Last updated: 15 July 2026
1. Data Controller
The Data Controller is Addictive S.r.l., registered office at Via Enrico Fermi 1, 31050 Monastier di Treviso (TV), Italy — VAT and tax code 04636600266 (the “Controller”).
Contacts: info@addictive.dev; certified e-mail (PEC) addictive@legalmail.it.
The Controller has not appointed a Data Protection Officer, the conditions set out in Article 37 of the Regulation not being met.
2. Personal data processed
The Controller processes solely the personal data provided by the data subject through the forms available on the site:
- contact form: name, e-mail address, company, role, industry, referral channel;
- tool access request form: name, e-mail address, company, tool requested.
Mere consultation of the site does not entail the collection of data identifying the data subject. The Controller does not process special categories of data within the meaning of Article 9 of the Regulation.
3. Purposes and legal basis
Data is processed for the sole purpose of responding to and assessing the data subject’s request.
The legal basis for the processing is Article 6(1)(b) of the Regulation (performance of pre-contractual measures taken at the data subject’s request).
Data is not processed for direct marketing purposes or for sending commercial communications. The Controller carries out no profiling and no automated decision-making within the meaning of Article 22 of the Regulation. Any processing for further purposes shall be preceded by separate, specific consent.
4. Nature of the provision of data
The provision of data is optional. Failure to provide the data marked as mandatory prevents submission of the request and the consequent response.
5. Recipients and processors
Data is processed by the Controller’s authorised personnel. It is not disseminated, transferred or communicated to third parties for purposes of their own.
Data may be processed on behalf of the Controller, as processors pursuant to Article 28 of the Regulation, by the following suppliers:
- Netlify, Inc. — site hosting services and handling of form submissions;
- Umami Software, Inc. — traffic measurement services, provided on infrastructure located in the European Union.
6. Transfers to third countries
Netlify, Inc. is established in the United States of America. The relevant transfer is safeguarded by the Standard Contractual Clauses adopted by the European Commission pursuant to Article 46(2)(c) of the Regulation.
Statistical data collected through Umami is processed on infrastructure located in the European Union.
7. Retention period
Data provided through the forms is retained for 24 months from the last meaningful contact, after which it is erased.
Where a contractual relationship is entered into, the necessary data is retained for the period prescribed by applicable legal, tax and accounting obligations.
8. Cookies and measurement tools
The site uses no cookies and performs no storage of information, nor access to information already stored, on the data subject’s device within the meaning of Article 122 of Legislative Decree 196/2003. No consent is therefore required in this respect.
Traffic measurement is performed by means of Umami, a tool which uses neither cookies nor other persistent identifiers and which processes solely aggregate data (page views, referrers, country, device type) not capable of identifying the data subject.
Typefaces are served directly from the Controller’s servers: browsing entails no connections to third-party services.
9. Video content from an external platform
One page of the site hosts video content provided by the YouTube platform. The content is not loaded automatically: until it is voluntarily activated by the data subject, only a preview image served from the Controller’s servers is displayed and no connection to Google is made.
Upon activation of the content, the YouTube player is loaded and Google Ireland Limited may install cookies and process data as an independent controller, in accordance with its own privacy notice, available at policies.google.com/privacy. The Controller exercises no control over such processing.
10. Rights of the data subject
The data subject has the right to obtain access to their personal data and the rectification or erasure thereof, the restriction of processing, data portability, and to object to the processing (Articles 15 to 22 of the Regulation).
Requests may be submitted to the contacts indicated in section 1. The Controller shall respond within one month of receipt, extendable in the cases provided for by Article 12(3) of the Regulation.
11. Complaint to the supervisory authority
A data subject who considers that the processing is carried out in breach of the Regulation has the right to lodge a complaint with the Italian Data Protection Authority, the Garante per la protezione dei dati personali (garanteprivacy.it), pursuant to Article 77 of the Regulation, or to bring proceedings before the competent courts.
12. Updates
The Controller reserves the right to amend this notice, giving notice thereof by updating the date indicated above.