analysis of preferences, habits, behaviours, and interests of the Data Subject, including through the use of artificial intelligence systems, in order to send personalised commercial communications and improve the user experience on the Platform.
  • Communication to third parties: communication of personal data to commercial partners of Coderblock S.r.l. for their own marketing purposes. In this case, the third parties will act as independent data controllers.

Consent for the above purposes is optional and can be revoked at any time without affecting the lawfulness of the processing carried out prior to the revocation, by writing to privacy@coderblock.com.

4. Method of Processing and Storage

Personal data is processed using computer systems and electronic procedures, in compliance with applicable law and in a manner that ensures the security and confidentiality of the data. The data may be processed using cloud-based systems.

Specific security measures are adopted to prevent the loss of data, unlawful or incorrect use of the data, and unauthorised access to the data, in compliance with applicable legal provisions.

Personal data collected for contractual purposes will be retained for the duration of the contractual relationship and, after its termination, for the period required by applicable legislation for the fulfilment of legal obligations (e.g. tax, accounting).

Personal data processed for marketing and profiling purposes will be retained for a period of 24 months from the date of collection or from the last interaction with the Data Subject, unless the Data Subject revokes their consent earlier.

5. Provision of Data and Consequences of Refusal

The provision of personal data marked as mandatory in the registration form (e.g. name, surname, email address) is necessary for registration on the Platform and for the provision of the requested services. Failure to provide such data will make it impossible to register on the Platform and to use the services offered.

The provision of additional personal data (e.g. telephone number, company, profile image) is optional and the failure to provide such data will not affect the Data Subject's ability to register on the Platform or to use its core services, but may limit the availability of certain features.

The provision of data for marketing, profiling, and communication to third parties is always optional. Failure to provide consent for these purposes will not affect the Data Subject's ability to use the Platform and its services.

6. Data Access

Personal data may be accessed by:

• Authorised personnel of Coderblock S.r.l. who have been designated as data processors or authorised to process data, and who have received appropriate instructions regarding data protection.
• Third parties that provide services to Coderblock S.r.l. and that have been appointed as external data processors pursuant to Art. 28 GDPR. These include, but are not limited to: hosting providers, cloud service providers, email service providers, payment processors, analytics providers, customer support tools, and IT maintenance providers.

An updated list of data processors may be requested by writing to privacy@coderblock.com.

7. Data's Disclosure

Without the need for express consent (Art. 6.1.b and 6.1.c GDPR), the Data Controller may communicate the Data Subject's personal data to:

• Public Bodies and Authorities, where required by law or by order of the authorities.
• Third parties that perform activities that are instrumental to or connected with the performance of the contractual relationship (e.g. data centres, hosting providers).

The data centres and servers used for the processing of personal data are located within the European Union.

In the event that it is necessary to transfer personal data to countries outside the European Economic Area (EEA), including the United States, the Data Controller will ensure that the transfer is carried out in compliance with applicable legislation. In particular, transfers to the United States or other countries outside the EEA will be carried out on the basis of:

• Standard Contractual Clauses (SCCs) adopted by the European Commission;
• Adequacy decisions of the European Commission, where applicable;
• Binding Corporate Rules (BCRs), where applicable;
• Any other valid transfer mechanism under the GDPR.

The Data Subject may request information about the specific safeguards applied to international data transfers by contacting privacy@coderblock.com.

8. Rights of the Data Subject

Pursuant to Articles 15 to 22 of the GDPR, the Data Subject has the right to:

• Right of access (Art. 15): obtain confirmation as to whether or not personal data concerning them is being processed, and, where that is the case, access to the personal data and information about the processing.
• Right to rectification (Art. 16): obtain the rectification of inaccurate personal data concerning them without undue delay.
• Right to integration: obtain the integration of incomplete personal data, including by means of providing a supplementary statement.
• Right to data portability (Art. 20): receive the personal data concerning them, which they have provided to the Data Controller, in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller.
• Right to erasure (Art. 17): obtain the erasure of personal data concerning them without undue delay where one of the grounds set out in Art. 17 GDPR applies.
• Right to restriction of processing (Art. 18): obtain restriction of processing where one of the conditions set out in Art. 18 GDPR applies.
• Right to object to automated decision-making, including profiling (Art. 22): not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.
• Right to lodge a complaint: lodge a complaint with the competent Data Protection Authority (in Italy: Garante per la Protezione dei Dati Personali — www.garanteprivacy.it).

The Data Subject may exercise their rights at any time by sending a written request to the following addresses:

9. Data Controller and Data Protection Officer

The Data Controller is:

The Data Protection Officer (DPO) is:

10. Update of Disclosure

Coderblock S.r.l. will keep this privacy policy constantly updated. Any changes will be published on this page and, where appropriate, notified to the Data Subject by email. The Data Subject is invited to consult this page periodically to stay informed of any updates.

The Data Controller reserves the right to modify or simply update the content of this privacy policy, in part or in full, also as a result of changes to applicable legislation. Any such changes will be binding as soon as they are published on the Website. The Data Controller therefore invites the Data Subject to regularly visit this section to read the most recent and updated version of the privacy policy, in order to always be informed about the data collected and the use made of it.