Information Notice – Article 13 EU Regulation 2016/679 (GDPR)
Privacy Notice for the Processing of Personal Data Collected from the Data Subject
Last updated: 28 august 2025
1. Data Controller (Articles 4 and 24 GDPR)
Leanbit Srl, headquartered at Via Padova 75, 35010 Vigonza (PD), Italy, represented by its legal representative pro tempore. You may contact the Data Controller via: fax: +39 0497360018: email: privacy@leanbit.it: phone: +39 0497360018
The Data Protection Officer (DPO), pursuant to Articles 37–39 of the GDPR, is appointed within the organization and can be contacted at: phone: +39 0497360018: email: dpo@leanbit.it
2. Categories of Personal Data Processed
Personal data refers to any information relating to an identified or identifiable natural person (“data subject”). A person is considered identifiable if they can be identified, directly or indirectly, by reference to identifiers such as name, ID number, location data, online identifiers, or other elements specific to their physical, physiological, genetic, mental, economic, cultural, or social identity (Art. 4, para. 1 no. 1 – Recitals 26, 27, 30 GDPR).
3. Purpose of Processing / Legal Basis – Data Retention Period and Nature of Data Provision
| Purpose of Processing | Legal Basis | Data Retention | Nature of Provision |
|---|---|---|---|
| A) Browsing this website (https://leanbit.eu) and the Controller’s APP | Art. 6(1)(f) GDPR – Legitimate interest | For the duration of the browsing session | Necessary to access website/APP content |
| B) Responding to support or information requests via dedicated forms or online chat (e.g., FAQ form or interactive chat), or by calling toll-free numbers/contacts listed online, followed by a callback from Leanbit staff | Art. 6(1)(f) GDPR – Legitimate interest | For the time needed to process your request | Required to respond to your inquiry. Without this data, assistance cannot be provided, though you may continue browsing the site/APP |
| C) Direct marketing activities by the Controller, subject to your consent: sending promotional materials, direct sales of products/services, satisfaction surveys via email, fax, SMS/MMS, phone calls, and postal mail. The Controller may use newsletter systems with reporting features to analyze communication performance (e.g., open rates, clicks, device types, user activity) | Art. 6(1)(a) GDPR – Consent | Until consent is withdrawn or objected to | Optional. Refusal does not affect support requests |
| D) Third-party direct marketing, subject to your consent: promotional materials, direct sales, satisfaction surveys via automated and traditional channels. For privacy information and exercising your rights regarding third-party data processing, you must contact the third party directly, acting as an independent Data Controller | Art. 6(1)(a) GDPR – Consent | Until consent is withdrawn or objected to | Optional. Refusal does not affect support requests |
Certain areas or sections of this website are governed by dedicated privacy notices, which should be consulted in full.
5. Cookies
For more information about cookies used on this website, please refer to our cookie policy
6. Data Recipients / Categories of Recipients
Personal data provided by the user may be shared with recipients acting as Data Processors (Art. 28 GDPR), individuals under the authority of the Controller or Processor (Art. 29 GDPR), or independent Data Controllers, for contractual or related purposes. A list of appointed Data Processors is available upon request by contacting the Controller.
Data may be shared with the following categories of recipients: parent, subsidiary, or affiliated companies of Leanbit Srl; service providers managing the Controller’s IT systems and communication networks (including email and hosting services); competent authorities for legal obligations or public authority requests
7. Data Transfers to Third Countries
Personal data will not be transferred outside the European Union. If such a transfer becomes necessary, it will be carried out in accordance with Articles 44 et seq. of EU Regulation 2016/679. In that case, this notice will be updated, and the data subject may request a copy of the safeguards in place by contacting the Controller.
8. Data Subject Rights
You may exercise your rights under EU Regulation 2016/679 by contacting the Data Controller at privacy@leanbit.eu. You have the right to request: access to your personal data (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), objection to processing based on legitimate interest.
Without prejudice to other administrative or judicial remedies, if you believe your data has been processed in violation of the GDPR, you have the right to lodge a complaint with the competent Supervisory Authority, namely the Italian Data Protection Authority (www.garanteprivacy.it).