Privacy Policy

Last updated: 23/07/2025

Protecting privacy and ensuring transparency in the management of personal data are fundamental values for Garaging. For this reason, we have drafted this Privacy Policy with the aim of providing users with a clear understanding of the information we collect, how we use it, and the rights available to them.

GENERAL

This Privacy Policy applies both to the website, accessible at https://www.garaging.it, and to the Garaging Srl app, available on Apple Store and Google Play. Collectively, the website and the app are referred to as the “Platform”.

In particular, this page describes the methods of processing personal data of users who browse the Garaging Srl Platform. As a result of navigating this Platform, data relating to identified or identifiable persons may be processed.

Some services available on the Platform are provided by third parties. In these cases, in addition to this data protection statement, the privacy policies of the respective providers also apply. Before using such services, the user may be required to give their consent, in accordance with current data protection regulations.

Please note that this privacy policy is provided only for the Platform and not for other websites, pages, or web services that may be accessed through links found on the Platform but refer to resources outside the domain of Garaging Srl.

This document may be subject to periodic updates.

DATA CONTROLLER

The Data Controller is Garaging Srl, with registered office in via Satiro n. 11, 37121, Verona (VR), Italy (email: info@garaging.it PEC: garaging@pec.it), hereinafter referred to as the “Controller”, the “Data Controller”, the “Company” or “Garaging”.

TYPES OF DATA PROCESSED, PURPOSES AND LEGAL BASIS FOR PROCESSING

Browsing Data

The IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of the computers used by users who connect to the Platform, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (success, error, etc.), and other parameters related to the user’s operating system and computing environment.

This data is used solely to allow navigation on the Platform, to obtain anonymous statistical information on Platform use, and to check its correct functioning. It is deleted immediately after processing. Data may also be used to comply with legal obligations, respond to orders issued by public authorities, or determine liability in the event of hypothetical cybercrimes against the Platform.

The legal basis for the processing is therefore the legitimate interest of the Controller in the operation and improvement of the services provided by the Platform.

Data Voluntarily Provided by the User

The voluntary, explicit, and optional sending of emails to the addresses indicated on the Platform, the completion of specific data entry forms to receive services/information or to make purchases involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included.

The personal data provided by users who send requests (e.g., information requests, newsletter subscriptions, contact requests) are processed solely to perform the requested service, unless otherwise stated in additional specific data processing notices found on login or registration pages.

Specific summary information and any required consent requests will be progressively shown or displayed on the Platform pages dedicated to particular services upon request.

The legal basis for the processing is therefore the fulfillment of contractual obligations (requests) from the user and/or consent.

COOKIES

The Platform uses technical cookies as well as profiling and third-party cookies.

Users may refuse the use of cookies by selecting the appropriate setting on their browser. For more information, refer to the dedicated Cookie Policy accessible at link.

The legal basis for processing is the legitimate interest of the Controller (for technical cookies) and the data subject’s consent (for profiling and third-party cookies), expressed by clicking on the appropriate banner.

DISCLOSURE OF DATA TO THIRD PARTIES AND TRANSFER TO THIRD COUNTRIES

No data resulting from the use of the Platform is disseminated.

Browsing data, personal data provided by the user, and other categories of processed data may be transferred to non-EU countries. In such cases, processing will comply with the GDPR 2016/679 regulations.

METHODS OF PROCESSING, DATA RETENTION PERIOD, AND AUTOMATED PROCESSES

Personal data is processed using IT tools.

Personal data provided by the user is stored for the period necessary to achieve the stated purposes.

Processing includes the use of automated decision-making/profiling processes.

Specific security measures are observed to prevent data loss, illegal or improper use, and unauthorized access.

DATA PROVISION

Except as specified for browsing data, the user is free to provide personal data as requested in forms or during contact with the Controller. Failure to provide such data may make it impossible to obtain the requested services.

The Data Controller reserves the right to cancel subscriptions and suspend services if the data provided to access certain services is found to be untruthful.

DATA SUBJECT RIGHTS, COMPLAINTS, AND WITHDRAWAL OF CONSENT

Data subjects have the right at any time to request access to their personal data, its rectification, deletion, restriction of processing, to object to its processing, and to exercise the right to data portability. In any case, the data subject has the right to withdraw at any time any consent given for the processing of personal data, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise the rights provided by the current personal data protection regulations, and to obtain the complete list of External Data Processors appointed for each area and activity, or to receive information regarding the transfer of data to non-EU countries and related safeguards, the data subject may write to info@garaging.it.

The data subject also has the right to lodge a complaint with a supervisory authority regarding data processing, particularly in the Member State in which they habitually reside or work, or where the alleged violation occurred.