Legal Package

Ultimo aggiornamento 25 marzo 2026

For the purposes of this Agreement, the following terms shall have the meanings set forth below:

"Platform" means the DriveDrop digital infrastructure including web and mobile applications.

"User" includes Drivers and Droppers.

"Services" means all functionalities provided by DriveDrop, including booking, payment processing, and IoT access.

DriveDrop operates a multi-sided digital marketplace enabling the monetization and utilization of parking assets.

The Company provides technological intermediation services and does not own or lease parking assets.

Services include IoT-based access control, digital booking systems, and payment orchestration.

DriveDrop acts as Data Controller for platform operations.

It may act as Data Processor for enterprise clients.

In certain cases, joint controllership applies pursuant to Article 26 GDPR.

Processing is carried out in accordance with principles of lawfulness, fairness, and transparency.

Data minimization and purpose limitation are strictly enforced.

Privacy by design and by default are embedded in system architecture.

Identification data, financial data, technical logs, IoT-generated access data, behavioral data.

Payments are executed through licensed Payment Service Providers (PSPs).

DriveDrop does not store full payment credentials.

PSPs act as independent Data Controllers.

Users may exercise rights under Articles 15–22 GDPR.

Requests may be submitted to privacy@drivedrop.it

DriveDrop shall not be liable for indirect damages.

Liability is limited to the extent permitted by applicable law.

DriveDrop ensures compliance with Article 28 GDPR.

Sub-processors are carefully selected and bound by contractual obligations.

Data breaches notified within 72 hours.

This Agreement shall be governed by Italian law.

Jurisdiction: Milan.