View the Privacy Policy of the Sitely app

Privacy Policy of Sitely Website

Last updated: October 28, 2025

Sitely website (“the Website”) collects some Personal Data from its Users.

Types of Data Collected

Among the types of Personal Data that Sitely website collects, by itself or through third parties, there are:

Cookies, Usage Data, email address, and Data communicated while using the service.

Complete details on each type of Personal Data collected are provided in the dedicated sections of this Privacy Policy or through specific explanations displayed before Data collection.

Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically when using Sitely website.

Unless otherwise specified, all Data requested by Sitely website is mandatory. Failure to provide it may make it impossible for the Website to provide its services. Where the Website specifically states that some Data is not mandatory, Users may choose not to provide it without affecting the availability or functioning of the Service.

Any use of Cookies or other tracking tools by Sitely website or third-party service providers serves to provide the Service required by the User, in addition to the other purposes described in this document.

Users are responsible for any third-party Personal Data obtained, published, or shared through Sitely website.

Mode and Place of Processing the Data

Methods of Processing

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the Data.

Data processing is carried out using computers and IT-enabled tools, following organizational procedures strictly related to the stated purposes. In addition to the Owner, certain categories of persons involved in the operation of the Website (administration, sales, marketing, legal, system administration) or external parties (technical service providers, mail carriers, hosting providers, IT companies, communications agencies) may have access to the Data.

Such parties, if necessary, may be appointed as Data Processors by the Owner.

An updated list of these parties can be requested from the Owner at any time.

Place

The Data is processed at the Owner’s offices and in any other place where the parties involved in the processing are located.

Depending on the User’s location, Data transfers may involve transferring the User’s Data to a country other than their own. Users can find more details about such transfers in the section on  International Data Transfers.

Retention Time

Personal Data is processed and stored for as long as required for the purpose it was collected, and may be retained longer due to legal obligations or based on User consent.

Purposes of Processing

The Data concerning the User is collected to allow the Owner to:

• Provide its Service
• Comply with legal obligations
• Respond to enforcement requests
• Protect its rights and interests (or those of Users or third parties)
• Detect malicious or fraudulent activity
• Perform the following specific functions:
• Managing contacts and sending messages
• Contacting the User
• Displaying external content

For detailed information on each purpose and the Personal Data involved, refer to the section “Detailed information on the processing of Personal Data.”

Detailed Information on the Processing of Personal Data

Contacting the User

    •    Mailing list or newsletter subscription (email address)

Displaying content from external platforms

    •    YouTube video widget

Managing contacts and sending messages

    •    Mailjet

Legal Basis of Processing

The Owner may process Personal Data if one of the following applies:

• The User has given consent for one or more specific purposes;
• Processing is necessary for the performance of an agreement with the User or pre-contractual obligations;
• Processing is required to comply with a legal obligation;
• Processing relates to a task carried out in the public interest or under official authority;
• Processing is necessary for the legitimate interests pursued by the Owner or a third party.

To clarify which legal basis applies, Users may contact the Owner.

International Data Transfers

Personal Data may be transferred to and processed in countries outside the European Economic Area (EEA).

When this occurs, the Owner ensures that appropriate safeguards are in place—such as Standard Contractual Clauses approved by the European Commission or adequacy decisions— to protect User Data.

Further Information on Retention Time

• Contract performance: Data is retained until the contract is fully performed.
• Legitimate interests: Data is retained as long as necessary to fulfill such purposes.
• Consent-based processing: Data may be retained until consent is withdrawn.
• Legal obligations: Data may be kept longer if required by law or authorities.

Once the retention period expires, Personal Data will be deleted. After deletion, rights such as access, erasure, or portability cannot be exercised.

Users’ Rights under the GDPR

Users may exercise certain rights regarding their Data processed by the Owner. In particular, Users have the right to:

• Withdraw consent at any time
• Object to Data processing
• Access their Data and obtain a copy
• Verify and request correction of their Data
• Restrict Data processing
• Request deletion of their Data
• Receive their Data in a structured, machine-readable format and transfer it to another controller
• Lodge a complaint with a Data Protection Authority

Right to Object

Users may object to Data processing based on legitimate interests or for direct marketing purposes, at any time and free of charge.

How to Exercise These Rights

Requests to exercise User rights can be made via the contact details provided above.

Requests are free of charge and will be addressed within one month.

The Owner will inform each recipient of any rectification, erasure, or restriction of processing unless this proves impossible or involves disproportionate effort.

Additional Information

Legal Action

User Data may be used for legal purposes by the Owner in court or prior to legal action arising from misuse of Sitely website or related services.

System Logs and Maintenance

For operation and maintenance purposes, Sitely website and third-party services may collect system logs (including IP addresses).

Further Information

More details about the collection or processing of Personal Data can be requested from the Owner at any time via the contact information above.

Changes to this Privacy Policy

The Owner reserves the right to modify this Privacy Policy at any time by posting notice on this page and, where feasible, notifying Users via available contact information.

Users are encouraged to check this page often, referring to the date of the last modification.

If changes affect processing activities based on User consent, the Owner shall request new consent where required.

Owner and Data Controller

Crinon SRL – Via Frusa 3 – 50131 Firenze (Italy)

Email: privacy@sitely.app