pixel code
U-hopper logo

Privacy Policy

Pursuant to Article 13 of the EU Regulation 2016/679

1. Data Controller

The Data Controller is U-Hopper s.r.l., Via Merano 8, 38027 Malè, PEC: u-hopper@legalmail.it

Any request concerning your rights (access/update/rectification/erasure etc.) must be addressed to such email or directly to the DPO Federico Fusca (dpo@u-hopper.com, tel: +39 069636650).

2. Types of data collected, purposes and legal basis

Type of Data collected

Purposes of Data Processing

Legal basis for the processing

Are you browsing our website?

The information systems and the software procedures to operate this website acquire personal information which must be transmitted to be able to use the internet communication protocols. The data collected are IP address, the type of browser, operative system, domain name, addresses of websites from which access has been made, information about website pages visited by the user, access time, duration of stay on a single page, analysis and other information related to user browsing on our website.

We process your data to make our website work, verify and make an analysis of user access to website contents and user browsing experience on our website. Please read the Cookie Policy for further information.

art. 6 GDPR "legitimate interests of the Company"

Have you sent a contact request or a request of service?

We collect and store the data that you shared with us. Data collected are: name, surname and email address. The processing of that data is strictly necessary for the execution of the requested service.

We process your data to reply to your contact request and give you the information required. We process your data also for statistical purposes.

art. 6 GDPR "execution of a contract or pre-contractual measures"

Are you a customer or a supplier?

We collect and store the data of the Company contacts of our customer and suppliers (name, surname, email address, phone number, other data that can be necessary or useful for the contract).

We process your data for the management of contractual relationships, the planning of activities and the customer management.

art. 6 GDPR "execution of a contract or pre-contractual measures"

Have you sent your CV to careers@u-hopper.com?

We collect and store the data of your CV.

We process your data for the recruitment process.

art. 6 GDPR "execution of a contract or pre-contractual measures"

Did you subscribe to our Newsletter?

We collect and store the data that you shared with us. Data collected are: name, surname and email address. The processing of that data is strictly necessary for the execution of the requested service.

We process your data to send you a periodical Newsletter and give you an update about our activities and services.

art. 6 GDPR "consent of data subject"

Did you access the chatbot that you can find on this website?

We collect the data that allow our chatbot to have a conversation with you (Social ID).

We process your data to ensure the correct functionality of the bot and to fix errors.

art. 6 GDPR "consent of data subject"

3. Data Processing Arrangements

Data are processed at the Controller's operating offices and in any other places where the parties involved in the processing are located, using manual and electronic means. For further information please contact us.

U-Hopper takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.

The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In some cases, the Data may be accessible to certain types of persons in charge, involved with the operation or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller.

It is possible that some of our suppliers, appointed as data processors, are based outside the EU. In this case, the transfer is carried out in compliance with the law through the use of standard contractual clauses and after an accurate assessment.

4. Time-limits for storing the Data

Your Personal Data will be stored only for the time necessary for processing purposes and, anyway, for a maximum of ten (10) years.

The Controller may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

5. Right to object

It is always possible to object any time to data processing according to art. 21 EU Reg. 2016/679, sending a request to the mail address indicated at point 1. Furthermore, If you do not want to receive our Newsletter just click on Unsubscribe at the bottom of the emails.

6. Data Subjects' Rights pursuant to Artt. 15, 16, 17, 18, 20, 21, 22 and 77 of the EU Regulation 2016/679

Data Subject shall have the right to lodge a complaint with a supervisory authority. Data Subject shall have the following rights:

Article 15 - Right of access by the data subject

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data.

Article 16 - Right to rectification

The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Article 17 - Right to erasure ('right to be forgotten')

The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay.

Article 18 - Right to restriction of processing

The data subject shall have the right to obtain from the controller restriction of processing where one of the

(a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;

(b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

(c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;

(d) the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.

Article 20 - Right to data portability

The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

In exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

Article 21- Right to object

L'interessato ha il diritto di opporsi in qualsiasi momento, per motivi connessi alla sua situazione particolare, al trattamento dei dati personali che lo riguardano ai sensi dell'articolo 6, paragrafo 1, lettere e) o f), compresa la profilazione sulla base di tali disposizioni.

Article 22 - Automated individual decision-making, including profiling

The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or he.

Article 77 - Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78.


According to art. 7 GDPR, you can always withdraw your consent.

7. Information not contained in this policy

More details concerning the collection or processing of Personal Data may be requested from the Controller at any time. Please see the contact information at the beginning of this document.

8. Changes to this privacy policy

The Controller reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and - as far as technically and legally feasible - sending a notice to Users via any contact information available to the Controller. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. Should the changes affect processing activities performed on the basis of the User's consent, the Controller shall collect new consent from the User, where required.



Privacy policy updated in November 18, 2020.


Site version: 308d9e8