Login

Privacy Notice (GDPR)

Site: wcag-accessibility-checker.visibitaly.com — Last updated: 09/23/2025

1) Data Controller

Quadralto S.R.L. – Headquarters: Via Aurelio Saffi 9, 20123 Milan (MI), Italy
Privacy Email: info@visibitaly.com – PEC: amministrazione@pec.lombardiafood.it – Tel: +39 02 37901200
The Controller is the same company that also manages visibitaly.com.

2) Scope of the Notice

This notice exclusively concerns wcag-accessibility-checker.visibitaly.com (hereinafter, “Platform” or “Service”), our SaaS for WCAG testing and related consulting/prepaid hours services.

3) Processed Data

  • Account Data: first name, last name, email, password (hash only), role/plan.
  • Usage Data: URLs entered for scans, settings, results/reports, technical logs (IP, user-agent, timestamp, errors).
  • Contact and Support Data: contents of tickets/emails and any attachments.
  • Billing/Payment Data: personal details, VAT number, order history. Full card data is processed by the payment processor (e.g., Stripe/PayPal) and is not stored by the Platform.
  • Browsing Data: IP address, technical cookies/IDs, session events for functionality and security.
  • Analytics (if enabled): aggregated/anonymous or pseudonymized statistics.

4) Purposes and Legal Bases

  • Provision of the SaaS Service (account, login, scans, reports): art. 6(1)(b) GDPR (contract).
  • Payments and Billing: art. 6(1)(b) and 6(1)(c) GDPR (contract and legal obligations).
  • Security and Abuse Prevention (logs, rate-limit, anti-fraud): art. 6(1)(f) GDPR (legitimate interest).
  • Customer Support (tickets/emails): art. 6(1)(b) GDPR.
  • Service Communications (technical updates, changes to terms): art. 6(1)(b)/(f) GDPR.
  • Soft-opt-in Marketing to existing customers for similar services: art. 6(1)(f) GDPR in compliance with art. 130, c. 4 Privacy Code (opt-out always available).
  • Non-technical Analytics: art. 6(1)(a) GDPR (consent via banner/CMP).

5) Nature of Provision

Data necessary for account, scans, and payments are mandatory: failure to provide them prevents the provision of the Service. Optional data (e.g., feedback, non-technical analytics) do not affect the essential use of the Platform.

6) Processing Methods and Security

Processing is carried out using IT/telecommunication tools; we apply appropriate technical and organizational measures (encryption in transit, access control, hardening, backup). Access to data is limited to authorized personnel and external processors (hosting/cloud, payment, ticketing, email delivery, analytics).

7) Retention

  • Account and Reports: for the duration of the relationship and subsequently for the time necessary for legal protection/legal obligations (e.g., tax documents up to 10 years).
  • Technical Logs: typically 30–180 days (specify the actual window) unless required for security or investigations.
  • Tickets/Emails: for the time necessary for management and protection.
  • Analytics: according to the configured retention (specify).

8) Recipients and Transfers

We share data with suppliers/External Processors (hosting, CDN, email, ticketing, payment systems, CRM, accounting, analytics). List available upon request. Processing preferably takes place within the EEA. Any extra-EEA transfers occur with adequate safeguards (e.g., Standard Contractual Clauses).

9) Data Subject Rights (Artt. 15–22 GDPR)

You have the right to access, rectify, erase, restrict, portability, object, and withdraw consent. To exercise your rights, write to info@visibitaly.com. You can lodge a complaint with the Data Protection Authority.

We use technical cookies for functionality and security. Any cookies/IDs for analytics or marketing are activated only with consent via banner/CMP, with the possibility to withdraw it at any time. More details in our Cookie Policy.

11) Marketing

We may contact you via email for similar services already purchased (soft-opt-in) or if you have provided consent. Each message contains an unsubscribe link.

12) Minors

The Service is not directed to minors under 14/16 years (according to local regulations). If you believe a minor has provided us with data, contact us: we will act without delay.

13) Changes to the Notice

We may update this notice (e.g., for new features or compliance). In case of substantial changes, we will inform on the site or via email. The current version is always published on this page.