Privacy Policy - 0message1
Ownership and Data Controller Liability
0message1 is owned and operated by Pizzo Matteo Mario (hereinafter referred to as "Controller"), acting as the data controller under applicable regulations, including EU Regulation 2016/679 (GDPR) and the Italian Privacy Code (Legislative Decree 196/2003).
1. GENERAL INFORMATION
This Privacy Policy outlines how 0message1 processes information. Please read it carefully before using our website or application.
The Controller is committed to ensuring the confidentiality and security of any personal data provided by users ("Data Subjects"). 0message1 is a fully decentralized application and does not collect, store, process, or have access to user communications or personal data during normal operation of the application itself.
This Policy applies to both the 0message1 application and website, with distinct provisions for each, as outlined below.
2. SCOPE OF THIS PRIVACY POLICY
2.1 Application (Fully Decentralized)
The 0message1 application is fully decentralized. Your data remains entirely under your control:
- No data collection: The application does not collect, store, or process your personal data
- No message access: The Controller has no access to, knowledge of, or ability to view or intercept user communications
- No user tracking: The application does not track, identify, profile, or monitor users
- Peer-to-peer communication: All communications occur directly between users on a decentralized network
- End-to-end encryption: Messages are encrypted end-to-end before transmission; the Controller cannot decrypt or access them
- No analytics or telemetry: The application does not send usage data, crash reports, or telemetry that includes personal information
Your sole responsibility: You are exclusively responsible for your own data, security practices, encryption key management, and compliance with applicable laws regarding any content you transmit.
2.2 Website
This Privacy Policy also covers the 0message1 website. Information about website data practices is outlined in Section 3 below. Website data collection is minimal and occurs independently from the application.
3. PERSONAL DATA COLLECTED FROM THE WEBSITE ONLY
Data collection occurs exclusively through the website, not through the application itself.
3.1 Automatically Collected Data (Device Information)
When you visit the 0message1 website, we may automatically collect:
- Information about your web browser, operating system, and device type
- Your IP address
- Time zone
- Cookies installed on your device (if enabled)
- Web pages visited on our site
- Traffic sources (referrer and search terms)
- How you interact with the website (clicks, forms, scroll depth)
Entirely optional: This collection is optional and can be disabled through:
- Browser privacy settings
- Do Not Track (DNT) headers
- Cookie management tools
- Privacy browser extensions
You can visit the website and use all features without providing any of this information.
3.2 Voluntarily Provided Data
If you choose to contact us or sign up for communications through the website, you may voluntarily provide:
- First and last name
- Email address
- Mailing address (optional)
- Telephone number (optional)
- Organization or company name (optional)
- Subject of inquiry or message content
Providing such data is entirely voluntary and optional. You can use all website features without providing any contact information.
For questions about data handling, contact: unclepig86@gmail.com
4. PURPOSES OF DATA PROCESSING
Personal data collected through the website is processed exclusively for these purposes:
- Website security and abuse prevention: Identification of potential abuses, fraudulent activity, or unauthorized access attempts to the website
- Statistical analysis: Aggregated and anonymized information on website usage patterns and visitor behavior (cannot identify individuals)
- Communications: Responding to your inquiries, providing requested information, or sending communications you have explicitly requested
- Legal compliance: Fulfilling any legal obligations regarding website operation and data retention mandated by law
Critical clarification: No data from the application is collected, processed, or analyzed, as the application does not collect any data whatsoever.
5. LEGAL BASIS FOR PROCESSING
Website data (if any is provided) is processed based on:
- Legitimate business interests (Article 6(1)(f) GDPR) – operating, maintaining, and securing the website
- Your explicit consent (Article 6(1)(a) GDPR) – when you voluntarily contact us or sign up for communications
- Legal obligations (Article 6(1)(c) GDPR) – if required by law or regulatory bodies
Application data is not processed, as none is collected.
6. DATA SUBJECT RIGHTS
If you are a resident of the European Union or other jurisdictions with GDPR applicability, you have the following rights concerning any personal data you provide through the website, pursuant to the GDPR and applicable law:
- Right to be informed: Receive clear information about how your data is processed
- Right of access: Request a complete copy of your personal data held by us
- Right to rectification: Correct any inaccurate or incomplete data
- Right to erasure ("Right to be forgotten"): Request deletion of your personal data
- Right to restriction of processing: Restrict how your data is used
- Right to data portability: Receive your data in a structured, portable format
- Right to object: Object to specific types of data processing
- Rights related to automated decision-making and profiling: Object to decisions based solely on automated processing
To exercise any of these rights, contact: unclepig86@gmail.com
Important note: These rights apply only to personal data collected through the website. These rights do not apply to the 0message1 application, as it collects no personal data.
7. DATA TRANSFER TO THIRD COUNTRIES
Website data may be transferred outside the European Union, including to Canada, the United States, and other countries, for:
- Technical website hosting
- Email service providers
- Analytics services (if enabled)
- Customer support platforms
We ensure that any such transfer complies with European data protection regulations and implements security measures equivalent to or exceeding those within the EU.
Application: The 0message1 application operates on a decentralized peer-to-peer network. Your data remains under your exclusive control regardless of network geography. The Controller does not transfer, store, or control application data.
8. DATA SECURITY
8.1 Website Data Security
We implement reasonable administrative, technical, and physical safeguards to protect website data against:
- Unauthorized access or intrusion
- Unauthorized modification or alteration
- Unauthorized disclosure or breach
- Data loss or corruption
Security measures include:
- HTTPS encryption for data in transit
- Secure password hashing for any credentials
- Access controls and authentication
- Regular security assessments
### 8.2 Application Security
The 0message1 application implements:
- End-to-end encryption: Your communications are encrypted on your device before transmission, and can only be decrypted by the intended recipient
- No central server storage: Messages do not pass through or are stored on servers controlled by the Controller
- Decentralized architecture: Data is distributed across a peer-to-peer network operated by independent participants
- Open-source code (if applicable): Code auditable for security vulnerabilities
8.3 Security Limitations and Risk Acknowledgment
IMPORTANT DISCLAIMER:
Website: No data transmission over the Internet can be guaranteed as completely secure. Electronic transmission inherently involves risks of interception, data loss, or corruption that we cannot eliminate.
Application: While 0message1 uses end-to-end encryption and operates on a decentralized network:
- You are responsible for protecting your device, encryption keys, and login credentials
- You are responsible for keeping your device secure against malware and unauthorized access
- The Controller cannot be held responsible for security compromises resulting from:
- Your device being compromised or lost
- Your encryption keys being compromised or lost
- Your negligence or failure to secure your device
- Third-party vulnerabilities beyond the application's control
- Network participant security failures (nodes are operated by independent parties)
- Any other circumstances where the Controller has no control
By using the service, you explicitly acknowledge, understand, and accept these security limitations and risks.
9. DATA RETENTION
9.1 Website Data
Website data (if collected) is retained only as long as necessary for the stated purposes:
- Server logs and technical data: Retained for 30-90 days for security auditing purposes, then deleted
- Voluntary contact data: Retained only while necessary to respond to your inquiry or fulfill your request, typically 30-60 days
- Newsletter subscriptions: Retained until you unsubscribe or request deletion
- Legal compliance: Data may be retained longer if required by law or regulatory obligations
Upon your request for deletion, personal data will be deleted within 30 days, unless legal obligations require longer retention.
9.2 Application Data
The 0message1 application does not retain, store, or have access to your data. All data remains exclusively under your control on your device and is not backed up to or stored on any centralized service controlled by the Controller.
10. LINKS TO EXTERNAL WEBSITES
The 0message1 website may contain links to third-party websites not controlled by or affiliated with 0message1. The Controller is not responsible for the privacy practices, content, or security of such external sites.
We strongly encourage you to:
- Read the Privacy Policy of any external website before providing personal information
- Verify the legitimacy and authenticity of external links
- Exercise caution when clicking links from unfamiliar sources
11. LEGAL DISCLOSURE
The Controller is authorized to disclose personal data if:
- Legal requirement: Required by law, court order, subpoena, warrant, or government mandate
- Protection of rights and safety: Necessary to protect the rights, property, or safety of the Controller, users, or the general public
- Fraud investigation: Necessary to investigate, prevent, or address fraud, security issues, or technical problems
- Government requests: Necessary to respond to valid government or law enforcement requests
- Public safety: Necessary to prevent imminent harm to public safety or health
Any such disclosures will comply with applicable law and, where appropriate, include notice to affected individuals.
Critical clarification: The Controller cannot disclose application data because it does not possess, control, access, or store such data.
12. LIMITATION OF LIABILITY
12.1 General Disclaimer for Proper Use
Except as expressly excluded in Section 12.3 below, the Controller shall not be liable for:
- Direct, indirect, incidental, special, consequential, or punitive damages
- Loss of profits, revenue, or anticipated business value
- Loss of data, files, or documents
- Loss of reputation, goodwill, or business opportunity
- Cost of replacement of goods, services, or data
- Service interruptions, downtime, errors, or malfunctions
- Unauthorized access to or interception of data transmissions
- Actions, inactions, or statements of third parties
- Any misuse, abuse, or improper use of the service by users
- Consequential damages even if the Controller has been advised of the possibility thereof
This limitation of liability applies even if the Controller has been informed of the possibility of such damages or should have foreseen them.
12.2 Specific Disclaimer for the Decentralized Application
The Controller assumes NO liability or responsibility for:
- Loss, deletion, or corruption of messages or data stored on your device
- Device damage, physical loss, or device theft
- Loss or compromise of encryption keys or passwords
- Third-party interception of network traffic (though messages are encrypted)
- Inability to send or receive messages due to network issues
- User error, misuse, or improper operation of the application
- Network unavailability or peer-to-peer network failures
- Incompatibility with specific devices, operating systems, or software versions
- Outdated application versions no longer supported
- Any consequences, damages, or losses resulting from your use of the application
- Reliance on any information transmitted through the application
The application is provided "AS IS" and "AS AVAILABLE" without any warranty, express or implied. The Controller does not guarantee:
- Uninterrupted or error-free operation
- Reliability or accuracy of message delivery
- Continued availability of the decentralized network
- Compatibility with future device updates
- Any specific level of performance or uptime
12.3 Exceptions to Limitation of Liability
The limitations of liability in Sections 12.1 and 12.2 do NOT apply to:
- Personal injury or death: Damages resulting in death, personal injury, or harm to physical health
- Willful misconduct or gross negligence: Damages resulting from the Controller's willful misconduct, intentional breach, or gross negligence
- Essential contractual obligations: Violations of essential contractual obligations that would frustrate the fundamental purpose of the agreement (Article 1229, Italian Civil Code)
- Fundamental rights violations: Violations of fundamental, inalienable, or non-waivable personal or human rights
- Unlawful data processing: Unlawful personal data processing in violation of the GDPR (Article 82, GDPR), as this constitutes a fundamental right
- Consumer protection laws: Where prohibited by applicable consumer protection laws or mandatory legal provisions
12.4 Maximum Aggregate Liability
To the maximum extent permitted by law, the Controller's total, cumulative liability for any and all claims, damages, or legal actions arising from or related to this Policy, the website, or the application shall not exceed:
- EUR 100, or
- The total amount paid by you to the Controller for any services in the past 12 months,
whichever is greater. This cap applies to all claims combined, regardless of the number of claims or the basis for each claim.
13. EXCLUSION OF CRIMINAL LIABILITY
13.1 User Responsibility for Content and Conduct
The Controller assumes no criminal liability for:
- Illegal, fraudulent, malicious, or harmful use of the application or website by users
- Criminal violations or crimes committed by users using the application or website
- Content transmitted, uploaded, shared, or distributed by users (including messages, files, media)
- Copyright, trademark, trade secret, or intellectual property infringement by users
- Harassment, cyberstalking, stalking, intimidation, or threats by users
- Defamation, libel, slander, or disparagement by users
- Any other criminal act perpetrated by a user through the application or website
- Violations of laws by users
Users assume FULL AND EXCLUSIVE CRIMINAL LIABILITY for:
- Their own conduct while using the application or website
- All content they create, upload, transmit, or share
- Any violation of law they commit or facilitate
- Any harm they cause to others
- Any criminal activities in which they engage
13.2 Reporting to Authorities
The Controller reserves the explicit right to report any activity that is suspected of constituting a crime to the relevant authorities, including:
- National police and law enforcement agencies
- Public Prosecutor offices (Procure della Repubblica)
- Regulatory agencies and government bodies
- Interpol or international law enforcement bodies (if applicable)
Such reports will be made in accordance with legal obligations and procedures.
## 14. INDEMNIFICATION AND HOLD HARMLESS
14.1 Indemnity Obligation
You (the "Indemnifying Party") agree to indemnify, defend, and hold harmless the Controller, including all of its:
- Employees, officers, directors, and agents
- Collaborators, consultants, and advisors
- Service providers and vendors
- Successors and assigns
...from and against any and all:
- Third-party claims, actions, or legal proceedings
- Damages, losses, liabilities, and monetary judgments
- Costs and expenses, including reasonable attorney fees and court costs
- Fines, penalties, or regulatory sanctions
- Reputational harm or business losses
...arising from, related to, or resulting from:
- Your use or misuse of the application or website
- Your violation of this Privacy Policy or any other agreement
- Your violation of any applicable law, regulation, or legal obligation
- Your infringement of any third-party right (intellectual property, privacy, etc.)
- Any illegal or harmful content you transmit, upload, or share
- Your negligence or willful misconduct
- Any harm or damage you cause to the Controller or third parties
14.2 Survival
This indemnity obligation shall survive and continue in full force and effect for five (5) years after:
- Termination of your account or access to the service
- Cessation of your use of the application or website
- Deletion of your account
No statute of limitations shall reduce or eliminate this obligation during the five-year survival period.
15. PROHIBITED CONDUCT
Users are explicitly and strictly prohibited from using the 0message1 application or website to:
- Illegal content: Upload, transmit, download, or distribute material that is illegal in any jurisdiction (including obscene material, child sexual abuse material, etc.)
- Harmful content: Transmit content that is threatening, harassing, defamatory, vulgar, obscene, sexually explicit, discriminatory, or hateful
- Fraud and scams: Commit fraud, perpetrate scams, engage in phishing, or conduct any deceptive practices
- Criminal activity: Commit, facilitate, or encourage any criminal activity or violation of law
- Intellectual property: Violate or infringe on copyrights, trademarks, trade secrets, or other intellectual property rights
- Personal attacks: Harass, stalk, threaten, intimidate, bully, or dox other users or individuals
- Identity: Misrepresent identity, impersonate others, or create fraudulent accounts
- Security: Conduct security attacks, hacking attempts, intrusions, malware distribution, or system exploitation
- Espionage: Attempt to gain unauthorized access to systems, networks, or data
- Spam: Send unsolicited bulk communications, spam, or other unwanted messages
- Market manipulation: Engage in market manipulation, pump-and-dump schemes, or securities fraud
- Terrorism: Support, finance, or facilitate terrorism or terrorist organizations
Violations of these prohibitions may result in:
- Immediate suspension or permanent termination of your account or access
- Reporting to relevant law enforcement and government authorities
- Civil legal action and monetary damages claims
- Criminal prosecution under applicable law
- Full cooperation with law enforcement investigations
16. THIRD-PARTY NETWORKS AND DECENTRALIZED INFRASTRUCTURE
16.1 Decentralized Network Participants
0message1 operates on a decentralized peer-to-peer network. The Controller:
- Does not control: Does not control all network nodes, participants, or infrastructure
- Does not guarantee: Cannot guarantee the reliability, security, availability, or honesty of all third-party network participants
- Not responsible: Is not responsible for failures, downtime, data loss, security compromises, or misconduct at third-party-operated network nodes
- Cannot enforce: Cannot enforce this Privacy Policy or any rules on independent network participants operating their own nodes
16.2 Third-Party Nodes
By using the application, you acknowledge that:
- Your messages and data may pass through network nodes operated by third parties
- These third parties may have different privacy practices, security standards, or legal obligations
- The Controller has no control over or responsibility for these third parties
- You accept the risks of operating on a decentralized network with distributed infrastructure
17. MODIFICATIONS AND UPDATES
17.1 Right to Modify
The Controller reserves the explicit right to modify, update, amend, or revise this Privacy Policy at any time, in its sole discretion, without prior notice.
17.2 Effective Date of Changes
Changes become effective immediately upon posting to the website. Your continued use of the website or application after such changes constitutes your acceptance of the modified terms.
17.3 Significant Changes
For significant changes, we will attempt to provide notice through the website or by email to the address you provided (if any). However, failure to receive notice does not invalidate the change.
18. LEGAL COMPLIANCE AND GOVERNING LAW
18.1 Applicable Laws
This Privacy Policy is drafted in compliance with and governed by:
- EU Regulation 2016/679 (General Data Protection Regulation - GDPR)
- Italian Legislative Decree 196/2003 (Code of Privacy - Codice della Privacy)
- Italian Civil Code (Codice Civile), including Articles 1229, 1340, and 1341 regarding limitation of liability
- Italian Penal Code (Codice Penale) regarding criminal conduct
- EU and Italian laws regarding online services, consumer protection, and digital rights
- Laws of the Italian Republic as the primary governing law
18.2 Jurisdiction
Any disputes, claims, or legal proceedings shall be governed by and interpreted under Italian law. The courts of Italy shall have jurisdiction over any such disputes.
18.3 Severability
If any provision of this Privacy Policy is found to be invalid, unenforceable, or in violation of law, such provision shall be severed or reformed to the minimum extent necessary, and all other provisions shall remain in full force and effect.
19. CONTACT INFORMATION AND RIGHTS EXERCISE
19.1 Data Controller Contact
To exercise any GDPR rights, submit inquiries, lodge complaints, or report privacy concerns, contact:
Data Controller:
- Name: Pizzo Matteo Mario
- Email: unclepig86@gmail.com
- Residence: Alessandria, Piemonte, Italy
- VAT/Business ID: As registered with Italian tax authorities
19.2 Response Timeline
- Standard requests: We will respond to rights exercise requests within 30 days of receipt
- Complex requests: For particularly complex or voluminous requests, we may extend the response period to 90 days, and we will notify you of the extension
- Confirmation: We will confirm receipt of your request within 3-5 business days
19.3 Verification
To protect your privacy, we may request reasonable verification of your identity before processing your request (to ensure we do not disclose data to unauthorized parties).
19.4 Italian Data Protection Authority
You have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali):
- Official Website: www.garanteprivacy.it
- Email: garante@garanteprivacy.it
- Postal Address: Piazza di Monte Citorio, 121 – 00186 Roma – Italy
- Phone: +39 06 69677 (switchboard)
You can file a complaint directly with the Authority if you believe your rights have been violated.
20. ACKNOWLEDGMENT, ACCEPTANCE, AND BINDING AGREEMENT
20.1 Explicit Acknowledgment
By accessing or using the 0message1 website or application, you explicitly acknowledge that you:
✓ Have read: You have fully read and reviewed this entire Privacy Policy
✓ Understand: You understand all terms, conditions, limitations, and exclusions
✓ Accept decentralization: You accept that the application is fully decentralized and the Controller does not collect, store, access, or have any control over your data or messages
✓ Accept "as-is" provision: You accept that the application and website are provided "as is" and "as available" without warranties or guarantees of any kind
✓ Accept security risks: You accept the inherent security risks of Internet transmission and decentralized networks, and you acknowledge that no absolute security can be guaranteed
✓ Accept liability limitations: You accept all limitations on the Controller's liability as stated in this Policy
✓ Accept user responsibility: You accept that you are solely responsible for your conduct, content, compliance with law, and any consequences arising from your use
✓ Accept indemnity: You agree to indemnify and hold harmless the Controller from any claims or damages resulting from your use
✓ Accept criminal liability: You accept that you assume full criminal and civil liability for any illegal or harmful conduct you engage in
20.2 Binding Agreement
This Privacy Policy constitutes a binding legal agreement between you and the Controller. Your use of the website or application constitutes acceptance of all terms.
20.3 Non-acceptance and Non-use
If you do not accept these terms in their entirety, you must not use the 0message1 website or application. Non-acceptance implies non-use.
20.4 No License for Illegal Use
Your use of the application or website is expressly conditioned on your compliance with all applicable laws. Any license to use the service is immediately revoked and terminated if you use it for any illegal purpose.
---
© 2025 0message1 - All Rights Reserved
Privacy Policy for a decentralized application - Updated November 2025
This Privacy Policy is legally binding and enforceable under Italian law and the GDPR.