Privacy Policy


This Privacy Policy was last updated on 09/03/2022

Thank you for joining the Anubis Digital Platform (the “Platform”)

The purpose of this document (the "Information") is to inform the person interested party (the "Interested Party") about how his/her personal data as better described (the "Personal Data") will be collected and processed by the Controller as defined below in accordance with its obligations under Regulation (EU) 2016/679 of the Parliament European Parliament and of the Council of 27 April 2016 on the protection of individuals with with regard to the processing of personal data and on the free movement of such data (hereinafter the "GDPR") and additional applicable data protection regulations.

This Policy may be amended at any time without obligation and at the sole Holder's sole discretion, in whole or in part, by updating it. In such case, the Data Controller will give notice by posting on the Site (as defined below), moment from which the aforementioned changes will become effective and binding for the Interested Party. To the extent permitted by law, if the Data Subject continues to use the Site and its its services after a modification has become effective, his or her access and/or use of the services shall be deemed to be an implied acceptance of the amended Policy and the obligations arising therefrom. The amended version supersedes all previous versions of the Policy.

This Notice has been prepared on the basis of the principle of transparency and all the elements required by the GDPR.

The terms defined, if not contained in this Disclosure, refer to the General Terms and Conditions for the use of Anubi Digital services (the "Contract") and shall be shall be deemed to be directly incorporated herein.


The data controller is Anubi Digital S.r.l., based in Cuneo (CN) Via Carlo Pascal 7, 12100 (the "Titleholder"). The Holder's website is (the "Site"). The data controller is Diego D'Aquilio and can be contacted at the e-mail address indicated in the paragraph 11 below.

Nature of data

The types of Personal Data related to the Data Subject collected by the Data Controller, including through the Site, are:

  1. Personal and Contact Data such as, for example, first name, last name, e-mail address and/or cell phone number that the Data Subject provides to the Data Controller;
  2. Other personal data of the Data Subject that the Controller will collect regarding the Data Subject for the identification of the same and the fulfillment of legal obligations applicable to it, including, work activity performed by the Interested Party, the size of the assets of the Interested Party, copy of identification document, data relating to the status and/or family relationships of the Data Subject (e.g., with reference to the notion of "politically exposed person" as defined under Legislative Decree 231/2007), data bank data such as, for example, the IBAN coordinates of a bank account in the name to the Data Subject and/or data relating to individual transactions carried out through the Holder and/or /or wallet data;
  3. Data collected automatically during the use of the Site and/or the Platform by by the Data Subject as a result of the use of technology necessary for the operation of the Site and/or the Platform itself. This is information that is not is collected in order to be associated with identified Data Subjects, but which by its very nature, could, through processing and association with personal data held by third parties, make it possible to identify Data Subjects. This category includes the IP addresses, or domain names used by Interested Parties connecting to the Site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained, etc.;
  4. Data collected through the use of cookies and other technologies that involve the collection of Personal Data on the pages, links activated and other actions performed for the use of the Site and/or the Platform. These are stored in order to be retransmitted on subsequent visits by the same Data Subject;
  5. Data collected in performance of services that are provided from time to time by the Data Controller And which may change over time;
  6. Data collected to take advantage of Third Party Services for which, however, the Controller refers acceptance of the relevant terms of use and privacy policies provided by the companies with which the Controller has entered into agreements or forms of partnership;
  7. Data collected for the compilation of the Register of Names ex art. 13 of the Contract.
Purposes of processing

The Personal Data collected may be used for the fulfillment of contractual obligations, pre-contractual and any other obligation arising from a legal provision. Among the obligations contractual include the following activities:

  1. activation and management of the access profile of the Interested Party to the Site and/or Platform or to the applications developed by the Data Controller and made available to the Data Subject;
  2. management of the relationship between the Data Controller and the Data Subject;
  3. fulfillment of legal obligations including, in particular, the fulfillment of obligations in matters of know your customer and anti-money laundering (in particular the provisions of Legislative Decree 231/2007);
  4. onboarding of the Interested Party pursuant to Article 4.2 of the Contract;
  5. Obtaining access Credentials to the Platform;
  6. Compilation of the Register of Names without any obligation on the part of the Holder to obtaining consent from the Recipients, this obligation being incumbent on the User of the Platform;
  7. Monitoring the proper functioning of the Site, the Platform and the services offered (including countering fraud);
  8. giving feedback to a question of the Data Subject;
  9. To offer customer care, commercial and technical assistance services;
  10. Sending commercial communications, marketing, newsletters concerning the services offered by the Owner or proposed by Third Party Service providers;
  11. data management for purposes related to the protection of the Holder in judicial and extrajudicial;
  12. realization of market research, popularity analysis and comments on the Site and the Platform;
  13. communications of Personal Data of the Data Subject to one or more competent authorities or process them in order to comply with the obligations of law, regulation, or provided by the EU regulations;
  14. Management of the Data Subject's databases: to organize, access and modify the data of the Interested Party;
  15. Analysis Purposes: to analyze the characteristics of data traffic related to the Site and/or Platform;
  16. Disclosure of Personal Data for periodic reporting purposes, required by the AML Regulations, to the OAM and/or other competent authorities..
Data Processing

The processing of Personal Data will be carried out using analog instruments, including computerized, with organizational and logical methods strictly related to the purposes indicated in previous art. 3. The Data Controller may, if necessary, entrust third parties with the processing of Personal Data Personal Data to third parties also by virtue of specific appointment as data processors by the Controller. By way of example, the following may be called upon to process Personal Data of the Data Subject the provider of the hosting service for the operation of the Site and/or the Platform as well as other service providers functional to the maintenance of the Site, the Platform and/or the provision of other services by the Data Controller.

In particular, for certain fulfillments required by the regulations set forth in Legislative Decree 231/2007. (Concerning the prevention of the use of the financial system for the purpose of money laundering criminal activities and the financing of terrorism) the company Arkès S.r.l. has been appointed as external treatment the company Arkès S.r.l., with registered office in Ripa di Porta Ticinese, 31, 20143, Milan (MI). The Personal Data being processed are: Personal and Contact Data as well as other Personal Data of the Data Subject (e.g., work activity performed and income data and assets, bank data, etc.).

For more information, the Data Subject may contact the Data Controller through the references indicated in paragraph 11 below.

The Data Controller is a company specializing in the creation of applications based on DLT (distributed ledger technologies) and that is, technologies based on distributed ledgers. Several applications make use of so-called public permissionless DLTs over which the Owner does not and cannot exercise any power of control, governance, or intervention. Although the Holder's applications do not involve, when properly used by the Data Subject, the recording of Personal Data readable on the DLTs (e.g., the name and surname of the Data Subject), some data relating to the transactions performed in the interest of the Data Subject may be subject to recording within the DLTs (e.g., the alphanumeric sequence identifying a transaction related cryptocurrency transfer). The nature of DLTs means that it is technically impossible to delete such data from the distributed ledger.

Legal basis of processing

The processing of Personal Data is based on the following legal bases:

  1. The consent given by the Data Subject for one or more purposes;
  2. need to perform the processing to fulfill a contractual obligation undertaken by the Data Controller;
  3. processing is necessary to fulfill a legal obligation to which the Controller;
  4. need to carry out the processing for a legitimate interest of the Controller or a third party.

For further information on the legal basis of each processing, the Data Subject may send at any time an e-mail to the contact addresses indicated in paragraph 11 of the this Information Notice.

For the purposes referred to in Article 3, paragraphs (i) to (ix) of this Notice, the legal basis is the Company's obligation to fulfill the agreement between the Company and the Data Subject.

Place of storage and transfer of data abroad

Personal Data will be stored at the operational headquarters of the Data Controller and at any other location where the parties involved, including any external data controllers, are located. There are no plans to transfer outside the European Union the Personal Data of the Data Subject except for the possible use of technological applications that have their own servers in non-EU countries. The Data Subject may at any time request further information on the methods of storage of Personal Data by sending an email to the addresses indicated in paragraph 11.

Period of storage

Personal Data will be kept for the period strictly necessary to fulfill the purposes for which it was collected. Personal Data will be retained for the entire duration of the contractual obligations undertaken by the Data Controller towards the Data Subject, the duration of the use of the Site by the Data Subject, for the time necessary for the fulfillment of the further purposes (e.g. the storage of the contact data of the Interested Party within the database of the Data Controller for promotional purposes related to the provision of services), for the time necessary to comply with applicable legal and regulatory obligations, as well as for own or third party defensive purposes.

If the processing of Personal Data is based on the consent of the Data Subject, the Personal Data Personal Data may be retained by the Data Controller until the consent is revoked. The Personal Data Personal Data may still be retained for a longer period if necessary to fulfill a legal obligation or by order of an authority. All Personal Data will be deleted or stored in a form that does not allow the identification of the Data Subject (anonymization) within 30 days after the end of the retention period.

Automated processing

The Personal Data collected will not be subject to any treatment and/or decision-making process automated, including profiling, that may produce legal effects for the Data Subject or that may significantly affect it. It should be noted that the Data Controller at any moment, at its own discretion, may carry out profiling activities by giving immediate communication, pursuant to art. 11, to the Data Subject in order to obtain his/her consent.

Rights of the Data Subject

A Data Subject may exercise his or her rights at any time by notifying the Data Controller. In particular, the Data Subject may:

  1. where given, withdraw his/her consent at any time;
  2. obtain information about how and why their personal data are being processed;
  3. object to the processing of one's Personal Data;
  4. access their Personal Data;
  5. verify one's Personal Data and request that it be changed or updated;
  6. obtain the restriction of processing where possible given the nature of the Personal Data processed and the purposes of the processing;
  7. Obtain the deletion or removal of their Personal Data;
  8. Receive your Personal Data or have it transferred to another Data Controller;
  9. Propose a complaint.
Recipients of Personal Data

Personal Data may be made accessible, for the purposes mentioned above:

  1. To employees and collaborators of the Data Controller, in their capacity as data processors, or to companies with which the Controller may enter into agreements;
  2. to third-party companies or other entities in their capacity as autonomous controllers, or who perform activities in outsourcing on behalf of the Controller, in their capacity as external controllers of the processing;
  3. to third-party companies that provide services complementary to those of the Controller and that do not perform outsourcing activities, with which the Controller may enter into agreements commercial agreements, including for the purpose of enabling them to provide services to the Data Subject;
  4. to third parties, business partners of the Data Controller for purposes of direct marketing in compliance with the requirements of the GDPR upon obtaining his/her consent (including partners providing data analysis and enrichment services);
  5. to the public administration or law enforcement or judicial bodies for reasons of security and compliance with laws. In this regard, the Holder reserves the right to disclose the data of the Data Subject to third parties if it deems the disclosure to be:
    • required by law;
    • required as part of an investigation, order, or proceeding of a judicial, administrative or legal character;
    • reasonably necessary as a result of an order from the judicial or law enforcement authorities;
    • reasonably necessary for the enforcement of the Agreement, this Privacy Policy and other existing agreements;
    • required to identify, prevent or resolve instances of fraud, misuse of the account, potential violation of law (or rules/regulations) and/or technical or security issues;
    • reasonably necessary, in its discretion, to ensure protection from imminent harm to the rights, property or safety of the Platform and/or of the Owner, its Users and employees and/or the Services.
    • The Data Controller may also disclose data about the Data Subject to its auditors or legal counsel to assess his or her rights and/or disclosure obligations under this Privacy Policy.
  6. The recipients of the register of names within the limits and under the conditions set forth in Art. 13 of the Contract.
Contact details

For any information regarding this Notice and/or the exercise of any of the rights or faculties indicated herein, the Interested Party may send an email to

In the event that the Interested Party wishes to file a complaint, he/she may do so by sending an appropriate communication to the following addresses: Garante per la protezione dei dati personali, Piazza Venezia 11, 00187 Rome, PEC:

Consequences of accepting the Privacy Policy

By accepting this policy, the Data Subject declares without reservation:

  1. that he/she has read in all its parts the Information Notice regarding the processing of his/her Personal Data, to be accepted in all parts concerning the points referred to in the purposes of processing;
  2. That I have received from the Data Controller and/or the appointees expressly authorized for the processing of your Personal Data exhaustive explanations and clarifications, where requested, about the purposes of your consent to the processing of your Personal Data, the manner of its processing and your rights related to the manifestation of your consent to the processing and what follows from it.
Featured in

Copyright @2023 Anubi Digital

Registered Office: Via Carlo Pascal, 7 - 12100 Cuneo (CN) - Italy - VAT: 03913000042

Turin Headquarters: I3P - Via Pier Carlo Boggio, 59 - 10138 Torino (TO) - Italy

Milan Headquarters: Fintech District - Via Filippo Sassetti, 32 - 20124 Milano (MI) - Italy