Talk to us
Talk to us

Privacy Policy

Platform – v 1.0



Last update: July 1th, 2026

Introduction

Pursuant to Article 13 of the Reg. UE 2016/679 (“GDPR“), this privacy policy explains how Illucere S.r.l. (“Illucere” or “We” or “Us”) collects, stores, uses, transfers and discloses Personal Data from our users (“Users” or “You”) in connection with the “Twinkly Pro” mobile, web and desktop application and related services (“App”).

For the purpose of this privacy policy, “Personal Data” or “Data” means any information relating to an identified or identifiable individual.


1. Data Controller

The Data Controller of the processing of personal data is Illucere S.r.l., with head office in Mestrino (PD), Via Primo Maggio 1, 35053, VAT IT05776240284.
If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us via e-mail using the following details: privacy@illucere.com.


2. Personal data and information we collect

a. Personal data you provide to Us

  • Full name
  • E-mail address


b. Information collected automatically through the App
When You access or use the App, We may automatically collect the following information:

  • Device Information: We collect information about the mobile device You use to access the App, including the hardware model, information about the operating system and its version, IP address.
  • Information collected by tracking technologies: We use various technologies to collect information about your use of the App, such as frequency of use, which areas and features of our App you visit and your use patterns generally, etc.

This information is not collected to be associated with identified users and is used only to obtain anonymous statistical information on the use of the App and to check its correct functioning.

The App uses for its operation IT systems and software procedures, also of third parties. The purpose is to improve the stability of the App and, for this reason, during its use the following third parties can automatically acquire information in aggregate form:




3. Purpose, legal basis and retention of personal data processing

We have set out below a description of all the ways We plan to use your Personal Data, and which of the legal bases We rely on to do so:

  • I) Registration and access to reserved area of the App: We may process Personal Data in order to register You to the reserved area of the App and to enable You to log in and to grant the security of your registration process by sending you an OTP in order to verify your identity. We may also process Personal Data to send You important information regarding the status of your account (f.e. if some of the services You are registered to are about to expire or if Your account is about to be closed according to the terms and conditions of the service You accepted).
    Legal basis: Contractual obligation (art. 6.1.b GDPR).
    Data Retention: 6 months
  • II) Direct marketing: We may contact You with newsletters, marketing or promotional materials and other information that may be of interest to You relating to our products/services. This includes sending users communications about our products/services, features, promotions, news, updates, and events. We may do so through email, text messages, push notifications, in App communications. To achieve this purpose, tracking pixels (“TP”) will be used by the Data Controller
    Legal basis: Consent (art. 6.1.a GDPR).
    Data Retention: 24 months from the date on which you gave your consent, subject at all times to your right to withdraw it. TP will be retained for 24 months subject to your request to withdraw your consent to the use of TP
  • III) Newsletter: We may contact you to send commercial information relating to products and/or services similar to those already purchased (soft spam). With reference to the purpose set out in par. 3.II), You can object at any time without stating reasons by sending a message to privacy@illucere.com or by using the unsubscribe link in the email newsletter.
    Legal basis: Art. 130 co. 4 Italian Code of Privacy
    Data Retention: until You will exercise your right to object
  • IV) Analytics: We may process Personal Data to better understand how users access and use our App, both on an aggregated and individualized basis, in order to improve the quality and value of our App, provide You with a better experience and for other research and analytical purposes.
    Legal basis: Legitimate interest (art. 6.1.f GDPR)
    Data Retention: for the entire duration of the contractual relationship
  • V) Fraud prevention: We may process Personal Data to find and prevent fraud and respond to trust and safety issues that may arise.
    Legal basis: Legitimate interest (art. 6.1.f GDPR) to ensure that its rights are protected
    Data Retention: 10 years from the conclusion of the proceedings
  • VI) Protect the rights of Illucere: We may process Personal Data to handle complaints and matters relating to pre-litigation, legal defence and the exercise of Illucere’s rights before the courts, or to respond to requests from public authorities.
    Legal basis: Legitimate interest (art. 6.1.f GDPR) to ensure that its rights are protected
    Data Retention: 10 years from the conclusion of the complaint or proceedings




4. Nature of the provision of Personal Data and consequences of a refusal to provide

The provision of Personal Data for the purpose set out in par. 3.I) is necessary and a refusal by the Users implies the impossibility for the Company to perform its contractual obligations and provide the Users with the functionalities, services and the information requested as specified above.

The provision of Personal Data for the purpose referred to in par. 3.II) and 3.III) is optional and any refusal by the Users will not have any consequences on the performance of the services or the features and provision of information requested through the App.

The provision of Personal Data for the purposes referred to in par. 3.III, 3.IV and 3.VI is automatic and implicit in Internet transmission protocols.


5. Recipients

Where necessary, we transmit your Personal Data to:

  • Illucere’s employees and consultants who are responsible for data processing;
  • Third party companies or other entities, in their role as external data processors, which provide outsourced services to Illucere (f.e.hosting, cloud, CRM, legal, tax, assurance etc.).

The updated list of designated data processors may be provided upon request of Users.
We may also disclose your Personal Data to comply with any court order, law or legal process, including to respond to any government or regulatory request.


6. International data transfers

We may transfer your personal data to recipients who may be located outside the European Economic Area (EEA). When We transfer your personal data from the EEA to third countries, i.e. countries outside the EEA, We only do so on the basis of appropriate safeguards or if otherwise authorized by applicable law.


7. Data Security

We protect your personal data through technical and organizational security measures to minimize risks associated with data loss, misuse, unauthorized access and unauthorized disclosure and alteration. To this end We use firewalls and data encryption, for example, as well as physical access restrictions for our data centers and authorization controls for data access.


8. Data Retention

We take measures to delete your Personal Data or keep it in a form that does not permit identifying You when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. For further details regarding data retention, please refer to point 3 above.


9. Your rights

You may exercise all the rights provided for in Articles 15–21 of the GDPR at any time and without unjustified restrictions by contacting the Data Controller at the email address privacy@illucere.com.

Requests are submitted free of charge and processed by the Data Controller within 30 days.

In particular, You may:

  • Obtain confirmation as to whether processing is taking place (Article 15);
  • Obtain the rectification of inaccurate or incomplete Data (Article 16);
  • Obtain the erasure of Data without undue delay (Article 17);
  • Restrict processing to only part of the Personal Data (Article 18);
  • Receive a copy of the Personal Data held by the Data Controller, in a commonly used and machine-readable format; obtain unimpeded transfer to another Data Controller (Art. 20);
  • Object at any time to the processing of Personal Data (Art. 21);
  • With regard to processing purposes based on consent, withdraw consent at any time.

In the event of failure to promptly reply or an inadequate response from Illucere, or if You believe there is a violation of the data protection regulation, You can appeal to the Italian Data Protection Authority at the following coordinates: www.gpdp.it e-mail: garante@gpdp.it, Telephone switchboard: (+39) 06.69677.1.


10. Changes to Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy. In this case You will be promptly informed when You use the App again.