This Privacy Policy is provided in accordance with Articles 13 and 14 of EU Regulation 2016/679 (GDPR) and applies to all personal data collected through www.primevaultx.tech and its subdomains.

1. Data Controller

The data controller for personal data collected through this website is:

Mazzariello Vincenzino
Contrada Piantonella 8, 66021 Casalbordino (CH), Italy
Tax Code (C.F.): MZZVCN72D09L682J
Email: support@primevaultx.tech

2. What Data We Collect

We collect personal data only when you actively provide it or when it is technically necessary for the operation of the website.

2.1 Contact form

When you submit the contact form, we collect:

  • Full name
  • Email address
  • Subject and message content
  • Request type (diagnostic / information)
  • IP address (used solely for spam prevention and rate limiting)
  • Timestamp of submission

2.2 Payment data

When you purchase a service, payment is processed directly by Stripe, Inc. through a secure hosted checkout page. PrimeVaultX does not collect, store, or process any payment card data. Stripe's privacy policy is available at stripe.com/privacy.

2.3 Navigation data

Like all websites, our server and Cloudflare (our CDN and security provider) automatically log technical data including IP addresses, browser type, pages visited, and access timestamps. This data is used for security, performance monitoring and fraud prevention, and is not used to identify individual users.

2.4 Analytics data

We use Google Analytics 4 (via Google Tag Manager) to collect anonymous statistical data about website usage, such as number of visitors, pages viewed, and traffic sources. This processing requires your prior consent and is only activated if you accept analytics cookies via our cookie banner. See our Cookie Policy for details.

3. Legal Basis for Processing

Processing Activity Legal Basis (GDPR Art. 6)
Responding to contact form submissions Art. 6(1)(b) — pre-contractual measures at the request of the data subject
Processing and fulfilling paid orders Art. 6(1)(b) — performance of a contract
Issuing receipts / fiscal documents Art. 6(1)(c) — compliance with a legal obligation
Server logs and security (Cloudflare) Art. 6(1)(f) — legitimate interest in website security and fraud prevention
Spam prevention (IP rate limiting) Art. 6(1)(f) — legitimate interest
Google Analytics 4 (analytics cookies) Art. 6(1)(a) — consent

4. How We Use Your Data

Personal data is used exclusively for the following purposes:

  • Responding to your technical or commercial inquiries
  • Delivering the service you purchased
  • Issuing the required fiscal receipt (ricevuta di prestazione occasionale)
  • Complying with Italian tax and legal obligations
  • Preventing spam and abuse of the contact form
  • Analysing website usage (only with consent, via Google Analytics 4)

Your data is never sold, rented, or shared with third parties for marketing purposes.

5. Third-Party Services

Service Purpose Privacy Policy
Cloudflare, Inc. (USA) CDN, DDoS protection, DNS cloudflare.com/privacypolicy
Stripe, Inc. (USA) Payment processing stripe.com/privacy
Google LLC (USA) Analytics 4, Tag Manager, Search Console policies.google.com/privacy

Data transfers to the United States are made under Standard Contractual Clauses (SCCs) adopted by the European Commission, or under each provider's participation in equivalent data transfer frameworks.

6. Data Retention

  • Contact form messages: retained for up to 24 months from the last interaction, or for the duration of any ongoing service relationship.
  • Fiscal documents (receipts): retained for 10 years in compliance with Italian tax law (D.P.R. 600/1973).
  • Server logs / IP rate-limit data: automatically deleted after 1 hour (rate-limit log) or up to 30 days (server access logs).
  • Analytics data (Google Analytics 4): retained according to your GA4 data retention settings (default: 14 months).

7. Your Rights

Under the GDPR you have the right to:

  • Access — request a copy of the personal data we hold about you (Art. 15)
  • Rectification — request correction of inaccurate data (Art. 16)
  • Erasure — request deletion of your data, where legally permissible (Art. 17)
  • Restriction — request that processing be restricted in certain circumstances (Art. 18)
  • Data portability — receive your data in a structured, machine-readable format (Art. 20)
  • Object — object to processing based on legitimate interest (Art. 21)
  • Withdraw consent — at any time, for any processing based on consent, without affecting prior processing

To exercise any of these rights, contact us at support@primevaultx.tech. We will respond within 30 days. You also have the right to lodge a complaint with the Italian data protection authority: Garante per la Protezione dei Dati Personali.

8. Security

We implement appropriate technical and organisational measures to protect your data, including TLS encryption for all data in transit, SMTP authentication for email handling, server-side input validation and sanitisation, and access controls on the hosting environment.

9. Children

This website is not directed at children under the age of 16. We do not knowingly collect personal data from minors. If you believe a minor has submitted data, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the website after any changes constitutes acceptance of the updated policy.

11. Contact

For any questions or requests regarding this Privacy Policy:
support@primevaultx.tech