Legal

Privacy Policy

Information on the processing of personal data collected through smooit.com by Smooit S.r.l.

Last updated: April 1, 2026

This document explains how Smooit S.r.l. processes the personal data of users who browse the website or submit a request through the available contact channels.

Updates to this notice become binding once published on the website. Users who do not agree with future changes should stop using the website and may request deletion of their personal data where applicable.

Cookies on the website

We do not use profiling or tracking cookies. The only cookie in use is next_locale, a technical cookie needed to remember the selected language.

Open cookie policy

1. Categories of personal data processed

Smooit may process personal data voluntarily provided by the data subject when sending business or contact requests through the website.

Failure to provide the data that is necessary to manage a request or fulfil a legal or contractual obligation may prevent Smooit from replying or proceeding with the relevant relationship.

Anyone who shares third-party personal data with Smooit remains solely responsible for the lawfulness of that disclosure.

Data provided directly by the user

  • Identification and contact details submitted through the contact form, such as full name, company and work email address.
  • Information included in the request message and the selected area of service interest.

Data collected automatically

  • Technical data generated by devices, browsers and network protocols, such as IP address, browser type, operating environment and diagnostic logs required to operate and secure the website.

2. Cookies and similar technologies

The website does not use profiling, marketing or tracking cookies.

Only the functional next_locale cookie is used to remember the language selected by the user and ensure a consistent browsing experience between pages.

Additional details are available in the dedicated Cookie Policy.

3. Legal basis and purposes of processing

Personal data is processed where necessary to manage requests, fulfil legal obligations and protect Smooit's legitimate interests.

Contractual and pre-contractual purposes

  • Management of incoming contact requests and any activities required before entering into a professional relationship.

Legal obligations

  • Compliance with applicable laws, regulations and obligations in particular tax, fiscal and administrative duties.

Legitimate interests

  • Protection of company assets, IT infrastructure and networks, including security and anti-fraud activities.
  • Exercise and defence of rights before competent authorities where necessary.

4. Processing methods and recipients

Personal data is processed using paper and digital tools, with organizational procedures strictly linked to the purposes described above and with adequate security measures.

Personal data may be accessed only by subjects who need it to perform their duties and who are bound by confidentiality obligations.

  • Authorized personnel acting under Smooit's authority.
  • Independent controllers or processors appointed to deliver services necessary for the website and business operations, such as IT suppliers, hosting providers, consultants and commercial partners.
  • Public bodies or authorities where disclosure is required by law or by an order.

5. Place of processing and transfers

Where necessary, personal data may be transferred to parties located outside the European Economic Area.

In those cases Smooit adopts the contractual and organizational safeguards required by applicable law, including standard contractual clauses approved by the European Commission where relevant.

Requests for details on the safeguards adopted can be sent to [email protected].

6. Data retention period

Personal data is stored only for the time needed to achieve the purposes for which it was collected.

  • Data processed for contractual or pre-contractual purposes is retained for the duration of the relationship and, once terminated, for the ordinary limitation period of 10 years. In case of litigation, retention may last until the final exhaustion of legal remedies.
  • Data processed to fulfil legal obligations or defend rights is retained for the periods required by the relevant laws or authorities.
  • Data processed on the basis of legitimate interest is retained until that interest has been fulfilled or overridden by a valid objection where applicable.

7. Rights of the data subject

Data subjects may exercise the rights granted by applicable privacy law, including the right to obtain information on processing activities and to request intervention on their personal data.

  • Access personal data and obtain information on the processing carried out.
  • Request rectification, updating, restriction or deletion of personal data where applicable.
  • Object to processing carried out on the basis of legitimate interest.
  • Withdraw consent at any time where processing is based on consent.
  • Receive personal data in a portable format where the legal requirements are met.
  • Lodge a complaint with the competent supervisory authority or take legal action.