Privacy policy



FeedbackLoop pays particular attention to the personal data protection of its users.

By joining our Community, you will share with us some of your personal information. For this reason, we want to make sure that you understand how we collect this information, the subjects with which we share it, and also how you can control, modify and update this information.

The purposes of this Privacy Policy Statement are therefore to:

  1. Explain what data FeedbackLoop collects.
  2. Explain how we at FeedbackLoop utilize, manage and share such data.
  3. Explain what options are available to the User.

This Privacy Policy Statement is provided pursuant to the EU General Data Protection Regulation (General Data Protection Regulation, hereinafter “GDPR”), and Legislative Decree 196/2003 as amended by Legislative Decree 101/2018.

By using our Application, you accept and consent to the practices described in this Privacy Policy Statement. If you do not accept the provisions herein indicated, we kindly ask you not to use the Application.



The processing Data Controller is FeedbackLoop Srl, VAT 10109780964, with registered office in Corso Sempione 15/A, 20145 Milan, Italy.

For any further information or clarification, FeedbackLoop may be contacted at the indicated post address, or at the email address:

FeedbackLoop appointed a Data Protection Officer (DPO), who can be contacted at the email address:


  2. Information that you choose to provide us

If you decide to join the FeedbackLoop Community, you will need to provide us with some information such as your name, surname, email address, and your role within the Company you are part of.

If you wish, you can link a photo to your profile. In this case, and with your consent, we could only access the photos by you selected in order to change the profile picture. In any case, you can stop sharing photos and withdraw consent at any time.

As you know, our Application is designed to enable participants their own performance growth. Therefore, we will memorize your interactions, your moods, and sent and received feedback for this purpose. This information we collect generates individual dashboards ­ private and protected ­ where only you will have the possibility to observe what is your impact on others and receive suggestions on how to improve it.

Furthermore, through the interactions, moods, and given and received feedback, we will create reports and indicators to summarize the App usage modalities, and the outcomes of the interactions having taken place, so for you to be constantly updated on the progress of your activities, and on the way in which the latter are acknowledged by the Community.

Through our Application you will also be able to exchange messages with the other Community members. We will never have access private conversations. Our task is limited to the technical aspects aimed at ensuring the correct functioning of the messaging tool and its security.

With your consent, we could access your calendar to allow you to record your moods during the most important events.

Other information we collect is obviously the one that you choose to provide us when you contact the assistance service or communicate with us in any other way.


Please bear in mind that the feedback you decide to provide will be visible to the colleague for whom such feedback was expressed, and only to her/him. The feedback by you provided will not be associated with you, unless you decide to “appear”.

Kindly remember: it is necessary to adopt a correct and diligent behaviour and, above all, aimed at a constructive debate with the Community members. The aim of our App is to “team up” within the Company, to be proactive, and to make suggestions for constant professional growth.

  1. Information that we automatically acquire when you use our services

Information on devices and usage modalities: we collect information on the device where you install our services, or through which you log in, based on the authorizations by you provided. We may associate the information we collect from your various devices in order to provide consistent services on the various devices utilized. Here are some examples of information we collect on the devices:

  • your IP address;
  • the date and time of access to our service;
  • the hardware, software or browser you use, and information about your computer operating system and the Application version;
  • the language settings.

If you utilize a mobile device, we collect data identifying your device, settings and phone characteristics.



The information we collect is used for the following purposes:

  1. To obtain statistical information on the App usage, so to check its correct functioning and make improvements.
  2. To ascertain potential liabilities in the case of computer crimes, and/or incorrect and unlawful use of the App.
  3. To perform statistical analysis and classifications through aggregated data processing, preventively anonymized, so that they are in no way ascribable to the person.

The legal basis of the processing for these purposes is represented by the protection of a legitimate interest of the Data Controller, the fulfilment of legal obligations, as well as for the execution of the contract with reference to the App usage, guaranteeing the interested party a better navigation experience.

  1. To enable you to participate in the Community through the App features, and the related services offered (generate content, provide feedback, memorize participation in activities, send messages).
  2. To show the User statistical analysis of her/his behaviour, moods and interactions with the other Community members via feedback exchange.
  3. To provide feedback to User requests.

The legal basis of the processing is the execution of pre-contractual and contractual measures to respond to the content of the requests by the interested party. There is no obligation to provide the personal data required. The provision of data is, in fact, optional. However, the refusal to provide the requested data will imply the impossibility to utilize the App.

No marketing activities will be carried out.


User data will be processed lawfully and correctly, taking appropriate security measures to prevent unauthorized accesses, disclosure, modification or unauthorized destruction of data. Processing is carried out using IT and/or electronic means, with organizational methods and logics strictly related to the indicated purposes. In addition to the Data Controller, in some cases, categories of authorized parties involved in the organization and management of the service provided by FeedbackLoop (administrative staff, system administrators, etc.), may gain access to the data.



As you know, some information pertaining you is public within the Community. Particularly, your identification and contact details, your job duties, your photo will be visible, in addition to the feedback that you will decide to make visible to interested parties.

Furthermore, for the indicated purposes, personal data may be communicated to employees and collaborators of the Data Controller, in their capacity as persons authorized to process data for the performance of the necessary activities and with the protection guarantee of data subject rights, as well as to professionals or service companies performing activities in outsourcing on behalf of the Data Controller, in their capacity as Data Processors (for example, credit institutions, professional firms, consultants, etc.).

Finally, the data may be communicated to all those public and private subjects whose right to access the data is recognized by legal provisions, or by orders of the authorities.

More information on the subjects to which the data may be communicated will be provided to interested parties in the exercise of their rights pursuant to article 15 of the EU GDPR.

The result of the statistical analyses carried out on the aggregated and anonymous data may be shared with the Data Controller commercial partners, but no personal data of the interested party will be ever communicated to these subjects.



FeedbackLoop stores the data as long as it is necessary to provide its services, or until the account is deleted.

The data retention time varies based on elements such as: nature of the data, reason for which they are collected and processed, and related legal needs.

In any case, the criterion applied to determine the retention period is based on compliance with the terms allowed by the applicable laws, and the principles of minimization of processing and rational archives management.

When you delete your account, we delete all data concerning you including public information, and you will no longer be able to retrieve this information.

We will only retain the information required to fulfil legal obligations, and for a period not exceeding the one required for compliance.



The interested party, pursuant to articles 15-22 EU GDPR 679/16, has the right to:

  • access her/his data and receive copy of them;
  • obtain the amendment of the personal data pertaining her/him, and their integration if they are incomplete;
  • obtain the cancellation of her/his personal data;
  • obtain the limitation of the data processing when certain conditions are met;
  • receive her/his data or have them transferred to another data controller, in a structured, commonly used and legible format, if technically feasible;
  • oppose the processing of her/his data for reasons related to own particular situation;
  • not to be subject to a fully automated decision-making process, unless required by law.

The User may also contact us if she/he believes that FeedbackLoop has no right to utilize certain information, or if she/he is still unsure about how her/his data are managed or about this Privacy Policy Statement.

Requests should be sent in writing to the Data Controller at the addresses indicated in paragraph I of this Privacy Policy Statement.

In any case, the interested party has always the right to lodge a complaint with the competent control authority (Guarantor for the protection of personal data), pursuant to article 77 of the EU GDPR, if she/he considers that the processing of her/his own data is contrary to the legislation in force.


FeedbackLoop does not transfer personal data to third countries or international organizations. However, it reserves the right to use cloud services. In this case, the service providers will be selected among those which provide adequate guarantees, as required by article 46 of the EU GDPR.


The Data Controller reserves the right to modify or simply update the content of this Privacy Policy Statement, in part or completely, also due to changes in the applicable legislation.

Therefore, the Data Controller invites its users to regularly visit this section in order to stay up to date on the collected data and their use by the Data Controller.


Last update on June 27th, 2019