Privacy Policy

pursuant to EU Regulation 2016/679 – GDPR

1. About Us

filMapp is operated by filMapp, based in Rome.
For any inquiries, please write to: hello.filmapp+privacy@gmail.com.

2. Types of Data Processed

2.1 Data Voluntarily Provided by the User

During the registration and use of the Application, the user provides the following personal data necessary for authentication:

• email address;
• access credentials (password stored in encrypted form).

This data is used exclusively for account creation and management, secure authentication, and providing the core features of the Application (such as saving favorites and password resets).

2.2 Data Collected from Public Sources

We process exclusively data obtained from publicly accessible online sources, related to multimedia content, information, and activities, such as:

• descriptive information, titles, and information sheets;
• web links and public URLs available on the internet;
• any information already published online required for the app's core linking functionalities.

2.3 Automatically Collected Data

The Application may automatically and anonymously collect technical information necessary for the proper functioning of the software, including:

• device type and operating system;
• technical identifiers not directly linkable to the user;
• system logs and data related to the use of the Application.

3. Third-Party Service Providers

The Application uses the third-party service Supabase for secure management of authentication, databases, and user sessions (including password reset services). Registration data is transmitted to and hosted on Supabase's secure servers in full compliance with the GDPR.

4. Purposes of Processing

The data is used to:

• ensure the proper functioning of the Application and secure access to restricted areas;
• manage credential recovery and password reset procedures;
• include public information within the free filMapp platform through linking features;
• analyze the use of the Application in an aggregate and anonymous form to improve its features.

5. Legal Basis

The processing of data is based on:

• the performance of contractual or pre-contractual measures (Art. 6, par. 1, b GDPR) to allow the user to register, access, and use the Application's services;
• the legitimate interest of the Data Controller (Art. 6, par. 1, f GDPR) to inform and include public data within the platform and to ensure the technical security of the software.

6. Geolocation and In-App Purchases

The Application does not collect precise real-time location data, does not contain in-app purchases, and does not engage in profiling or tracking for advertising purposes.

7. Processing Methods and Security

Data is processed using IT tools, protected by appropriate technical and organizational security measures (including encryption protocols and secure HTTPS connections), and stored in a manner that guarantees confidentiality.

8. Data Retention

Account data (email) is retained for as long as the account remains active. The user can request its deletion at any time. Aggregate and anonymous technical data may be retained for statistical and diagnostic purposes.

9. Data Sharing

Personal data will not be transferred or sold to third parties for commercial purposes under any circumstances. It may be disclosed to third parties only if required by explicit legal obligations or to prevent fraudulent activities and technical flaws.

10. Data Transfer Outside the EU

Cloud infrastructure and authentication services (Supabase) may process data on servers located inside or outside the European Union. Any transfer takes place in compliance with Art. 44 et seq. of the GDPR through the adoption of Standard Contractual Clauses approved by the European Commission.

11. Rights of the Data Subject

Pursuant to Articles 15–22 of the GDPR, you have the right at any time to:

• request access, rectification, update, or total erasure of your data (right to be forgotten);
• request the restriction of processing or object to it for legitimate reasons;
• lodge a complaint with the Data Protection Authority.

To exercise your rights, please write to: hello.filmapp+privacy@gmail.com.

12. Account Deletion and Opt-Out

The user can stop all data processing by uninstalling the Application from their device. Furthermore, the user can request the permanent deletion of their profile and associated email from the databases by contacting the Data Controller at the email address provided above.

13. Changes to this Policy

Any updates will be published on this page with a revision date.