Last Updated: March 2026
Paolo Cappelletto Ditta Individuale (hereinafter "PC-DI," "we," "us," or "our") operates the "Zero Token" tool (hereinafter the "Tool"), accessible at https://www.zero-token.com/. This Privacy Policy explains how we collect, use, process, and protect your personal data in compliance with Regulation (EU) 2016/679 (General Data Protection Regulation, "GDPR") and applicable national privacy legislation.
This policy applies exclusively to the Tool and not to third-party websites that may be accessed through links on the Tool. For those websites, please consult their respective privacy policies.
The data controller responsible for processing your personal data is:
Paolo Cappelletto Ditta Individuale
Via Nino Bixio 14
20129 Milano (MI), Italy
Email:
privacy@zero-token.com
When you visit and use the Tool, we automatically collect certain technical information:
Browsing Data:
Tool Usage Data:
This data is collected through our hosting infrastructure for operational, security, and performance purposes.
To use the Tool, you must provide the following information:
Required Data:
Optional Data:
You may choose to provide additional information to enhance your experience, including:
Important: Only your email address and username are strictly necessary to use the Tool. All other information is optional and provided at your discretion. If you choose not to provide the required data (email and username), you will not be able to access or use the Tool's features.
We use technical cookies to ensure the Tool functions properly. For detailed information about the cookies we use, please refer to our Cookie Policy.
You are solely responsible for any third-party personal information you enter, upload, or share through the Tool. By providing such data, you warrant that you have the necessary rights and authorizations to do so, and you release PC-DI from any liability toward those third parties.
We process your personal data based on the following legal grounds and for the following purposes:
We process your data to:
We process your data to:
We process your data to:
These legitimate interests do not override your fundamental rights and freedoms.
In exceptional circumstances, we may process your data to protect your vital interests or those of another person.
Your personal data is processed using electronic and automated means, strictly limited to the purposes outlined in this policy. We implement appropriate technical and organizational measures to ensure data security, including:
Access to your personal data is restricted to authorized PC-DI personnel who have been trained on data protection requirements and are bound by confidentiality obligations.
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, in accordance with GDPR Article 5(1)(e) and Recital 39.
General Retention Period:
Extended Retention:
Personal data may be retained beyond these periods only when necessary to:
Deletion:
After the applicable retention period expires, your personal data will be permanently deleted or irreversibly anonymized.
The specific retention periods for different data categories are documented in PC-DI's processing activity register maintained pursuant to GDPR Article 30.
PC-DI does not sell, rent, or trade your personal data to third parties for commercial purposes.
We may disclose your personal data only in the following limited circumstances:
We may share data with trusted third-party service providers who process data on our behalf under strict contractual obligations, including:
These service providers act as data processors and are contractually bound to:
We may disclose your data when required or permitted by law:
In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred to the successor entity, subject to the same privacy protections outlined in this policy.
Our infrastructure providers may process data in various locations, including outside the European Economic Area (EEA). When personal data is transferred outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR Chapter V, such as:
These safeguards ensure that your data receives an adequate level of protection regardless of where it is processed.
Under GDPR Articles 15-22, you have the following rights regarding your personal data:
You may obtain confirmation of whether we process your personal data and request access to such data, including information about:
You may request correction of inaccurate or incomplete personal data.
You may request deletion of your personal data when:
You may request that we limit processing of your personal data in certain circumstances.
You may request to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
You may object to processing based on legitimate interests or for direct marketing purposes.
Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
You have the right to lodge a complaint with a supervisory authority, particularly in your country of residence, workplace, or where an alleged infringement occurred. For Italy, the supervisory authority is:
Garante per la Protezione dei Dati Personali
Website:
https://www.garanteprivacy.it/
Email:
garante@gpdp.it
To exercise any of the rights listed above, please send a written request to:
Email:
privacy@zero-token.com
Subject line: "Data Subject Rights Request – [Your
Name]"
Response Timeline:
We will respond to your request within one month of receipt. This period may be extended by up to two additional months when necessary due to the complexity or number of requests. We will inform you of any such extension within the initial one-month period.
Verification:
To protect your privacy, we may request additional information to verify your identity before processing your request.
No Fee:
Exercising your rights is free of charge unless your requests are manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act on the request.
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:
Despite our efforts, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using industry-standard practices.
The Tool is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child under 16, we will take steps to delete such information promptly.
We reserve the right to update this Privacy Policy to reflect changes in our practices, legal requirements, or the Tool's functionality. Any changes will be posted on this page with an updated "Last Updated" date at the top.
Notification:
For material changes that significantly affect your rights, we will provide prominent notice or seek your consent as required by law.
Your Responsibility:
We encourage you to review this Privacy Policy periodically. Continued use of the Tool after changes are posted constitutes acceptance of the updated policy.
Previous Versions:
Unless otherwise stated, changes to this policy will apply only to data collected after the effective date. Previous privacy policies will continue to govern data collected under those versions.
For questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:
Data Controller:
Paolo Cappelletto Ditta Individuale
Via Nino Bixio 14
20129 Milano (MI), Italy
Email: privacy@zero-token.com
We are committed to resolving any concerns you may have about your privacy and personal data.
Last Updated: March 2026