MECHA Logo MECHA

Privacy Policy

Last updated: 21/04/2026

This notice describes the processing of personal data carried out through the website www.mechautilities.com and its related public pages. This notice concerns the website and the services loaded by the website. Unless expressly referenced, it does not govern data processing that may occur directly in the downloaded desktop software, its updates, or its distribution package.

1. Data controller

Data controller: Vincenzo Caccavale
VAT No.: 04441240613
Controller location: San Prisco (CE), Italy
Official privacy and support communications: email only at psychro.mecha@outlook.it

2. Scope

This notice applies exclusively to data processed through website navigation, possible interaction with Community content loaded by the website, consultation of download/release information, and contacts sent voluntarily by email.

3. Categories of data processed

a) Browsing and technical data

During normal website operation, systems and infrastructure providers involved may process technical data such as IP address, user agent, operating system, request date and time, requested URLs, technical response outcomes, and similar data needed for page delivery, security, and service continuity.

b) Browser local preferences

The website stores some functional preferences directly in the user's browser (for example, interface theme choice and cookie preferences). These data remain exclusively on the user's device and are not sent to servers. In addition, on first access to the website root, the browser preferred language (headers and local settings) is used only for technical redirection to the Italian or English version of the website, without setting dedicated language cookies. For details, see the Cookie Policy.

c) Data provided voluntarily by the user

If the user contacts the controller by email, data included in the message and related communication metadata are processed to the extent necessary to handle the request.

d) Interactions with third-party services loaded by the website

The main third-party services currently integrated or called by the website are:

  • Cloudflare: hosting, CDN, caching, application security, and website protection.
  • GitHub API / GitHub Releases: display of software download and release information.
  • Giscus / GitHub Discussions: Community component, loaded only if the user consents to optional technologies.

When users interact with these services, the relevant providers may process personal data according to their own privacy and cookie policies.

The website uses Cloudflare Web Analytics as a privacy-oriented, cookieless statistical tool to collect aggregated website usage data.

4. Purposes of processing

  • deliver and make the website and its content available;
  • ensure security, operational continuity, and protection against abuse or malicious traffic;
  • route users to the most suitable language version (Italian or English) based on browser language, exclusively for technical usability purposes;
  • remember user technical preferences, such as interface theme and cookie consent choices;
  • show updated information about software releases and download files;
  • enable, subject to consent, the Community section based on Giscus/GitHub;
  • reply to requests sent voluntarily by email.

5. Legal basis

  • Technical website delivery and security: legitimate interest of the controller under Article 6(1)(f) GDPR.
  • Storage of user-requested technical preferences: legitimate interest and/or performance of a user request.
  • Loading of the Community Giscus/GitHub widget: data subject consent under Article 6(1)(a) GDPR.
  • Handling of requests by email: pre-contractual measures and management of user-requested communication.

6. Nature of data provision

Provision of technical and strictly necessary browsing data is implicit in the use of Internet protocols. Provision of data for Community comments is optional: without consent, the integrated Community section is not loaded automatically. Sending emails is optional, but failure to provide required data prevents a response.

7. Recipients and transfers

Data may be processed, within their respective roles, by technical providers supporting website operation, including Cloudflare and GitHub. Some providers may also operate outside the European Economic Area. In such cases, processing is based on mechanisms provided by applicable law, including, depending on the case, adequacy decisions under Article 45 GDPR, including where applicable the EU-U.S. Data Privacy Framework for participating providers, and/or Standard Contractual Clauses approved by the European Commission.

A data processing agreement (Data Processing Addendum) with Cloudflare is in place under Article 28 GDPR, available at www.cloudflare.com/cloudflare-customer-dpa/.

For more information on processing by the main third-party providers, you may also consult: Cloudflare Privacy Policy, GitHub Privacy Statement.

8. Data retention

  • Browser local preferences: stored on the user's device until manually deleted or changed.
  • Email and contact requests: retained for the time required to handle the request and, if needed, for subsequent administrative or defensive purposes.
  • Technical data and logs handled by infrastructure providers: retained only for the period strictly necessary for technical, security, and service continuity purposes, according to relevant operational settings.

9. Automated decision-making and minors

The website does not use automated decision-making that produces legal or similarly significant effects under Article 22 GDPR. The website and its public services are not intended for users under 16 years of age.

10. Notice language

This notice is available in Italian and English. The Cookie Policy is available in Italian and English.

11. Data subject rights

Data subjects may exercise rights under Articles 15-22 GDPR, where applicable, including access, rectification, erasure, restriction of processing, objection, and complaint to the Italian Data Protection Authority. To exercise rights, write to psychro.mecha@outlook.it. More information about the Authority is available on its official website www.garanteprivacy.it.

12. Changes to this notice

The controller may periodically update this notice. The date shown at the top indicates the latest revision published on the website.