To provide our services effectively, we collect various types of information. Identification and contact data include name, surname, email address, and phone number, provided during registration. We also acquire usage and navigation data, details on financial transactions (where applicable), and communications with our support department.
Each data operation is supported by a solid legal basis. We process information primarily to execute the contract entered into with the user upon registration. In other cases, we rely on our legitimate interest in improving services and preventing fraud, explicit consent for specific activities, or to fulfill precise legal obligations required by the jurisdiction in which we operate.
The collected information is used for well-defined purposes: creation and management of the personal profile, secure processing of transactions, customer support, and resolution of any technical issues. Furthermore, we use data to conduct internal analyses aimed at enhancing the platform and, only if authorized, for sending informational and operational updates.
Personal data is kept in our archives solely for the time necessary to achieve the purposes for which it was acquired, or to comply with deadlines imposed by tax and legal regulations. At the end of this period, we apply rigorous procedures for secure deletion or irreversible anonymization.
To ensure operability, we may share data with carefully selected service providers, such as payment processing platforms, hosting systems, and technical analysis providers. These entities act as data processors and are bound by strict confidentiality agreements, without authorization to use the information for their own independent purposes.
Should it be necessary to transfer information outside the national territory or the European Economic Area, we implement adequate safeguards to ensure that the level of data protection remains unaltered, using standard contractual clauses or other legally recognized mechanisms.
We adopt advanced technical and organizational protocols to protect information from unauthorized access, accidental disclosure, alteration, or destruction. Although we apply high standards of encryption and monitoring, no IT system can be considered infallible, therefore the user shares data with awareness of the inherent risks of the network.
Users maintain full control over their personal data. They have the right to request access to stored information, obtain its rectification if inaccurate, or its deletion. They may also object to specific processing, request a restriction on use, and, where technically feasible, exercise the right to data portability to other entities.
For any requests, doubts, or to exercise the rights listed above, you can contact the data protection officer by writing to the email address staryes_support@gmail.com.