top of page

Privacy Policy 

INFORMATION ON THE PROCESSING OF PERSONAL DATA

Dear User, 

Welcome to our Mobile App Ubique Fashion (hereinafter, the “App”). 

Navigating and/or accessing certain sections of the App and/or making requests for information or services may involve the processing of personal data. 

The protection of personal data is of fundamental importance to us, and we want to ensure that the processing of personal data carried out by any means, whether automated or manual, is conducted in full compliance with the protections and rights recognized by Regulation (EU) 2016/679 concerning the protection of natural persons with regard to the processing of personal data, as well as the free movement of such data (hereinafter, the “Regulation”) and other applicable laws concerning personal data protection. 

The Regulation stipulates that, prior to processing personal data, it is necessary for the individual to whom such personal data belongs to be informed about the reasons for which such data is requested and how it will be used. 

In this regard, this document aims to provide you, in a simple and intuitive manner, guidance on the types of information and personal data collected through the App and all useful and necessary information so that you can provide your personal data in a conscious and informed manner, and at any time request and obtain clarifications and/or corrections. 

The notice contains important information regarding the processing of your data through artificial intelligence systems and sharing with third parties, AI service providers, of certain information. 

This notice (hereinafter, the “Privacy Policy”) is prepared based on the principle of transparency and includes all elements required by Article 13 of the Regulation. It is structured into individual sections, each addressing a specific topic to make reading quicker, easier, and more comprehensible. 

We invite you to read this Privacy Policy carefully, and if you do not agree with our data processing policies, we encourage you to refrain from using the App. For any information regarding this Privacy Policy, you can contact Ubique at info@ubiquefashion.com. For any requests related to the exercise of your rights, please refer to section M below. 

This Privacy Policy applies solely to this App and not to other websites that the user may consult through links.

 

Sections: 

A. What is meant by personal data? 

B. Who is the data controller? 

C. What data do we collect and use? 

D. Why do we process personal data, and what is the legal basis for the processing? 

E. Is it necessary to provide personal data, and what are the consequences of refusal? 

F. Data concerning minors 

G. Who has access to personal data, and with whom is it shared? 

H. How do we process personal data, and for how long do we retain it? 

I. Can we transfer personal data to third countries or international organizations? 

L. How is the security of personal data ensured? 

M. What rights can you exercise, and how? 

N. Is it possible to lodge a complaint? 

O. Updates

 

A. What is meant by personal data? 

Personal data refers to any information that can be used to identify an individual, whether already held by the data controller or that the controller may come into possession of. 

For example, personal data includes: first name and surname; residential address; date of birth; telephone number; email address; location data. Personal data also includes data generated through the use of the services offered via the App, such as: browser and device information; IP address; data on App usage; information collected through cookies and other technologies (hereinafter, “Personal Data”).

B. Who is the data controller? 

The company that will process your Personal Data and, therefore, will act as the data controller as defined in Article 4, point 7) of the Regulation is: 

Ubique S.r.l. 

Registered office at Via Ercole Ferrario 12, Milano 20144  [1] 

REA MI registration number - 2588667 

Tax code and VAT number 11226420963 

(hereinafter, “Ubique”, “we”, “our”, “us”) 

Contact details of the data controller: Divya Singh, info@ubiquefashion.com

 

C. What data do we collect and use? 

• Information provided by the user during registration 

Accessing the App does not require account creation. However, to benefit from the main service offered by the App, namely personalized fashion assistance, it is necessary to create an account and provide your Personal Data, such as first name, surname, e-mail address, and information about user tastes and preferences. 

• Information provided by the user via chat and/or ChatBot 

Additionally, when the user interacts with us via our chat and/or ChatBot, they may share further personal information such as brand preferences, product reviews, images, fashion style, and tastes. 

o ChatBot used on this App 

Ubique utilizes AI-based chatbot technology. The ChatBot is a virtual assistant equipped with machine learning that leverages information gathered from user interactions. The language processing technology allows it to understand what the user says and provide the best possible response. 

Our ChatBot helps the user identify the product that best meets their needs based on what the user writes in chat, simulating a conversation with a human. 

While we strive to use measures to anonymize personal data when sharing it with the ChatBot service provider, we encourage users not to share identifying personal data, IBAN, tax code, phone number, or credit card number.  The information and data shared with OpenAI will not use the information contained in the chat to train its own model.

• Information received from other accounts or sources 

If you choose to register or log in to our App using a social media account, we may have access to certain information about you. 

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or Twitter logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, and profile picture, as well as other information you choose to make public on such a social media platform. 

We will use the information we receive only for the purposes described in this privacy notice or that are otherwise made clear to you on the relevant Services. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy notice to understand how they collect, use, and share your personal information, and how you can set your privacy preferences on their sites and apps. 

• Information collected from our IT systems

Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our App. 

We automatically collect certain information when you visit, use, or navigate the App. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our App, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes. 

Like many businesses, we also collect information through cookies and/or similar technologies. You can find out more about this in our Cookie Policy.

The information we collect may include: 

- Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our App and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the App (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called "crash dumps"), and hardware settings). 

- Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access the App. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information. 

We do not process data belonging to the special categories of data as per Article 9 of the GDPR. Please do not share with us information regarding racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. 

 

E. Why do we process personal data, and what is the legal basis for the processing? 

The Personal Data you provide and collected through the App is processed by Ubique in full respect of confidentiality, in compliance with all applicable laws (thus also adhering to the principles of fairness, lawfulness, transparency, proportionality, and protection of privacy and rights) and with logics strictly related to the purposes indicated in this Privacy Policy.

Purpose and Type of Data Processed (977 x 4000 px) (2).png
Data Protection Legislation
Data Controller
Personal data
Purposes
Informatin
Cookies
Types of cookies
Purposes for
Personal data held

G. Data Relating to Minors

The Personal Data of minors under the age of 18 shall not be processed by the Data Controller unless prior authorization is obtained from the holder of parental responsibility.

H. Who Has Access to Personal Data and with Whom Is It Shared?

Your Personal Data may be disclosed to specific parties considered recipients of such Personal Data (hereinafter referred to as “Recipients”).

To properly carry out all processing activities necessary to pursue the purposes outlined in this Privacy Policy, the following Recipients may be in a position to process your Personal Data:

  • Third parties who perform part of the processing activities and/or activities related and instrumental to them on behalf of the Data Controller (such as the management of the IT system). Third parties that process data on our behalf and under our authority have been adequately selected and are experienced, capable, and reliable, providing suitable guarantees of full compliance with applicable data protection regulations, including data security aspects. We periodically verify that the Data Processors fulfill their assigned tasks and continue to provide suitable guarantees of full compliance with data protection regulations.

  • Individual employees and/or collaborators of the Data Controller who have been entrusted with specific and/or multiple processing activities regarding your Personal Data. These individuals have been given specific instructions regarding the security and proper use of Personal Data.

  • Third-party providers of the ChatBot service: we share certain information provided by users interacting with our ChatBot with OpenAI in order to generate and respond to user inquiries in a personalized manner. The information and data shared with OpenAI will not use the information contained in the chat to train its own model.

  • Personal Data and information provided by users are shared with our partners and affiliates (“Partners”) if the user intends to proceed with the purchase of products selected among those indicated by Ubique or simply wishes to receive personalized and real-time assistance. In such cases, further processing and use of the data we receive are governed by the privacy policies of our Partners and are not under our control.

  • Where required by law or to prevent or repress the commission of a crime, your Personal Data may be disclosed to public authorities or judicial authorities.

A detailed and updated list of such parties, as well as those acting as data processors, can be easily obtained by sending an email to:      contact@ubiquefashion.com

I. How Do We Process Personal Data and How Long Do We Retain It?

The processing of data is carried out with or without the aid of electronic, automated, IT, or telematic tools, using logic strictly related to the purposes expressed above. Data processing will be conducted lawfully and fairly and in accordance with the aforementioned regulations, using suitable tools to ensure security and confidentiality, and may also be conducted through automated means for storing, managing, and transmitting the data.

In processing data that may directly or indirectly identify you, we strive to adhere to a principle of strict necessity. Therefore, we have configured the App so that the use of your Personal Data is minimized: consequently, the processing of your data is excluded when the purposes pursued in individual cases can be achieved by using anonymous data (such as, for example, analyses aimed at improving services) or through other means that allow identification of the Data Subject only when necessary or at the request of authorities and law enforcement (such as, for example, data related to traffic, your activity within the App, or your IP address).

Your Personal Data will be processed for a period equal to the minimum necessary to achieve the purposes for which the data are collected, subject to any further retention period imposed by legal provisions, and will be deleted without undue delay.

User registration: we retain data until a request for unsubscription from the App is made. In the event of inactivity for more than      2 years, the account will be removed and the user will need to proceed with a new registration.

For purposes for which user consent is required, we will process the data until consent is revoked.

For more information on the retention of data collected via cookies, please refer to the Cookies Policy.

Your data will be retained for an additional period concerning purposes of disputes and any legal obligations.

J. Can We Transfer Personal Data to Third Countries or International Organizations?

Your Personal Data will be processed by the Data Controller within the territory of the European Union.

Should it become necessary for technical and/or operational reasons to engage parties located outside the European Union, we hereby inform you that such parties will be appointed as Data Processors pursuant to Article 28 of the Regulation, and the transfer of your Personal Data to such parties, limited to the performance of specific processing activities, will be governed in accordance with the provisions of Chapter V of the Regulation. All necessary precautions will be taken to ensure the utmost protection of your Personal Data by basing such transfer on: (a) adequacy decisions regarding third countries issued by the European Commission; (b) adequate safeguards provided by the third-party recipient under Article 46 of the Regulation; (c) the adoption of binding corporate rules.

Personal Data may be transferred to the USA for storage on servers, subject to the execution of standard contractual clauses with the server and/or third-party service providers.

In any case, you may request further details from the Data Controller if your Personal Data has been processed outside the European Union by requesting evidence of the specific safeguards adopted.

K. How Is the Security of Personal Data Guaranteed?

We adopt appropriate security measures to minimize the risks of destruction or loss—also accidental—of data, unauthorized access, or processing that is not permitted or non-compliant with the purposes of collection indicated in our Privacy Policy.

The transfer, storage, and processing of your data collected through the App are ensured through suitable technical measures. However, we cannot guarantee users that the measures taken for the security of the App and the transmission of data and information on the App limit or exclude any risk of unauthorized access or data leakage from user-owned devices: we recommend ensuring that your computer is equipped with appropriate software to protect the transmission of data over the network, both incoming and outgoing (such as up-to-date antivirus systems) and that your Internet service provider has implemented suitable measures for data transmission security over the network (such as firewalls and anti-spam filters).

L. What Rights Can You Exercise and How?

As provided by Article 15 of the Regulation, you have the right to access your Personal Data, request their rectification and updating if incomplete or inaccurate, request their deletion if the collection occurred in violation of law or regulation, and oppose the processing for legitimate and specific reasons.

In particular, we outline below all your rights that you may exercise at any time against the Data Controller:

  • Right of Access: You have the right, under Article 15 of the Regulation, to obtain from the Data Controller confirmation of whether or not your Personal Data is being processed and, if so, to access such Personal Data and the following information: a) the purposes of the processing; b) the categories of Personal Data concerned; c) the Recipients or categories of Recipients to whom your Personal Data has been or will be disclosed, especially if Recipients are in third countries or international organizations; d) where possible, the retention period for the Personal Data or, if not possible, the criteria used to determine that period; e) the existence of the right of the Data Subject to request the Data Controller to rectify or delete Personal Data or restrict the processing of Personal Data concerning them or to object to their processing; f) the right to lodge a complaint with a supervisory authority; g) where Personal Data is not collected from the Data Subject, all available information about their source; h) the existence of automated decision-making, including profiling as referred to in Article 22, paragraphs 1 and 4 of the Regulation, and at least in such cases, meaningful information about the logic involved, as well as the significance and consequences of such processing for the Data Subject.

All this information can be found within this Privacy Policy, which will always be available to you in the Privacy section of the App.

  • Right of Rectification: You may obtain, under Article 16 of the Regulation, the rectification of your Personal Data that is inaccurate. Taking into account the purposes of the processing, you may also obtain the completion of your Personal Data that is incomplete, including by providing a supplementary statement.

  • Right to Deletion: You may obtain, under Article 17 of the Regulation, the deletion of your Personal Data without undue delay, and the Data Controller shall be obliged to delete your Personal Data if one of the following grounds applies: a) Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed; b) you have revoked the consent on which the processing of your Personal Data is based, and there is no other legal basis for processing; c) you have objected to the processing pursuant to Article 21, paragraphs 1 or 2 of the Regulation, and there are no overriding legitimate grounds for continuing the processing of your Personal Data; d) your Personal Data has been unlawfully processed; e) it is necessary to delete your Personal Data to comply with a legal obligation provided for by EU law or national law.

In certain cases, as provided in Article 17, paragraph 3 of the Regulation, the Data Controller is entitled not to delete your Personal Data if its processing is necessary, for example, for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for public interest reasons, for archiving in the public interest, for scientific or historical research purposes, or for statistical purposes, for the establishment, exercise, or defense of a legal claim.

• Right to Data Portability: You may request and receive, at any time, your Personal Data processed by the Data Controller in a structured, commonly used, and machine-readable format, pursuant to Article 20 of the Regulation. You may also request the transmission of your Personal Data to another data controller without hindrance. In this case, you are responsible for providing us with all the accurate details of the new data controller to whom you intend to transfer your Personal Data, along with written authorization.

• Right to Object: Under Article 21 of the Regulation, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your Personal Data, including profiling. You may also object at any time to the processing of your Personal Data when it is processed for direct marketing purposes, including profiling to the extent that it is related to such direct marketing. In such cases, we will refrain from further processing your Personal Data unless there are compelling legitimate grounds for processing that override your interests, rights, and freedoms or for the establishment, exercise, or defense of a legal claim.

• Withdrawal of Consent: If you have provided your consent to the processing of your Personal Data for one or more specific purposes, you may withdraw your consent at any time, either wholly or in part, without affecting the lawfulness of the processing based on your consent before its withdrawal.

How to Exercise Your Rights:
You may exercise your rights at any time by sending an email to: contact@ubiquefashion.com.
Please note that, when exercising your rights, we may ask you to verify your identity before proceeding with your request.

A form for exercising rights under data protection law is available here and can be used to submit your request.

According to the Regulation, the Data Controller is not authorized to charge fees for fulfilling any of the requests made in this paragraph, unless they are manifestly unfounded or excessive, particularly if they are repetitive. In cases where the user requests more than one copy of their Personal Data or in cases of excessive or unfounded requests, Ubique may (i) charge a reasonable fee, taking into account the administrative costs incurred in fulfilling the request, or (ii) refuse to comply with the request. In such cases, Ubique will inform the user of the costs before processing the request.

M. Can Complaints Be Made?

You have the right to lodge a complaint with the Italian Supervisory Authority if necessary, or to contact them for information regarding the exercise of your rights. Without prejudice to any other administrative or judicial remedy, you have the right to file a complaint with the Italian Supervisory Authority if you believe that the processing concerning you is carried out in violation of the Regulation. Further information is available on the website www.garanteprivacy.it.

In any case, Ubique is interested in being informed of any reasons for complaints and encourages users to use the contact channels mentioned above before approaching the Supervisory Authority, so as to prevent and resolve any disputes amicably and promptly, with the utmost courtesy, seriousness, and discretion.

N. Updates

We reserve the right to review, modify, or simply update, in whole or in part, in any manner and/or at any time, without notice, this Privacy Policy, also in light of changes to laws or regulations concerning data protection, indicating at the bottom of the webpage the date of the last update. Changes and updates will be notified via the App at the first access following the modification and will be binding as soon as they are published.

bottom of page