1. Data controller
The data controller is Mediachrome S.r.l., with registered office in Italy ("Mediachrome" or the "Controller"). For privacy requests you may write to privacy@mediachrome.it; for general information, to info@mediachrome.it.
This notice describes the processing carried out through this website and, in general terms, through the Mediachrome.Radar platform. Any enterprise contracts, DPAs, processor appointment agreements or customer-specific notices prevail for processing carried out within the service configured for that customer.
2. Scope of this notice
This Privacy Policy applies to website visitors, people submitting contact or demo requests, business contacts, authorized platform users, recipients of dashboards, tickers, briefings, alerts or other outputs, and natural persons whose data may incidentally appear in monitored public content or in content from authenticated services configured by the customer.
Mediachrome.Radar is a B2B solution for organizations, companies, institutions and professional teams. It is not intended for minors or for household or personal use.
3. Categories of personal data processed
| Category | Examples | Source |
|---|---|---|
| Contact data | First name, last name, business email, phone, company, role, request content. | Provided voluntarily through forms, email or commercial contact. |
| Browsing data | IP address, technical logs, user agent, timestamp, requested page. | Collected automatically by the systems delivering the website or service. |
| Account and authorization data | Business user, role, permissions, access records, audit logs, operational preferences. | Provided by the customer or generated while using the platform. |
| Monitored public content | News, public posts, press releases, URLs, source, timestamp, aggregate metrics, topic, sentiment, resonance. | Publicly available sources or authorized sources. |
| Content from authenticated services | Content made available by services to which the customer is subscribed or authorized, through connectors and credentials configured by the user. | Third-party services authenticated by the user/customer. |
Mediachrome applies the principles of minimization, proportionality and purpose limitation: only data needed to provide the website, demo, service, outputs or contractual and legal obligations is processed.
4. Public sources, authorized sources and authenticated connectors
For analysis of news, sentiment, resonance, topics, competitors and stakeholders, Mediachrome.Radar relies EXCLUSIVELY on publicly available content, public sources or sources for which there is a valid authorization basis.
By way of example, websites, RSS/Atom feeds, press releases, online publications, blogs, institutional sources, public pages, public channels and content accessible through official APIs or compliant data providers may be analyzed.
Exception for authenticated services: where the user or customer has a subscription, license, authorization or account with specific information services, databases, social platforms or third-party providers, Mediachrome.Radar may also access content made available by those services through dedicated connectors, after authentication and configuration by the user or customer. Access takes place within the limits of permissions, scopes, contractual terms and settings of the connected service.
Mediachrome.Radar does not use connectors to bypass paywalls, technical restrictions, licenses, terms of use or security measures.
5. Purposes and legal bases of processing
| Purpose | Data | Legal basis |
|---|---|---|
| Responding to contact and demo requests | Contact data and message | Pre-contractual measures or consent where required |
| Providing the website and technical security | Browsing data, technical logs | Legitimate interest in security and operation |
| Providing the platform and outputs | Accounts, configurations, monitored content, operational logs | Performance of the contract |
| Monitoring sources, news, social channels and public content | Public content, URLs, metadata, topics, aggregate metrics | Customer legitimate interest and/or performance of the contract |
| AI analysis, summaries, sentiment, ranking | Public or authorized texts, metadata, scoring, aggregate outputs | Performance of the contract and legitimate interest |
| Technical cookies and preferences | Cookie preferences, essential technical data | Technical necessity; consent for non-essential tools if activated |
7. Recipients, processors and no disclosure to third parties
User data is NOT disclosed to third parties. Mediachrome does not sell, transfer or make available to undefined parties the personal data of website users, customers or authorized platform users.
Some data may be processed by technical, infrastructure or professional providers strictly necessary to deliver the website and service, such as hosting, email delivery, security, maintenance, CRM or support. Where applicable, these providers act as processors under Article 28 GDPR or as independent controllers within the limits of their respective services.
Any transfers to countries outside the EEA take place only where adequate safeguards are in place, such as adequacy decisions, standard contractual clauses or other conditions allowed by the GDPR.
8. Retention periods
- Demo and contact requests: for the time necessary to manage the request and up to 24 months for B2B follow-up consistent with the request, unless a contractual relationship exists.
- Browsing data and technical logs: for the time necessary for security, diagnostics and abuse prevention, generally up to 12 months.
- Account and configuration data: for the duration of the contract and thereafter according to contractual terms, legal obligations or protection of rights.
- Monitored content and briefings: for the period configured by the customer, according to archive, audit, briefing and reporting needs.
9. Data subject rights
In the cases and within the limits provided by the GDPR, the data subject may exercise the rights of access, rectification, erasure, restriction, portability, objection and withdrawal of consent where processing is based on consent. Requests may be sent to privacy@mediachrome.it.
The data subject has the right to lodge a complaint with the Italian Data Protection Authority or another competent supervisory authority.
11. Security, audit and control
Mediachrome adopts technical and organizational measures appropriate to the risk, including access control, audit logs, separation between administrative areas and public outputs, role management, limitation of keys and secrets, change tracking and system protection measures.
12. Updates to this notice
Mediachrome may update this Privacy Policy to reflect regulatory, technical, contractual or functional developments. The updated version will be published on this page with the last updated date.
6. Processing related to social media and sentiment
The social component is one part of this privacy policy and is not its sole focus. Monitoring of the planned social channels — X/Twitter, Facebook, Instagram, LinkedIn and TikTok — takes place only where technically possible and legally permitted, preferably through official APIs, feeds, authorized integrations or providers compliant with the terms of the respective services.