Privacy Policy

DFM — Defence Finance Monitor is operated by Stroncature S.r.l., an Italian limited liability company. As data controller, Stroncature S.r.l. is responsible for the processing of personal data collected through this platform in accordance with Regulation (EU) 2016/679 (GDPR).

We collect the following categories of personal data:

• Account data: name, professional email address, organisation, job title, and subscription tier selected at registration.
• Usage data: search queries, entities viewed, reports generated, API calls made, and session timestamps. This data is pseudonymised and used exclusively for service improvement and audit purposes.
• Technical data: IP address, browser type, operating system, and device identifiers collected automatically when you access the platform.
• Communication data: any messages sent to our support or sales teams.

We do not collect sensitive personal data (as defined in Article 9 GDPR) and do not process data of minors.

We process your personal data on the following legal bases:

• Contract performance (Article 6(1)(b) GDPR): processing necessary to provide the subscription service you have contracted for.
• Legitimate interests (Article 6(1)(f) GDPR): security monitoring, fraud prevention, platform analytics, and service improvement.
• Legal obligation (Article 6(1)(c) GDPR): compliance with applicable EU and Italian law, including tax and accounting obligations.
• Consent (Article 6(1)(a) GDPR): optional marketing communications, where explicitly opted into.

Account data is retained for the duration of your subscription and for 24 months thereafter for legal and audit purposes. Usage logs are retained for 12 months. You may request earlier deletion subject to applicable legal retention obligations.

We do not sell or rent personal data. We may share data with:

• Infrastructure providers: cloud hosting and database providers operating under GDPR-compliant data processing agreements.
• Payment processors: for subscription billing, under PCI-DSS compliant arrangements.
• Legal authorities: where required by applicable law or court order.

All third-party processors are contractually bound to process data only on our instructions and in compliance with GDPR.

Under GDPR, you have the right to: access your personal data; rectify inaccurate data; request erasure (subject to legal retention obligations); restrict or object to processing; and data portability. To exercise any right, contact privacy@dfm-platform.eu. You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali).

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure, including encryption in transit and at rest, access controls, and regular security reviews.

We may update this policy to reflect changes in law or our practices. We will notify registered users of material changes by email at least 30 days in advance of their effective date.

For any privacy-related enquiries: privacy@dfm-platform.eu — Stroncature S.r.l., Italy.