Privacy Notice

Last updated: 16 July 2026

CHIRONE is a private, invite-only collaborator portal operated by DYNAMOHOLE S.R.L. This notice explains how we process the personal data of the people who use it — our team members and external collaborators.

1. Data controller

DYNAMOHOLE S.R.L., Via Bernardo Quaranta 45, 20139 Milano (MI), Italy — VAT 12628560968.
Privacy contact: privacy@dynamohole.com.

2. What we process

  • Account & profile: name, work email, and your role.
  • Authentication & security: sign-in credentials (handled by our authentication provider), two-factor authentication, and security logs including IP address, browser/user-agent and sign-in events.
  • Work records: the tasks assigned to you (title, completion criteria, deadlines, status), the delivery links and notes you submit, and the resulting aggregate statistics of your own work.

Files themselves are not stored in CHIRONE: deliveries are links to the company’s file-exchange service.

3. Why we process it, and our legal basis

  • To operate the portal and run the collaboration workflow between DYNAMOHOLE and its collaborators — performance of a contract and our legitimate interest in running our business (Art. 6(1)(b)/(f) GDPR).
  • To authenticate users and keep the service secure, including mandatory two-factor authentication and security logs — our legitimate interest in security (Art. 6(1)(f)).
  • To comply with legal obligations, e.g. record-keeping (Art. 6(1)(c)).

4. Cookies

CHIRONE uses only strictly-necessary and functional cookies: session cookies that keep you signed in, and cookies that remember your language and timezone. We do not use advertising or third-party analytics/tracking cookies, so no cookie-consent banner is required.

5. Who we share it with

We use the following processors, who act on our instructions under data-processing agreements:

  • Supabase — database, authentication and hosting of the data layer (EU).
  • Our email delivery provider — transactional email such as invites and password resets (EU).

We also exchange a minimized copy of task assignments and deliveries with our own internal operations system, operated by DYNAMOHOLE. We do not sell personal data.

6. Retention

We keep account and work data for as long as the collaboration with you is active, and thereafter for the periods required by law. Security logs are kept for a limited period appropriate to their security purpose.

7. Security

Access is invite-only with mandatory two-factor authentication. Each collaborator can see only their own tasks (row-level security at the database level); data is encrypted in transit and access is restricted by role.

8. Your rights

You have the right to access, rectify, erase, restrict or object to the processing of your personal data, and to data portability. To exercise these rights, contact privacy@dynamohole.com. You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali, garanteprivacy.it).

9. Changes

We may update this notice; the “last updated” date above reflects the current version.