Support & Services

Privacy Policy

Last updated: 18/03/2026

This Privacy Policy explains how IXLA srl (“IXLA”, “we”, “us”, “our”) collects, uses, shares, and protects personal information when you visit our website (the “Website”) or contact us.

If you do not agree with this Policy, please do not use the Website.

 

 

1. Who we are (Controller)

IXLA srl
Via Ponte Chiusella 28, 10090 Romano Canavese (TO), Italy
VAT: IT 02075540035
Email: info@ixla.it

 

2. What personal data we collect

We may collect the following categories of personal data, depending on how you interact with the Website:

 

Data you provide directly

  • Contact details: name, email address, company/organization, phone number (if provided)
  • Message content: information included in your enquiry, request for quotation, or other communications
  • Any additional information you choose to submit through forms or email

Data collected automatically (technical & usage data)

When you browse the Website, we may automatically collect:

  • Device and log data: IP address, browser type, device identifiers, operating system, language settings
  • Usage data: pages viewed, time spent, referring pages, clicks and interactions, approximate location (country/region)
  • Cookie and tracker data: cookie IDs, preferences, consent status, analytics identifiers (where applicable)

Data collected from third-party platforms embedded on the Website

When you view embedded content (e.g., YouTube videos) or load third‑party resources (e.g., fonts), those providers may receive technical data such as IP address and browser/device information.

Mandatory vs optional data: Fields marked as required in forms are necessary to process your request. If you do not provide them, we may be unable to respond.

3. Why we collect data (purposes) and legal bases (GDPR)

We process personal data for the purposes below. Where the GDPR applies, we rely on one or more legal bases under Article 6 GDPR:

To respond to enquiries and provide requested information

  • Purpose: respond to questions, requests for information, quotations, and business communications
  • Data used: contact details, message content
  • Legal basis: performance of a contract / steps prior to entering a contract (Art. 6(1)(b)) and/or legitimate interests (Art. 6(1)(f))

To operate, maintain, and secure the Website

  • Purpose: ensure functionality, prevent fraud/abuse, troubleshoot, maintain availability
  • Data used: technical data, logs
  • Legal basis: legitimate interests (Art. 6(1)(f)) and/or legal obligation where applicable (Art. 6(1)(c))

Analytics and Website performance measurement (only where enabled and permitted by consent, where required)

  • Purpose: understand how visitors use the Website, improve content and performance
  • Data used: usage data, cookie/tracker identifiers
  • Legal basis: consent (Art. 6(1)(a)) where required by ePrivacy rules; otherwise legitimate interests (Art. 6(1)(f)) where legally permitted

Compliance with legal obligations and protection of rights

  • Purpose: comply with law, respond to lawful requests, establish/exercise/defend legal claims
  • Data used: relevant data depending on request
  • Legal basis: legal obligation (Art. 6(1)(c)) and/or legitimate interests (Art. 6(1)(f))

4. Cookies and tracking technologies

We use cookies and similar technologies (“Trackers”) to operate the Website and, where enabled, to measure performance and deliver embedded content.

Types of cookies we may use:

  • Strictly necessary cookies: required for basic Website operation and security
  • Preference cookies: remember your choices (if enabled)
  • Analytics cookies: help us understand Website usage (if enabled)
  • Embedded content cookies (third parties): e.g., YouTube may set cookies when you view embedded videos

You can manage cookies via:

  • your browser settings
  • provider opt‑out tools (e.g., Google’s analytics opt‑out browser add‑on, where applicable)

For full details (cookie names, providers, retention, categories), see our Cookie Policy.

5. Who we share data with (recipients)

We may share personal data with the following categories of recipients only when necessary for the purposes described:

Service providers (processors)

We use trusted third-party service providers that process personal data on our behalf and under our documented instructions, solely for the purposes described in this Privacy Policy.
 

These may include:

  • Website hosting and infrastructure providers
  • Content management system (CMS) providers (e.g. WordPress – self-hosted)
  • Consent and privacy management providers (e.g. Iubenda)
  • Website analytics providers, where enabled and subject to consent (e.g. Google)
  • Embedded content and social media widget providers (e.g.SociableKIT)
  • IT, technical support, and website maintenance providers, including external freelancers or service companies that assist with the operation, maintenance, and security of the Website

All such providers are contractually bound to process personal data only on our behalf, in accordance with applicable data protection laws, and to implement appropriate security measures.

Social media and online platforms

When users interact with social media features or view embedded content on the Website, personal data may be collected directly by the relevant platform in accordance with its own privacy policy.

In particular, our Website may interact with:

  • LinkedIn Corporation / LinkedIn Ireland Unlimited Company

Through:

  • LinkedIn Insight Tag
  • Embedded LinkedIn content

LinkedIn may receive technical and usage data such as IP address, device and browser information, and cookie identifiers.
We encourage users to review LinkedIn’s privacy policy to understand how their personal data is processed by LinkedIn.

Legal, regulatory, and protection purposes

We may disclose personal data to competent authorities, courts, or other third parties where required by law, regulation, or lawful request, or where necessary to establish, exercise, or defend legal claims, or to protect our rights, property, or safety and those of others.

Corporate transactions

In the event of a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the relevant third party as part of that transaction, subject to applicable data protection laws and appropriate safeguards.

No sale or unauthorized sharing of personal data

We do not sell personal data to third parties.

For the purposes of the California Consumer Privacy Act (CCPA/CPRA), we also do not knowingly sell or share personal information for cross‑context behavioral advertising.
Where applicable, users may manage preferences and opt‑out options through our cookie settings and browser‑based privacy controls.

 

 

 

 

 

 

 

6. International transfers (data leaving the country/EEA) & safeguards

Your data may be processed in countries other than the country where it was collected. For example, some service providers may process data outside Italy or outside the European Economic Area (“EEA”).

Where the GDPR applies and personal data is transferred outside the EEA to countries not recognized as providing adequate protection, we use appropriate safeguards such as:

  • European Commission Standard Contractual Clauses (SCCs), and/or
  • other lawful transfer mechanisms recognized under applicable law.

You can request more information about transfers and safeguards by contacting us at info@ixla.it.

 

7. How long we keep your data (retention)

We keep personal data only as long as necessary for the purposes described, unless a longer retention period is required or permitted by law.

Typical retention periods (adjust to your reality):

  • Contact form enquiries: retained for up to 24 months after the request is closed
  • Business communications: retained for up to 24 months after last contact, unless needed longer for a contract or legal claim
  • Website logs/security records: retained for an undefined period unless needed to investigate incidents
  • Legal obligations: retained as required by applicable law (e.g., accounting, compliance)

When retention expires, data is deleted, anonymized, or securely archived (where legally required).

 

8. Security practices

We implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Measures may include (as appropriate):

  • access controls and least‑privilege permissions
  • secure hosting and network protections
  • encryption in transit (HTTPS/TLS) and, where appropriate, encryption at rest
  • logging and monitoring for security incidents
  • internal policies and staff confidentiality obligations

No method of transmission or storage is 100% secure, but we work to protect data using industry‑appropriate safeguards.

 

9. Your privacy rights (GDPR / EEA / UK)

If the GDPR applies, you may have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Erase your data (“right to be forgotten”), in certain cases
  • Restrict processing, in certain cases
  • Object to processing based on legitimate interests, including direct marketing
  • Data portability (receive data in a structured, commonly used, machine‑readable format)
  • Withdraw consent at any time, where processing is based on consent
  • Lodge a complaint with your data protection authority (e.g., in Italy, the Garante per la protezione dei dati personali)

 

10. How to exercise your rights (GDPR)

To exercise your rights, contact us using one of the methods below:

Email: info@ixla.it
Subject line: “Privacy Request”
Include: your name, contact details, country of residence, and a description of your request.

We may request information to verify your identity before fulfilling your request. 

Response timing: we respond within one month (may be extended where legally permitted)

 

11. Children’s privacy

The Website is not intended for children under 16, and we do not knowingly collect personal data from children. If you believe a child has provided data, contact us, and we will take appropriate steps.

 

12. Changes to this Policy

We may update this Policy from time to time. The “Last updated” date above shows when changes were made. Material changes may be communicated on the Website or by other appropriate means where required.

 

13. Contact

If you have questions about this Policy or our data practices, contact:

IXLA srl
Via Ponte Chiusella 28, 10090 Romano Canavese (TO), Italy
Email: info@ixla.it