Privacy Policy

1. Introduction and Data Controller Information

We are committed to protecting your personal data and ensuring transparency in how we collect, use, and safeguard the information you provide to us. This Privacy Policy explains how we handle personal data in connection with our website website and any related interactions.

The processing of personal data is conducted in accordance with the principles and obligations set out under the General Data Protection Regulation (EU) 2016/679 (“GDPR”), including transparency, lawfulness, fairness, data minimization, purpose limitation, and storage limitation.

As an individual data controller (natural person), I am responsible for determining the purposes and means of processing your personal data.

Data Controller Information

Name: Graziano Corineo
Email: seedcode100@gmail.com
Phone:
Jurisdiction: Italy (EU)

At present, we do not appoint a Data Protection Officer (DPO), as this is not required under Article 37 GDPR. Nonetheless, we take your privacy seriously and encourage you to contact us directly using the contact details above for any privacy-related inquiries or concerns.

2. Scope and Application

This Privacy Policy applies to all personal data collected and processed in the context of using our website website and any related services we offer, whether as a casual visitor or as an individual expressing interest in a specific domain name.

This policy governs the collection, use, storage, and disclosure of personal information when you:

Visit our website;
Submit a contact form expressing interest in a domain name;
Communicate with us directly through the contact details provided.

The scope of this policy is limited to the personal data voluntarily provided by users for the purpose of initiating communication or potential negotiation related to domain name transactions. This includes, but is not limited to, your full name, email address, and message content.

This Privacy Policy does not apply to external services or third-party platforms used to finalize domain name transactions, such as online domain marketplaces. Those platforms act as independent data controllers and provide their own privacy notices, which we encourage you to review when redirected to their services.

We are committed to applying this Privacy Policy equally to all users, regardless of their location or status (e.g., EU resident or non-EU resident), and ensuring the protection of their personal data in line with applicable data protection laws.

3. Types of Personal Data Collected

We only collect personal data that is strictly necessary to fulfill the purposes described in this Privacy Policy. The personal information we collect is limited to what you voluntarily provide when interacting with us through our website.

Specifically, we may collect the following types of data:

Full Name (first and last name)
Email Address
Subject (of the inquiry)
Message Content (text you include in the contact form)

This information is collected solely through our online contact form, which allows users to express interest in a specific domain name and initiate communication with us.

We do not collect:

Sensitive personal data (e.g., health, biometric, racial, or religious data)
Financial information (e.g., payment or bank details)
Browsing data or analytics information
IP addresses for tracking purposes

Additionally:

We do not use cookies, trackers, analytics tools, or any automated technologies.
We do not engage in profiling or automated decision-making.

We are committed to the principle of data minimization as required by Article 5(1)(c) of the GDPR, ensuring that only the data strictly necessary for specific purposes is collected and processed.

4. Purpose and Legal Basis for Processing

We process your personal data exclusively for the purposes that are clearly defined, legitimate, and necessary to provide our services. In accordance with Article 6 of the General Data Protection Regulation (GDPR), we ensure that every processing activity is supported by an appropriate legal basis.

Purposes of Processing

To receive and respond to your inquiry regarding interest in a domain name;
To initiate communication and possible negotiations related to domain name transactions;
To follow up on your request, if necessary, in relation to the same domain or inquiry;
To comply with legal obligations, where applicable (e.g., in case of disputes or regulatory requests).

We do not process your personal data for:

Marketing or promotional purposes;
Automated decision-making or profiling;
Resale, disclosure, or reuse for other unrelated services.

Legal Basis for Processing

Performance of pre-contractual measures – Article 6(1)(b) GDPR:
Your data is processed to take steps at your request prior to entering into a potential agreement, such as the sale or transfer of a domain name.
Compliance with legal obligations – Article 6(1)(c) GDPR:
We may retain or process certain information if required by applicable law or for the purpose of establishing, exercising, or defending legal claims.

We rely on these legal bases to ensure that all processing activities are lawful, fair, and transparent.

5. Methods of Collection

We collect personal data only through direct, voluntary interactions initiated by users. There are no hidden or automated mechanisms for data capture on our website.

Specifically, we collect personal data through:

Online contact form: When you submit an inquiry through our website’s contact form, you voluntarily provide your name, email address, subject, and message content. This information is transmitted directly to our internal email address.

We do not collect personal data through:

Cookies or tracking technologies
Background scripts, analytics tools, or third-party integrations
Passive browsing behavior or device fingerprinting

No data is collected automatically, and all data handling is initiated by the user’s conscious choice to reach out.

This approach reflects our commitment to data minimization and to ensuring that no personal data is processed unless explicitly provided by the user for a clear, purpose-driven reason.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal and operational obligations.

Retention Policy

Personal data submitted via the contact form is stored exclusively within our email account, managed through Gmail (Google Mail).
This information is used solely to respond to your inquiry and, where applicable, to initiate and conduct negotiations related to domain name transfers.
We do not store personal data in any external databases or CRM systems.

Retention Timeframes

Inquiries that do not result in a transaction may be retained for up to 24 months from the date of the last recorded interaction, in order to ensure continuity of communication and for record-keeping purposes.
Where a domain transfer or negotiation results in a contractual relationship or legal relevance, the associated correspondence may be archived for up to 5 years in compliance with applicable legal retention requirements (e.g., for accounting, legal claims, or dispute resolution).

Email Provider and Location

All personal data is stored in an email account provided by Google LLC (Gmail). Google operates a globally distributed network of data centers, which means that data may be processed on servers located both within and outside the European Economic Area (EEA), including in the United States.

Google LLC is certified under the EU-U.S. Data Privacy Framework, which provides an adequate level of protection for data transfers to the U.S., as recognized by the European Commission.
Google LLC has implemented Standard Contractual Clauses (SCCs) approved by the European Commission as appropriate safeguards pursuant to Article 46 of the GDPR.
Google LLC adopts rigorous technical and organizational security measures to ensure the protection and confidentiality of personal data.

We perform periodic reviews of stored communications and delete personal data that is no longer necessary for the original purposes of processing. All data is stored securely, and access is strictly limited to the data controller.

7. Data Sharing and Third-Party Disclosure

We do not sell, rent, or otherwise share your personal data with third parties for marketing, profiling, or unrelated commercial purposes.

However, personal data may be disclosed to specific third parties, but only when such disclosure is strictly necessary, legally justified, and aligned with the purposes described in this Privacy Policy.

When and Why We May Share Your Data

Domain Marketplace Platforms:
If your inquiry leads to a negotiation and potential domain name transaction, your contact details (e.g., full name and email address) may be shared with reputable third-party domain marketplaces, such as Dan.com or Sedo or Escrow.com, for the sole purpose of facilitating the transfer. These platforms act as independent data controllers, and their own privacy notices apply.
Email Hosting Provider – Google LLC (Gmail):
All personal data submitted via our website’s contact form is transmitted and stored through Gmail. Google may process this data on servers located inside and outside the European Economic Area (EEA). Google LLC is certified under the EU-U.S. Data Privacy Framework, has implemented Standard Contractual Clauses (SCCs), and enforces strict security safeguards.
Legal Obligations and Protection of Rights:
We may disclose personal data where required by law, legal proceeding, or governmental request, or where necessary to establish, exercise, or defend legal claims.

8. Security Measures

We take the security of your personal data seriously and are committed to implementing appropriate technical and organizational measures to protect it against unauthorized access, loss, misuse, alteration, or disclosure.

Our approach to security is based on the principles of confidentiality, integrity, and availability, as required by Article 32 of the General Data Protection Regulation (GDPR).

Technical and Organizational Safeguards

Secure Communication Channels: Data transmitted via the website (e.g., through the contact form) is protected using HTTPS encryption to ensure data integrity during transmission.
Email Security (Gmail): Gmail includes robust security protocols such as two-factor authentication, encryption at rest and in transit, and monitoring for unauthorized access.
Access Control: Access to personal data is restricted to the data controller and, where necessary, to authorized collaborators who assist in managing domain-related communications or transactions. Such collaborators are bound by confidentiality obligations and receive access only to the data strictly necessary for performing their tasks.
Device Protection: Devices used to access personal data are protected with:
- Secure passwords and biometric authentication
- Full-disk encryption
- Up-to-date operating systems and antivirus software
Review and Audit: We conduct periodic reviews of our email archive and data handling procedures to ensure compliance with this policy and evolving security standards.

If any data breach were to occur that might pose a risk to your rights and freedoms, we are prepared to notify the relevant supervisory authority and affected individuals in accordance with Articles 33 and 34 GDPR.

9. Data Subject Rights

We are committed to ensuring that you can fully exercise your rights regarding the personal data we process. In accordance with the General Data Protection Regulation (GDPR), you have a range of rights designed to give you transparency, control, and autonomy over your personal information.

Your Rights under the GDPR

Right of Access (Article 15): Confirm if we process your personal data, and access it.
Right to Rectification (Article 16): Request correction or completion of inaccurate or incomplete data.
Right to Erasure (“Right to be Forgotten”) (Article 17): Request deletion when data is no longer necessary.
Right to Restriction of Processing (Article 18): Request limited processing under certain conditions.
Right to Data Portability (Article 20): Receive your data in machine-readable format and transmit it elsewhere.
Right to Object (Article 21): Object to processing based on your particular situation.
Right to Withdraw Consent (Article 7(3)): Withdraw your consent at any time, without affecting past processing.
Right to Lodge a Complaint (Article 77): File a complaint with a data protection authority if you believe your rights were violated.

How to Exercise Your Rights

To exercise any of your rights, please contact us:

Email: seedcode100@gmail.com
Phone:

Requests will be handled in accordance with the GDPR. We will respond without undue delay, and in any case within one month of receipt. This period may be extended by two months if necessary; you will be informed.

To protect your personal data, we may request verification of your identity before fulfilling any request.

10. Cookie Policy

We value your privacy and are committed to maintaining a simple and transparent digital experience. For this reason, we do not use cookies or any similar tracking technologies on our website.

What This Means

No technical, analytical, functional, or marketing cookies are stored on your device.
We do not use third-party services (e.g., Google Analytics, Facebook Pixel).
We do not track your browsing behavior actively or passively.

Our website serves a single functional purpose: allowing you to express interest in a domain name through a contact form. This form works entirely without the use of cookies or session-based storage.

Browser Settings

Since our website does not set cookies, you are not required to accept or reject any cookie banner or tracking settings when visiting our site. However, you remain free to manage your browser’s cookie preferences independently.

This approach reflects our commitment to data minimization and privacy by design, as outlined in Article 25 of the GDPR, and ensures compliance with the relevant provisions of the ePrivacy Directive.

11. Changes to this Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time in order to reflect changes in applicable laws, operational practices, or the nature of the services we provide.

Notification of Changes

Since we do not maintain a user account system or active contact list, changes to this Privacy Policy will not be communicated individually.

The most recent and valid version of this Privacy Policy will always be available upon request.
We will update the “Effective Date” and version number at the bottom of this document to indicate when revisions have occurred.

By contacting us or continuing to communicate with us regarding domain-related services after any update, you acknowledge and accept the revised terms.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, you are welcome to contact us directly. We are committed to addressing all privacy-related inquiries in a transparent, respectful, and timely manner, in accordance with applicable data protection laws.

Contact Details of the Data Controller