Privacy Policy according to the European Data Protection Regulation No. 679/2016

Pursuant to art. 13 of the EU Regulation No 2016/679 (hereinafter “GDPR 2016/679”), laying down provisions for the protection of individuals with particular regard to the processing of personal data, we are pleased to inform you that the personal data provided will be processed in compliance with the European legislation and the obligations of confidentiality which is required acube SB srl.

Data Controller: acube SB srl, acube SB srl, via Ampère 61/a – 20133 Milano e-mail

Personal data are provided by users interested to apply to the acceleration program “Faros” (hereinafter, the “Program”), dedicated to startups developing solutions in fields related to logistics and port automation, sustainable use of marine resources and coastal tourism.

The Controller shall evaluate the startup application forms submitted by users (hereinafter “Applicants” or “Users”), together with the relevant documentation, in order to evaluate the
existence of all the requirements and consequently select the participating startups. This evaluation process is carried out by a limited number of subjects, expressly identified by the Controller.

1. Typology of Data

For the realization of initiatives related to the acceleration program Faros, it will be necessary to collect some personal data relating to stakeholders, such as name, surname, e-mail address, telephone number, professional position.

The processing will not concern data of a sensitive nature, pursuant to art. 9 Chapter I (“special categories of personal data”) of the Regulation (i.e. those data “…capable of revealing racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union, as well as personal data disclosing health and sex life”).

The processing of personal data concerns information that Applicants voluntarily decide to provide in order to apply to the Program, on their own behalf or on behalf of the startup of which they are partners or directors, for an evaluation and a possible contact request.

Applicants shall complete an online registration procedure on the “F6S” platform (hereinafter the “Platform”) in order to submit the startup’s application to the Program. By registering, Applicants are invited to provide certain identification and contact data (such as first name, last name, job title, e mail address and telephone number) in order to better manage their needs and to easily provide direct feedback.

Such data relate mainly to the members’ background, as well as details regarding the figures involved in the development of the business idea that the Users intend to pursue during their participation to the Program.

Applicant who uploads and/or share data relating to people other than themselves hereby declare that they have obtained the prior consent of such third parties and have shared with them the purposes of the data processing.

To protect your rights, we ask you to limit the information to what is strictly necessary for the purpose of filling out the cited form. Therefore, we kindly ask you not to release any further information, especially of a sensitive nature (Art. 9 of the GDPR) that cannot be processed, unless you have given your explicit consent, nor to send files containing information more than what is necessary for the main purposes of the Program and for the management of related requests.

All information related to the initiative/project, once communicated, may be shared by the Controller within the circuit identified for the valorization of the activities, within the limits and in compliance with the purposes for which they were acquired.

2. Legal basis and purpose of processing

2.1. Data collected for the application to the Program

The Controller will process data automatically to collect, manage and process the Applicants personal data provided in the application forms, in order to select startups for the Program.
The processing of personal data is strictly related to the implementation of the Program, data are processed exclusively for the purpose of the participation to the Program itself, for the fulfilment of precontractual obligations and for the exact fulfillment of all legal obligations imposed by national and EU Regulations.

Please note that the provision of data is optional, however, refusal to provide your identification data for this purpose will make it impossible for us to manage your application and to grant you the opportunity to apply for the Program.

2.2. Data collected for promotional activities

Data may be used for advertising and promotional activities, in order to send promotional communication, direct offers and newsletters about services, future initiatives, and next events organized and sponsored by Acube through traditional methods, by using the telephone operator and paper mail, and/or also through automated systems (e-mail, sms, mms,fax). Such data will be processed in the basis of the user’s consent, which is expressed by means of a declaration or a positive action (flag).

The data subject’ has the right to withdraw his consent at any time by sending a  communication to the Controller at the following e-mail address:
The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

3. Processing method

The processing of your personal data is carried out with the aid of electronic means with appropriate measures to ensure the security of personal data, aimed at preventing unauthorized access, loss or destruction, in accordance with the provisions of Chapter II (Principles) and Chapter IV (Data Controller and Data Processor) of the GDPR.

Personal data shall be processed by the Controller and partners involved in the Program (e.g. Cdp Venture Capital, Port Network Authority of the Ionian Sea – Port of Taranto Eni, JV Tempa Rossa, BCC San Marzano and Marraffa, Crédit Agricole Italia S.p.A. e Duferco Italia Holding S.p.A, ecc. hereinafter “Partners”) who will process them as “Independent Data Controllers” for the same purposes related to the management of the Program itself and in accordance with their respective Privacy Policies.

Any inquiries regarding your personal data should be addressed to the Controller, at the following e-mail address:

4. Obligatory nature of the conferment

The conferment of personal data is necessary, a refusal will make it impossible to handle the request made through the contact form. For treatments that require consent, the interested party may at any time change it by contacting the Owner.

5. information sharing

Personal data may be communicated to employees and/or collaborators, in their capacity as authorized subjects for processing, within the scope of their respective functions and according to the instructions given by the Controller. 

In addition, the data may be processed by external legal or natural persons who may need to be involved in the management of the initiative or for organizational needs of the activities (e.g. suppliers of IT services, consulting companies). These individuals are appointed, where appropriate, as external data processors.

Furthermore, the data may be processed by:

a) Partners /Promoters for the management of the Program itself;

b) Third party service providers necessary to ensure the operation of the site (by way of example: company that provides hosting services);

c) Third parties, contractually bound to the Controller, necessary for the running of the Program;

d) Third parties who perform site analysis services;

e) Third parties who provide site navigation data analysis services.

These subjects, if the prerequisites are met, will be appointed as “External Data Processors” pursuant to Article 28 of the GDPR. The list of all the Data Processors is available by contacting the Controller.

6. Transfer of data

Personal data are stored on servers located in Italy. It is in any case understood that the Owner, if necessary, will have the right to move the servers outside the EU. In this case, the Owner assures as of now that the transfer of data outside the EU will be in accordance with the applicable provisions of law and in particular those referred to in Title V of the GDPR. Or subject to the signing of standard contractual clauses approved and adopted by the European Commission.

Apart from the above, the data provided will not be transferred outside the EU.

7. Data retention

Personal data shall be retained only for the time necessary to carry out the purpose for which they were collected such as the management of applications to the Program. However, the Controller may retain personal data for an additional period as required under applicable laws and for legal, tax or regulatory reasons. The criteria used to determine the retention period is in accordance with the terms permitted by applicable laws and the principles of data minimisation. Data may also be retained for a period of 10 years (or even longer) for the purpose of any legal proceedings in accordance with the laws and regulations in force, as well as in the event of legal proceedings or requests by the Authorities.

Upon expiry of these terms, personal data will be automatically deleted or irreversibly transformed into anonymous information.

8. Data protection

The processing of your personal data is carried out with the aid of electronic means with appropriate measures to ensure the security of personal data, aimed at preventing unauthorized access, loss or destruction, in accordance with the provisions of Chapter II (Principles) and Chapter IV (Controller and Data Processor) of the GDPR.

9. Links to other websites

This website contains references or links (“links“) to other websites or online platforms (i.e. “F6S”) that are not controlled by us and in respect of which this Privacy Policy does not apply. We are therefore not responsible for the content or any processing of personal data on such sites. We advise you to examine the privacy policy of each site linked to this one to identify the possible processing of personal data.

10. Rights of the interested stakeholders

Users can exercise all their rights set forth by the GDPR, at any time and free of charge, exercise their rights to access (Art. 15), to rectify (Art.16), to erasure (Art.17), to restrict the processing (Art. 18), to request the portability of their personal data (Art.20) and to object the processing of their personal data (Art.21). As well as the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (Art. 22).

To exercise the rights listed above, as well as for any clarification, Users may contact the Controller, at any time, by sending an email to the following email address:

If Users considers that the Company has infringed, or may have infringed, its rights under the applicable data protection regulations, Users may lodge a complaint before the corresponding supervisory authority “Garante per la protezione dei dati personali”, pursuant to Art. 77 of the GDPR.

11. Use of cookies

Cookies are small pieces of information that are sent to your computer or mobile device when you visit a website.

Cookies are sent back to the originating site on each subsequent visit or to another site that recognizes that cookie. Cookies are useful because they allow a site to recognize a user’s device, allowing them to navigate efficiently through pages, remember their preferences and generally improve the user experience.

You can access more information about the cookies used in this website, in our Cookie Policy.

12. Amendments

The Company may occasionally make changes to this privacy policy, for example to comply with new requirements imposed by applicable laws or technical requirements. We will post the updated privacy policy on our website. We therefore encourage you to review this page every so often.

The Privacy Policy was last updated on August 3th, 2023.

The Data Controller