Privacy Policy

‍

Wisepath considers your privacy of fundamental importance and ensures that the processing of your personal data is carried out in compliance with rights, fundamental freedoms, and the dignity of the data subject, with particular reference to confidentiality, personal identity, and the right to the protection of personal data, as provided by EU Regulation 679/2016.

In this regard, Wisepath has adopted and implemented a Privacy Policy concerning all the management activities involving the processing of your personal data. This Privacy Policy explains how and why Wisepath collects, records, and uses information about you and the choices you can make regarding the ways in which such information is collected and used.

‍

Registration

‍

To use the User or any part of it, users must register by providing, truthfully and completely, all the data requested in the relevant registration form and fully accepting the privacy policy and these general conditions. The user is responsible for safeguarding and keeping their login credentials confidential. It is understood that Wisepath cannot be held responsible in any case for loss, disclosure, theft, or unauthorized use by third parties, for any reason, of users' login credentials.

To create an account on Wisepath, it is necessary to be at least 16 years old. In order to verify the minimum age requirement, Wisepath reserves the right to request, during the registration process, the insertion of one's date of birth.

‍

Data Controller

‍

The Data Controller is Wisepath Corp, located at 17642 Plumeria Ln, Dallas, TX, 75252, USA, represented by its legal representative pro tempore. In this document, it will be referred to as Wisepath, which is the distinctive sign under which it carries out all activities on the Website. The Data Controller can be contacted at the email address info@wisepath.ai. No Data Protection Officer (DPO) has been appointed.

‍

Types of data collected

‍

Among the personal data collected, either independently or through third parties, or freely provided by the user, are:

‍

Browsing Data

‍

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes: IP addresses, the type of browser used, the operating system, the domain name, and addresses of websites from which access was made, information about the pages visited by users within the site, the access time, the time spent on each page, the internal path analysis, and other parameters related to the user's operating system and computer environment.

‍

Additional Categories of Data

‍

These are all the personal data provided by the user through the website, for example, by registering and/or accessing a reserved area and/or a service and/or participating in initiatives provided by Wisepath or in partnership with third parties, or by writing to an email address to request information or subscribing to the Newsletter. The collected personal data are used to provide services to the user and to send communications via email, the address of which is provided at the time of registration.

‍

If access to the site is under the profile of a "Coach," the user consents to the use of the data provided at the time of registration by the platform for mentoring services to be provided and the possibility of being contacted by other users.

‍

If the user creates a public profile or switches from a private to a public profile, they consent to other users or the data controller accessing such data and using it as allowed under the terms and conditions of use set out in the relevant EULA. In addition, user's game data, which is functional for soft skills analysis, will be stored in Wisepath's databases in compliance with current data regulations.

‍

The newsletter service involves sending electronic communications following the explicit request of the recipient, so no additional consent is required beyond what the recipient provided when filling out and submitting the newsletter subscription form.

‍

The possible use of Cookies - or other tracking tools - by Wisepath, unless otherwise specified, is for the purpose of providing the service requested by the user.

‍

Mandatory and optional data

‍

Unless otherwise specified, all personal data requested is mandatory. If the user refuses to provide them, Wisepath may be unable to provide the User. In cases where certain data is indicated as optional, users are free to refrain from providing such data without affecting the availability or operation of the service. Users who have doubts about which data is mandatory are encouraged to contact the Data Controller.

‍

Lawfulness and Purpose of Processing

‍

The processing of personal data is carried out in accordance with the provisions of the General Data Protection Regulation (GDPR) and any other applicable data protection regulations. Details are provided below:

‍

Purposes for the fulfillment of a legal obligation (Art. 6, paragraph 1 (c) of the GDPR)

a. Fulfillment of obligations established by laws, regulations, and EU legislation, or by provisions issued by Authorities or Supervisory and Control Bodies in relation to or connected with the existing and/or future legal relationship. The retention period for personal data, related to the purposes of this section, is 10 years from the end of the established legal or commercial relationship. These times may be extended in the case of disputes or legal requirements.

‍

Purposes for the execution of a contract or pre-contractual measures (Art. 6, section 1 (b) of the GDPR)

a. Fulfillment of contractual obligations and those resulting from legal transactions, especially the agreement made, i.e., registration on the Website.

b. Conclusion of a purchase and protection of contractual rights or rights arising from ongoing relationships between the parties. The retention period for personal data, related to the purposes of this section, is:

For purpose a) until the deletion of the profile and for a subsequent period not exceeding one quarter from such deletion or deactivation of the profile.
For purpose b) 10 years from the end of the established legal or commercial relationship. These times may be extended in the case of disputes or special contractual provisions.

‍

Purposes covered by the data subject's consent (Art. 6, paragraph 1 (a) of the GDPR)

The purposes may involve explicit consent from the data subject. The purposes requiring consent are:

a. Conducting advertising or promotional activities, in the broadest sense of the term (e.g., orientation services, communication of the user's profile relevance after completing the questionnaire, sending newsletters and informational material, requesting brochures, organizing events, etc.) and other marketing activities, through phone calls, emails, regular mail, and SMS, various instant messaging systems, social network accounts, and any tool or form of electronic communication, including reporting all initiatives dedicated to registered users.

‍

b. Conducting profiling activities, such as analyzing the user's consumption habits or choices, mainly using the data entered during registration on the Website, data related to their participation in surveys, questionnaires, and market research in general, as well as data related to the services used, and other behaviors and data that the Data Controller may know in any way, including any data resulting from the analysis of web navigation, especially in the case of a public profile. In this sense, the user consents to the data controller downloading such data, storing them in their cloud within the European Union, for processing for the purposes of the services offered by the platform.

‍

c. Reporting contacts of different users registered on the platform. The retention period for personal data, related to the purposes of this section, is at least 24 months from the date of consent issuance, unless revoked. The data subject can revoke their consent at any time, with the understanding that the revocation of consent only has effect for the future. Any data processing that occurred before the revocation will not be affected and will remain legitimate. It is always possible to request the Data Controller to clarify the specific legal basis for each processing and, in particular, to specify whether the processing is based on the law, provided for by a contract, or necessary to conclude a contract.

‍

Method and Place of the Processing of the Collected Data

‍

The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, alteration, or destruction of personal data. The processing is carried out using computer and/or telematic tools (and storage via a cloud made available on the Amazon Web Services platform and/or Microsoft Azure), with organizational methods and logics strictly related to the specified purposes. In addition to the Data Controller, in some cases, other subjects involved in the organization of Wisepath (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data, also appointed, if necessary, as Data Processors by the Data Controller.

The updated list of Data Processors can always be requested from the Data Controller. The data is processed at the operational headquarters of the Data Controller and in any other location where the parties involved in the processing are located. For further information, please contact the Data Controller.

The Data Controller informs you that there is no intention to transfer your data to countries outside the EU and the EEA for the purposes mentioned above.

‍

Interactions with Other Users

‍

Communication services between users allow forms of interaction and contact, depending on the settings decided by the Data Controller, either anonymously or publicly. In the case of personal data released by the user, including the email, this may be used to send notifications of comments, interactions, and contacts. Users are solely responsible for the content of their comments, posts, and interactions.

‍

Your Rights

‍

Users can exercise certain rights concerning the data processed by the Data Controller. In particular, the user has the right to:

Withdraw consent at any time. The user can revoke the consent to the processing of their personal data previously expressed.
Object to the processing of their data. The user can object to the processing of their data when it occurs on a legal basis other than consent. Further details on the right to object are indicated in the section below.
Access their data. The user has the right to obtain information about the data processed by the Data Controller, specific aspects of the processing, and receive a copy of the processed data.
Verify and request rectification. The user can verify the accuracy of their data and request its update or correction.
Obtain the limitation of processing. Under certain conditions, the user can request the limitation of the processing of their data. In such cases, the Data Controller will not process the data for any purpose other than their conservation.
Obtain the deletion or removal of their personal data. Under certain conditions, the user can request the deletion of their data by the Data Controller.
Receive their data or have it transferred to another controller. The user has the right to receive their data in a structured, commonly used, and machine-readable format and, where technically feasible, to have it transferred without hindrance to another controller. This provision applies when the data is processed by automated means, and the processing is based on the user's consent, a contract to which the user is a party, or contractual measures related to it.
Lodge a complaint. The user can lodge a complaint with the competent data protection supervisory authority or take legal action.

‍

Details on the right to object

‍

When personal data is processed in the public interest, in the exercise of public authority vested in the Data Controller, or for the purposes of the legitimate interests pursued by the Data Controller, users have the right to object to the processing for reasons related to their particular situation.

Users are informed that, if their data is processed for direct marketing purposes, they can object to the processing without providing any reasons. To find out if the Data Controller processes data for direct marketing purposes, users can refer to the respective sections of this document.

To exercise their user rights, users can submit a request to the contact details of the Data Controller via email at info@wisepath.ai. Requests are free of charge and processed by the Data Controller as quickly as possible, in any case within one month.

‍

Right to Lodge a Complaint

‍

The user, if they believe that their rights have been violated, has the right to lodge a complaint with the Supervisory Authority for the protection of personal data, as indicated by the same Authority at the following Internet address:
http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524 or by sending a written communication to the Guarantor Authority for the Protection of Personal Data, Piazza Montecitorio n.121, 00186 Rome.

‍

Consent Pursuant to Art. 7 of EU Regulation 2016/679

‍

In compliance with Article 7 of EU Regulation, the user declares to have fully understood the information provided by the Data Controller, and:

Regarding the conducting of advertising or promotional activities, in the broadest sense of the term (e.g., orientation services, communication of the user's profile relevance after completing the questionnaire, sending newsletters and informative materials, requesting brochures, organizing events, etc.) and other marketing activities, through telephone contacts, email, postal mail, and SMS, various instant messaging systems, social network accounts, and any electronic communication tool or form, including reporting all initiatives dedicated to registered users;
Regarding the conducting of profiling activities, such as the analysis of user consumption habits or choices, mainly using the data entered during registration on the Site, data related to their participation in surveys, questionnaires, and market research in general, as well as data related to the services used, and other behaviors and data that the Data Controller may know in any way, including any data resulting from the analysis of web browsing, particularly in the case of a public profile. The user consents, in this sense, to the Data Controller downloading such data, storing them in their cloud within the European Union, to be processed for the purposes of the services offered by the platform.
Regarding the reporting of contacts of different registered users on the platform.