Privacy Protection Policy

To provide our services efficiently and securely, we collect various types of information, which vary depending on the user's level of interaction with the platform. Specifically, we process the following categories of data:

Identity and contact data include name, surname, e-mail address, telephone number, date of birth, and residential address. This information is essential for account registration and for verifying personal details.

Usage and navigation data include information related to how the user explores the site, access logs, IP addresses, the type of device used, the operating system, and unique browser identifiers.

Transactional data refers to the history of operations carried out on the platform, details of deposits and withdrawals, as well as partial and encrypted information related to the chosen payment methods.

Finally, we collect data related to communications, which include the content of messages exchanged with our technical support service, feedback provided, and any support requests submitted through official channels.

The processing of personal data is based on solid and clearly defined legal bases. Primarily, we process information for the performance of a contract to which the user is a party, i.e., to allow access to wonaco.pro services and the operational management of the personal account. Secondly, processing is necessary to comply with a legal obligation to which our organization is subject, with particular reference to anti-money laundering, identity verification, and tax reporting regulations in force in Italy.

In certain circumstances, we rely on legitimate interest to improve platform security, prevent fraud, and optimize technical functionalities, ensuring that such interests never override the user's fundamental rights. Finally, for specific activities such as sending targeted promotional communications, processing occurs only after obtaining explicit, free, and unequivocal consent from the data subject.

The collected information is used for a range of purposes essential to the conduct of our business. Firstly, the data is used for the opening, management, and maintenance of the user profile, ensuring a personalized and functional environment. Secondly, the analysis of transactions and access logs is fundamental for implementing rigorous security measures, protecting both the user and the platform from illicit activities, unauthorized access, and potential cyber threats.

We also use navigation data for analytical purposes, in order to understand usage trends, resolve system bugs, and develop new features that improve the overall quality of the service. Finally, contact data is used by our support team to respond promptly to questions, manage any disputes, and send administrative notifications relevant to account usage.

Wonaco adopts the principle of storage limitation. Personal data is retained exclusively for the period strictly necessary to achieve the purposes for which it was collected. Normally, information related to the active account is stored for the entire duration of the contractual relationship. Upon profile closure, sensitive and transactional data may be kept in archive for an additional predetermined period, solely to comply with Italian legal obligations regarding tax, accounting, and security matters, or to protect our rights in the event of potential legal disputes. At the end of this mandatory retention period, the data will be securely deleted or subjected to an irreversible anonymization process.

In the context of providing our services, it may be necessary to share certain information with carefully selected third-party entities. Such entities typically act as data processors and include cloud infrastructure providers for secure storage, financial institutions for payment processing, and companies specializing in identity verification and fraud prevention services. We operate to ensure that every external partner respects confidentiality and security standards comparable to ours. In no case do we proceed with the sale of personal data to third parties for external commercial purposes without unequivocal consent.

Since the technological infrastructure supporting the platform may utilize globally distributed resources, data may be transferred and processed in countries outside the European Economic Area. In such events, Wonaco undertakes to implement adequate safeguards to ensure that the level of data protection remains unchanged. Such measures include the use of standard contractual clauses approved by competent authorities or verification that the recipient country is subject to an adequacy decision regarding information security.

Safeguarding the integrity, availability, and confidentiality of data is an absolute priority. We apply advanced technical and organizational measures, including encryption protocols for transmitting sensitive information, robust firewall systems, and strict controls over logical access to our databases. While we constantly strive to protect the platform by adopting reasonable efforts proportionate to the risks, it is important to clarify that no data transmission over the internet can be considered absolutely invulnerable. Therefore, users are advised to carefully safeguard their access credentials.

Current legislation grants users specific and inalienable rights regarding their personal data. Every individual has the right to request access to information in our possession, obtaining confirmation of the existence of ongoing processing. The right to rectification is guaranteed, allowing for the correction of any inaccurate or incomplete data.

Where legal conditions apply, the user can exercise the right to erasure (the so-called right to be forgotten), requesting the removal of their data from our archives. Furthermore, there is the right to object to specific forms of processing, such as profiling for marketing purposes, and the right to request restriction of processing. Finally, where technically feasible and applicable, we guarantee the right to data portability, allowing the user to receive their information in a structured, machine-readable format.

To exercise your rights, ask questions about this policy, or submit a formal complaint about data management practices, users are invited to contact our data protection officer at any time. All privacy-related requests must be sent via email to our dedicated channel: [email protected]. Our team is committed to evaluating and responding to every request as quickly as possible and in full compliance with legal deadlines.

Operational dynamics and regulatory requirements may evolve over time. For this reason, Wonaco reserves the right to make changes or updates to this Privacy Protection Policy. Any significant revision will be promptly notified to registered users, and the effective date will be updated at the bottom of the document. We encourage you to periodically review this section to confirm your awareness of data processing procedures.