Privacy policy
Information about personal-data processing under Regulation (EU) 2016/679 (GDPR).
1. Data controller
Lab42 SrlVAT number: IT03677180121
2. Scope and data collected
This notice applies to visits to openskills.info. The current site does not offer accounts, contact forms, comments, newsletters, or checkout, and does not intentionally collect information directly from visitors.
When you request a page, ordinary web-server and security data may be processed: IP address, request date and time, requested URL, HTTP method and status, referrer, user-agent and device/browser information, and diagnostic or security events. This information is necessary to deliver the site, maintain availability, diagnose faults, and prevent abuse.
Some course pages request a small product icon from Google’s favicon service. The request is configured without a referrer, but Google still receives the IP address, any cookies its domain has set in your browser, and basic request metadata needed to return the image.
3. Purposes and legal bases
- Delivering requested pages and network communications: performance of the service you request and our legitimate interest in operating the site (GDPR Articles 6(1)(b) and 6(1)(f)).
- Security, abuse prevention, troubleshooting, and service reliability: our legitimate interest in protecting the site and its users (Article 6(1)(f)).
- Compliance with binding legal obligations or lawful authority requests, where applicable (Article 6(1)(c)).
We do not use personal data from this site for advertising, profiling, or solely automated decisions producing legal or similarly significant effects.
4. Service providers and recipients
The site is hosted on Vercel. Vercel Inc. and its infrastructure providers may process request, network, and diagnostic data to deliver and secure the service. Google LLC receives the limited request data described above when a course icon is loaded. Data may also be disclosed when required by law or necessary to establish, exercise, or defend legal claims.
Read the service providers’ current notices at Vercel and Google.
5. International transfers
Vercel, Google, or their subprocessors may process data outside the European Economic Area. Where GDPR transfer restrictions apply, such transfers must be covered by an adequacy decision, approved standard contractual clauses, or another lawful safeguard. You may contact us for information about safeguards relevant to your data.
6. Retention
Technical logs and security events are retained only for the periods configured in the hosting service and reasonably necessary for delivery, security, incident investigation, and legal compliance. The period may be extended where an event must be preserved to investigate abuse, resolve a dispute, or comply with law. We do not create a separate visitor database.
7. Your rights
Subject to the conditions in the GDPR, you may request access, rectification, erasure, restriction, portability, or objection to processing based on legitimate interests. You may also lodge a complaint with the competent supervisory authority. In Italy, this is the Garante per la protezione dei dati personali. Contact us using the details in section 1 to exercise your rights. We may need to verify your identity before acting on a request.
8. Changes to this notice
We will update this notice before introducing materially different data processing, such as accounts, payments, forms, or non-essential tracking. The date below identifies the current version.
Last updated: 12 July 2026.
