Privacy Policy (version 1.0) Digital Soccer Project

The following Privacy Policy is written by Digital Soccer Project S.R.L, headquartered in Modena, Italy,  viale Emilio Po 380 – 41126, Tel. +39 059 382111 - Fax +39 059 827431 and field office in Brescia, via Orzinuovi 73 – 25125 (hereinafter “DSP”) as Data Controller of the personal data collected in our web-sites and applications for smartphones and tablets that offer statistical analyses and video and images da-tabases services on football events branded Panini Digital ™ (hereinafter websites and applications are collectively referred to as "Application” and/or "Applications"), provided directly by you or however re-ceived or generated by us as a result of us processing your registration to our Application. 

DSP considers your privacy essential. We therefore ask you to read this information carefully in order to make a freely given, specific, informed and unambiguous choice when you are requested to give your per-sonal data to log in to the Applications or part of them and when your personal data are necessary to use services provided by the Applications for example to purchase of products or services.  

In general, all the personal data  (hereinafter “Personal Data” and/or  “Data”) collected by DSP through the Applications or given by you when you use services provided by the Applications  (hereinafter "Ser-vices") as fully described in the following section “C. Purposes of Personal Data Processing” of this Pri-vacy Policy, will be processed lawfully and in a transparent manner in accordance with the principles stat-ed in the current legislation on the protection of personal data, such as transparency, fairness, lawfulness,  data minimization, purpose limitation, accuracy, storage limitation, integrity and confidentiality

This Privacy Policy is written on the basis of the transparency principle using a simple and not too legal language to increase the level of understanding of the statements given.

This Privacy Policy is divided into sections (hereinafter collectively “Sections” and/or individually “Sec-tion”), each of them dealing a specific topic, so that you can immediately find what you are looking for and concentrate your attention on the topic of interest.

The DSP Applications may contain links to other websites and/or smartphone applications. DSP is not re-sponsible for privacy practices or the content of such websites and/or smartphone applications.

A. Type of Personal Data Processed

Personal Data collected through the Application are listed below.

- Name, Last name, Contact Details and other Personal Data

When you create an account to log into the Application DSP may ask your personal information such as: name, last name, gender, contact details, company, county and country of residence. Data coming from your submission of pictures, texts, drawings to create a personalized sticker or card. Further Personal Data may be collected during the management of each relationship through the Application itself or may con-sist of those that you decide to provide to DSP through the use of the Application / Customer Service ar-ea of the Application.

Some sections of the Application include free text fields in which it is possible to provide DSP with in-formation that may contain Personal Data. Being free fields, you may choose to communicate (even inad-vertently) particular categories of Personal Data, such as those revealing political opinions, religious or philosophical beliefs, or union membership, as well as genetic data, biomedical data which can permit to uniquely identify a specific person, data related to health or sex life or sexual orientation.

DSP asks you not to disclose any of these types of data, unless you consider it strictly necessary to pursue the request you forward to us. Since the indication of such information is, as said, totally optional, if you choose to do so, DSP could process such data only with your explicit consent and in compliance with the current legislation. DSP, therefore, underlines the importance of expressing your explicit consent to the processing of these particular categories of Personal Data in case you decide to share them with DSP.

- Personal Data of Third Parties

As mentioned in the previous paragraph, by providing in the Applications free text fields in which it is possible to forward any type of message, these could in fact contain Personal Data relating also to other people. In all cases in which you decide to share such Data, you will be considered a self-appointed Data Controller and, as such, you will have to assume all the relevant legal obligations and responsibilities. Therefore, in this regard, you undertake to hold DSP harmless from any dispute, claim, request for com-pensation for damage from data treatment etc. that could reach DSP from people whose Personal Data have been forwarded by you in violation of the applicable rules on the protection of Personal Data. As, in such cases, DSP does not collect this information directly from the data subjects (but indirectly from you), you guarantee that this specific treatment can be based on the consent of these data subjects or on another suitable lawful basis that legitimizes the processing of the information in question.

- Navigation Data and Cookies

The computer systems and software used to run the Applications acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of Internet communication protocols. This information is not collected by DSP to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow data subjects to be identi-fied.

This category of data includes the IP addresses or domain names of the computers used by the users con-necting to the Application, the addresses in URI (Uniform Resource Identifier) notation of the requested services, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (good result, error, etc.) and other parameters related to the operating system and the  user's computer.


These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Application, to check its correct functioning and to identify anomalies and/or abuses. Except in cases where the data are used to ascertain responsibility in the event of hypothetical computer crimes against the Application or third parties, these data do not persist for more than seven days.


Information on the use of cookies is available in our Cookie Policy that we invite you to read by clicking the following link.

B. Personal Data Processing of Children of Age below 16 Years 

Children aged less than 16 years old or, in accordance with national local laws below the age set to direct-ly collect the consent to the processing from children but in any case not less than 13 years old,–  are not allowed to register on the Applications to access the sections reserved for registered users.

Users who do not declare the age will be considered and treated as under 16 or, in accordance with the laws of the country declared at registration, as minors below the minimum age established to grant con-sent to the processing of data and therefore they not will be able to access the sections reserved for regis-tered users of the Applications.

C. Purposes of the Data Processing 

We will process your Personal Data for the following purposes: 

- allowing the execution of operations strictly connected and instrumental to the management of rela-tionships with you, such as managing the response to queries received via the contact forms; enabling restricted sections of the Applications; assisting you in case you lose the login/password data of your personal account on the Applications; ensuring the delivery of the purchased products and tracking your order status; allowing you to participate in training programs, initiatives, competitions and prize events (Services Provision);

- allowing the correct execution of the contractual obligations we have assumed towards you and vice-versa (Contractual Obligations);

- complying with laws, regulations and EU legislation or with provisions issued by authorities empow-ered by law and provisions issued by Supervisory and Control Bodies, as well as allowing tax and ac-counting compliance (Legal Compliance); 

- sending you, if you are using or have used a service on an Application or if you are buying or you have bought a service through the Application, direct marketing and promotional communication via e-mail about similar products or services (Soft Spam);

D. Lawful Basis for Processing Personal Data, Mandatory/Discretionary Provi-sion of the Personal Data and Consequences of not Replying

The lawful basis for processing the Personal Data, in accordance with the purposes set in the earlier Sec-tion of this Privacy Policy (“Purposes of the Data Processing”), is as follows.

The provision of Personal Data and the related processing for the purposes related to Services Provision and Contractual Obligations, is strictly functional to the performance of the requested service and the correct execution of the contractual relationship with you and therefore they constitute a necessary condi-tion for the establishment of the contractual relationship itself and the lawful basis of the processing. Con-sequently, failure to provide the Personal Data requested for this purpose, or the inaccuracy of the data provided, will make it impossible for DSP to carry out the service and the contractual relationship and would legitimize DSP to refuse to carry it out. 


The provision of Personal Data, and the related processing for purposes related to Legal Compliance, is necessary for DSP in order to comply with the related legal obligations. When you provide your Personal Data to DSP, we must process them in accordance with applicable laws which may include the storage and communication to the competent authorities for compliance with tax, customs or other obligations.


The provision of Personal Data, and the related processing, for the purposes related to the activity of Soft Spam is based on the legitimate interest of DSP to send marketing communications via e-mail regarding products and services similar to those you have already used or purchased through the application. You can stop the receipt of these communications without suffering any consequence (other than that of not being able to receive further communications of this kind by DSP) using the link at the bottom of each of the e-mails received for that purpose.

E. Personal Data Sharing

The Personal Data will be made known to the DSP staff in charge of the development and management of the Applications that is authorized to process them for the purpose of achieving the aforementioned purposes and who are committed to confidentiality or otherwise have received an appropriate legal obliga-tion to confidentiality.


Personal Data may be shared, used and transferred within the companies belonging to the DSP group for accounting and administrative purposes.


Personal Data will be made known to third parties, appointed as Data Processors, as they process Data on behalf of DSP (for example, suppliers with whom it is necessary to interact for the Service Provision such as hosting providers, platform providers for sending e-mails or, again, suppliers who perform technical maintenance activities including the maintenance of network equipment and electronic communications networks, suppliers who develop interactive games, training programs and competitions, software devel-opers for the payment systems).


Personal Data may be shared with third parties with whom DSP has ongoing contractual relationships concerning services functional to the performance of the activity (such as audit firms, persons, companies or professional firms that provide assistance and advice on the subject, administrative, legal, tax, financial and credit recovery firms relating to the provision of the Services).


Finally, Personal Data will be communicated when requested to the competent taxation offices, or to oth-er public bodies, according to the provisions of the laws in force.


Personal Data is not intended for publication or dissemination. Personal Data of the people who success-fully complete the training programs held periodically by DSP on the proprietary softwares to provide the services may be published in the Application with the explicit consent of the relevant data subject.

F. Personal Data Transfer

Given the membership of DSP to the Panini Group, which has a wide international presence, some of your Personal Data may be shared with recipients, referred to in the previous paragraph, which could be found in countries outside the EU or the European Economic Area. DSP ensures that the processing of your Per-sonal Data by these parties will be in compliance with applicable law. Therefore, the transfers will be made with adequate guarantees, such as adequacy decisions, models of Standard Contractual Clauses ap-proved by the European Commission or other guarantees considered adequate. More information is avail-able by writing to DSP at the following address:

G. Personal Data Retention

The Personal Data processed for the purpose of Service Provision and Contractual Obligations will be retained by DSP for the time strictly necessary for the execution of the requested service and for the cor-rect execution of the contractual relationship with you. As this Personal Data is processed to provide you with the Services and allow the execution of the contractual relationship, DSP may keep them for a longer period, in particular for what may be necessary in order to protect the interests of DSP against possible claims arising from the Service Provision.


DSP, moreover, specifies that it will keep your authentication credentials to the Application Services until the expiration of the contract for the provision of services that gave rise to authentication on the Applica-tion. At the end of this period the data will be made anonymous.


Your requests, and the data contained in them, collected through the Contacts/Customer Service area of the Applications will be maintained for one year from the closure of the request in order to allow DSP to handle any additional requests received after closure. At the end of this period the Data that permit the identification, even indirect, of a physical person (such as name, surname, e-mail) will be made anony-mous and maintained, only in the form of aggregated data, for statistical purposes.


The Personal Data processed for the purposes of Legal Compliance will be retained by DSP for the peri-od envisaged by specific legal obligations or applicable legislation.


The Personal Data processed for the purpose of Soft Spam will be kept by DSP until you object to the process through the link found at the bottom of each of the Soft Spam e-mails sent.


H. Data Subjects Rights

At any time you are entitled, as Data subject, to:

- request access to your Personal Data, (and/or a copy of such Personal Data), as well as further infor-mation on the current treatment of them;

- request the correction or updating of your Personal Data processed by DSP, where they are incom-plete or out of date;

- request the deletion of your Personal Data from the DSP databases, where you deem the processing unnecessary or illegitimate;

- request the limitation of the processing of your Personal Data by DSP, where you believe that your Personal Information is not correct, necessary or is unlawfully processed, or if you had opposed its processing;

- exercise the right to data portability, i.e. to obtain a copy of the Personal Data supplied to DSP that relates to you in a structured format, for common use and readable by an automatic device, or to re-quest transmission to another Data Controller;

- oppose the processing of your Personal Data, using a legal basis relating to your particular situation, which you believe should prevent DSP from processing your Personal Data;

- oppose the processing for the purpose of Soft Spam. 


Please note that the Personal Data you provided to DSP may be changed at any time by writing to: You may exercise the above rights by means of the method indicated above.


You can also stop receiving Soft Spam using the appropriate link at the bottom of each e-mail received (via the " Unsubscribe " button).


DSP also informs you that you always have the right to lodge a complaint with the competent Supervisory Authority (for example that of the State in which you have your habitual residence, in Italy the Guarantor for the Protection of Personal Data) if you believe that the processing of your data is contrary to the legis-lation in the field of personal data protection actually applicable.

I. Privacy Policy Amendments

This Privacy Policy version 1.0 is effective from 25 May 2018. DSP reserves the right to modify or simply update its content, in part or completely, also due to changes in the applicable legislation. DSP will be able to inform you of these changes as soon as they are introduced and they will be binding as soon as they are published on the Application. DSP invites you to visit this section regularly to get to know the most re-cent and updated version of the Privacy Policy in order to be always updated on the Personal Data col-lected and on the use that DSP makes of them.