Privacy Policy
Last updated: January 12, 2026
Data Controller & Contact
Didaflow Srl
C.F. e P. Iva: 04337201208
Via Pietralata 16 – 40122 Bologna, Italia
Data We Collect
Contact & Account Data
- •First and last name
- •Email address
- •Phone number (optional)
- •Organization affiliation
Usage & Platform Data
- •Access logs and platform usage history
- •IP address and approximate geolocation
- •Browser and device information
- •Navigation data and interaction metrics
Educational Data
For client institutions, we process aggregated and anonymized data:
- •Academic performance statistics
- •Enrollment, progression, and retention rates
- •Engagement and learning activity measures
Purpose & Legal Basis
Service Delivery
Providing Academic & Training Intelligence services
Legal basis: Performance of contract (Art. 6(1)(b) GDPR)
Communications & Support
Responding to requests, technical support, and updates
Legal basis: Legitimate interest or consent (Art. 6(1)(f) GDPR)
Service Improvement
Platform analysis and optimization
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR)
Legal Compliance
Fulfilling regulatory and tax obligations
Legal basis: Compliance with law (Art. 6(1)(c) GDPR)
Data Sharing & Partners
We share data with trusted partners when necessary:
- •Technology providers: AWS, Azure, and other hosting partners
- •Academic partners: Collaborating institutions per agreement
- •Legal authorities: When required by law
All partners comply with GDPR and sign data processing agreements.
🌍 International Data Transfers
Data is processed primarily in the EU. International transfers use Standard Contractual Clauses or adequacy decisions approved by the European Commission.
Data Retention Periods
Your Data Rights (GDPR)
Right to Access
Know what data we hold about you
Right to Rectification
Correct inaccurate data
Right to Erasure
Request deletion of your data
Right to Restriction
Limit how we process your data
Right to Portability
Get your data in a standard format
Right to Object
Oppose certain processing activities
Withdraw Consent
Remove given permissions anytime
Lodge a Complaint
Report to your data protection authority
Exercise your rights: privacy@didaflow.com
Security Measures
We implement industry-leading security practices:
- 🔐TLS encryption in transit, AES-256 at rest
- 🔐Role-based access controls (RBAC)
- 🔐24/7 monitoring and intrusion detection
- 🔐Automated backups and disaster recovery
- 🔐Regular security audits and penetration testing
- 🔐Team data protection training
Cookies & Tracking
We use technical and analytical cookies to improve your experience.
For details, see our Cookie Policy
Policy Updates
This Privacy Policy may change to reflect legal or operational updates. We will notify you of significant changes via email. Continued use means you accept the new terms.
Privacy Questions & Complaints
Privacy Contact
Email: privacy@didaflow.com
File a Complaint
Contact the Italian Data Protection Authority (Garante) if you believe your rights have been violated.