Privacy Policy

[COMPANY NAME], based in [ADDRESS], Milan — VAT [VAT NUMBER] Email: info@smoves.it To exercise your rights or for any question regarding data processing: info@smoves.it

We collect the following personal data: • Registration data: first name, last name, email address, phone number. • Booking data: pickup and delivery address, dates, item details. • Payment data: processed by the payment provider (Stripe). Smoves does not store card data. • Technical data: IP address, browser type, pages visited (via analytics cookies). • Communications: messages sent via the support chat.

We process your data for the following purposes: • Performance of the contract (Art. 6(1)(b) GDPR): managing bookings, pickup, storage and delivery of items. • Legal obligations (Art. 6(1)(c) GDPR): invoicing, tax obligations. • Legitimate interest (Art. 6(1)(f) GDPR): fraud prevention, service security, platform improvement. • Consent (Art. 6(1)(a) GDPR): marketing communications (only if explicitly accepted).

Data is retained for the time strictly necessary for the stated purposes: • Account and booking data: 10 years from the end of the contractual relationship (tax obligations). • Support data (chat messages): 2 years. • Analytics cookies: duration indicated in the Cookie Policy. Once retention periods expire, data is deleted or anonymised.

Data may be shared with: • Stripe Inc.: payment provider, for processing transactions. • Supabase Inc.: database and authentication provider. • Vercel Inc.: hosting provider. • Resend Inc.: transactional email provider. These parties act as Data Processors and process data exclusively on Smoves' instructions and in compliance with the GDPR.

Some providers (Stripe, Supabase, Vercel) may transfer data outside the European Economic Area. Such transfers comply with GDPR safeguards (Standard Contractual Clauses or European Commission adequacy decisions).

You have the right to: • Access: obtain a copy of your personal data. • Rectification: correct inaccurate or incomplete data. • Erasure ("right to be forgotten"): request deletion of data, where no legal obligations prevent it. • Restriction: restrict processing in certain cases. • Portability: receive data in a structured format. • Objection: object to processing based on legitimate interest. • Withdraw consent: withdraw previously given consent at any time. To exercise your rights: info@smoves.it. You also have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

For detailed information on the use of cookies, please see our Cookie Policy.

This Privacy Policy may be updated periodically. Significant changes will be communicated via email or notice on the website. Last updated: March 2026.