Support page

Privacy Policy



This information is provided pursuant to Article 13 of the European Regulation 2016/679 on the protection of personal data and Article 13 Privacy Code (Legislative Decree No. 196/2003), to users accessing the site https://www.bluerando.come who make use of the services provided by BlueRando. This information is subject to updates of which is given publicity on the site Visitors to the site should regularly check the policy and refer to the most updated version.

In compliance with the obligations arising from the national (Legislative Decree No. 196 of 30 June 2003, Code on the Protection of Personal Data) and Community legislation, (European Regulation for the Protection of Personal Data No. 679/2016, GDPR) and subsequent amendments, this site respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe the rights of users.


Data controller

The data controller is NAeS Consulting srl, with registered office in Piazza Velasca 6, 20122 Milan (MI) ITALY. He can be contacted at the email address


Consent to treatment

By registering on the portal, the Data Subject gives his/her consent to the Processing of Personal Data in the manner and for the purposes described in this notice. Pursuant to Article 7 of the GDPR, the data subject has the right to withdraw his or her consent at any time by simple written notice to Revocation of Consent does not affect the lawfulness of the Processing based on the Consent prior to revocation. If the Consent is revoked, the Data Subject's Data will be deleted.


Place of Treatment

The data collected from the site are processed at the Data Controller's premises and are stored at the datacenter of NAeS Consulting, which is responsible for data processing. The datacenter is located in the European Economic Area and acts in accordance with European standards, and in particular the servers are currently located in Italy.


Collected data
The infrastructure that operates the service collects the following data during regular operation:

  • email address provided by the user
  • routes recorded during normal operation of the mobile app
  • routes recorded by the user using the import functions (gpx)


The provision of the data listed in the section "Data collected" is mandatory to allow the user to take advantage of all the features of the platform, and the legal basis of the processing for the above is formed for the fulfillment of legal obligations to which the Data Controller is subject. For this reason, refusal to process may prevent the proper use of the service.



Data transfer abroad


There are no data transfers abroad.


Safety measures

This service processes user data in a lawful and correct manner, taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of data. The processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes. In addition to the owner, in some cases, may have access to data categories of those involved in the organization of the site (legal, system administrators) or external parties (such as third party technical service providers, hosting providers, IT companies).


User's rights

In accordance with the European Regulation 679/2016 (GDPR) and national legislation, the user may, in the manner and within the limits provided by the current legislation, exercise the following rights:


  • Request confirmation of the existence of personal data concerning him/her (right of access);
  • Know its origin;
  • Receive intelligible communication;
  • Have information about the logic, methods and purposes of processing;
  • request the updating, rectification, supplementation, deletion, transformation into anonymous form, and blocking of data processed in violation of the law, including data no longer necessary for the purposes for which they were collected;
  • .
  • in cases of consent-based processing, receive at the sole cost of any support, its data provided to the owner, in structured, machine-readable form and in a format commonly used by an electronic device;
  • the right to file a complaint with the Supervisory Authority (Privacy Guarantor);
  • .

as well as, more generally, to exercise all the rights that are recognized by the current legal provisions.

The requests should be addressed to the Data Controller.