Privacy Policy

To allow access to the platform and the provision of its services, the collection of different types of personal data is necessary, classified as follows:

Identification and contact data

Information provided voluntarily by the user during registration or interaction with the platform falls into this category. This may include first name, last name, date of birth, residential or domicile address, tax code, email address, and phone number. This data is essential for verifying the user's identity and establishing a direct communication channel.

Usage and navigation data

During normal consultation of the platform, computer systems acquire certain data whose transmission is implicit in the use of Internet communication protocols. These include the IP address, request times, pages visited within the site, time spent on each section, navigation paths, and parameters related to the user's operating system and IT environment.

Device data

Specific information about the device used to access the services is collected, such as hardware model, operating system version, browser type, language settings, and unique device identifiers, in order to optimize content display and ensure platform security.

Transaction data

If the use of the platform involves economic transactions, data related to the transactions made are processed, including amounts, dates, times, transaction types, and partial details of the payment instruments used, processed to ensure the highest standards of IT security.

Communications with the support service

If the user contacts customer support via email, contact forms, or interactive tools, a record of the correspondence and data entered in the message is kept in order to process the request and provide the necessary response.

The processing of personal data is based on strictly lawful grounds. The legal bases applied include:

The performance of a contract to which the user is party or the performance of pre-contractual measures taken at the user's request.

The pursuit of the legitimate interest of the data controller, such as protecting platform security, preventing fraud, and continuously improving the services offered.

The explicit consent given by the user for specific purposes, such as sending informational and promotional communications.

Compliance with legal or regulatory obligations to which the data controller is subject.

The personal data collected are used exclusively for determined, explicit, and legitimate purposes. In particular, the main purposes include:

Account management and service provision

Identification data are used to allow the creation and maintenance of the user account, secure authentication to the platform, use of available features, and performance of all operational activities related to the requested service.

Security and fraud prevention

Technical information, navigation data, and transactional data are analyzed to monitor system integrity, prevent unauthorized access, detect anomalous or potentially fraudulent behavior, and ensure a secure operating environment for all users.

Statistical analysis and optimization

Data related to platform usage are processed in a predominantly aggregated form to conduct statistical analyses on service effectiveness, identify usage trends, and make structural updates aimed at improving the overall user experience.

Customer assistance and support

Information provided in help requests is processed to resolve technical issues, answer administrative questions, and provide timely and effective support in case of operational difficulties.

Marketing preferences and communications

With the user's explicit consent, contact data may be used to send informational and promotional updates and communications. The user retains the right to withdraw such consent at any time, without any consequence on access to the main services.

Personal data are kept for the sole time strictly necessary to achieve the purposes for which they were collected, or in accordance with current civil, fiscal, and criminal regulations. At the end of the established retention period, or in case of acceptance of a legitimate deletion request, the data are securely deleted or transformed into an anonymous and irreversible form for statistical purposes.

The user's personal data are not subject to indiscriminate dissemination or sale to third parties. The communication of information may occur exclusively to duly authorized categories of recipients, such as:

Suppliers of technical, IT, and infrastructural services acting as data controllers on behalf of the platform.

External professionals and consultants in legal, fiscal, or administrative fields for the fulfillment of regulatory obligations or for the protection of contractual rights.

Judicial authorities, law enforcement agencies, or supervisory bodies, in cases expressly provided for by law or following a formal request from the competent bodies.

Personal data are processed and stored mainly within the European Economic Area (EEA). Should it become necessary for technical or operational reasons to transfer certain information to third countries outside the EEA, such transfer will occur exclusively in the presence of adequacy decisions by the European Commission or through the adoption of standard contractual clauses, aimed at ensuring that the level of data protection remains equivalent to that guaranteed within the European Union.

Reasonable and adequate technical and organizational measures are implemented to protect personal data from accidental or unlawful destruction, loss, alteration, disclosure, or unauthorized access. These measures include the adoption of encryption protocols for data transmission, access control systems, and periodic checks on infrastructure. It is specified that, due to the intrinsic nature of digital communication networks, it is not possible to guarantee absolute and impenetrable security against every potential cyber threat.

In accordance with current legislation, the user has the right to exercise specific rights concerning their personal data. These rights include:

Right of access: to obtain confirmation as to whether or not personal data are being processed and to receive a copy thereof.

Right to rectification: to request the correction of inaccurate data or the integration of incomplete information.

Right to erasure (right to be forgotten): to obtain the removal of one's data if they are no longer necessary for the original purposes or if the legal basis ceases to exist.

Right to restriction of processing: to request the temporary blocking of processing in the presence of specific disputes.

Right to data portability: to receive one's data in a structured, commonly used, and machine-readable format to transmit them to another controller.

Right to object: to object at any time to processing based on legitimate interest or carried out for direct marketing purposes.

To exercise the rights listed above, or to request clarification on the interpretation of this policy, the user may send a detailed written request to the dedicated support email address: quigioco_support@gmail.com. Requests will be promptly handled and processed within the legally established deadlines.

This policy may be updated periodically to reflect changes in operational practices or modifications to the regulatory framework. The last revision date will be constantly updated on the page, and significant changes will be duly notified to users.