Privacy Notice - Sicuranext S.r.l.


According to Article 13 of the Regulation (EU) 2016/679 (“GDPR”) General Data Protection Regulation


Company Name: Sicuranext S.r.l.
VAT Number: 12106410017
Registered Office: Via Stampatori, 18, 10122 - Torino (To)

Sicuranext S.r.l. (hereinafter the “Data Controller”, “Company”), pursuant to Article 13 of EU Regulation no. 2016/679 (hereinafter the “GDPR”), informs the Users of the Octofence WAAP service and/or the Users of the website (“Users”, “Data Subjects”) that their data will be processed in the following manner and for the following purposes:

1. Information about the Data Processing

The Data Controller processes the personal data communicated by the Users during the use of the Octofence WAAP service and while browsing on the websites protected by Octofence WAAP. This includes data such as IP addresses, URLs, HTTP parameters, headers, and any HTTP body data. Additionally, usage data generated indirectly through the use of the service and the navigation of the websites or is also processed. The website and the service may trace technical information about the User's network (e.g. IP address).

2. Purpose and Legal Basis of the Data Processing

Data processing is carried out by the Data Controller in the execution of its activities. The Data of the Data Subject will be processed for the following purposes:

  • Enable the User to use the WAAP service.
  • Fulfill legal obligations required by law, regulation, European legislation, or an order of the Data Protection Authority.
  • Process user questions or requests.
  • Exercise the rights of the Data Controller (e.g. defense of legal claims).
  • Monitor the correct operation of the service and the website.

The legal basis for the processing operations are:

  • For purposes a) and c), processing is necessary for the fulfillment of contractual or pre-contractual obligations.
  • For purpose b), processing is necessary to comply with legal obligations.
  • For purposes d) and e), the legal basis is the legitimate interest of the Data Controller.

3. Storage Period

Personal data will be kept for the time necessary to fulfill the purposes indicated in this privacy policy. The Data Controller will store data for ten years for legal and commercial correspondence as required by the Civil Code. Additionally, user data may be kept for the time necessary to ensure defense in court or to prosecute any abuse in the use of the service.

4. Communication, Dissemination, and Transfer of Data

User's data will not be disclosed but may be made accessible to employees and consultants of the Controller, third-party companies, or subjects performing outsourcing activities on behalf of the Data Controller. The Controller may communicate data to supervisory bodies, judicial authorities, and other legal entities as required by law.

5. Data Transfer

The User's Data is stored on servers within the European Union. For specific purposes, the Data may be transferred to countries outside the EU, exclusively to countries considered “adequate” by the European Commission or to companies adhering to specific international standards (e.g., Standard Contractual Clauses).

6. Rights of the Data Subject

The Data Subject may exercise rights under the GDPR, including access, rectification, erasure, limitation of processing, objection, complaint to Supervisory Authority, and data portability.

7. Children's Privacy

The user must be at least 18 years old to use the Services. Any information collected from children under 18 will be deleted.

8. Contact Details of the Data Controller

Data controller: Sicuranext S.r.l., VAT Number 12106410017
Address: Via Stampatori, 18, 10122 - Torino (To)

9. Data Protection Officer

Sicuranext S.r.l. has appointed a Data Protection Officer (DPO) who can be contacted at

10. Amendments to this Privacy Policy

This Policy may be modified. Users are advised to regularly check the Policy at the following link: