Privacy Policy

In accordance with Regulation (EU) 2016/679 (GDPR), this notice describes the methods of processing personal data of users who utilize the WorkingApp platform, accessible through the website workingapp.net and dedicated mobile applications.

The data controller is Leonardo Network S.r.l., headquartered at Via dell’Argento, 13 – 58023 Gavorrano (GR), Italy, VAT/Tax code 01749180533, contactable at info@workingapp.net.

WorkingApp is a digital platform aimed at matching job demand and supply. The use of the service necessarily involves the processing of personal data provided by users during registration and while using the platform. Such data includes identifying and contact information, as well as professional data voluntarily entered by the user, such as work experiences, skills, CVs, and employment preferences.

The processing is carried out in order to allow the creation and management of the account, the publication and consultation of professional profiles, the search and selection by companies, as well as communication between users through the internal systems of the platform. Further processing may be carried out for administrative, accounting purposes, and for compliance with regulatory obligations.

Any subscription to paid services involves the processing of the necessary data for managing transactions. Payments are managed through certified external providers, including Stripe, who operate as independent data controllers concerning payment data.

Data processing is carried out using IT tools and methodologies strictly related to the indicated purposes, in compliance with the principles of lawfulness, fairness, transparency, and minimization. Appropriate technical and organizational measures are adopted to ensure data security and to prevent unauthorized access, loss, or unlawful use.

Personal data are stored for the time necessary for managing the contractual relationship and providing the service, as well as for the period required by current regulations. The user can request the deletion of their account and associated data at any time, subject to any legal retention obligations.

Data may be processed by third parties providing services functional to the operation of the platform, such as hosting infrastructure providers, IT services, and payment systems. Such parties operate as data processors or independent data controllers, as applicable. The data is not subject to dissemination.

The user has the right to obtain access to their personal data, the rectification or deletion of the same, the restriction of processing, as well as to object to processing and request data portability, within the limits provided by the GDPR. Requests can be sent to info@workingapp.net.

The data controller reserves the right to update this notice at any time, based on regulatory changes or service developments.

ACCOUNT AND DATA DELETION

The user can request at any time the deletion of their account and associated data through the following methods:

From the mobile app (iOS and Android): access your account, open the profile menu, select "Settings" → "Delete account," and confirm the request by entering your password.

From the website: access workingapp.net, go to profile settings, click on "Delete account" at the bottom of the page, and confirm the request by entering your password.

Via email: if access to the account is not possible, you can send a request to info@workingapp.net from the email address associated with the account. The request will be processed within 30 working days.

Once the request is confirmed, the following data will be permanently removed: profile personal data (name, surname, email, phone, address), profile picture and company logo, CV and uploaded documents, work experiences, education, skills, geographic location and search preferences, chat history and messages exchanged with other users, saved conversations and preferred candidates, session tokens and registered devices for push notifications, privacy preferences, language, and notifications.

Some data, due to regulatory obligations, are retained for a limited period even after account deletion: invoices and accounting documents related to subscriptions are retained for 10 years as required by Article 2220 of the Civil Code; security and access logs are retained for 6 months for security and fraud prevention purposes; any anonymized and aggregated data used for internal statistics is retained without any reference to the user's identity.

The account is deactivated immediately upon confirmation of the request. Personal data are removed from production systems within 7 days. Security backups containing such data are overwritten within 90 days.