1. General Information
Dragonet S.r.l. (VAT ID 08855931211), headquartered in Naples (NA) at Via Alessandro Volta, 5 (“hereinafter “Dragonet”), as the data controller, is committed to protecting and respecting user privacy. This privacy policy (“Privacy Policy”) aims to inform the user about the practices related to the collection, use, and disclosure of information that the user may provide through their website or our mobile application (the “Platform”). This Privacy Policy (together with our “Terms and Conditions,” any other documents referred to in it, and our cookie policy) establishes the basis on which the personal data we collect from the user or that the user provides to us will be processed. Read the following carefully to understand our practices regarding personal data and how they will be treated.
2. What information do we collect from the user and for how long?
2.1. Information Provided by the User
To fully use Dragonet’s service, we may request the user to provide various information, including personal information (“Personal Data”) when using our platform or filling out forms on the platform (e.g., the registration form) or reporting a problem with the platform through the contact form.
The provided information may include:
Mandatory information for service registration provided by Dragonet through its platform or to access other services offered, such as: i) name, ii) surname, iii) email address, iv) professional titles, v) information related to registration with professional associations; vi) residential address; vii) professional address.
Information related to personal schedule, also through third parties, to use the appointment booking service.
Location information through “GPS” technology (requires user’s explicit consent).
Health-related information limited to what is necessary for service delivery, such as: i) weight; ii) height; iii) lean body mass index; iv) fat mass index; v) hydration status index. Given the sensitive nature of this data, it is processed not by Dragonet directly but by platform users qualified as professionals, whose identity is always known to the user. Professionals are obliged to maintain absolute confidentiality regarding this information and not disclose it to third parties. The user has the right to explicitly request Dragonet to know the data of the professional who has processed their personal data by making an express request. Dragonet, as a provider of a pure IT service, does not directly process or use this data.
History of all requested visits and checks.
History of all meal plans.
Details of accounting or financial transactions, including transactions made through our platform. These data do not include credit card data, which are managed by third parties, specifically by “Stripe.”
Details of visits to our platform and the accessed resource.
Information regarding user requests when reporting a technical or other issue related to the platform or service, such as the subject of the support request.
2.2 Automatically Collected Information
2.2.1 If the user signs up for Dragonet’s service through social media authentication methods (e.g., Facebook), Dragonet will access certain personal data (e.g., social media identifier for login, name, surname, photos, email address) in the user’s social media account, based on the terms of use and privacy policy applied by these platforms. The processing of personal data by individual social media is solely governed by the general terms and privacy policy of these service providers. Dragonet will not be responsible for the processing of such data.
2.2.2 For each visit to our platform, we may collect, in accordance with applicable laws and, if necessary, with the user’s consent, information about the devices in use and the networks to which they are connected when using our services.
2.2.3 This may include the following information: IP address, login information, browser type and version, browser plugin type and version, operating system, and platform. Information about the visit, including the clickstream URL, originating and directed to our platform, viewed users, type of services requested, requested products, download errors, duration of visits to specific pages, and page interactions, will also be detectable.
2.2.4 Dragonet collects this information using various technologies, including cookies (for more information, refer to our cookie policy).
2.2.5 Dragonet does not require and is not authorized to access contacts in the phone book.
2.2.6 Dragonet collects aggregated information about activity on the platform (quantity of requests, scheduled appointments, information exchanged).
2.2.7 This information will not be published on the user’s public profile on the platform but will be visible only to Dragonet or third parties.
2.3 Data Storage
Personal data will be stored for the duration of the relationship with us and then no longer used:
4 years after the last use of our platform if the user does not close the account.
4 years after account closure, unless the user has received a negative rating or report, in which case their data will be stored for a period of two years after the last negative rating or report; or 4 years after account closure, depending on which period is longer.
Health status data are stored exclusively for the time necessary to provide the service offered by Dragonet and for a maximum period of 1 year.
The following categories of data may be stored for different durations:
Financial data (e.g., payments, refunds) are stored for the duration required by applicable tax and accounting laws.
In the event of user suspension or blockage, Dragonet will retain data for a period ranging from 2 to 10 years to prevent the user from circumventing the rules applicable to our platform.
How We Use the User’s Collected Information and on What Legal Basis
To fulfill our obligations under any contracts entered into between you and us and to provide the information and services requested by you
This processing is necessary for the fulfillment of our mutual contractual obligations
Send service-related information via e-mail (e.g., booking confirmation)
This processing is necessary for the fulfillment of our mutual obligations and/or carried out with your consent
Receive user payments
This processing is necessary for the fulfillment of our mutual obligations
Allow you to customize your profile on the platform
This processing is done with the consent of the user
Allow the user to communicate and interact with other users to schedule visits and checkups.
This processing is necessary for the fulfillment of our mutual contractual obligations and/or carried out with your consent
Allow the user to view the other user’s schedule to schedule visits
This processing is necessary for the fulfillment of our mutual contractual obligations and/or carried out with your consent
Allow professionals to view personal data related to one’s health status
This processing is necessary for the fulfillment of our mutual contractual obligations and performed with your consent
Ensure compliance with (i) applicable laws (ii) the Terms of Use and (iii) our Privacy Policy. Certain violations we consider inappropriate may result in account suspension
This processing is necessary (i) for the performance of our mutual contractual obligations (ii) for compliance with our legal obligations and/or (iii) to establish, exercise or defend legal rights
To send, in accordance with applicable laws, and where necessary, with your consent, marketing materials and information necessary to facilitate the service or appointment booking process, and to make suggestions and recommendations about products or services related to our services that may be of interest to you
This processing is based on your consent and/and our legitimate interest
Inform you of any changes to our services
This processing is necessary for (i) the fulfillment of our mutual contractual obligations, (ii) for compliance with our legal obligations, (iii) to establish, exercise or defend legal rights
Manage our platform and for internal operations including troubleshooting, data analysis, testing, research, analysis and survey purposes
Processing is based on our legitimate interest (i.e. ensuring the security of our platform and improving their functionality
Improve our platform to ensure that content is presented in the most effective way for the user and the relevant device
This processing is based on our legitimate interest i.e. providing the user with meaningful content
Allow you to participate in interactive features of our service when you choose to do so
This processing is necessary (i) for the fulfillment of our mutual contractual obligations and/or (ii) carried out with your consent
As part of our efforts to keep our platform secure.
This processing is based on (i) our legitimate interest, (ii) carried out to constitute exercise, or defend legal rights and/or for compliance with our legal obligations
Dragonet also works closely with third parties that may be recipients of user personal data, excluding health data, such as:
Dragonet utilizes selected partners such as social media platforms (e.g., Facebook), through which the service of linking the user’s profile on the social media platform owned by Dragonet is provided.
Dragonet subcontract the payment service to Stripe Ltd, allowing them access to certain accounting data to perform technical payment and identity verification checks and provide analysis.
Dragonet does not disclose the information provided to us, including user personal data, to any partners except in cases where it is necessary to involve a third-party service provider for the fulfillment of the contract between the user and Dragonet.
Dragonet may disclose some information to third parties if required by law or if it reasonably believes that such access, storage, or disclosure is necessary to (i) respond to claims against Dragonet, (ii) comply with legal proceedings, (iii) enforce any agreements with our users, such as the Terms of Service, Privacy Policy, (iv) in case of an emergency involving a threat to public health, death, or physical injury to an individual, (v) in the context of an investigation, or (vi) to protect the rights, property, or personal safety of Dragonet, its users, or others.
In accordance with applicable laws and, if necessary with the user’s consent, Dragonet may combine information about the user, including personal data and cookie information, that we send and receive from our partners. Dragonet may use this combined information for the purposes mentioned above.
It is also noted that if the user decides to share information, including personal data, with us through the linking services of our business partners, in addition to this Privacy Policy, the user may also be subject to any privacy policies and/or disclosures of our business partners. We do not control the collection and/or processing of information possibly carried out by our business partners on their platforms.
3. How do we use and moderate messages?
We may review, scan, or analyze messages exchanged with other users on the platform through our Platform for fraud prevention, service improvement, customer support purposes, and for enforcing contracts with our users (such as the Terms of Service). For example, to prevent the bypassing of our online reservation system, we may scan and analyze messages sent through our Platform to check for any contact details or references to other websites.
We will never scan or analyze user messages with other platform users for commercial and advertising purposes. We may use automated methods to moderate these messages.
4. Targeted Ads on Social Media Platforms and in Our Email Communications
In accordance with applicable laws and, if necessary with the user’s consent, we may use the information provided on our Platform for direct electronic marketing purposes (e.g., (i) receiving our newsletters, invitations to our events, or other communications that we believe may interest the user, or (ii) presenting targeted advertisements on social media platforms or third-party websites).
For electronic marketing communications: The user can withdraw their consent at any time (i) by deselecting the corresponding box in the user account, (ii) by clicking on the unsubscribe link provided in each communication from Dragonet sent to the user, or (iii) by contacting us using the contact details provided below.
For targeted ads and content: on social media (e.g., Facebook and Twitter): the user can object at any time by configuring ad settings through the social media account; on third-party websites: refer to our [Cookie Policy] to see how to object.
5. Transfer of User Information? How and Where?
Personal data is in no way transferred and remains in our possession on our servers. If further details on safeguard measures are required, please contact us through the contact section available at the end of the Privacy Policy.
6. What are the user’s rights regarding their personal data?
If permitted by law, the user may have the right to obtain a copy of their personal data in our possession. Before responding to the request, we may ask the user to (i) verify their identity and (ii) provide additional details so that we can better respond to their request. We will try to respond within an appropriate period and, in any case, within the time required by law. If the user wishes to exercise this right, they must contact us using the contact details provided below.
As a user of our platform, the user can access the personal data in our possession through their account to correct, modify, or delete any inaccurate information. The user can also update or delete their personal data by contacting us using the contact details provided below. The user can also close their online account at any time and has the right to object to the processing of their personal data.
In some cases, we may retain some information about the user as required by law or for legitimate purposes. For example, if we believe that the user has committed fraud or violated our Terms of Service, we may decide to retain some of the information to prevent the user from bypassing the rules applicable to our Platform.
If the user believes that their rights have been violated, they also have the right to file a complaint with the competent data protection authority or take legal action.
7. Cookies and Similar Technologies
For more information, refer to the [cookie policy] at the following link.
8. Password Confidentiality
In cases where the user has chosen a password to access certain parts of our platform, they are responsible for keeping this password confidential. We ask the user not to share the password with anyone. The user will be responsible under Article 2051 for damages resulting to themselves or third parties due to the loss of the password.
9. Links to Other Websites and Social Media
Our platform may, from time to time, contain links to and from the websites of our networks or our advertisers and affiliate partners. If the user follows a link to any of these websites, they must remember that these websites have their own privacy practices and we accept no responsibility for these policies. Check these policies before submitting personal data to these websites.
10. Changes to the Privacy Policy
Any changes made to our Privacy Policy in the future will be posted on this page. If appropriate, we will inform users or ask for their consent. Check this page frequently for any updates or changes to our Privacy Policy.
11. Contact Details
If at any time a user wishes to contact us regarding their opinions on our privacy policies or any requests regarding personal data, they can do so by sending an email to the following address: info@dragonet.it.
