Privacy Policy pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR)
Ivory S.r.l., with registered office at Via Iacopo da Benevento 21, Benevento (BN), is the data controller of your personal data and manages it in compliance with Regulation (EU) 2016/679 ("GDPR") and Legislative Decree 196/2003, as amended and updated.
This privacy policy applies exclusively to online activities carried out through ivory.live and is valid for site users and visitors. It does not apply to information collected through channels other than this website.
If you have questions about this policy or how we process personal data, contact us at privacy@ivory.com.
1. Data Controller
Ivory S.r.l.
Address: Via Iacopo da Benevento 21, Benevento (BN), Italy
Privacy contact email: privacy@ivory.com
Website: ivory.live
2. Types of Data Processed
Through the website form, we collect and process only the following personal data:
- first name;
- last name;
- email address.
- phone number (optional, only if provided for WhatsApp reminder).
These are ordinary personal data and do not belong to special categories of data.
3. Purpose of Processing and Legal Basis
The personal data provided by the user are processed for marketing purposes, specifically to:
- send launch-related email communications about the Ivory social network;
- send one optional WhatsApp reminder before launch, only if you provide a phone number and specific consent;
- send additional updates strictly connected to launch and go-live (for example: pre-registration opening, service availability, major launch-related changes).
The legal basis for processing is the data subject's consent, expressed by selecting the dedicated consent checkbox in the form.
4. Nature of Data Provision and Consequences of Refusal
Providing first name, last name, and email is optional. However, failure to provide such data or failure to provide consent will make it impossible for the controller to send communications related to Ivory launch and strictly related updates.
Providing a phone number is optional. If you do not provide a phone number and WhatsApp consent, you will not receive the optional WhatsApp reminder, while email updates remain available.
5. Processing Methods and Security Measures
Personal data are processed with electronic tools by authorized and properly trained personnel, according to principles of lawfulness, fairness, transparency, data minimization, and storage limitation.
Appropriate technical and organizational measures are adopted to ensure data security, confidentiality, integrity, and availability, and to prevent unauthorized access, unlawful processing, loss, destruction, or accidental damage.
6. Recipients or Categories of Recipients
Collected personal data may be processed by:
- employees and collaborators of the controller, expressly authorized to process data;
- IT and email delivery service providers (for example newsletter or mailing list providers), appointed, where required, as data processors under Article 28 GDPR.
- messaging providers used solely to send the optional WhatsApp reminder, where enabled by your consent.
In any case, data will not be disclosed or communicated to third parties for purposes other than those listed, except where required by law or by judicial/public authority request.
7. Data Transfer to Third Countries
In principle, personal data are not transferred to third countries outside the European Union or the European Economic Area.
If, for technical needs (for example use of email marketing providers with servers outside the EU), transfer to a third country becomes necessary, such transfer will take place in compliance with Articles 44 and following of GDPR, based on an adequacy decision or, where absent, appropriate safeguards (such as Standard Contractual Clauses).
8. Data Retention Period
Personal data are retained for the time strictly necessary to pursue the purposes described, and in any case no longer than 60 days from collection, unless consent is revoked earlier.
Once this period expires, or upon consent withdrawal, data are deleted or irreversibly anonymized, except where further retention is necessary to comply with legal obligations or to protect rights in court.
9. Data Subject Rights
The data subject may exercise GDPR rights at any time, including:
- right of access to data and processing information;
- right to rectification of inaccurate or incomplete data;
- right to erasure (right to be forgotten), where applicable;
- right to restriction of processing, where applicable;
- right to data portability, where applicable;
- right to object, where applicable;
- right to withdraw consent at any time.
Requests may be sent to privacy@ivory.com. Requests are handled without undue delay and, in any case, within one month, subject to extension in cases allowed by GDPR.
10. Right to Withdraw Consent
The data subject has the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.
Withdrawal can be exercised, for example, by:
- clicking the unsubscribe link included in received emails;
- sending a request to privacy@ivory.com.
If you withdraw WhatsApp consent, no further WhatsApp reminder will be sent.
11. Right to Lodge a Complaint with the Supervisory Authority
Without prejudice to any other administrative or judicial remedy, the data subject has the right to lodge a complaint with the Italian Data Protection Authority (www.gpdp.it), according to the procedures indicated by the Authority.
12. Automated Decision-Making
In the context of this processing, no automated decision-making process is in place and no profiling activity is carried out.
13. Updates to this Policy
The controller reserves the right to update this policy at any time, including due to regulatory changes or service evolution. Updates will be published on the site and, where appropriate, communicated by email.