This privacy notice is provided pursuant to Article 13 of EU Regulation 2016/679 (the "Regulation") and is addressed to visitors of the website maoten.global and related landing pages, and to those who wish to join the Maoten network to have access to our services, apply as a freelancer and participate in our professional network ("Freelancer").

We will process your personal data according to what is provided in this notice.

This privacy policy does not apply to the processing of your personal data carried out by clients with whom you may collaborate as a Freelancer, by website or platform owners to which the Website may refer or by service providers who act on their own account or when you share your information on social networks. Please refer to the privacy notices provided by the respective data controllers for information regarding the processing of your data by them.

1. Navigation Data

The computer systems and software procedures responsible for the operation of the Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of computers and devices used by users, addresses in URI/URL notation (Uniform Resource Identifier/Locator) of requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (e.g., success, error) and other parameters relating to the user's operating system and computing environment. These data, necessary for the use of web services, are processed solely to obtain anonymous statistical information on the use of the website (most visited pages, number of visitors by hourly or daily time slot, geographic areas of origin, etc.) and to monitor its correct operation. The Website also uses cookies and other tracking technologies to collect and store information about the device used and perform statistical analyses. For further details, you can consult the Cookie Policy published in the footer of the Website at any time.

2. Data Provided by the User

Registration for the service, through the appropriate section on the Website, involves the acquisition by the Data Controller of the personal data of the user (freelancer) who registers (name, surname, phone number, email address), professional data relating to the competencies and experience of the freelancer and any further personal and/or professional data included in the CV, portfolio or external links, if provided, and additional information that will be voluntarily shared by the freelancer during the application process. Their failure to provide this data may therefore result in the inability of the Data Controller to follow up on registration, accreditation and contact requests made. The Data Controller invites the user not to insert information that falls within the so-called "special categories of personal data" referred to in Article 9 of the GDPR (racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, biometric data, data relating to health, sexual life or sexual orientation); should special data be inserted, this will be processed only if strictly necessary and with appropriate legal basis. The Data Controller may process data relating to preferences, opinions, reviews of the services offered, the image of the freelancer who participates in Maoten initiatives and events and any other data only if communicated on a voluntary basis by the interested party. By joining the network, you will have the ability to access a reserved area where you can interact with other network members. In this context, the Data Controller uses third-party platforms which may require access credentials or allow login via single sign-on. The shared data will be subject to processing by the Data Controller to ensure the provision of services. Each user, on a voluntary basis, may also submit specific contact requests through the appropriate section on the Website, or by directly contacting the Data Controller. In such case, the Data Controller will acquire the personal data provided by the user only to follow up on the contact request made by the user. The failure to provide such data may therefore result in the inability of the Data Controller to follow up on contact requests made by the user. The Data Controller will also process the administrative and tax data necessary for the contractual and accounting management of the relationship, when the user begins to collaborate and/or conclude agreements through the Maoten platform.

In any case, the user may revoke their consent at any time by contacting the Data Controller at the contact details indicated above.

However, the revocation will not prejudice the lawfulness of the processing based on consent prior to the revocation.

3. Purposes, Legal Basis and Nature of Data Communication

The processing of personal data provided by the user is carried out for the following purposes:

a) to enable navigation on the website and ensure its security, including the temporary storage of account data after any deactivation request, in order to protect the possibility of reactivation;

b) to enable the user to access professional or business opportunities, manage their application, present their profile to clients, participate in network projects and activities. The data may be shared with companies seeking freelancers and with clients who request profile evaluation;

c) to manage the collaborative archive, i.e., the showcase of projects created by freelancers in the network, where publication occurs only with the prior consent or release of the freelancer, who declares to have the rights for publication;

d) to provide agreed services;

e) to comply with legal obligations possibly incumbent on the Data Controller and applicable regulations (tax, accounting, regulatory);

f) to send institutional and service communications, such as updates on application status or communications relating to service provision;

g) to send communications for marketing purposes;

h) to profile the user for the purpose of improving the service.

The Data Controller will use the user's personal data for the purposes indicated above on the basis of the following legitimacy conditions (so-called legal basis): with reference to purposes a), b), c), d), f), the data will be processed for the purpose of service provision and, therefore, for the purpose of contract execution or pre-contractual measures (Article 6(1)(b) GDPR), based on the necessity of executing a contract to which the user is a party (in the context of Website use, the request to activate a service or the provision of the service itself); with reference to purpose e), to meet a legal obligation to which the Data Controller is subject (Article 6(1)(c) GDPR) and with reference to purposes g) and h), the consent of the interested party or, in some cases, Article 130, paragraph 4, Privacy Code. The communication of the user's personal data with reference to purposes a), b), c), d), f) (contractual or pre-contractual obligations) and e) (legal obligations) is necessary for the use of requested services and for compliance with legal obligations; any refusal to provide them will result in the inability of Maoten to perform the aforementioned services. As for purposes g) and h), the communication of data is optional and refusal will have no consequences on the requested services.

For the disabling of profiling cookies, please refer to the Website's Cookie Policy, always accessible from the footer.

4. Retention Period

Personal data will be retained by the Data Controller for only the strictly necessary period, and in any case for a period not exceeding 12 months, to allow user navigation on the Website and to follow up on any contact requests made, after which they will be deleted.

Application and freelance profile data will be retained by the Data Controller for only the strictly necessary period, and in any case for a period not exceeding 5 years from the last update, unless earlier revocation or deletion. It is possible to maintain an active profile beyond this period, subject to consent.

Data published in the collaborative archive will be retained by the Data Controller until revocation of consent or request for removal.

Administrative and tax data will be retained by the Data Controller for no more than 10 years, as provided by law. As regards the retention of personal contact data of users who express consent to the processing of personal contact data for marketing and promotional purposes, the processing will be carried out until revocation of consent and in any case no more than 24 months from the last interaction.

Anonymized data for statistical analysis will be retained by the Data Controller without time limits.

5. Data Recipients

The employees and/or collaborators of the Data Controller responsible for managing the Website may become aware of users' personal data. Such persons, who have been specifically instructed by the Data Controller, will process the user's data exclusively for the purposes indicated in this notice and in compliance with applicable regulations.

Furthermore, third parties may become aware of users' personal data, such as: i) clients and companies seeking professional profiles in line with your characteristics; ii) external service providers appointed by the Data Controller as "Data Processors" pursuant to Article 28 GDPR, such as providers of IT services and solutions functional to the operation of the Website, such as development and technical maintenance of the Website, hosting, mailing list management, electronic communication systems. Among these: Vercel (hosting in the EU), Supabase (database in the EU), Resend (email, EU), PostHog (analytics in the EU), Google Workspace, Google Drive, Dropbox, ClickUp; or other professionals and consultants for administrative, accounting, legal, and tax assistance; iii) Public and judicial authorities in compliance with legal obligations.

Users in any case have the right to obtain a list of any data processors appointed by the Data Controller, by making a request to the Data Controller at the contact details indicated in this notice.

Some data may be transferred outside the European Economic Area through providers such as Google or Dropbox. In these cases, the transfer occurs in compliance with Articles 44-49 GDPR, with the adoption of adequate safeguards such as Standard Contractual Clauses (SCC).

Personal data collected will not be sold to third parties for commercial purposes.

6. Rights of the Data Subject

As the data subject, you may exercise, at any time, the right of access (Article 15 GDPR), the right to rectification (Article 16 GDPR), the right to erasure (Article 17 GDPR), the right to restriction of processing (Article 18 GDPR), the right to data portability (Article 20 GDPR) and the right to object (Article 21 GDPR), and not to be subject to decisions based solely on automated processing (Article 22 GDPR) according to the methods indicated in the same articles, to which express reference is made. To exercise the aforementioned rights, the data subject may contact the Data Controller at info@maoten.global.

7. Protection of Personal Data

The Data Controller will process personal data with maximum care and respect.

The data collected will be processed by manual or computer means, taking care to adopt adequate security measures to ensure the protection of confidentiality and to avoid the risks of loss or destruction, unauthorized access, unauthorized processing or processing not in accordance with the aforementioned purposes. The aforementioned measures include: i) training and updating activities of its personnel ensuring they are informed about privacy obligations when they have access to and process personal data; ii) administrative and technical controls to limit access only to the personal data that is necessary to know in relation to the purposes of processing; iii) technical security measures, including firewalls, encryption and antivirus software; iv) physical security measures, such as security passwords for the Data Controller's personnel.

8. Modifications

Maoten reserves the right to modify or update this Privacy Policy at any time. We invite you to periodically consult the version published on the Website. In the event of substantial modifications, the Data Controller will proceed to inform you by appropriate means (e.g., email or banner on the Website).