This policy is provided by DineIT S.r.l., Via Mortara Ravagnese 62, 89134 (RC), VAT 03354010807, email [email protected] (hereinafter, the “Company”, the “Controller” or “DineIT”), to explain how we process your personal data when browsing the website or using the DineIT app (the “App”), even without registering or making purchases.
This policy covers only website and app browsing and the use of cookies and similar technologies. For processing related to registration, bookings or purchases, please refer to the separate policy.
1. What data we process
1.1. Browsing data
When you browse the website or use the App, we automatically collect certain technical information, including:
- IP address;
- date and time of access;
- pages or screens visited;
- device type;
- operating system and browser;
- language and device settings.
This data is used to ensure the proper functioning of the website and is not used to directly identify you.
1.2. Usage data
We may collect information about how you use the website or the App, for example:
- visit duration;
- interactions with content;
- errors or malfunctions.
This data is used in aggregate or pseudonymised form to improve the service.
1.3. Security data
We use certain technical data to:
- protect the website and the App;
- prevent unauthorised access;
- detect suspicious or fraudulent activities.
2. Cookies
2.1. What cookies we use
Cookies are small files that the website or the App saves on your device while you browse. They are used to make the website work and to improve your experience.
The website and the App may save the following categories of cookies on your device:
i. Technical cookies (necessary)
These are essential for the website and the App to function. These cookies cannot be disabled and do not require your consent.
| Name | Type | Description | Domain | Expiry |
|---|---|---|---|---|
| csrftoken | Cookie | Prevents CSRF attacks using Javascript | api.dineit.it | 1 year |
| NEXT_LOCALE | Cookie | Stores selected language (IT/EN) | .dineit.it | 1 year |
| __Host-next-auth.csrf-token | Cookie | CSRF token for NextAuth authentication | .dineit.it | Session |
| __Secure-next-auth.callback-url | Cookie | Stores post-login redirect URL | .dineit.it | Session |
| nextauth.message | Cookie | Temporary authentication messages | .dineit.it | Session |
| cookiePopup | localStorage | User cookie preferences | N/A | Permanent |
| dineit-geolocation-prompt | localStorage | Tracks geolocation popup | N/A | Permanent |
ii. Analytical cookies
These cookies help us understand how the website or the App is used, for example which pages are most visited or how users navigate through the content. The data is used for statistical purposes and to improve the service.
If analytical cookies are not anonymised, they are only used with your consent.
| Name | Provider | Type | Description | Domain | Expiry |
|---|---|---|---|---|---|
| _ga | Google Analytics | Cookie | Google Analytics user identifier | .dineit.it | 2 years |
| _ga_# | Google Analytics | Cookie | Google Analytics session state (GA4) | .dineit.it | 2 years |
| sentryReplaySession | Sentry | Cookie | User session replay via Sentry | .dineit.it | Session |
2.2. Preference management
On your first visit you can:
- accept all cookies;
- reject non-essential cookies;
- choose individually which cookies to authorise.
| Name | Type | Description | Domain | Expiry |
|---|---|---|---|---|
| dineit-location | localStorage | User location (label, lat, lng, placeId) | N/A | Until consent withdrawal |
You can modify your choices at any time via the “Consent Preferences” button at the footer of https://dineit.it or through your browser settings.
3. Why we process this data
We use your data to:
- allow you to browse the website and use the App;
- improve performance, content and functionality;
- ensure the security of our systems.
Processing is based on DineIT's legitimate interest in operating and protecting the platform. Where required by law (for example for certain cookies), we ask for your consent.
4. Who we share data with
Your data may be processed by:
- technical providers (hosting, cloud, security, analytics tools) acting on our behalf;
- public authorities, only in the cases provided for by law.
Your data is not disclosed.
5. How long we retain data
We retain data only for as long as necessary:
- browsing data and technical logs: up to 6 months;
- security-related data: up to 12 months;
- statistical data: in aggregate form, up to 24 months.
Your cookie choices are recorded and retained for 6 months, after which you will be asked to express your preferences again.
You can modify or withdraw your consent at any time via the “Consent Preferences” button at the footer of https://dineit.it or through your browser settings.
6. Your rights
At any time you can:
- know whether we process your data and access it;
- request correction or deletion of your data;
- object to processing based on legitimate interest;
- withdraw your consent (if given);
- lodge a complaint with the Data Protection Authority.
To exercise your rights you can write to us at [email protected].