The Data Controller is Starty Italia S.r.l., Via del Molinuzzo, n. 93, 59100 Prato (PO), Italy (Certified Email: startyitalia@pec.it).
1. Data Collection
Pursuant to EU Regulation 2016/679 (“GDPR”), Starty Italia processes user data necessary for service provision.
Integration with Google services is entirely optional and can be activated by the user on a voluntary basis. Only upon activation, the system collects the user’s email address and basic profile information (user ID, name, profile picture) required for authentication.
2. Data Usage
Collected data is processed exclusively for the requested service.
For users who choose to enable the optional Gmail integration, access to email sending functionality is solely intended to allow the delivery of business documents (e.g., invoices, quotes) directly from the software using their own account.
3. Data Sharing and Google APIs
The use of Google APIs is optional. Data obtained through these APIs is not shared with third parties.
Starty Italia does not use Google data for advertising purposes, nor does it transfer it to third-party services. Usage complies with the Google API Services User Data Policy, including Limited Use requirements.
Data is not used for training artificial intelligence models.
4. Data Retention
Data is retained for the duration of the contract.
Upon termination, data remains available for export for 30 days, after which it is removed from active systems, subject to legal requirements.
5. Data Protection Mechanisms
We adopt the following security mechanisms:
Authentication: Complex passwords and expiration policies
Encryption in Transit: TLS/SSL (HTTPS) protocol
Encryption at Rest: Native encryption of the Google Cloud Platform (GCP) infrastructure
Infrastructure Security: Restricted access via SSH keys and granular Firewalls
Data Subject Rights
Customers may exercise their rights by writing to:
amministrazione@startyitalia.com
