Privacy Policy

Users may be subject to different levels of protection. Some Users therefore enjoy higher levels of protection. The User can contact the Owner for further information on the levels of protection. This document can be printed using the print command in the settings of any browser.

Data Controller

This application is a service of: Dega Web Studio Srl, Via Milano 18 - 70123 Bari
Owner's email address: overtheloop.box@gmail.com
Owner's legal email address: degawebstudio@pec.it

Types of Data Collected

Among the Personal Data collected by this Application, independently or through third parties, there are: Trackers; Usage Data; Data communicated while using the service; phone number; first name; last name; email address; various types of Data; precise location; Precise Location permission (non-continuous); Storage permission; Photo Gallery permission; date of birth; password; geographic position; Tax ID; profile picture; User ID; username; interaction with products; search history; purchase history; Universally Unique Identifier (UUID). Full details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the Data are collected. Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this Application. Unless otherwise specified, all Data requested by this Application is mandatory. If the User refuses to provide this Data, it may be impossible for this Application to provide the Service. In cases where this Application indicates some Data as optional, Users are free not to provide such Data, without this having any consequences on the availability or operation of the Service. Users who are uncertain about which Data is mandatory are encouraged to contact the Owner. Any use of Cookies - or other tracking tools - by this Application or by the owners of third-party services used by this Application is intended to provide the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy. The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Application. Application.

Method and place of processing of collected Data

Methods of processing

The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Processing is carried out using computers and/or IT tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the operation of this Application (administrative, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) may have access to the Data, also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Data Processors may be requested from the Data Controller at any time.

Place

The Data is processed at the Data Controller's operating offices and in any other places where the parties involved in the processing are located. For further information, please contact the Data Controller. The User's Personal Data may be transferred to a country other than their own. To obtain further information on the place of processing, the User can refer to the section containing details on the processing of Personal Data.

Retention period

Unless otherwise stated in this document, Personal Data is processed and stored for the time required by the purpose for which it was collected and may be stored for a longer period due to any legal obligations or based on the Users' consent.

Purpose of processing

The User's Data is collected to allow the Owner to provide its Service, comply with legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activity, as well as for the following purposes: Analytics, Interaction with live chat platforms, Contacting the User, Location-based interactions, Device permissions for Personal Data access, Registration and authentication, Registration and authentication provided directly by this Application, and Platform and hosting services. For detailed information on the purposes of processing and the Personal Data processed for each purpose, the User may refer to the "Detailed information on the processing of Personal Data" section.

Device permissions for Personal Data access

Depending on the specific device This Application may request certain permissions to access the User's device data, as described below. These permissions must be granted by the User before any information can be processed. Once granted, permission can be revoked by the User at any time. To revoke these permissions, the User may use the system settings or contact the Owner at the contact details provided in this document. The procedure for controlling permissions may vary depending on the device and software used by the User. Please note that revoking one or more permissions may impact the proper functioning of this Application. If the User grants the permissions listed below, the related Personal Data may be processed (accessed, modified, or removed) by this Application.

Photo Gallery Permission

Allows access to the User's Photo Gallery.

Precise Location Permission (non-continuous)

Used to access the precise location of the User's device. This Application may collect, use, and share the User's location in order to provide location-based services. The User's geographic location is determined in a non-continuous manner. This means that this Application cannot continuously determine the User's precise location.

Storage permission

Used to access shared external storage devices, including the ability to read and add any item to them.

Details on the processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

Contacting the User

Contact by phone (this Application): Users who have provided their phone number may be contacted for commercial or promotional purposes related to this Application, as well as to fulfill support requests. Personal Data processed: phone number. Contact form (this Application): By filling out the contact form with their Data, the User authorizes this Application to use these details to respond to requests for information, quotes, or any other kind of request as indicated by the form's header. Personal Data processed: last name; email address; first name. Mailing list or newsletter Personal Data: ZIP/Postal code; city; last name; date of birth; Usage Data; email address; country; first name; phone number; province; company name; state; Tracking Tools: Content commenting: Comment system managed directly; Personal Data: last name; Usage Data; email address; first name; phone number; Tracking Tools; username Social features Inviting and suggesting friends Personal Data: various types of Data.

Managing contacts and sending messages

Brevo, Mailchimp or other third-party provider: Personal Data: last name; date of birth; Data communicated while using the service; Usage Data; email address; physical address; country; first name; phone number; company name; Tracking Tools; username; various types of Data.

Payment management

Payment by bank transfer: Personal Data: last name; physical address; payment information; first name; company name. PayPal: Personal Data: last name; purchase history; Usage Data; email address; billing address; payment information; device information; first name; phone number; password; Tracking Tools; username; various types of Data as specified in the service's privacy policy. Stripe: Personal Data: last name; purchase history; Usage Data; email address; billing address; payment information. name; Tracking Tools; various types of Data as specified in the privacy policy of the service. Apple Pay: Personal Data: last name; purchase history; Usage Data; email address; billing address; payment information; first name; Tracking Tools; various types of Data as specified in the privacy policy of the service. Google Pay: Personal Data: last name; purchase history; Usage Data; email address; billing address; payment information; first name; Tracking Tools; various types of Data as specified in the privacy policy of the service. Specific payment services (e.g., Wallet) located in the User's country: Personal Data: last name; purchase history; Usage Data; email address; billing address; payment information; first name; Tracking Tools; various types of Data as specified in the privacy policy of the service.

Tag Management

Google Tag Manager: Personal Data: Usage Data; Tracking Tools. Facebook Pixel: Personal Data: Usage Data; Tracking Tools. Tracking.

Interaction with live chat platforms

LiveChat Widget and Facebook Messenger Customer Chat: Personal Data: Data communicated while using the service; Usage Data; Trackers.

Interaction with data collection platforms and other third parties

Direct marketing via pop-ups. Personal Data: Email address; first name; gender; Trackers; various types of Data. Brevo and Mailchimp Widgets: Personal Data: last name; Usage Data; email address; first name; phone number; Trackers.

Interaction with external social networks and platforms

Facebook Like button and social widgets, Twitter Tweet button and social widgets, PayPal button and widgets, LinkedIn button and social widgets, and the "Pin" button and Pinterest social widgets Personal Data: Usage Data; Tracking Tools YouTube button and social widgets Personal Data: Usage Data.

Location-based interactions Non-continuous geolocation (this Application)

This Application may collect, use, and share User location Data in order to provide location-based services. Most browsers and devices provide default tools to opt out of geolocation tracking. If the User has expressly authorized this possibility, this Application may receive data on the User's actual geographic location. The User's geographic location is determined in a non-continuous manner, either at the specific request of the User or when the User does not indicate its current location in the appropriate field and allows the application to detect the position automatically. Personal Data processed: precise location.

Permissions for accessing Personal Data stored on the User's device

This Application requests certain permissions from the User, which authorizes access to the Data stored on their device, as detailed below.

Permissions for accessing Personal Data stored on the User's device (this Application)

This Application requests certain permissions from the User, which authorizes access to the Data stored on their device, as summarized here and as described in this document. Personal Data processed: Photo Gallery permission; Precise location permission (non-continuous); Storage permission.

Registration and authentication

By registering or authenticating, the User allows this Application to identify them and to give them access to dedicated services. Depending on what is described below, registration and authentication services may be provided with the help of third parties. If this occurs, this Application may access some Data stored by the third-party service used for registration or identification. Some of the services listed below may also collect Personal Data for targeting and profiling purposes; to learn more, please refer to the description of each service.

Direct registration and profiling (this Application)

By registering or authenticating, the User allows this Application to identify them and give them access to dedicated services. The Data Controller may process the Data collected at the time of registration or authentication by Users for targeting and profiling purposes; to learn more, Users can contact the Data Controller using the contact details provided in this document or the contact form. Personal Data processed: Fiscal Code; surname; date of birth; email address; User ID; profile picture; first name; number phone number; password; geographic location.

Registration and authentication provided directly by this Application

By registering or authenticating, the User allows this Application to identify them and give them access to dedicated services. Personal Data is collected and stored exclusively for registration or identification purposes. The Data collected is only that required to provide the service requested by the User.

Platform and hosting services

These services have the purpose of hosting and running key components of this Application, making it possible to provide this Application from a single platform. These platforms provide the Owner with a wide range of tools, such as analytics tools, user registration management, comment and database management, e-commerce, payment processing, etc. The use of these tools involves the collection and processing of Personal Data. Some of these services operate through geographically distributed servers in different, making it difficult to determine the exact location where Personal Data is stored.

Google Play Store (Google Ireland Limited)

This Application is distributed on the Google Play Store, a platform for the distribution of mobile applications, provided by Google Ireland Limited. By virtue of being distributed through this app store, Google collects usage and diagnostic data and shares aggregated information with the Owner. Much of this information is processed based on an opt-in declaration. Users can disable this analytics feature directly through their device settings. Further information on how to manage analytics settings is available at Sharing usage and diagnostic information with Google. Personal Data processed: Usage data. Place of processing: Ireland - Privacy Policy

App Store Connect (Apple Inc.)

This Application is distributed on the Apple App Store, a platform for the distribution of mobile applications provided by Apple Inc. App Store Connect allows the Owner to manage this Application on the Apple App Store. Depending on the configuration, App Store Connect provides the Owner with statistical data on user engagement and application discovery, marketing campaigns, sales, in-app purchases, and payments to measure the performance of this Application. App Store Connect collects this data only from Users who have agreed to share it with the Owner. Users can find more information on how to opt out through their device settings at the following link: Share analytics, diagnostics, and usage information with Apple. Personal Data processed: purchase history; search history; user ID; universally unique identifier (UUID); interaction with products. Place of processing: United States – Privacy Policy

Statistics

The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to track User behavior.

Google Analytics (Universal Analytics) (Google Ireland Limited)

Google Analytics (Universal Analytics) is a web analytics service provided by Google Ireland Limited (Google). Google uses the Personal Data collected to track and examine the use of this Application, compile reports, and share them with other Google services. Google may use the Personal Data to contextualize and personalize the ads of its own advertising network. Personal Data processed: Usage Data; Trackers. Place of processing: Ireland - Opt-Out - Privacy Policy.

Further information on the processing of Personal Data

Personal Data collected through sources other than the User

The Owner of this Application may have legitimately collected Personal Data relating to the User without their involvement, drawing on sources provided by third parties, in accordance with the legal bases described in the section relating to the legal bases of processing. If the Owner has collected Personal Data in this way, the User can find specific information regarding the sources in the respective sections of this document or by contacting the Owner.

User Identification via Universally Unique Identifier (UUID)

This Application may track Users by storing a so-called "universally unique identifier" (UUID) for statistical analysis purposes or to store User preferences. This identifier is generated upon installation of this Application. It is not deleted when the Application is closed or updated, but is permanently removed only if the User decides to uninstall the Application from their device. If the application is reinstalled, a new UUID is generated.

Unique Device Identification

This Application may track Users by storing a unique identifier for their device, for statistical analysis purposes or to store User preferences.

The Service is not intended for children under 13 years

Users declare themselves to be adults according to their applicable legislation. Minors may use this Application only with the assistance of a parent or guardian. Under no circumstances may persons under the age of 13 use this Application.

The service is intended for adults

Users declare themselves to be adults according to applicable legislation. Minors are prohibited from using this Application.

Equivalent Level of Protection for User Data

This Application shares User Data only with carefully selected third parties that guarantee a level of protection for User Data equal to or equivalent to that described in this privacy policy and required by applicable data protection legislation. The privacy policies of these third parties contain further information on their processing of personal data and their privacy policies.

Push Notifications

This Application may send push notifications to the User to achieve the purposes described in this privacy policy. In most cases, Users can opt out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for this Application, some or all applications on the device in question. Users should be aware that disabling push notifications may negatively impact the use of this Application.

Push Notifications Based on the User's Location

This Application may use the User's location to send push notifications to achieve the purposes described in this privacy policy. In most cases, Users can opt out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for some or all applications on the device. in question. Users should be aware that disabling push notifications may negatively impact their use of this Application.

Push Notifications for Direct Marketing

This Application may send push notifications to the User for direct marketing purposes (in order to offer services and products provided by third parties or unrelated to the service or product provided by this Application). In most cases, Users can opt out of receiving push notifications by visiting their device settings, such as the notification settings for mobile phones, and then changing those settings for this Application, or for all applications on the device in question. Users should be aware that disabling push notifications may negatively impact their use of this Application. In addition to the applicable device settings, the User may also avail themselves of the rights described in the relevant section of this privacy policy.

sessionStorage and localStorage

sessionStorage and localStorage allows this Application to store and access data directly from the User's browser. Sensitive data stored in sessionStorage and localStorage are encrypted. Data in sessionStorage is automatically deleted when the session ends (i.e., when the browser tab is closed). localStorage allows this Application to store and access data directly from the User's browser. Data in localStorage is not automatically deleted when the session ends (i.e., when the browser tab is closed or the browser is closed). The User can explicitly delete data at any time directly from the browser settings. Users should be aware that deleting data from localStorage may negatively impact the use of this Application.

Pseudonymous Use

When registering with this Application, Users have the option to indicate a nickname or pseudonym. In this case, Users' Personal Data will not be published or made available. to the public. Any activity performed by Users on this Application will be displayed under the nickname or handle indicated. However, Users acknowledge and accept that their activity on this Application, including content, information, or any other material they may voluntarily and intentionally upload or share, may directly or indirectly reveal their identity.

Additional information for users in the European Union

This section applies to all users in the European Union, in accordance with the General Data Protection Regulation (the "GDPR") and, for such Users, supersedes any other information that may be divergent or conflicting in this privacy policy. Further details regarding the categories of data processed, the purposes of the processing, the categories of recipients of the personal data, if any, and further information on personal data are available in the "Detailed information on the processing of personal data" section within this document.

Legal basis for processing

The Data Controller processes Personal Data relating to the User if one of the following applies:

The User has given consent for one or more specific purposes; Note: Under some jurisdictions, the Data Controller may be allowed to process Personal Data without the User's consent or any other of the legal bases specified below, until the User objects to such processing ("opt-out"). This, however, does not apply if the processing of Personal Data is regulated by European data protection law; the processing is necessary for the performance of a contract with the User and/or for the implementation of pre-contractual obligations; the processing is necessary for compliance with a legal obligation to which the Data Controller is subject; the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller. invested by the Data Controller; processing is necessary for the pursuit of the legitimate interests pursued by the Data Controller or by a third party.

In any case, it is always possible to ask the Data Controller to clarify the specific legal basis for each processing, and in particular to specify whether the processing is based on a statutory requirement, a contractual requirement, or a requirement necessary to enter into a contract.

Further information on retention periods

Unless otherwise stated in this document, Personal Data is processed and retained for the time required by the purpose for which it was collected and may be retained for a longer period due to any legal obligations or on the basis of the Users' consent. Therefore:

Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until such contract has been fully performed. Personal Data collected for purposes related to the Data Controller's legitimate interests will be retained until such interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.

When the processing is based on the User's consent, the Data Controller may retain Personal Data for a longer period until such consent is withdrawn. Furthermore, the Data Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention period, the Personal Data will be deleted. Therefore, after expiration of this period, the right to access, erasure, rectification, and the right to data portability can no longer be exercised.

User Rights

Users may exercise certain rights regarding their Data processed by the Data Controller. In particular, within the limits provided by law, the User has the right to:

withdraw consent at any time. The User may withdraw previously expressed consent to the processing of their Personal Data. object to the processing of their Data. The User may object to the processing of their Data when it occurs pursuant to a legal basis other than consent. Access their Data. The User has the right to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the processed Data. Verify and request rectification. The User can verify the accuracy of their Data and request its updating or correction. Obtain the restriction of processing. The User may request the restriction of the processing of their Data. In this case, the Data Controller will not process the Data for any purpose other than its storage. Obtain the erasure or removal of their Personal Data. The User may request the erasure of their Data by the Data Controller. Receive their Data or have it transferred to another controller. The User has the right to receive their Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred to another controller without hindrance. File a complaint. The User may file a complaint with the competent data protection supervisory authority or take action before the competent supervisory authority. judicial.

Users have the right to obtain information regarding the legal basis for Data transfers abroad, including to any international organization governed by international law or set up by two or more countries, such as the UN, as well as regarding the security measures taken by the Data Controller to protect their Data.

Details on the right to object

Where Personal Data is processed in the public interest, in the exercise of official authority vested in the Data Controller, or for the purposes of the legitimate interests pursued by the Data Controller, Users have the right to object to such processing on grounds relating to their particular situation. Users are informed that, if their Data is processed for direct marketing purposes, they can object to that processing at any time, free of charge and without providing any justification. If Users object to processing for direct marketing purposes, their Personal Data will no longer be processed for such purposes. To find out if the Owner processes Data for direct marketing purposes. Users can refer to the respective sections of this document.

How to exercise your rights

To exercise their rights, Users may send a request to the Data Controller's contact details provided in this document. The request can be filed free of charge, and the Data Controller will respond as soon as possible, in any case within one month, providing the User with all the information required by law. Any rectification, erasure, or restriction of processing will be communicated by the Data Controller to each recipient, if any, to whom the Personal Data has been disclosed, unless this proves impossible or involves a disproportionate effort. The Data Controller will inform the User of such recipients upon request.

Further information on processing

Defense in court

The User's Personal Data may be used by the Data Controller in court or in the preparatory stages leading to possible legal action. established to defend against abuse in the use of this Application or related Services by the User. The User declares to be aware that the Data Controller may be required to disclose the Data by order of public authorities.

Specific information

Upon the User's request, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

System logs and maintenance

For operation and maintenance purposes, this Application and any third-party services used by it may collect system logs, which are files that record interactions and may also contain Personal Data, such as the User's IP address.

Information not contained in this policy

Further information regarding the processing of Personal Data may be requested from the Data Controller at any time using the contact information.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to Users on this page and, if possible, on this Application and, if technically and legally feasible, by sending a notification to Users via any contact information available to the Data Controller. Please check this page frequently, referring to the date of the last modification indicated at the bottom. If the changes affect processing based on consent, the Data Controller will collect the User's consent again, if necessary.

Definition and legal references

Personal Data (or Data): Any information that, directly or indirectly, or in connection with other information, including a personal identification number, allows for the identification or identifiability of a natural person. Usage Data: Information collected automatically through this Application (including third-party applications integrated into this Application), including: IP addresses or domain names of the computers used by the User who connects to this Application, the URI (Uniform Resource Identifier) ​​addresses, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example, the time spent on each page), and the details relating to the path followed within the Application, with particular reference to the sequence of pages visited, the parameters relating to the operating system and the User's IT environment. User: The individual who uses this Application who, unless otherwise specified, coincides with the Data Subject. Data Subject: The natural person to whom the Personal Data refers. Data Processor (or Processor): The natural person, legal person, public administration, or any other entity that processes personal data on behalf of the Data Controller, as set out in this privacy policy. Data Controller Data Controller (or Owner): The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data and the tools used, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application. This Application: The hardware or software tool by which the Personal Data of Users is collected and processed. Service: The Service provided by this Application as defined in the relevant terms (if any) on this site/application. European Union (or EU): Unless otherwise specified, any reference to the European Union in this document shall be deemed to extend to all current member states of the European Union and the European Economic Area. Cookies: Cookies are Tracking Tools consisting of small sets of data stored in the User's browser. Tracking Tool: A Tracking Tool means any technology - e.g., cookies, unique identifiers, web beacons, embedded scripts, e-tags, and fingerprinting - which allow Users to be tracked, for example by collecting or storing information on the User's device. Legal references: Unless otherwise specified, this privacy policy applies exclusively to this Application.

Last edit: 01.03.26 (DD.MM.YY)

Unlock Your Gift Now!

10% off

Subscribe to the Over The Loop newsletter and receive an exclusive discount on your first purchase. Get the first look at unmissable news and offers tailored just for you.

Accept a newsletter promoted via email from Over The Loop. For more informations, you are invited to consult the current privacy policy and the relative information here.