Privacy Policy

Privacy Policy

This privacy policy is intended to provide all information on the processing of personal data carried out by Iumob Srl when the User browses and registers on www.yooppe.com or the Yooppe App.

1. INTRODUCTION – WHO WE ARE?

Iumob Srl, with registered offices in Milan – Via Comelico, No. 3, 201135 Tax Code/VAT No. 07048770965 registered with the Company Register of Milan under No. MI- 1931950 (hereinafter the “Data Controller”), owner of the website https://www.yooppe.com (hereinafter the “Website”) and the application Yooppe (hereinafter the “App”), as the Controller of personal data of the users who browse and are registered on the Website and the App (hereinafter the “Users”) provide the following privacy policy according to Article 13 of EU Regulation 2016/679 dated 27 April 2016 (hereinafter, “GDPR”) and for Users in the United Kingdom, pursuant to Article 13 of the UK General Data Protection Regulation (hereinafter “UK GDPR” and, together with the GDPR, the “Regulations”), as well as in accordance with the Data Protection Act 2018 (hereinafter, together with the Regulations, the “Applicable Regulation”). 

2.     HOW TO CONTACT US?
The Data Controller takes the utmost account of its Users’ right to privacy and protection of personal data. For any information related to this privacy policy, Users may contact the Data Controller at any time, using the following methods.

Directly online:
  1. By contacting the customer service via the Contact form

Through the postal letter:
  1. Sending a registered letter with return receipt to the registered offices of the Data Controller (Via Comelico, 3, 20135 Milano);


For specific requests to be sent to our Data Protection Officer:
  1. If you are a User who uses the Website/App and you are resident in an EU country

Users may also contact the Data Protection Officer (RPD or DPO) of the Data Controller for any information or request to the following contact details: company Shibumi Srl, e-mail-: dpo@iumob.it.
  1. If you are a User who uses the Website/App and you are resident in the UK

Pursuant to Article 27 of the UK GDPR, the Data Controller, being established outside the United Kingdom, has appointed GDPRLocal Ltd. as its Representative in the United Kingdom, who may be contacted by UK Users for matters relating to the processing of personal data:

GDPRLocal Ltd.
Telephone number: + 441 772 217 800
Email: contact@gdprlocal.com
Link: https://iumobsrl.gdprlocal.com/uk
Address: GDPRLocal Ltd. 1st Floor Front Suite 27-29 North Street, Brighton, England BN1 1EB

3.WHAT DO WE DO? PROCESSING PURPOSES 
By browsing the Website and App, the User can register for the service, deciding whether to carry out the Standard Registration and thus activate a Free Profile, or create the Complete Subscription, which allows you to have a paid Premium Profile (of hereinafter, "Service").
In relation to the activities that can be carried out through the Website and App, the Data Controller collects personal data relating to Users. 

This Website and App, as well as any services offered through them, are reserved for individuals who are 18 years and over. Therefore, the Data Controller does not collect personal data relating to individuals under 18 years of age. Upon request of the Users, the Data Controller will promptly delete all personal data that has been involuntarily collected and related to subjects under the age of 18. 

Particularly, the personal data of the Users will be processed lawfully by the Data Controller pursuant of the Applicable Regulation for the following processing purposes:

a) Contractual obligations and provision of the service, to enable the browsing of the Website/App or to implement the General Terms and Conditions, which are accepted by the User during registration to the Website/App to take advantage of the services offered through the Website/App including access to dating on-line and chat platforms and to fulfil the User’s specific requests.

User data collected by the Data Controller for the purpose of any registration on the Website include: the nickname voluntarily chosen, date of birth, gender, city, email address, picture and any personal information of the User that may be voluntarily published. Furthermore, in order to allow the use of the services through the Site/App, the Data Controller also processes particular categories of data pursuant to art. 9 of the Regulations (specifically information that may reveal the orientation and sexual life of the User). With regard to the data that the User will make available to the public on the Website/App, as specified in the General Conditions, Yooppe is granted, among other things, any and all right of publication, communication and making available to the public and other users of the Website/App. 

Unless the User gives the Data Controller a specific and optional consent to the processing of their data for the further purposes set out in the following paragraphs, the User's personal data will be used by the Data Controller for the sole purpose of ascertaining the identity of the User (also by validating the e-mail address), thus avoiding possible scams or abuses, and contacting the User only for service reasons (e.g. sending of notifications regarding the services offered on the Website/App). 

b) Administrative and accounting purposes, or to perform organizational, administrative, financial and accounting activities, such as internal organizational activities and activities functional to the fulfilment of contractual and pre-contractual obligations;

c) Legal obligations, or to fulfil obligations provided by the law, an authority, a regulation or European legislation.

The provision of personal data for the purposes of processing indicated above is optional but necessary; failure to provide the data will make it impossible for the User of using the Service.

4. OTHER PROCESSING PURPOSES

4.1 Marketing
Some of the User’s personal data, such as name, surname, e-mail address, may also be processed by the Data Controller for marketing purposes (e.g. sending of advertising material, direct sales, commercial communication, sending newsletters containing information in relation to news relevant to the sector relating to the activities of the Data Controller and/or services and promotions relating to the contents of the Website/App and the services offered through the Website/App by the Data Controller), or in order for the Data Controller to contact the User through mail to propose to the User the purchase of products and/or services offered by the Data Controller and/or by third parties, to present offers, promotions and business opportunities by the Data Controller and/or by third parties.

In case of lack of consent, the possibility to using Service will not be in any way affected.

In case of consent, the User may at any time revoke the same, making a request to the Data Controller in the manner indicated in paragraph 8 below.
The User can also easily oppose further sending of promotional communications via e-mail by clicking on the appropriate link for the revocation of consent, which is present in each promotional e-mail. Once the consent has been revoked, the Data Controller will send the User an e-mail message confirming the revocation of the consent. If the User intends to revoke his or her consent to the sending of promotional communications via telephone, while continuing to receive promotional communications via email, or vice versa, please send a request to the Data Controller using the methods indicated in paragraph 8 below.

The Data Controller informs that, following the exercise of the right of opposition to the sending of promotional communications via e-mail, it is possible that the User continues to receive further promotional messages due to technical and operational reasons (e.g. formation of contact lists already completed shortly before the Data Controller’s receiving of the opposition request).

Should the User continue to receive promotional messages after 24 hours from the exercise of the right of opposition, please report the problem to the Data Controller, using the contacts indicated in paragraph 8 below.

 4.2 Communication of data to the Data Controller’s Partners
With the User’s free and optional consent, some of the User’s personal data (such us name, surname, gender, date of birth, city and e-mail address) may be conveyed by the Data Processor to the following categories of third-party companies: (i) clothing, (ii) automotive, (iii) retail, (iv) credit and insurance, (v) electronics, (vi) information technology, (vii) information, (iix) health and wellness, (ix) sport, (x) entertainment, (xi) tourism, (xii) online digital services and (xiii) recruitment (collectively referred to as the “Data Controller’s Partners”). The Data Controller's Partners, as independent data controllers, will process the personal data of the User for marketing purposes (direct sales, sending of advertising material and commercial communication), and may contact the User by post or e-mail to propose to the User the purchase of products and/or o services offered by the same categories of third-party companies and/or by other companies and to present offers, promotions and business opportunities to the User. 

Pursuant to Article 14, paragraph 3 of the Regulations, after successful transfer, the Data Controller’s Partner will be responsible for providing the Users all the information provided for by Article 14 of the Regulations.

In case of lack of consent, the possibility to register on the Website will not be in any way affected.

In case of consent, the User may at any time revoke the same, making a request to the Data Controller in the manner indicated in paragraph 8 below.

The Data Controller informs that the User's personal data will be processed by the Data Controller’s Partners as autonomous data controllers, on the basis of the specific information that will be issued by the Data Controller's Partners to Users. Any requests not to receive further commercial communications from the Data Controller’s Partners to whom the data has already been communicated by the Data Controller, must therefore be addressed directly to them.

 5. LEGAL BASIS FOR PROCESSING

Provide the Service (as described in the previous paragraph 3, letter a)): the legal basis consists of art. 6, paragraph 1, lett. b) of the Regulations, or the processing is necessary for the performance of a contract to which the User is party or in order to take steps at the request of the data subject prior to entering into a contract.
With regard to data belonging to particular categories pursuant to art.9 of the Regulations (specifically information that may reveal the orientation and the sexual life of the User), the legal basis consists of art.9, paragraph 2, lett. a) of the Regulations, or the provision by the data subject of an explicit consent of their data for a specific purpose.

Administrative and accounting purposes (as described in the previous paragraph 3, letter b)): the legal basis consists of art. 6, paragraph 1, lett. b) of the Regulations, as the processing is necessary for performance of a contract to which the User is party or in order to take steps at the request of the data subject prior to entering into a contract.

Legal obligations (as described in the previous paragraph 3, letter c)): the legal basis consists of art. 6, paragraph 1, lett. c) of the Regulations, as the processing is necessary for compliance with a legal obligation to which the Data Controller is subject.

Other processing purposesfor the processing relating to marketing purposes, (as described in the previous paragraph 4.1) and for that relating to the communication of data to the Data Controller's Partners (as described in the previous paragraph 4.2), the legal basis consists of art. 6, paragraph 1, lett. a) of the Regulations, or the provision by the data subjects of consent to the processing of their personal data for one or more specific purposes. For this reason, the Data Controller asks the User to provide specific free and optional consent, to pursue each of the purposes mentioned in this paragraph.

 6. PROCESSING MEANS AND DATA RETENTION PERIOD
The Data Controller will process the personal data of Users using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.

The personal data of Website/App Users will be retained for the time strictly necessary to carry out the main purposes explained in paragraph 3 above up to a maximum of 6 months period from the end of the contractual relationship with the Data Controller, or, in any case, as necessary for the protection in civil law of the interests of both the Users and the Data Controller.

In the cases referred to in paragraphs 4.1 and 4.2 above, the personal data of Users will be retained for the time strictly necessary to carry out the purposes described therein and, in any case, up to a maximum of 12 months from the date of consent or, if earlier, until the User withdraws his consent.

In any case, any retention terms provided for by law or regulations are reserved.

If the User decides to block and/or delete their profile, all stored data relating to the User is deleted. If the complete deletion of User data is not permitted or required by law, the data is limited for further processing.

7. TRANSMISSION AND DISSEMINATION OF DATA
The User's personal data may be transferred outside the European Union and the UK and, in this case, the Data Controller will ensure that the transfer takes place in accordance with the Applicable Regulation and, in particular, in accordance with Articles 45 (Transfer on the basis of an adequacy decision) and 46 (Transfer subject to adequate guarantees) of the Regulations.

The employees and/or collaborators of the Data Controller who are in charge of carrying out Website and App maintenance may become aware of the personal data of the Users. These subjects, who are formally appointed by the Data Controller as "in charge of processing", will process the User's data exclusively for the purposes indicated in this policy and in compliance with the provisions of the Applicable Regulation.

The personal data of the Users may also be disclosed to third parties who may process personal data on behalf of the Data Controller as "Data Processors", such as, for example, IT and logistic service providers functional to the operation of the Website, outsourcing or cloud computing service providers, professionals and consultants.

Users have the right to obtain a list of any data controllers appointed by the Data Controller, making a request to the Data Controller in the manner indicated in paragraph 8 below.

In addition, other Users may also become aware of the User's personal data, considering the nature of the Service described above and what is specified in the General Terms and Conditions in this regard.

8. RIGHTS OF THE DATA SUBJECTS
Users may exercise their rights granted by the Applicable Regulations by contacting the Data Controller as follows,

Directly online:
  1. By contacting the customer service via the Contact form
Through the postal letter:
  1. Sending a registered letter with return receipt to the registered offices of the Data Controller (Via Comelico, 3, 20135 Milano);
If you are a User who uses the Website/App and you are resident in an EU country
Users may also contact the Data Protection Officer (RPD or DPO) of the Data Controller for any information or request to the following contact details: company Shibumi Srl, e-mail: dpo@iumob.it

If you are a User who uses the Website/App and resides in the UK
Pursuant to Article 27 of the UK GDPR, the Data Controller, being established outside the United Kingdom, has appointed GDPRLocal Ltd. as its Representative in the United Kingdom, who may be contacted by UK Users for matters relating to the processing of personal data:

GDPRLocal Ltd.
Telephone number: + 441 772 217 800
Email: contact@gdprlocal.com
Link: https://iumobsrl.gdprlocal.com/uk
Address: GDPRLocal Ltd. 1st Floor Front Suite 27-29 North Street, Brighton, England BN1 1EB

Pursuant to Applicable Regulation, the Data Controller informs that Users have the right to obtain indication (i) of the origin of personal data; (ii) the purposes and methods of the processing; (iii) the logic applied in the event of processing carried out with the aid of electronic instruments; (iv) of the identification details of the data controller and processors; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may come to aware of them as processors or agents.

Furthermore, Users have the right to obtain:

a) Accessupdatingrectification, or, when interested, integration of data;

b) The cancellation, transformation into anonymous form or the restriction of data processed in breach of the law, including data that does not need to be stored in relation to the purposes for which the data was collected or subsequently processed;

c) Certification to the effect that notification has been supplied of operations as per letters a) and b), as regards their content, to those to whom the data was communicated or disseminated, except for the case where notification proves impossible or requires the use of means clearly disproportionate to the right being protected.

Moreover, the Users have:

a) The right to withdraw consent at any time if the processing is based on their consent, without the revocation affecting the lawfulness of the processing carried out prior to the revocation;

b) The right to data portability (the right to receive all personal data concerning them in a structured format, commonly used and readable by automatic device);

c) The right to oppose to:

i) in whole or part, for legitimate reasons, the processing of personal data relating to you for legitimate reasons even pertinent to the purpose of collection;
ii) in whole or part, the handling of personal data for the purpose of sending advertising or sales materials or for the carrying out of market research or for commercial communication purposes;
iii) if personal data is processed for direct marketing purposes, at any time, to the processing of data for this purpose, including profiling in so far as it is related to such direct marketing.

d) If it is deemed that the processing concerning their personal data violates the Regulations, the right to lodge a complaint with a Supervisory authority (in the Member State in which they usually reside, in the one in which they work or in the one in which the alleged violation has occurred). The Italian Supervisory Authority is the Data Protection Authority, with registered offices in Piazza Venezia No. 11, 00187 – Rome (http://www.garanteprivacy.it/).
For the United Kingdom, the supervisory authority is the Information Commissioner's Office (ICO), located at Wycliffe House, Water Lane, SK9 5AF – Wilmslow (Cheshire) (https://ico.org.uk/).

9. REGISTRATION VIA SOCIAL NETWORK
9.1 REGISTRATION VIA "CONNECT WITH FACEBOOK"

In case of registration through the “Connect with Facebook” service, the User expressly accepts that Facebook communicates the data relating to their identity to the Data Controller such as: name, date of birth, current city, gender and email address. During registration, the User may accept which of these data to provide to the Website/App. The user accepts that the information relating to the Website/App, any changes and updates will be sent by e-mail through the User's e-mail address obtained through "Connect with Facebook". It should be noted that the Data Controller will process such personal data exclusively for the purposes indicated in this statement, in compliance with the consents given by the User from time to time. By subscribing for the Service by "Connect with Facebook" and clicking on the "Allow" button, the User agrees that the data referred to above will be transferred from the Facebook platform to the Data Controller. The Data Controller will use this data to facilitate the registration procedure, pre-filling the fields on the User's registration form with the data communicated by Facebook. Users who use the “Connect with Facebook” service will be able to access the Website/App using the credentials normally used to access Facebook.

For more information on the "Connect with Facebook" service and to change your privacy setting related to this service, pleease see the following link:
https://www.facebook.com/help/193677450678703 and https://www.facebook.com/about/privacy/your-info-on-other.

9.2 REGISTRATION VIA "SIGN IN WITH APPLE"
The data that may be communicated by Apple to the Data Controller through the service “Sign in with Apple” are the following: name and surname (editable by the user at the time of registration), email address (with the possibility to use the “Hide my email” function and thus provide a unique and random email address that forwards the mail to your personal email address). The Data Controller will process such data exclusively for the purposes indicated in this policy, in compliance with the consent provided by the User from time to time. For more information about “Sign in with Apple” and to change your privacy settings for that service, please refer to the following links:

https://www.apple.com/legal/privacy/en-ww/

https://support.apple.com/en-gb/102609

https://support.apple.com/en-gb/102379

https://support.apple.com/en-gb/105078 (Apple’s “Hide my email" service)

The Data Controller is not responsible for updating all links viewed in this Privacy Policy, therefore, whenever a link does not work and/or is not updated, the Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by this link.



    • Related Articles

    • Privacy Policy Contacts

      This privacy policy aims to provide all the information regarding the processing of personal data carried out by Iumob S.r.l. when the user contacts Yooppe.com (as better specified below). 1. INTRODUCTION – WHO ARE WE? Iumob S.r.l., with registered ...

    • Cookies Policy and other tracking tools

      (version 1.3 dated 13 November 2023) Dear Visitor (hereinafter, "You" or the '"User"), This Internet website www.yooppe.com (hereinafter, the "Website") and the application Yooppe (hereinafter, the “App”) are owned by the company Iumob S.r.l., having ...

    • Would you like to report an App vulnerability?

      If you wish to report a possible App malfunction or vulnerability, please contact us. For any kind of report concerning the vulnerability and protection of your data you can refer to our Privacy Policy or contact us immediately.

    • How can I register or log in to the site?

      To register on the site you must first fill in the registration form by entering your data, for example e-mail and password and then accept through appropriate flag the Privacy Policy and the Terms and conditions. After registration, you will receive ...

    • How can I register or log in to the app?

      To register for the app, you need to first fill out the registration form by entering the required information and accept the Privacy Policy and Terms and Conditions through the designated checkbox. After successful registration, you will receive a ...