Privacy Policy


DEDA CLOUD s.r.l.  (hereinafter referred to as "DEDA CLOUD"), pursuant to articles 13 and 14 of Regulation EU/2016/679 (hereinafter "GDPR"), provides this information in relation to the personal contact data communicated by the client company ("Client") and relating to its representatives and/or staff (hereinafter "Data Subjects")"), which will be processed in the context of the commercial relations between the respective companies, in particular with reference to the use of the DEHA platform


1. Purpose of the Processing

The personal data provided will be subject to computerized, automated and/or manual processing by DEDA CLOUD exclusively for the following purposes:

A.       purposes connected with and instrumental to the collection of contractual and pre-contractual information;

B.       purposes connected and instrumental to the management and execution of the contractual relationship (stipulated or in the process of being defined) and management of the related obligations;

C.        management and resolution of tickets - Help Desk service - as part of the support service

D.       fulfilment of legal, accounting, tax, EU regulations and legislation, or provisions issued by authorities legitimated by law, obligations of any other nature in any case related to the purposes referred to in the previous points;

E.        purposes in any case related to the achievement of the corporate purpose; as well as for purposes related to the performance of activities, including extraordinary ones, of the company;


The provision of data for the purposes referred to in the previous points is not mandatory, but refusal to provide them will make it impossible to use the assistance service.


2. Methods of data processing

The personal data processed by DEDA CLOUD are collected from the Client, at the time of signing the contractual documentation and/or at the time when, in order to use the assistance service, the Client registers on the DEHA platform. The data required for registration are:

·         name

·         surname

·         Business email address

·         Business phone number.

The processing of personal data is carried out both by means of electronic (or in any case automated) processing and by manual processing according to logics strictly related to the aforementioned purposes and in any case in such a way as to guarantee the confidentiality and security of personal data.

DEDA CLOUD will process Personal Data by adopting appropriate security measures, prepared on the basis of a risk assessment (pursuant to Article 32 of Regulation EU/2016/679).


2.1 Processing of personal data in the context of support services

In order to provide assistance services, DEDA CLOUD makes use of a platform suitable for the management of the Help Desk and support requests through which DEDA CLOUD staff will be able to communicate with the Customer directly. To use the service, the Customer must register with a valid company account that will be used exclusively for sending technical information and in any case related to the assistance service. In this case, the interested party may at any time request the modification or cancellation of the account by writing to the support.

By using these services, the Client gives his/her consent to the processing of data for the sole and exclusive purpose of managing and processing the request for assistance, within the terms of the Contract in place between the undersigned and the Customer. At the conclusion of the Agreement, the user used in the context of these services will be deactivated on the platform. 


3. Ownership of the data

The Data Controller is DEDA CLOUD s.r.l. with registered office in Via Carlo Imbonati, 18 – 20159 Milan, P.E.C. address:; tel. 0461 997111.


4. Data Protection Officer (DPO):

DEDA CLOUD has appointed a Data Protection Officer (DPO) who can be contacted at:


5. Communication, transmission and scope of dissemination

The personal data relating to the Data Subject may be communicated:

·         to Public Authorities, Bodies or Offices in accordance with legal and/or contractual obligations;


The personal data of the interested party may be transmitted for the purposes referred to in point 1:

·         to companies and/or entities belonging to the  DEDAGROUP S.p.a. group for activities that are in any case related to the Purposes indicated in point 1 (parent company, subsidiaries, associates or companies under common control);


The communication of personal data to these subjects will take place in compliance with the legislation and in any case within the limits strictly provided for by current legislation.


6. Transfer of personal data abroad

DEDA CLOUD does not intend to transfer the personal data processed for the purposes referred to in point 1 to a third country or to an International Organization. Should it be necessary to transfer data to a third country or an International Organization, DEDA CLOUD guarantees to apply all appropriate security measures in accordance with current legislation and, in particular, art. 44 et seq. EU Reg. 679/2016.


7. Retention period:

The data processed for contractual purposes will be stored until the end of the ordinary limitation period of 10 years, after the termination of the service contract, unless otherwise required by law.


8. Rights of the data subject

The interested party who wishes to unsubscribe from the service in question must write to Please note that if there is a contract in place between the Client and DEDA CLOUD that provides for the provision of the assistance service by DEDA CLOUD, the Client must indicate at least one contact person who, after registering on the DEHA platform, can access it, otherwise it will be impossible for DEDA CLOUD to provide the service.


On the other hand, the interested party who receives communications unrelated to the purposes indicated above, may exercise their rights by writing to the address  The Data Subject may exercise his/her rights against the Data Controller, pursuant to Articles 15 et seq. of the GDPR summarized below:

·                     Obtain confirmation of the existence or otherwise of personal data concerning you and their communication in an intelligible form;

·                     Obtain information on: a) the purposes and methods of processing; b) the logic applied in the case of processing carried out with the aid of electronic tools; c) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, managers or persons in charge of the processing;

·                     Also obtain: a) access to the personal data processed by DEDAGROUP; b) the updating, correction or, when interested, deletion of the data; c) the portability of the data provided;

·                     Object, in whole or in part, for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection.

·                     The Data Subject also has the right to lodge a complaint with a Supervisory Authority, in the cases and for the effects expressed by current legislation.