Privacy

Privacy policy

This document explains how datinviaggio.com ("the site", "we") handles personal data under the EU General Data Protection Regulation (GDPR — Regulation 2016/679) and the Italian Codice Privacy (D. Lgs. 196/2003 as amended).

Data controller

The data controller is the natural person operating datinviaggio.com. Because the site is published under a sole-operator structure (no commercial entity registration is required at the current revenue scale), the controller's contact address for privacy matters is privacy@datinviaggio.com.

What we collect

1. Server access logs

Our hosting (Cloudflare Workers) records standard HTTP access logs containing IP address, user-agent, request URL, response code, and timestamp. Logs are used for abuse prevention, traffic analysis, and infrastructure debugging. Retained ≤ 30 days, then purged automatically by Cloudflare. Legal basis: legitimate interest (Art. 6(1)(f) GDPR) — operating the service.

2. Newsletter subscription

If you fill the newsletter form, we store your email address, the timestamp of subscription, and the originating IP (anti-spam). Used exclusively to send the newsletter you signed up for. You can unsubscribe with one click via the link in every email; on unsubscribe, your record is deleted within 7 days. Legal basis: consent (Art. 6(1)(a) GDPR).

3. Article comments

When you post a comment, we store the comment text, your display name, your email (used for moderation only, never published or shared), and the originating IP. Retained until you ask us to delete it. Legal basis: consent (Art. 6(1)(a) GDPR).

4. Contact form / email

If you write to us, we keep the message and your email to respond. Retained ≤ 24 months. Legal basis: legitimate interest in handling correspondence.

What we do not collect

  • No advertising/tracking cookies. We don't run Google AdSense, Meta Pixel, or comparable trackers.
  • No profiling, no automated decision-making, no behavioral retargeting.
  • No payment data. We never see your card or Airalo payment details — those go to Airalo directly.

Affiliate link tracking

When you click an Airalo affiliate link on our site, Impact (impact.com) sets a click-attribution cookie or click-ID on the destination domain to attribute a potential purchase back to us. We do not own or read that cookie — it lives on the Impact / Airalo side. See Affiliate disclosure for details.

Third-party processors

  • Cloudflare (USA / Worldwide) — hosting and DDoS protection. GDPR-compliant SCCs in place.
  • Impact.com (USA) — affiliate tracking. Only after you click an outbound affiliate link.
  • Airalo (USA / Worldwide) — destination of affiliate clicks. Their own privacy policy applies once you leave our site.

Your GDPR rights

Under articles 15–22 of the GDPR you have the right to:

  • Access — request a copy of any data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure — ask us to delete your data ('right to be forgotten').
  • Restriction — limit how we process your data.
  • Portability — receive your data in a machine-readable format.
  • Objection — object to processing based on legitimate interest.
  • Withdraw consent — for any processing based on consent.

To exercise any of these rights, email privacy@datinviaggio.com. We'll respond within 30 days.

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) — garanteprivacy.it.

Cookies

For details on the cookies we use (only technical / strictly necessary), see the Cookie policy.

Last updated: 2026-05-18

This policy may be updated; we will adjust the date above and announce material changes via newsletter.