Last Update: 02/07/2025
1. Introduction
Opinspire S.r.l. (“we,” “us,” or “our”) is committed to protecting the privacy and personal information of our users across our tourism workplace review platform. This comprehensive privacy policy explains how we collect, use, store, and protect your personal data when you use OpinSpire.com.
This privacy policy is designed to comply with international privacy regulations, including but not limited to the GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and Italian Data Protection Code (Legislative Decree 196/2003).
2. Information We Collect
2.1 Personal Information You Provide
When you use OpinSpire, we collect information you directly provide to us:
Account Registration:
- Name and surname
- Email address
- Password (encrypted)
- Date of birth (age verification)
- Location/Country
Employment Verification:
- Current/former employer names
- Job titles and roles
- Employment dates
- Work location details
- Employment documentation (when verification required)
Review Content:
- Written reviews and ratings
- Photos (premium users only)
- Comments and responses
- User-generated content
Payment Information (Premium Users):
- Credit/debit card details
- Billing address
- Payment history
- Subscription preferences
2.2 Information We Collect Automatically
Technical Data:
- IP address and location data
- Device information (browser, operating system)
- Usage patterns and site navigation
- Cookies and similar tracking technologies
- Search queries and filters used
Analytics Data:
- Page views and session duration
- Feature usage statistics
- Platform performance metrics
- User engagement patterns
2.3 Information from Third Parties
Social Media Integration:
- Profile information from social login (LinkedIn, Facebook, Google)
- Professional background verification
- Network connections (with your consent)
Employment Verification Services:
- Employer confirmation data
- Industry databases
- Professional reference checks
3. How We Use Your Information
3.1 Core Platform Services
- Account Management: Creating and maintaining user accounts
- Review Authentication: Verifying employment claims and preventing fraud
- Content Moderation: Ensuring review quality and guideline compliance
- Employer Matching: Connecting reviews to correct tourism businesses
- Platform Security: Protecting against abuse and unauthorized access
3.2 Improving User Experience
- Personalization: Customizing content and recommendations
- Search Optimization: Improving search results and filtering
- Feature Development: Developing new platform features
- Performance Enhancement: Optimizing site speed and functionality
3.3 Communication
- Service Updates: Important platform announcements
- Verification Requests: Employment verification communications
- Moderation Notices: Review approval/rejection notifications
- Marketing Communications: Newsletter and promotional content (with consent)
- Customer Support: Responding to inquiries and issues
3.4 Legal and Compliance
- Regulatory Compliance: Meeting legal and regulatory requirements
- Dispute Resolution: Handling user complaints and conflicts
- Fraud Prevention: Detecting and preventing fraudulent activity
- Data Protection: Implementing security and privacy measures
4. Legal Basis for Data Processing
We process your personal data based on:
- Legitimate business interests (platform security, fraud prevention)
- Contractual necessity (providing our services)
- Legal compliance (regulatory requirements)
- Your consent (marketing communications, optional features)
For detailed information about your rights under GDPR and other data protection laws, please see our separate GDPR Compliance document.
5. Data Sharing and Disclosure
5.1 We Share Data With:
Service Providers:
- Cloud hosting providers (data storage)
- Payment processors (subscription billing)
- Email service providers (communications)
- Analytics providers (platform improvement)
- Employment verification services
Business Partners:
- Tourism industry organizations (with consent)
- Professional development platforms
- Job search platforms (with consent)
Legal Requirements:
- Law enforcement agencies (when legally required)
- Regulatory authorities (compliance purposes)
- Legal proceedings (court orders, subpoenas)
5.2 We Do NOT Share:
- Personal information with employers you review
- Individual review authorship details
- Private messages between users
- Financial information with third parties (except payment processors)
6. Data Security
6.1 Security Measures
- Encryption: All data transmitted using SSL/TLS encryption
- Access Controls: Role-based access to personal data
- Regular Audits: Security assessments and vulnerability testing
- Staff Training: Employee data protection education
- Incident Response: Procedures for data breach management
6.2 Data Storage
- Location: Servers located in EU (GDPR compliant)
- Backup Systems: Regular encrypted backups
- Retention Policies: Automatic data deletion procedures
- Access Logs: Monitoring of data access and modifications
7. Data Retention
7.1 Retention Periods
Active Accounts:
- Personal data: Retained while account is active
- Review content: Retained indefinitely for platform value
- Employment verification: 3 years after verification
Inactive Accounts:
- Account deletion: Automatic after 2 years of inactivity
- Personal data removal: Within 30 days of account deletion
- Review anonymization: Reviews remain but author info removed
Legal Requirements:
- Financial records: 7 years (Italian law)
- Communication logs: 2 years
- Security incidents: 5 years
7.2 Data Deletion
Users can request immediate data deletion by:
- Using account settings deletion option
- Contacting privacy@opinspire.com
- Following formal data protection request procedures
8. Your Privacy Rights
8.1 Data Protection Rights
You have various rights regarding your personal data, including:
- Access to your personal information
- Correction of inaccurate data
- Deletion of your personal data
- Data portability (receiving your data)
- Objection to certain processing
- Withdrawal of consent for voluntary data collection
For detailed information about these rights and how to exercise them, please see our separate GDPR Compliance document.
8.2 Account Management
You can directly manage your data through your account:
- Update personal information
- Modify privacy settings
- Delete reviews and content
- Deactivate or delete your account
- Adjust communication preferences
9. Cookies and Tracking Technologies
9.1 Types of Cookies We Use
Essential Cookies:
- User authentication and session management
- Security and fraud prevention
- Platform functionality
Analytics Cookies:
- Usage statistics and performance monitoring
- User behavior analysis
- Platform improvement insights
Marketing Cookies (with consent):
- Targeted advertising
- Social media integration
- Conversion tracking
9.2 Cookie Management
Users can control cookies through:
- Browser settings and preferences
- Platform cookie consent tools
- Third-party opt-out mechanisms
10. International Data Transfers
When necessary, we may transfer your data internationally with appropriate safeguards in place, including:
- Standard contractual clauses approved by the European Commission
- Transfers to countries with adequate data protection as recognized by the EU
- Other legally approved transfer mechanisms
For specific details about international transfers and safeguards, please see our GDPR Compliance document.
11. Children's Privacy
11.1 Age Restrictions
- Minimum Age: 16 years (aligned with working age)
- Age Verification: Required during registration
- Parental Consent: Required for users under 18
11.2 Protection Measures
- Enhanced privacy protections for minors
- Restricted data collection for users under 18
- Additional consent requirements for data processing
12. Business Transfers
In the event of a merger, acquisition, or sale of OpinSpire:
- Users will be notified 30 days in advance
- Data protection standards will be maintained
- Users may delete accounts before transfer
- New privacy policy will be provided
13. Privacy Policy Updates
13.1 Notification Process
- Email Notification: Sent to all registered users
- Platform Notice: Prominent website announcement
- Version History: Previous versions available upon request
13.2 Effective Date
Changes take effect 30 days after notification, except:
- Legal compliance requirements (immediate effect)
- Security improvements (immediate effect)
- User-beneficial changes (immediate effect)
14. Contact Information
14.1 Data Protection Contacts
General Privacy Inquiries:
- Email: privacy@opinspire.com
- Response Time: 3-5 business days
Data Protection Officer:
- Email: dpo@opinspire.com
- Phone: [To be added when company is established]
Mailing Address: OpinSpire S.r.l. [Address to be added when company is established] Italy
14.2 Data Protection Inquiries
For GDPR and data protection rights:
- See our separate GDPR Compliance document
- Email: privacy@opinspire.com
- Response time: 30 days maximum
Italian Data Protection Authority:
- Website: garanteprivacy.it
- For complaints about our data practices
15. Tourism Industry Considerations
15.1 Seasonal Employment
- Data Collection: Adapted for seasonal work patterns
- Verification Flexibility: Accommodating temporary employment
- Review Timing: Consideration for seasonal work cycles
15.2 International Workers
- Multi-language Support: Privacy information in multiple languages
- Cultural Considerations: Respect for diverse privacy expectations
- Legal Compliance: Adherence to workers’ home country requirements
15.3 Employer Relations
- Anonymity Protection: Strong measures to protect reviewer identity
- Non-retaliation: Policies preventing employer retaliation
- Professional Standards: Industry-appropriate data handling
Contact Us: For any questions about this Privacy Policy or our data practices, please contact us at privacy@opinspire.com
This Privacy Policy is designed to be transparent, comprehensive, and compliant with applicable data protection laws. We are committed to protecting your privacy while providing valuable services to the tourism industry community.