LexUp

The convenience of books, plus real-time updates. Waste. No. Time.

© Copyright 2025 EasyStudy S.r.l. All Rights Reserved. VAT ID and C.F.: 14078801009

About
  • Blog
  • Contact
Legal
  • Terms of Service
  • Privacy and Cookie Policy
  • Funds Received
LexUp
  • Blog
  • Contact
Vai a LeggiVai a Libri

Privacy Policy & Cookie Policy

Learn how we collect, use, and protect your personal data in compliance with data protection regulations.

Last updated: August 11th, 2025

Personal Data Processing Notice

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, known as the General Data Protection Regulation (hereinafter, the "GDPR"), together with Legislative Decree 196/2003 as amended (hereinafter, the "Privacy Code" and collectively with the GDPR, the "Privacy Legislation"), introduces rules to protect individuals with respect to the processing of personal data.

This privacy notice (hereinafter, the "Privacy Policy") is provided in accordance with Articles 13 and 14 of the GDPR and outlines the data processing practices adopted by the company with regard to the processing of data of users (hereinafter "User(s)") who visit the website https://lexup.it (the "Showcase Site"), use the "Lexup" App (the "Platform") accessible via web (web.lexup.it) and iOS (https://apps.apple.com/us/app/lexup/id1431786518), or access the books platform via the Showcase Site or directly at https://libri.lexup.it (individually "Lexup Books" and collectively with Lexup, the "Service").

Data Controller

The Data Controller is Easystudy s.r.l. (the "Controller"), VAT and Tax Code 1407881009, headquartered in Fiumicino (RM) – 00054, via Aurelia 2849/G, contactable at info@lexup.it.

Types of Data Processed

The Controller may process the following personal data:

A) Browsing Data

When visiting the Site, the Controller generally does not collect personal data, except for certain "browsing data". The technological platform that hosts the Site automatically records certain browsing data – whose transmission is inherent in Internet communication protocols – such as the name of the Internet access provider, the referring website, pages visited, date and duration of the visit, etc. This information is used in an anonymous and aggregated form for statistical purposes and to verify the correct functioning of the Site.

B) Data Voluntarily Provided by the User

The Controller collects and processes the personal data that the User voluntarily provides during registration on the App, by filling out forms on www.lexup.it, or by entering data in their personal profile on the App.

Such data may include:

  • Identification data: first name, last name, date and place of birth, city and address of residence/domicile/office, and professional title
  • Contact data: phone number and email address
  • Payment data: payment method used for subscription
  • Profile image
  • Any other data freely entered in comments or notes

Purposes and Legal Bases for Processing

Below are the purposes and the corresponding legal basis for processing your data:

  • User registration and authentication: Contract performance (Art. 6(1)(b) GDPR)
  • Application management for Lexup Books contributors: Pre-contractual measures (Art. 6(1)(b) GDPR)
  • Use of the Site: Contract performance (Art. 6(1)(b) GDPR)
  • Payment management: Contract performance (Art. 6(1)(b) GDPR)
  • Newsletter and direct marketing: Legitimate interest (Art. 130.4 of the Privacy Code)
  • Accounting and legal documentation retention: Legal obligation (Art. 6(1)(c) GDPR)
  • Service maintenance and improvement: Legitimate interest (Art. 6(1)(f) GDPR)
  • Improving and personalizing your experience: User consent (Art. 6(1)(a) GDPR)
  • Detecting or preventing fraudulent activity: Legal obligation and legitimate interest (Art. 6(1)(c) and (f) GDPR)
  • Error analysis for troubleshooting: Legitimate interest (Art. 6(1)(f) GDPR)
  • Navigation behavior analysis for support: Contract performance and legitimate interest (Art. 6(1)(b) and (f) GDPR)
  • Compliance with judicial or public authority orders: Legal obligation (Art. 6(1)(c) GDPR)
  • Legal defense of the Controller: Legitimate interest (Art. 6(1)(f) GDPR)

You may opt out at any time from receiving promotional communications about similar services, using the dedicated link in each message.

Nature of the Data Provision

Except for browsing data (automatically collected), providing data is optional. However, it is necessary to properly provide the Service; refusal would prevent access to the Service and its functionalities.

Processing Methods and Data Retention

Your data will be processed using electronic tools in compliance with current data protection regulations, ensuring security and confidentiality through appropriate technical and organizational measures.

Data will be retained:

  • From your first use of the App until your deletion request, to enable continuous access to your selected content;
  • Activity data will be retained for 24 months, then aggregated unless deletion is requested earlier;
  • Subscription data will be retained for up to 10 years in compliance with legal obligations (Art. 2220 Civil Code).

Data Recipients

Your data will be processed by authorized personnel of the Controller. Third parties designated as "processors" under Art. 28 GDPR may process data on behalf of the Controller.

The list of processors is available from the Controller.

Data Transfer Abroad

The Controller may rely on third-party service providers, some of whom may transfer data outside the EEA. In such cases, appropriate safeguards under Articles 44–49 GDPR will be implemented, including Transfer Impact Assessments (TIAs) and standard contractual clauses. If no safeguard is possible, the Controller will refrain from transferring personal data.

Data Subject Rights

Users have the right to:

  • Access and receive a copy of their data (Art. 15 GDPR)
  • Rectify inaccurate or incomplete data (Art. 16 GDPR)
  • Erase personal data in certain cases (Art. 17 GDPR)
  • Restrict processing in specific circumstances (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Withdraw consent at any time (Art. 7 GDPR)
  • Lodge a complaint with the Data Protection Authority (Garante Privacy)

Requests should be sent to info@lexup.it

Amendments

This Privacy Policy may be updated to reflect legal changes or service modifications. Updates will be published on this page. Please review this section periodically.

Last updated: March 2025

Cookie Policy

What Are Cookies?

Cookies are small files sent and stored on a user's computer by websites or third parties. These are stored in the browser directory and retransmitted on subsequent visits.

Cookies Used by the Site

This Site uses only "technical cookies." No profiling or third-party cookies are used.

Technical cookies are essential for the transmission of communications or the provision of services requested by users (Art. 122(1) of the Privacy Code). These include:

  • Navigation/session cookies – essential for site browsing;
  • Functionality cookies – to remember user preferences (e.g., language);
  • Analytics cookies – used in aggregate form to collect site usage statistics.

No prior consent is required for technical cookies.

Browser Settings

Users can choose whether to accept cookies via browser settings. Disabling technical cookies may affect site functionality.

Links to cookie settings for major browsers:

  • Chrome: https://support.google.com/chrome/answer/95647?hl=it
  • Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
  • Internet Explorer: http://windows.microsoft.com/it-it/windows7/how-to-manage-cookies-in-internet-explorer-9
  • Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT

For more information, visit www.aboutcookies.org or www.allaboutcookies.org, or use http://www.youronlinechoices.com/it/le-tue-scelte.

Last updated: May 2024