Privacy Policy
Types of personal data collected
To ensure the proper functioning of information and operational services, the platform collects different categories of information, limited exclusively to what is strictly necessary for the pursuit of the stated purposes.
Identification and contact data
During advanced interaction, registration, or submission of explicit requests, data such as name, surname, date of birth, email address, and telephone contacts may be acquired. This data is essential for validating the user's identity and establishing a direct and efficient communication channel.
Usage and browsing data
The IT systems responsible for the portal's operation automatically acquire certain technical information related to browsing. This category includes IP addresses, access logs, request times, the method used to submit the request to the server, and internal navigation paths within the portal sections.
Device and transaction data
Data relating to the hardware and software characteristics of the devices used to access the platform are collected, including the operating system and browser type. Where service transfers or transactions are made, if applicable, accounting data and chronological details essential to prove the regularity of operations are recorded.
Communications with customer support
All information voluntarily transmitted by the user through the completion of contact forms, email messages, or text support sessions is temporarily stored to allow for accurate query resolution and to improve customer service standards.
Legal bases for data processing
The processing of users' personal data is based on clear legal grounds defined by current regulations. The platform processes data exclusively when at least one of the following conditions is met:
The fulfillment of contractual obligations or the execution of pre-contractual measures taken at the request of the data subject.
The legitimate interest of the data controller, related to the security of IT systems, fraud prevention, and the qualitative optimization of the content offered.
The explicit and informed consent provided by the user for specific purposes, such as sending personalized informative or commercial communications.
Compliance with specific legal obligations provided for by Italian and European law.
Purposes of personal data use
The information collected is primarily used to ensure smooth and secure platform management. Core purposes include the creation and administration of the user account, verification of mandatory eligibility requirements (including reaching the age of majority), provision of prompt technical assistance in case of anomalies, and notification of structural service updates.
Furthermore, browsing data is processed in aggregate form for statistical purposes, in order to understand the effectiveness of published content, enhance cybersecurity levels against potential cyber attacks, and personalize the user experience based on expressed preferences.
Data retention period
Personal data are kept only for the time strictly necessary to achieve the purposes for which they were collected, or in compliance with the statutes of limitations provided for by the civil, fiscal, and criminal laws in force in the relevant territory. At the end of the established retention period, or following a legitimate request for deletion that does not conflict with legal retention obligations, the data are permanently deleted or rendered completely anonymous through irreversible IT methodologies.
Sharing and communication of personal data
User data are not subject to indiscriminate dissemination or sale to third-party commercial entities. Communication to external entities occurs exclusively for operational needs and is limited to qualified technical service providers, external data processors, hosting companies, and legal or administrative consultants. Each provider is bound by strict contractual agreements that require maintaining maximum confidentiality and adopting adequate security protocols. Data may also be made available to judicial or supervisory authorities if there is a formal legal obligation.
International data transfers
Data processing and storage primarily occur within the European Economic Area (EEA). Should it become necessary for technical or logistical reasons to transfer information to non-EU countries, the platform guarantees the adoption of appropriate legal safeguards, such as Standard Contractual Clauses approved by the European Commission or specific adequacy decisions, ensuring that the level of personal data protection remains equivalent to that guaranteed within the Union.
Security and protection measures
BetFlag adopts state-of-the-art logical, physical, and organizational security protocols to protect personal data from unauthorized access, accidental alteration, loss, destruction, or illicit use. Implemented measures include encryption of data transmission flows, the use of protective firewalls, and strict control of internal access reserved only for authorized personnel. It is specified, however, that no digital transmission or electronic storage system can be considered absolutely secure, therefore the platform makes the utmost reasonable effort without being able to provide absolute guarantees of impenetrability.
User rights and data protection
In accordance with current legislation on personal data protection, the user may exercise specific rights to protect their privacy at any time. These include:
The right of access to one's data to know its origin, purposes, and processing methods.
The right to rectification and updating in case of inaccurate or incomplete data.
The right to erasure (right to be forgotten) if the data are no longer necessary or in the absence of legal grounds for retention.
The right to restrict processing in the cases provided for by the regulation.
The right to data portability in a structured and machine-readable format.
The right to object to processing for legitimate reasons or for direct marketing purposes.
Contact for exercising your rights
To submit any request for clarification, forward requests regarding the exercise of your privacy rights, or request the revocation of previously granted consent, the user can contact the responsible structure by sending a formal communication to the dedicated email address: betflag_support@gmail.com. Requests will be processed and responded to within the timeframe required by law, without unjustified costs for the data subject.
Future modifications and updates
This Privacy Policy may change over time due to the introduction of new features on the platform or changes in the regulatory framework. The updated version will be constantly available for public consultation within this section, with an explicit indication of the release date.