Privacy policy


Crowdvillage S.r.l. hereinafter referred to as “Data Controller” or “Crowdvillage”) provides the following information to the Data Subject, the person to whom the personal data refers, pursuant to art. 13 of EU Regulation no. 2016/679 dated 27 April 2016 (hereinafter referred as GDPR), the information concerning the protection of personal data. This information notice is intended to describe the personal data processing details and the measures taken to protect the rights of data subjects.

The information is released on the Crowdvillage’s website (, hereinafter referred to as the Site), in the "Privacy Policy” section on the site’s Home Page.

Data Controller

The Data controller is Crowdvillage S.r.l., domiciled and headquartered in via Ciro Menotti n. 21 - 20129 - Milano (MI) - VAT 03960560922 - E-mail address:

Categories of Data

The Data Controller processes the following categories of data:

  • - Data identifying the User, such as IP addresses and domain names
  • - Data on the use of this website
  • - Data the User voluntarily provides (identifiers) to access specific services the website provides.
  • - As regards the use of cookies, they are word files that are automatically generated in the User’s computer when surfing the Site. Some of them, such as session cookies, are automatically cancelled upon closing the browser session. Other cookies instead are recorded and stored in the User’s computer with a view to automating access to the website’s reserved area. Users have faculty of allowing their identifiers – User ID and password - be stored in one of these files.

For more details on cookies, their use and how to disable them, please refer to the cookie policy.

Purposes for the Processing of the User’s personal data

The Data Controller processes Data Subject’s personal data for the following purposes:

  • a) Managing the proper navigation of the website
  • b) Collecting and assessing anonymous statistical information on the way the website is used by Users.
  • c) Investigating possible offenses by users against third parties or the Data Controller
  • d) Complying with European and national regulations and the provisions issued by the Italian Data Protection Authority.

The user’s personal data is processed with a view to fulfilling the above-said Purposes and will be stored as stipulated in the specific notes (e.g. cookie policy)

Lawfullnes of processing

Processing shall be lawful if the following applies:

  • - Legitimate interest: Processing is necessary for the purposes of the legitimate interests pursued by the Data Controller (managing the correct use of the website and identifying offenses by users against third parties or the Data Controller)
  • - Consensus given by the User when surfing the site.

Processing methods and retention time

The User’s personal data is processed with a view to fulfilling the Purposes specified in this policy statement in digital format.

Mandatory or optional provision of personal data

To stop tracking cookies , users are requested to configure their Internet browsers accordingly.
However, it may prove to be necessary to store cookies on the user’s computer in order to access some parts of the Site.

Recipients of your Personal Data

The Data Subject’s personal data will be processed by the following parties according to the principle of indispensability:

  • - The Data Controller’s staff, who act and process data under the authority and instructions of the Data Controller, pursuant to art. 29 of the GDPR or of the employees appointed by the Data Controller, in accordance with art. 2 quaterdecies of Legislative Decree nr. 101/2018.
  • - Individual or legal entities whose right to access the personal data of the Data Subject is recognized by legal provisions provided for in EU law or Italian law, such as, by way of example, competent authorities and / or supervisory bodies for the fulfilment of legal obligations, and public administrations for their institutional purposes.
  • - Individual or legal entities resorted to by the Data Controller to perform activities that are instrumental to achieve its Aims (such as, for example, software vendors, cloud partners, data centres, IT consultants). Third parties who access the information will do so in compliance with the current legislation on the protection of personal data and the instructions given by the Data Controller and will in any case be appointed Data Processors by the Data Controller.

A list of the Data Processors is available in the Data Controller’s headquarters.

Dissemination of Data

Data will in no way be disseminated.

Rights of the Data Subject

The GDPR awards the Data Subject specific rights. The Data subject can exercise the following rights for each data processing operation:

  • - The right of access: You have the right to obtain a copy of your personal data in our possession subjected to processing.
  • - The right to rectification: You have the right to ask for the rectification of your personal data if it is incorrect or incomplete.
  • - The right to object to the processing of your personal data for commercial purposes: you can ask the Data Controller to stop sending you commercial communications at any time.
  • - The right to object to decisions based on exclusively automated processes: you can request not to be the recipient of decisions exclusively made on the basis of totally automated processes, including profiling activity.
  • - The right to withdraw consent: you have the right to withdraw your consent at any time.
  • - The right to contact the Guarantor for the protection of personal data: you have the right to contact the competent supervisory Authority directly. In Italy the “Garante per la Protezione dei Dati Personali” ( is the Data Protection Authority.

Under certain conditions, the Data Subject can also exercise the following rights:

  • - The right to erasure: you have the right to obtain the erasure of your personal data if the purposes of data processing no longer exist and there are no legitimate interests or legal provisions that require data to be stored.
  • - The right to object to processing: you have the right to object to certain types of processing (for example, where the processing is based on Data Controller’s legitimate interests)
  • - The right to restrict processing: You have the right to restrict the scope of the Data Controller’s processing of your personal data in certain situations
  • - The right to data portability: You have the right, in certain circumstances, to receive a copy of the your data in a structured, commonly used and machine-readable format, which can be accessed by another controller.

To exercise the aforesaid rights, the Data Subject can send an email or write to the following addresses, specifying his/her requests and providing the Data Controller with the information needed to correctly identify the sender (by also attaching thereto a copy of his/her ID document):

  • - by mail: Crowdvillage S.r.l., via Ciro Menotti n. 21 - 20129 - Milano (MI).
  • - by e-mail:

Crowdvillage will reply within a month. In the event that the Data Controller is unable to respond, it shall provide a detailed explanation as to why the Data Subject’s request cannot be met.

Release 01 - July 2021