Privacy Policy of Cadoola

To provide its services efficiently, securely, and in compliance with the law, Cadoola needs to collect and process various categories of personal data, which vary depending on the user's interaction with the platform.

Identity and Contact Details

This category includes information voluntarily provided by the user during account registration or when filling out digital forms. Such data may include first name, last name, date of birth (required to verify the mandatory minimum age of 18 years), residential or domicile address, tax code, email address, and phone number.

Usage and Navigation Data

Includes information automatically generated during the user's interaction with the platform. This includes pages visited, time spent on the site, navigation paths within the platform, games or services consulted, system logs, and other statistics related to the user's experience.

Technical and Device Data

This data concerns the technological infrastructure used by the user to access Cadoola. It includes the IP address, the type and version of the web browser used, time zone settings, types and versions of browser plug-ins, the operating system, the hardware platform, and other technical identifiers associated with the mobile or desktop device.

Transaction Data

Should the user perform financial or commercial operations on the platform, details related to the transactions made are collected, including amounts, dates, and times of operations, payment methods used (without storing full financial credentials protected by cryptographic standards), and the history of deposits or withdrawals made.

Communications with Customer Support

This category includes all information, texts, files, or details shared by the user when contacting customer support via email, contact forms, or other official channels. Such communications are stored to ensure the resolution of raised issues and to monitor the quality of the support service provided by Cadoola.

The processing of the user's personal data by Cadoola is based exclusively on lawful grounds clearly defined by current regulations.

The main legal bases applied include:

Performance of a contract: Processing is strictly necessary to fulfill contractual obligations arising from the user's acceptance of the Terms and Conditions, including the opening, management, and provision of services related to the account.

Legitimate interest: Processing is required to pursue the legitimate interests of Cadoola, such as continuous improvement of platform functionalities, prevention and detection of cyber fraud, strengthening network security, and optimizing customer service, provided that the user's fundamental rights and freedoms do not prevail.

User consent: For specific purposes, such as sending direct marketing communications or activating certain profiling cookies, Cadoola requires the user's explicit, free, and revocable consent.

Legal obligations: In certain cases, data processing is mandatory to comply with legal duties to which Cadoola is subject, such as tax regulations, transparency provisions, or legitimate requests from judicial authorities or law enforcement agencies.

The personal data collected is used by Cadoola for specific, legitimate purposes strictly related to the provision of services on the platform.

The main purposes include:

Creation, activation, and technical maintenance of the user account.

Age and identity verification to ensure access is limited to adult users (18+).

Secure processing and management of financial transactions requested by the user.

Provision of timely and accurate customer support in case of technical or operational issues.

Monitoring of system activities to identify and neutralize security threats, unauthorized access, or fraudulent behavior.

Personalization of the browsing experience based on user-expressed preferences.

Sending technical update communications, contractual changes, or important security notices.

With prior consent, sending informational and promotional materials regarding platform news and offers.

Cadoola retains users' personal data only for the time strictly necessary to achieve the purposes for which it was collected, as well as to fulfill specific legal obligations or to protect its rights in court. The criteria used to determine the retention period take into account the nature of the data, the duration of the contractual relationship, and the statutes of limitations provided for by Italian civil and tax legislation. At the end of the established period, the data is securely deleted or permanently anonymized.

Users' personal data is not sold, rented, or commercially disseminated to third parties. Information sharing may occur exclusively with service providers and external data processors who collaborate with Cadoola for the execution of activities necessary for the management of the platform.

Such recipients include providers of hosting and cloud infrastructure services, companies specializing in fraud prevention and IT security, payment institutions for transaction processing, and legal or tax consultants. All external providers are contractually bound to process the data in full compliance with the instructions given by Cadoola and in accordance with current privacy regulations.

The personal data collected is predominantly processed and stored within the European Economic Area (EEA). Should it be necessary for technical or operational reasons to transfer some information to third countries outside the EEA, Cadoola adopts all appropriate legal and organizational safeguards to ensure a level of data protection equivalent to that of Europe. These measures typically include the use of Standard Contractual Clauses approved by the European Commission and verification of the security requirements of foreign recipients.

Cadoola implements advanced technological and organizational security protocols to protect personal data from unauthorized access, alteration, improper disclosure, accidental loss, or destruction. Measures applied include data encryption in transit and at rest, the adoption of network firewalls, strict control of logical access based on the principle of least privilege, and constant updating of internal systems. It is specified, however, that no data transmission system over the internet or digital storage system can guarantee absolute and impenetrable security.

In accordance with the European and Italian regulatory framework on data protection, the user enjoys specific rights that they can exercise at any time in relation to their personal data processed by Cadoola.

These rights include:

Right of access: To obtain confirmation as to whether or not personal data is being processed and to receive a copy of the information held by the platform.

Right to rectification: To request the correction of inaccurate data or the completion of incomplete information.

Right to erasure (right to be forgotten): To request the permanent removal of one's data if the legal grounds for its retention no longer exist.

Right to restriction of processing: To obtain the temporary suspension of processing in case of dispute regarding the accuracy of the data or the lawfulness of the processing.

Right to object: To object to processing based on legitimate interests or carried out for direct marketing purposes.

Right to data portability: To receive one's data in a structured, commonly used, and machine-readable format, in order to transfer it to another controller.

To exercise these rights or to submit any request or clarification regarding privacy management, the user can contact the platform by sending an official communication to the dedicated email address: cadoola_support@gmail.com. Should the user believe that their data is being processed in violation of current regulations, they also have the right to lodge a complaint with the Data Protection Authority in Italy.

This Privacy Policy may be modified or supplemented periodically to adapt it to new platform functionalities, changes in business processes, or evolutions in the legislative framework. The date of the last update will always be indicated in the document, and changes will become effective as soon as they are published on the Cadoola platform.