Iselino – Privacy Policy

This Privacy Policy (“Policy”) explains how Iselino.com, operated by Fina Iselino Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom (“Iselino”, “we”, “us”, “our”), collects, processes, and protects the personal data of users (“you”, “your”) when utilizing our platform.

By accessing or using the platform, you expressly consent to the processing of your personal data in strict accordance with the practices described in this Policy.

1. Data Controller and Contact

The legal data controller responsible for the processing of your personal data on the platform is:

Standard Response Time: Within 24 hours, Monday–Friday, Central European Time (CET).

2. What Data We Collect

We collect personal data that you voluntarily provide to us, as well as information that is automatically captured when you access and navigate the platform:

A. Data You Provide Voluntarily

• Identity and Contact Information: Your full name, email address, and telephone number.
• Billing and Payment Details: Financial transaction information necessary to process orders, securely managed through our authorized payment partner. Iselino does not store full credit card numbers on its own servers.
• Profile Information: Data relevant to your selected account type (Employer or Freelancer), including professional skills, descriptions, and profile pictures.
• Communication and Project Data: Text messages, file attachments, project documentation, and operational updates transmitted directly through the platform's internal chat and messaging tools.

B. Automatically Collected Data

• Technical Identifiers: Your Internet Protocol (IP) address, operating system, device type, and web browser specifications.
• Location Information: Regional or precise geographical location parameters, provided this feature is enabled on your device.
• Platform Usage Data: Detailed interactions with our system, including page views, system clicks, session durations, and general internal navigation paths.

C. Cookies and Similar Technologies

• Information collected via cookies, system tracking pixels, or other digital identification technologies. Please refer to our separate Cookie Policy for exhaustive operational details.

3. Purpose and Legal Basis of Processing

We process your personal data in full compliance with data protection laws for the following purposes:

• Platform Operation and Contract Fulfillment: Processing data to manage registration, support order flows, handle escrow transactions, execute secure payouts, and enable smooth user communication.
  Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).
• Security and Fraud Prevention: Implementing internal protocols to guard against system misuse, financial fraud, spam, cyberattacks, and unauthorized account access.
  Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).
• Marketing and Advertising (Optional): Transmitting occasional email newsletters, promotional platform campaigns, updates, or custom special offers.
  Legal basis: Voluntary user consent (Art. 6(1)(a) GDPR).
• Analytics and Platform Optimization: Monitoring anonymized platform trends and user behavior patterns to optimize functionality, visual layouts, and the overall user experience.
  Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

4. Data Sharing

Your personal information may be shared with verified third-party service providers strictly under the following statutory frameworks:

• Payment Processing: Financial details are securely routed to our payment merchant partner, Stripe, to settle transaction invoices, automatically manage platform commissions, and securely disburse Freelancer payouts. Iselino does not maintain or store full raw credit card credentials on its local systems.
• Technical Service Providers: Essential data may be made accessible to infrastructure partners handling web hosting, database maintenance, and automated digital platform analytics.
• Legal Compliance: Data may be transmitted to legal counsel, financial advisors, or public regulatory authorities if strictly required by applicable United Kingdom or international law.

5. Data Retention

• We retain personal information only for as long as necessary to fulfill the specific operational purposes outlined in this Policy, or as mandated by statutory preservation laws.
• System transaction logs, historical payment records, and legal invoicing data are preserved in alignment with UK tax and financial reporting retention obligations (typically up to 10 years).
• Data no longer tethered to a legitimate legal or operational retention requirement is securely purged or entirely anonymized.

6. Your Rights

Under international data protection laws (including the UK GDPR and EU GDPR), you possess the following actionable statutory rights:

• Right of Access: The right to request an official copy of all personal data held about you.
• Right to Rectification: The right to demand correction of inaccurate, obsolete, or incomplete personal files.
• Right to Erasure (“Right to be Forgotten”): The right to request permanent deletion of your data when it is no longer legally required.
• Right to Restriction: The right to request a temporary halt to processing under specific conditions.
• Right to Object: The right to object to processing activities, specifically concerning direct marketing communications or automated notifications.
• Right to Data Portability: The right to request a transfer of your personal data to another service provider in a structured, standard machine-readable format.

To exercise any of these individual rights, please submit an email request to: support@iselino.com

You also maintain the legal right to submit an official complaint to a competent data protection authority, such as the Information Commissioner’s Office (ICO) in the United Kingdom or your local EU supervisory authority.

7. Data Security

We apply rigorous technical and organizational security protocols—including standard Secure Socket Layer (SSL) encryption, protected network access frameworks, and systematic internal system audits—to safeguard your personal files from accidental loss, destructive modification, misuse, or unauthorized dissemination.

8. International Data Transfers

Your personal data may occasionally be transferred and processed outside the European Economic Area (EEA) or the United Kingdom, specifically when communicating with global technical infrastructure platforms (such as Stripe). In all such instances, we guarantee a legally sound level of protection by enforcing the execution of standard contractual clauses (SCCs) approved by the European Commission and UK authorities, or equivalent recognized international data security compliance frameworks.

9. Updates to this Privacy Policy

We reserve the right to modify this Privacy Policy as needed to match software updates, strategic business shifts, or evolving international legal requirements. Users will be alerted to major changes via their platform notifications or direct email. Continued interaction with the platform following an update implies conscious acknowledgment and acceptance of the revised terms.

10. Contact

End of Privacy Policy