Privacy Policy

European UE/2016/679 (GDPR)


  1. This Privacy Policy (hereinafter “Policy”) describes how we collect and process your personal data (hereinafter “user personal data” or “customer personal data” or “personal data”) when you use our services. The Policy applies to all FollowTheNotes’ Services that includes FollowTheNotes’s applications, services, products, websites and all content and software related to our services (collectively the “Services” or “Service” or “FTN” or “FollowTheNotes”). Use of the Services is also governed by FollowTheNotes’s General Terms and conditions and by other relevant documents which we recommend that you read carefully.
  2. For the activities described in this Policy, the data controller (i.e. the entity that determines how and why personal data is processed) is Marfil Technology s.r.l., in the person of the pro tempore legal representative, an Italian Entity (email:, pec:, with office in Turin, 10122, Str. Pietro Micca n° 20, C.F./P.IVA 12199020012 (hereinafter “Marfil” or “us/we”).
    If you have any questions about this Policy or the ways we use your data, please contact us at
  3. You provide us with your data when:
    1) enter your details in the your “Account” section;
    2) configure your settings, provide permissions to access data or interact with your device;
    3) compile your playlist or “saved songs”;
    4) use the function of monitoring your results and progress;
    5) participate in community features, publish and rate customer reviews;
    6) communicate with us by telephone, e-mail or otherwise.
    By acting as above, you could provide us with the following data: your name, your address and your telephone number, the contents of reviews and emails sent to us, the personal description and any photograph contained in the your “Account” section.
    We also automatically could collect and analyze data such as, for example:
    1) the Internet Protocol (IP) address used to connect your device to the Internet;
    2) login and e-mail address;
    3) information relating to your interaction with the content;
    4) FollowTheNotes metrics (for example, the occurrence of technical errors, your interactions with the features and content of the Service, your settings preferences, etc.).

    Potremmo anche raccogliere da altre fonti dati quali, ad esempio:
    1) payment details;
    2) name, email;
    3) search results and links, including paid ads.
  4. Registration and authentication
    By registering or authenticating, the User allows us to identify him and give him access to dedicated services.
    Depending on what is indicated below, the registration and authentication services could be provided with the help of third parties (Apple Store, Google Play Store, Facebook). If this happens, we will be able to access some data stored by the third party service used for registration or identification.
    In these cases, the user must also refer to the privacy policies of these third parties.
  5. Purpose of the processing of your personal data
    We process your personal data to perform, provide and improve the Services we offer to our customers. We do not share your personal data with third parties and our use is strictly linked to the functioning of the service or to the activities of Marfil.
    These purposes include:
    1) set up and manage your account on our Services and allow you to use our Services;
    2) manage the Services and provide you with the Services and products requested;
    3) resolve or debug any errors or other problems and/or improve utilization and efficiency of the Services;
    4) send you communications relating to the service (for example confirmations, administrative messages, technical notices, presentation of new features);
    5) fulfil legal obligations;
    6) to communicate with you about the Service, provide you support and answer questions and comments;
    7) analyze your use of our Services, for example to understand what type of functionality you are interested in, and personalize your Services experience;
    8) send you updates, notices, news and other information strictly relating to our Services or other our new service or product.
  6. Processing methods
    The Data Controller adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the data controller, in some cases, other parties involved in the organization of our Service (administrative, commercial, marketing, legal, system administrators) or external parties (such as suppliers of third party technical services, postal couriers) may have access to the personal data (hosting providers, IT companies, communication agencies) also appointed, if necessary, as data processors by the data controller. The updated list of managers can always be requested from the data controller.
  7. Legal basis of the processing
    We process the personal data relating to the user in the event that one of the following conditions exists:
    1) the user has given consent for one or more specific purposes; Note: in some jurisdictions the data controller may be authorized to process personal data without the user’s consent or another of the legal bases specified below, as long as the user does not object (“opt-out”) to such treatment. However, this is not applicable if the processing of personal data is governed by European legislation on the protection of personal data;
    2) the processing is necessary for the execution of a contract with the user and / or for the execution of pre-contractual measures;
    3) the processing is necessary to fulfill a legal obligation to which the data controller is subject;
    4) the processing is necessary for the performance of a task of public interest or for the exercise of public authority vested in the data controller;
    5) the processing is necessary for the pursuit of the legitimate interest of the data controller or third parties.

    In any case, it is always possible to ask Marfil to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
  8. Place of treatment
    The data are processed at the data controller’s operating offices and in any other place where the parties involved in the processing are located. For more information, contact Marfil.
    The user’s personal data may be transferred to a country other than that in which the user is located. To obtain further information on the place of processing, you can ask to Marfil.
    The user has the right to obtain information regarding the legal basis for the transfer of data outside the European Union or to an international organization governed by public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures adopted by the data controller to protect the data.
    The user can check if one of the transfers described above takes place by examining the section of this document relating to the details on the processing of personal data or request information from the data controller by contacting him at the opening details.
  9. Data retention
    We keep your personal data as long as your user account is active or when necessary to provide the Services. You can end this relationship by deleting your account. We will then delete all of your personal data from our systems, including backups within 30 days, unless there is a legitimate business interest in retaining the data, for example to comply with our legal obligations, to enforce the our agreements or to resolve disputes. Also, we periodically review and delete or anonymize inactive user accounts that have been inactive for five years or other data.
  10. Rights of the User
    You can exercise certain rights with reference to the data processed by the data controller.
    In particular, the user has the right to:
    1) withdraw consent at any time. The users can revoke the consent to the processing of their Personal Data previously expressed;
    2) oppose the processing of their data. The users can oppose the processing of their data when it occurs on a legal basis other than consent. Further details on the right to object are indicated in the section below;
    3) access their data. The user has the right to obtain information on the data processed by the owner, on certain aspects of the processing and to receive a copy of the data processed;
    4) verify and request rectification. The users can verify the correctness of their data and request its updating or correction;
    5) obtain the limitation of the processing. When certain conditions are met, the users may request the limitation of the processing of their data. In this case, the data controller will not process the data for any other purpose other than their conservation;
    6) obtain the cancellation or removal of their personal data. When certain conditions are met, the usesr can request the cancellation of their data by the data controller;
    7) receive their data or have them transferred to another owner. The user has the right to receive his / her data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain its unhindered transfer to another owner. This provision is applicable when the personal data are processed with automated tools and the processing is based on the user’s consent, on a contract to which the user is a party or on contractual measures connected to it;
    8) propose a complaint. The user can lodge a complaint with the competent personal data protection supervisory authority or act in Court.
  11. Details on the right to object
    1. When personal data are processed in the public interest, in the exercise of public authority vested in the data controller or to pursue a legitimate interest of the same, users have the right to object to the processing for reasons related to their particular situation.
    2. Users are reminded that, if their data are processed for direct marketing purposes, they can oppose the processing without providing any reasons. To find out if the data controller processes data for direct marketing purposes, users can refer to the respective sections of this document.
  12. How to exercise your rights
    To exercise user rights, users can direct a request to the contact details of the data controller, indicated in this document. Requests are filed free of charge and processed by the data controller as soon as possible, in any case within one month.
  13. Defense in Court
    The user’s personal data may be used by the data controller in Court or in the preparatory stages for its eventual establishment for the defense against abuse in the use of this Services or related Services by the user.
    The user declares to be aware that Marfil may be obliged to disclose the personal data by order of the Public Authorities.
  14. At the request of the user, in addition to the information contained in this privacy policy, we may provide the user with additional and contextual information regarding specific services, or the collection and processing of personal data.
  15. System log and maintenance
    For needs related to operation and maintenance, this service and any third party services used by it may collect system logs, which are files that record the interactions and which may also contain personal data, such as the user IP address.
  16. Information not contained in this policy
    Further information in relation to the processing of personal data may be requested at any time to the data controller using the contact details.
  17. Response to “Do Not Track” requests
    This service does not support “Do Not Track” requests.
    To find out if any third-party services used support them, the user is invited to consult the respective privacy policies.
  18. Changes to this privacy policy
    The data controller reserves the right to make changes to this privacy policy at any time by notifying users on this page and, if possible, on the App with a notice as well as, if technically and legally feasible, by sending a notification to users through one of the extremes of contact he has. Please therefore consult this page frequently, referring to the date of the last modification indicated at the bottom.
    If the changes concern treatments whose legal basis is consent, the data controller will collect the user’s consent again, if necessary. Please note that your use of the Services after the effective date is subject to the new Privacy Policy.