Privacy Notice
Last updated: 16 July 2026
CHIRONE is a private, invite-only collaborator portal operated by DYNAMOHOLE S.R.L. This notice explains how we process the personal data of the people who use it — our team members and external collaborators.
1. Data controller
DYNAMOHOLE S.R.L., Via Bernardo Quaranta 45, 20139 Milano (MI), Italy — VAT 12628560968.
Privacy contact: privacy@dynamohole.com.
2. What we process
- Account & profile: name, work email, and your role.
- Authentication & security: sign-in credentials (handled by our authentication provider), two-factor authentication, and security logs including IP address, browser/user-agent and sign-in events.
- Work records: the tasks assigned to you (title, completion criteria, deadlines, status), the delivery links and notes you submit, and the resulting aggregate statistics of your own work.
Files themselves are not stored in CHIRONE: deliveries are links to the company’s file-exchange service.
3. Why we process it, and our legal basis
- To operate the portal and run the collaboration workflow between DYNAMOHOLE and its collaborators — performance of a contract and our legitimate interest in running our business (Art. 6(1)(b)/(f) GDPR).
- To authenticate users and keep the service secure, including mandatory two-factor authentication and security logs — our legitimate interest in security (Art. 6(1)(f)).
- To comply with legal obligations, e.g. record-keeping (Art. 6(1)(c)).
4. Cookies
CHIRONE uses only strictly-necessary and functional cookies: session cookies that keep you signed in, and cookies that remember your language and timezone. We do not use advertising or third-party analytics/tracking cookies, so no cookie-consent banner is required.
5. Who we share it with
We use the following processors, who act on our instructions under data-processing agreements:
- Supabase — database, authentication and hosting of the data layer (EU).
- Our email delivery provider — transactional email such as invites and password resets (EU).
We also exchange a minimized copy of task assignments and deliveries with our own internal operations system, operated by DYNAMOHOLE. We do not sell personal data.
6. Retention
We keep account and work data for as long as the collaboration with you is active, and thereafter for the periods required by law. Security logs are kept for a limited period appropriate to their security purpose.
7. Security
Access is invite-only with mandatory two-factor authentication. Each collaborator can see only their own tasks (row-level security at the database level); data is encrypted in transit and access is restricted by role.
8. Your rights
You have the right to access, rectify, erase, restrict or object to the processing of your personal data, and to data portability. To exercise these rights, contact privacy@dynamohole.com. You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali, garanteprivacy.it).
9. Changes
We may update this notice; the “last updated” date above reflects the current version.