Data Controller
The Controller of personal data collected through the website analyticsystem.it and its related official channels is:
LP E-TRADE LLC Company incorporated under the laws of the State of New Mexico (United States of America)Privacy contact email: support@analyticsystem.it
All communications relating to the processing of personal data must be sent to the email address indicated above.
Definitions
For the purposes of this Privacy Policy, the following definitions apply:
"Personal data": any information relating to an identified or identifiable natural person.
"Processing": any operation performed on personal data (collection, recording, storage, modification, retrieval, use, communication, deletion).
"Data Subject": the natural person to whom the personal data relate.
"Controller": LP E-TRADE LLC.
"Processor": the third party who processes personal data on behalf of the Controller.
"GDPR": Regulation EU 2016/679 on the protection of personal data.
"Service": the Analytics System platform as a whole.
Categories of Data Collected
The Controller collects and processes the following categories of personal data:
3.1 Identification data
First name and surname
Tax code or equivalent national identifier
Date of birth (if required)
Address of residence (if required)
3.2 Contact data
Email address
Phone number (optional)
Telegram username
3.3 Operational data
Broker Account identification number
Selected broker
Declared initial capital
Balances declared at each operating cycle
Preferred payment method
History of payments made
3.4 Technical data
IP address
Website navigation data
Browser and device type
Cookies (see Section 11)
3.5 Communication data
Content of emails exchanged with support
Content of communications carried out on official Telegram channels
Recordings of requests, reports or complaints
3.6 Data relating to violations and sanctions
Suspension, revocation, BAN events
Recording of detected violations
Count of warnings and sanctions applied
Purposes and Legal Basis of Processing
Personal data are processed for the following purposes:
Purpose
Legal basis
Provision of the Service and management of the contractual relationship
Performance of contract (art. 6.1.b GDPR)
Contractual obligations, invoicing and payment management
Performance of contract + legal obligations (art. 6.1.b and 6.1.c GDPR)
Service communications (operational outputs, confirmations, reminders, notifications)
Performance of contract (art. 6.1.b GDPR)
Administrative checks, anti-fraud and abuse prevention
Legitimate interest of the Controller (art. 6.1.f GDPR)
Identification and traceability of the Broker Account
Performance of contract + legitimate interest (art. 6.1.b and 6.1.f GDPR)
Management of warnings, sanctions and BAN
Legitimate interest of the Controller (art. 6.1.f GDPR)
Tax and legal obligations
Legal obligations (art. 6.1.c GDPR)
Legal defence and protection of the Controller's rights
Legitimate interest (art. 6.1.f GDPR)
Sending informational communications on the Service (newsletter)
Consent (art. 6.1.a GDPR) — revocable at anytime
Improvement of the Service and aggregated internal statistical analysis
Legitimate interest (art. 6.1.f GDPR)
Provision of Data
The provision of data required for purposes 1 to 8 of Section 4 is necessary for the provision of the Service. Failure to provide such data results in the impossibility of registering, accessing the Service or continuing its use.
The provision of data for purpose 9 (newsletter) is optional and based on the explicit consent of the Data Subject, revocable at any time.
Methods of Processing
Personal data are processed through IT and digital tools, with security measures adequate to prevent unauthorised access, loss, destruction or unauthorised disclosure.
Processing may take place in automated and manual form, by the Controller and by the appointed Processors.
No automated decision-making process that produces significant legal effects on the Data Subject pursuant to art. 22 GDPR is envisaged. Relevant decisions on the Data Subject's position (suspension, BAN, readmission) are always subject to manual evaluation by the Controller.
Persons Authorised to Process
Personal data may be processed by:
the Controller;
authorised personnel of the Controller, duly instructed on confidentiality obligations;
external Processors, appointed pursuant to art. 28 GDPR for specific services related to the Service's technological infrastructure.
Categories of Processors
For the provision of the Service, the Controller makes use of third-party technological providers, appointed as Processors pursuant to art. 28 GDPR, who process personal data exclusively for purposes connected to the Service's infrastructure and according to the Controller's binding instructions.
Such Processors belong to the following categories:
providers of hosting and technological infrastructure for the website;
providers of transactional and system email sending services;
providers of operational database and user management;
providers of operational flow automation platforms;
providers of communication and support channels;
providers of payment gateway services;
providers of domain registration and DNS services.
All Processors are selected on the basis of adequate guarantees in terms of security, confidentiality and GDPR compliance. A specific processing agreement pursuant to art. 28 GDPR has been signed with each Processor.
The nominative and detailed list of Processors may be provided to a Data Subject who makes an express written request, within the limits permitted by the Controller's commercial confidentiality and infrastructure security requirements.
The Controller may modify the providers used at any time for operational needs, in any case guaranteeing the maintenance of adequate security and compliance measures.
Data Transfer Abroad
Some of the Processors referred to in Section 8 may have their registered office outside the European Union, in particular in the United States or in other third countries.
Transfers of personal data to third countries take place in compliance with the guarantees provided for in Chapter V of the GDPR, in particular through:
Standard Contractual Clauses (SCC) approved by the European Commission;
adequacy decisions possibly adopted by the European Commission;
supplementary technical and organisational security measures where necessary.
A Data Subject who wishes to obtain information on the guarantees applied to transfers may send a written request to support@analyticsystem.it.Data Retention Period
Personal data are retained for the time strictly necessary for the purposes for which they were collected:
Category of data
Retention period
Identification and contact data
Duration of the contractual relationship + 10 years from termination (for tax, defence and abuse prevention needs)
Operational data (balances,
payments, operating cycles)
Duration of the relationship + 10 years from termination
Communications with support
Duration of the relationship + 5 years from termination
Data relating to violations and
sanctions
Retained indefinitely for purposes of abuse prevention and prevention of new activations by subjects already excluded
Technical navigation and cookie data
According to the duration indicated in the cookie policy (Section 11)
Newsletter data
Until consent is revoked
After the indicated terms, the data are deleted or irreversibly anonymised, except for specific legal obligations requiringfurther retention.Cookies
The website analyticsystem.it uses technical cookies and, subject to consent, analytical and profiling cookies. The types used, the purposes and the procedures for managing consent are described in the separate Cookie Policy available on the website.
The Data Subject may modify their cookie preferences at any time through the consent management banner on the website.
Rights of the Data Subject
In compliance with the GDPR, the Data Subject has the right to:
Access (art. 15 GDPR) — obtain confirmation of the processing of their data and a copy thereof;
Rectification (art. 16 GDPR) — request the correction of inaccurate data or the integration of incomplete data;
Erasure (art. 17 GDPR) — request the deletion of data in the cases provided by law, without prejudice to the Controller's retention obligations;
Restriction of processing (art. 18 GDPR) — request the restriction of processing in the cases provided;
Portability (art. 20 GDPR) — receive their data in a structured, commonly used and machine-readable format;
Objection (art. 21 GDPR) — object to processing based on legitimate interest or for direct marketing purposes;
Withdrawal of consent (art. 7 GDPR) — withdraw at any time the consent given for processing based on it, without prejudice to the lawfulness of the processing carried out before withdrawal;
Complaint to the supervisory authority (art. 77 GDPR) — lodge a complaint with the competent supervisory authority in their State of residence. For Italy: Garante per la Protezione dei Dati Personali (www.garanteprivacy.it).
To exercise these rights, the Data Subject may send a written request to: Email: support@analyticsystem.it
The response will be provided within 30 days of receipt of the request, without prejudice to the extensions permitted by the regulations for particularly complex requests.Limits to the Exercise of Rights
The exercise of the rights referred to in Section 12 may be limited in the cases provided by applicable law, in particular for:
compliance with legal, accounting or tax obligations;
ascertainment, exercise or defence of a right in court;
purposes of abuse prevention and prevention of new activations by subjects already excluded from the Service for previous violations;
protection of the integrity of the Service's technological infrastructure.
In such cases, the Controller will inform the Data Subject of the reason for the limitation applied.
Data Security
The Controller adopts technical and organisational security measures adequate to protect personal data from unauthorised access, loss, destruction, unauthorised disclosure or illicit use. Such measures include, by way of example:
encryption of communications (HTTPS protocol);
access control via credentials and authentications;
recording of accesses and operations on data;
periodic backups of data on secure systems;
selection of technological providers compliant with recognised security standards.
Despite the adoption of such measures, no system can guarantee absolute security. The Data Subject is required to carefully keep their access credentials and to promptly notify the Controller of any suspected unauthorised access to their account.Data Breaches
In case of personal data breaches that may entail a high risk for the rights and freedoms of Data Subjects, the Controller will:
notify the breach to the competent supervisory authority within 72 hours of becoming aware, pursuant to art. 33 GDPR;
communicate the breach to the Data Subjects, pursuant to art. 34 GDPR, in the cases and with the procedures provided.
Processing of Minors' Data
The Service is not addressed to persons under 18 years of age. The Controller does not knowingly collect personal data of minors.
Should the Controller become aware of the processing of personal data of a minor without the consent of the holder of parental responsibility, it will promptly delete such data.Modifications to the Privacy Policy
The Controller reserves the right to modify this Privacy Policy at any time, giving notice through the publication of the updated version on the website.
Modifications take effect from their publication, unless a different term is indicated.
The Data Subject is required to periodically consult the Privacy Policy to be informed of any updates.
In case of substantial modifications that significantly affect the purposes or methods of processing, the Controller will communicate the modifications to the Data Subject through official channels.
Transfer, Sale and Third-Party Marketing
The Controller does not transfer or sell personal data to third parties for marketing purposes.
Personal data may be communicated to third parties exclusively in the following cases:
to the Processors referred to in Section 8, for purposes connected to the provision of the Service;
to competent authorities in compliance with legal obligations;
to professionals and consultants of the Controller for the protection of their rights;
in case of extraordinary corporate operations (mergers, acquisitions, transfers of business branches), within the limits necessary for the operation and with guarantees of continuity of the level of protection.
Contacts for Privacy Matters
For any request, clarification or exercise of rights, the Data Subject may contact the Controller at the following contacts:
Email: support@analyticsystem.it
Telegram: @analyticsystem_support
The Controller responds within 30 days of receipt of the request.Final Provisions
This Privacy Policy applies exclusively to the website analyticsystem.it and to the official channels of the Service. Any links to third-party sites present on the Service are subject to the respective privacy policies, over which the Controller exercises no control and assumes no responsibility.
This Privacy Policy is drafted in compliance with Regulation EU 2016/679 (GDPR) and with the Italian implementing legislation (Legislative Decree 196/2003 and subsequent amendments).
In case of conflict between this Privacy Policy and mandatory provisions of applicable law, the latter shall prevail to the extent necessary.
LP E-TRADE LLC Analytics System analyticsystem.it
