Privacy Policy for Users

Iumob Srl with registered office in Via Comelico, 3, 20135 Milano (hereinafter the "Data Controller"), owner of the website www.iumeet.com (hereinafter the"Site"), as Data Controller for the personal data of users browsing and registered with the Site (hereinafter, the "Users") provides the following privacy policy pursuant to art. 13 GDPR (General Data Protection Regulation) - UE 2016/679 of 27 April 2016 (hereinafter, the "Regulation" and/or "Applicable Law").

This Site and any services offered through the Site are reserved for individuals who are eighteen years old and over. The Data Controller does not collect personal data relating to persons under 18 years of age. At the request of Users, the Data Controller will promptly delete all personal data involuntarily collected and related to subjects under 18 years.

The Data Controller takes the utmost account of Users' right to privacy and personal data protection. For any information related to this Privacy Policy, Users can contact the Data Controller at any time, in any of the following ways:

By sending a registered letter with advice of receipt to the registered office of the Data Controller Via Comelico, 3, 20135 Milano;

By sending an e-mail message to privacy.canada@iumeet.com.

The Data Controller has not identified a Data Protection Officer (DPO), not being obliged to appoint such an officer pursuant to Article 37 of the Regulation.

1. Purpose of processing

Users' personal data will be processed lawfully by the Data Controller pursuant to Article 6 of the Regulations for the following processing purposes:

contractual obligations and provision of the service, to allow browsing of the Site or to execute the Terms of Use of the Site, which are accepted by the User when registering with the Site, to use the services offered through the Site including access to online dating and chat platforms and also to fulfill specific User requests. User data collected by the Data Controller for the purposes of registering with the Site include: the username voluntarily chosen, date of birth, gender, province of residence/domicile, email address and any personal information of the User voluntarily published. Unless the User gives the Data Controller specific and optional consent to the processing of his/her data for the additional purposes set out in the paragraphs below, the User's personal data will be used by the Data Controller for the sole purpose of ascertaining the identity of the User (also by validating the e-mail address), thus avoiding possible scams or abuses, and contacting the User solely to provide services (e.g. sending correspondence about additional services offered on the Site). Without prejudice to the other provisions contained within this Privacy Policy, the Data Controller will not make Users' personal data accessible to other Users and/or third parties under any circumstances.

administrative/accounting purposes, i.e. activities of an organisational, administrative, financial and accounting nature such as internal organisational activities and functional tasks necessary for the fulfillment of contractual and pre-contractual obligations;

legal obligations, or to fulfill obligations pursuant to law, an authority, a regulation or European legislation.

The provision of personal data for the processing purposes indicated above is optional but necessary, as failure to provide them will make it impossible for the User to browse the Site, register with the Site and take advantage of the services offered by the Controller through the Site.

The personal data necessary to fulfill the purposes of the processing operations described in this section are indicated with an asterisk in the Site registration form.

2. Further processing purposes: marketing and newsletters

Subject to the User's free and optional consent , some personal data of the User, e.g. first name, surname, e-mail address, may be processed by the Controller also for marketing purposes (such as sending advertising material, direct sales, commercial communications, sending of newsletters containing information relevant to the sector regarding the Controller's activities and/or services and promotions pertaining to the contents of the Website and services offered through the Website by the Controller), or so that the Controller can contact him/her via email to propose the purchase of products offered by the same Controller and/or third-party companies, to present offers, promotions and commercial opportunities of the Controller and/or third-party companies.

If the User does not give his/her consent, the possibility of registering with the Site and using the services offered through it will not be affected in any way.

The User may at any time revoke the consent given by making a request to the Controller in the manner indicated in section 5 below.

The User may also object to the sending of further promotional material via email by clicking on the link which is available within each email enabling the user to revoke his/her consent. Once the consent has been revoked, the Controller will send an email to the User to confirm the revocation of consent. If the User intends to revoke his/her consent to the sending of promotional communications via telephone, while continuing to receive promotional communications via email, or vice versa, he/she is invited to send a request to the Controller in the manner indicated in section 5 below.

The Data Controller declares that following exercise of the right to object to receipt of advertising by email, it is possible that, for technical and operational reasons (e.g. completion of contact lists shortly before the Data Controller's receipt of the objection), the User will continue to receive some additional promotional messages. Should the User continue to receive promotional messages 24 hours after exercising the right to object, please report the problem to the Data Controller, using the contacts details indicated in paragraph 5 below.

3. Processing methods and data preservation

Users' personal data will be processed using electronic means, as strictly necessary to achieve the purpose for which they are processed, and in any event, ensuring the confidentiality of the data.

The personal data of the Website Users will be kept for the time strictly necessary to carry out the primary purposes described above in Section 1, or in any case as necessary for the protection pursuant to civil law of the interests of both the Users and the Data Controller.

In the cases referred to in section 2 above, Users' personal data will be kept for the time strictly necessary to carry out the purposes described therein and, in any case, as long as the law allows for further storage for such specific purposes, including defence against legal requests.

If the User decides to block and/or delete his/her profile, all the data stored regarding the User are deleted. If the complete deletion of the User data is not permitted or is required by law, the data are blocked for further processing.

4. Scope of communication and data dissemination

The personal data of Users may be disclosed to the employees and/or collaborators of the Data Controller responsible for managing the Sites. These subjects, who are formally appointed by the Data Controller as Data Processors, will process the User's data exclusively for the purposes indicated in this policy and in compliance with the provisions of Applicable Law.

The personal data of Users may also be disclosed to third parties operating as External Data Processors handling the personal data on behalf of the Data Controller, such as IT and logistic service providers necessary for the operation of the Site, outsourcing or cloud computing service providers, professionals and consultants.

Users are entitled to obtain a list of any data processors appointed by the Data Controller via a request to the Data Controller, as indicated in section 5 below.

5. Data Subjects' rights

Users may exercise their rights pursuant to Applicable Law by contacting the Data Controller as follows:

By sending a registered letter with advice of receipt to the registered office of the Data Controller (Via Comelico, 3, 20135 Milano);

By sending an e-mail message to privacy.canada@iumeet.com.

Pursuant to Applicable Law, the Data Controller hereby declares that Users are entitled to obtain information on (i) the source of their personal data; (ii) the purposes of their being processed and the methods used to do so; (iii) the logic applied to the processing, if carried out by means of electronic tools; (iv) the identity of the Data Controller and the Data Processor; (v) the parties or categories of party to whom the personal data may be communicated or who may gain knowledge of them in their capacity as data processing managers or persons in charge of processing.

Furthermore, Users are entitled to:

a) accessupdaterectify or, should they wish to do so, supplement their data;

b) the deletiontransformation into anonymous form or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;

c) confirmation that those to whom the data are communicated or disclosed are notified of the actions referred to under letters (a) and (b), including their content, unless the fulfilment thereof proves to be impossible or involves using methods that are clearly disproportionate to the right being protected.

Furthermore, Users have:

a) the right to withdraw consent at any time, if the processing is based on their consent;

b) the right to data portability (the right to receive all personal data concerning the Data Subject in a format that is structured, commonly used and readable by automatic devices), the right to limittheprocessing of personal data and the right to deletion ("right to be forgotten");

c) the right to object:

i) in whole or in part, for legitimate reasons, to the processing of personal data concerning the Data Subject, even if pertinent to the purpose of the collection;

ii) object, in whole or in part, to the processing of his/her personal data for the purpose of sending advertising and direct marketing materials, or for carrying out market research or business communications;

iii) if personal data are processed for direct marketing purposes, to object at any time to the processing of their data for this purpose, including profiling in so far as it is connected to such direct marketing.

The Data Controller is not responsible for updating all links that can be viewed in this Policy, therefore whenever a link is not working and/or up-to-date, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by the link.