Privacy Policy

Information notice pursuant to Articles 13-14 of EU Regulation 2016/679 (GDPR)

Data controller

The data controller is the operator of the website treniamo.it, contactable at:

info@treniamo.it

Data collected and purposes

Treniamo does not require registration and does not collect personally identifiable data. The data processed includes:

  • Anonymous usage data: Pages visited, load times, device type and browser. Used to improve the service.
  • Cookie consent logs: Consent ID, accepted categories, timestamp and hashed IP address (non-reversible). Stored to demonstrate consent under GDPR.
  • Error data: Technical information about site errors (Sentry), used exclusively to resolve technical issues.
  • Data entered in the refund form: Name, email and travel details entered in the refund assistant. This data is processed exclusively in the browser and is never sent to our servers.

Legal basis for processing

Consent (Art. 6.1.a GDPR)

For analytics cookies (Google Analytics), functionality cookies (Sentry Replay) and advertising cookies (Google AdSense). Consent can be withdrawn at any time via the "Manage cookies" panel in the footer.

Legitimate interest (Art. 6.1.f GDPR)

For essential technical cookies required for the site to function and for consent log recording.

Third parties and external services

The following third-party services may process data:

  • Google Analytics (Google LLC)

    Anonymized analysis of site usage. Only with consent.

  • Google AdSense (Google LLC)

    Contextual and personalized advertising on the site. Advertising cookies are only activated with explicit user consent.

    Google Ads privacy policy

  • Sentry (Functional Software Inc.)

    Error monitoring and session replay to improve reliability. Consent required for replay.

  • Cloudflare (Cloudflare Inc.)

    CDN and DDoS protection. Processes connection data for security purposes.

Data transfers outside the EU

Some third-party services (Google Analytics, Sentry, Cloudflare) may transfer data outside the European Economic Area. Such transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission and/or the EU-US Data Privacy Framework.

Data retention period

  • Cookie consent logs: 3 years (GDPR legal obligation)
  • Google Analytics data: per Google's policies (26 months)
  • Railway event data: 2 years (anonymous, non-personal data)
  • Sentry error data: 90 days

Data subject rights (Arts. 15-22 GDPR)

As a data subject, you have the right to:

  • Access: obtain confirmation of data concerning you and receive a copy
  • Rectification: request correction of inaccurate or incomplete data
  • Erasure: request deletion of data ("right to be forgotten")
  • Restriction: request restriction of processing
  • Portability: receive data in a structured, machine-readable format
  • Objection: object to processing based on legitimate interest
  • Withdraw consent: withdraw consent at any time without affecting the lawfulness of prior processing

How to exercise your rights

To exercise your rights, send a request to:

info@treniamo.it

We will respond within 30 days of receiving your request.

Complaint to the supervisory authority

You have the right to lodge a complaint with the Italian supervisory authority:

Garante per la protezione dei dati personali (Italian Data Protection Authority)

Website: www.garanteprivacy.it

Last updated: March 2026