Privacy policy
Privacy policy
Last updated: 08/07/2026
Information notice pursuant to artt. 13 and 14 of EU Regulation 2016/679 ("GDPR") and of Italian Legislative Decree 196/2003 as amended ("Privacy Code").
1. Data Controller
The Data Controller for personal data collected via locus.acquisizioniforensi.com and via the LOCUS app is:
Giovanni Carrieri
Via Camillo Rosalba, 49 — 70124 Bari (BA), Italy
VAT IT07669810728
Phone: +39 351 3608259
E-mail (privacy): locus@acquisizioniforensi.com
Certified e-mail (PEC): acquisizioniforensi@pec.it
Given the individual organisation of the Controller, the Data Protection Officer (DPO) coincides with the Controller and is reachable at the same contact details.
2. Processing methods
Personal data is processed with IT and telematic tools, with logic strictly related to the purposes indicated and adopting technical and organisational security measures suitable to prevent loss, unlawful or incorrect use and unauthorised access (art. 32 GDPR). Specific measures:
- TLS 1.2+ encrypted connections between browser/app and server.
- User passwords protected with Argon2ID hashing (memory_cost 64 MB, time_cost 4, threads 3); the plain version is never accessible.
- Sessions with HttpOnly, Secure, SameSite=Lax cookies; CSRF token rotation on every form.
- Anti–brute force protection with progressive lockout after 5 failed attempts.
- Per-IP rate-limit on public registration and password recovery endpoints.
- Production server access limited to the Controller with multi-factor authentication.
3. Categories of data and purposes
3.1 Registration and billing data
First name, last name, e-mail address, password (as hash), country of residence/billing and — if the user provides them to receive a receipt or invoice — company name, tax code, VAT number, SDI unique code (Italian subjects only), certified e-mail (PEC), address, city, ZIP code, province, phone.
Purpose: deliver the LOCUS service, manage the account, issue payment receipt, fulfil accounting and tax obligations.
Legal basis: contract performance (art. 6.1.b GDPR); legal obligation for invoicing and accounting retention (art. 6.1.c GDPR).
3.2 Navigation data and technical logs
IP address, browser user-agent, date and time of requests, requested URLs, server response codes, response size. This data is collected automatically by the web servers and by the app for security, diagnostic, fraud prevention and aggregate anonymous statistics purposes.
Legal basis: legitimate interest of the Controller in the security and integrity of the service (art. 6.1.f GDPR). Access logs are retained for a maximum of 90 days, except for need of longer retention to reconstruct security incidents.
3.3 Forensic acquisitions generated by the user
The actual evidence content (photos, video, audio, frames) is NOT transmitted or stored on LOCUS servers. The full BagIt bundle — which holds the media together with the Ed25519-signed manifest, RFC 3161 timestamp, MD5/SHA-256/SHA-512 hashes and CASE/UCO sidecar — is generated on the device and remains the exclusive property of the user.
For each acquisition, the LOCUS server records only a set of metadata and representations that do not reveal the content: signed manifest, hashes, timestamp, device data and a histogram image with its perceptual hashes (the waveform for audio). This allows:
- consultation from the user reserved area;
- public verification of the single record via the permalink /verify/<short_code> (a link the user decides whether to share and with whom) — which shows the histogram, never the real image, and does not disclose the GPS position;
- generation of forensic PDF reports.
The recorded data is never used for purposes other than service delivery and is never shared with third parties without explicit request of the data Owner (the user).
Legal basis: contract performance (art. 6.1.b GDPR). Not transferring the evidence content implements the data minimisation principle (art. 5.1.c GDPR).
3.4 Error telemetry (optional)
The LOCUS app may send diagnostic messages to the server app-locus/error-locus in case of crashes or anomalies. These messages contain the stack trace, the installation identifier (random UUID generated on the device, not linked to the user) and the app version. The contents of the bundles, passwords or identifying personal data are never sent.
Legal basis: legitimate interest of the Controller in product improvement (art. 6.1.f GDPR).
3.5 Commercial communications (newsletter)
Only with explicit consent given at registration or later from the account area. Consent is revocable at any time from the reserved area or by clicking on "Unsubscribe" at the foot of commercial e-mails.
Legal basis: consent of the interested party (art. 6.1.a GDPR).
4. Provision of data
The provision of registration and billing data is necessary to access the service; refusal entails the impossibility of creating an account. The provision of data for marketing purposes is optional and the lack of adherence does not in any way prejudice the use of the service.
5. Communication to third parties and extra-EU transfer
Data is processed on servers in the European Union (Hostinger infrastructure) and is not transferred outside the European Economic Area (EEA). The parties that may process data as external Processors (art. 28 GDPR) are:
- Hostinger International Ltd. — web and database hosting (privacy policy).
- Stripe Payments Europe Ltd. — payment processing via redirect checkout (credit card data does NOT transit LOCUS servers; privacy policy).
- InfoCert S.p.A. — qualified eIDAS timestamping, only if explicitly requested by the user (privacy policy).
- Sectigo Limited, DigiCert and GlobalSign — RFC 3161 timestamp authorities in a fallback cascade (only the document hash is sent to the TSA service, never the content).
Transactional e-mails are sent from robot@acquisizioniforensi.com through Hostinger SMTP servers; no third-party e-mail providers outside the EU are used.
6. Retention period
- Registration and billing data: for the duration of the contractual relationship and for the following 10 years (accounting retention obligation under art. 2220 of the Italian Civil Code).
- Access logs and telemetry: 90 days.
- Forensic bundles: as long as the account is active; in case of account closure, bundles are deleted within 30 days unless otherwise requested by the user (e.g. documented judicial need requiring prolonged retention).
- Marketing data: until consent is revoked and in any case not beyond 24 months from the last contact.
7. Rights of the interested party
The interested party has the right, at any time, to:
- obtain confirmation of the existence of processing concerning them and access the data (art. 15);
- request rectification of inaccurate data (art. 16);
- request erasure (right to be forgotten — art. 17);
- request restriction of processing (art. 18);
- object to processing for marketing purposes (art. 21);
- receive data in a structured and commonly used format to transfer it to another controller (portability, art. 20);
- revoke at any time the consent given for marketing purposes.
To exercise their rights it is sufficient to write to locus@acquisizioniforensi.com or send a certified e-mail (PEC) to acquisizioniforensi@pec.it. Reply within 30 days.
The interested party also has the right to lodge a complaint with the competent supervisory authority: Italian Data Protection Authority (protocollo@gpdp.it).
8. Changes to this notice
The Controller reserves the right to make changes to this notice at any time, publishing them on this page. Users are invited to consult it regularly.
9. Cookies
For details of the cookies used, please refer to the dedicated cookie policy.