Privacy Policy

Last update:

21/02/2025

What is this document?

Pursuant to Article 13 of the European Regulation No. 679/2016 (“General Data Protection Regulation” or “GDPR”) and in compliance with its principles, Yape S.r.l. informs each user (the “User”) about the processing of personal data on its website (www.yapemobility.it)

Controller and Contact Details

Yape S.r.l. (hereinafter the “Controller,” pursuant to Article 4(7) GDPR) Registered office: Via San Martino 12, 20122 Milan, Italy Email: privacy@yapemobility.it
Purpose of Processing, Legal Basis, Personal Data, and Retention Period
The Controller processes personal data for the purposes outlined below. The table specifies the legal basis justifying the processing and the data retention period.
(Privacy Policy Table is assumed to be updated accordingly.)
If the User chooses not to provide mandatory and/or necessary data for certain purposes, Yape S.r.l. reserves the right to withhold services through its website.
Users may request explanations of the legal basis for each processing activity at any time.

Processing Methods

Personal data is processed through automated and/or manual tools to ensure appropriate security measures that prevent unauthorized access, disclosure, loss, misuse, or unlawful use of data.

Data Sharing

Personal data may be shared with the following entities, strictly on a need-to-know basis and in accordance with applicable privacy laws:

All relationships with the entities above are governed by contracts in compliance with Article 28 GDPR (Data Protection Agreement or “DPA”).
Personal data will be processed by authorized internal staff, as per Article 29 GDPR. A list of all authorized personnel is available upon request by contacting privacy@yapemobility.it.

Personal data is processed at the Controller’s headquarters and on the servers hosting the website www.yapemobility.it. When using cloud providers based outside the European Economic Area (EEA), the Controller ensures that personal data processing complies with applicable laws. Data transfers are carried out using appropriate safeguards, such as:

Adequacy decisions by the European Commission;
Standard contractual clauses approved by the European Commission;
Other safeguards provided by the GDPR.

Data Subjects’ Rights

Users may exercise their rights under Articles 15-21 GDPR at any time and without undue restriction by contacting the Controller at privacy@yapemobility.it. Requests are free of charge and processed within 30 days.
Specifically, Users have the right to:

Obtain confirmation as to whether or not personal data is being processed (Art. 15);
Request rectification of inaccurate personal data (Art. 16);
Request erasure of personal data (Art. 17);
Request restriction of processing (Art. 18);
Receive personal data in a structured, commonly used, and machine-readable format, and transmit it to another controller (Art. 20);
Object to processing (Art. 21).

Complaints

Users may lodge a complaint with the competent supervisory authority (Garante per la Protezione dei Dati Personali) under Article 77 GDPR, if they believe the processing of their personal data violates applicable laws.

Amendments

The Controller reserves the right to update this Privacy Policy to reflect any changes in national or EU legislation on data protection.

Other Documents

Privacy Notice on the Processing of Personal Data of Clients and Suppliers (ENG | ITA)
Policy on the Processing of Personal Data of Applicants (ENG | ITA)

Privacy Policy

Last update:

21/02/2025

P. IVA

Capitale Sociale

Business Register number

P. IVA

Capitale Sociale

Milan Business Register number