Privacy Policy

YOUniversal Next Limited with registered office in The Eir Building, 4 Harbourmaster Place, Custom House Dock, Dublin 1, D01 K6X5, Ireland - VAT: IE3393380OH (hereinafter, "Data Controller"), as owner of the website uk.exaude.com (hereinafter, the "Website"), as Data Controller for the processing of personal data of users browsing the Website (hereinafter, "Users") below provides the Privacy Policy pursuant to Article 13 of EU Regulation 2016/679 of 27th April 2016 (hereinafter, "Regulations" or the "Applicable Regulations").

The Data Controller takes utmost account of its Users' right to privacy and the protection of their personal data. For a ny information related to this Privacy Policy, Users can contact the Data Controller at any time, via any of the following means:

  • By sending a registered letter with return receipt to the registered office of the Data Controller (The Eir Building, 4 Harbourmaster Place, Custom House Dock, Dublin 1, D01 K6X5, Ireland);
  • By sending an e-mail to dpo@youniversal.com;

The Data Controller has not identified a Data Protection Officer (DPO), not being obliged to appoint such an officer pursuant to Article 37 of the Regulation.



1. Purpose of processing

Users' personal data will be processed lawfully by the Data Controller pursuant to Article 6 of the Regulations for the following processing purposes:

a) Provision of the service, or to allow navigation of the Website by the User. The User's data collected by the Data Controller to this end includes all personal data whose transmission is implicit in the use of Internet communication protocols, used by the computer systems and software procedures to operate the Website and acquired during their normal functioning: the IP addresses or domain names of the computers utilised by the Users, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method applied in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (positive outcome, error, etc.) and other parameters relating to the operating system and the User's IT environment. Such data is used solely to compile anonymous statistical information on the utilisation of the Website and to verify its correct operation. Without prejudice to the other provisions contained within this Privacy Policy, the Data Controller will not make Users' personal data accessible to other Users and/or third parties under any circumstances.

b) Administrative/accounting purposes, i.e. activities of an organisational, administrative, financial and accounting nature such as internal organisational activities and functional tasks necessary for the fulfilment of contractual and pre-contractual obligations;

c) Legal obligations, i.e. to fulfil the obligations set out by the law, by an authority, by regulations or by legislation and to establish responsibility in the event of any cybercrime against the Website.



2. Data processing and storage methods

Users' personal data will be processed using electronic means, as strictly necessary to achieve the purpose for which they are processed, and in any event, ensuring the confidentiality of the data.

The personal data of the Website Users will be kept for the time strictly necessary to carry out the primary purposes described above in Section 1, or in any case as necessary for the protection pursuant to Civil Law of the interests of both the Users and the Data Controller.



3. Scope of communication and dissemination of data

The personal data of the Users may be disclosed to the employees and/or collaborators of the Data Controller in charge of managing the Website. These subjects, who are instructed by the Data Controller in accordance with Article 29 of the Regulations, will process the User's data exclusively for the purposes indicated in this Policy and in compliance with the provisions of the Applicable Regulations.

The personal data of Users may also be disclosed to third parties operating as External Data Processors handling the personal data on behalf of the Data Controller, such as IT and logistic service providers necessary for the operation of the Website, outsourcing or cloud computing service providers, professionals and consultants.

Users have the right to obtain a list of any eventual Data Processors appointed by the Data Controller by request to the Data Controller as indicated in Section 4 below.



4. Rights of the Data Subject

Users may exercise their rights pursuant to the Applicable Regulations by contacting the Data Controller as follows:

  • By sending a registered letter with return receipt to the registered office of the Data Controller (The Eir Building, 4 Harbourmaster Place, Custom House Dock, Dublin 1, D01 K6X5, Ireland).
  • By sending an e-mail to dpo@youniversal.com;

Pursuant to the Applicable Regulations, the Data Controller hereby declares that Users have the right to obtain information on:

  1. the source of their personal data
  2. the purposes of its being processed and the methods used to do so
  3. the logic applied to the processing, if carried out by means of electronic tools
  4. the identity of the Data Controller and the Data Processor
  5. the parties or categories of party to whom the personal data may be communicated or who may gain knowledge of it in their capacity as data processing managers or persons in charge of processing.

Furthermore, Users have a right to:

  1. access, update, rectify or, should they wish to do so, integrate their data;
  2. the deletion, anonymisation or blocking of data processed unlawfully, including data that does not need to be retained for the purposes for which it was collected or subsequently processed;
  3. confirmation that those to whom the data is communicated or disclosed are notified of the actions referred to under points (a) and (b), including their content, unless the fulfilment thereof proves impossible or involves using methods that are clearly disproportionate to the right being protected.

Furthermore, Users have:

  1. the right to withdraw consent at any time, whereby the processing is based on their consent;
  2. (if applicable) the right to data portability (the right to receive all personal data concerning the Data Subject in a format that is structured, commonly used and readable by automatic devices), the right to limit the processing of personal data and the right to be deleted ("right to be forgotten");
  3. the right to object:
    • i) in whole or in part, for legitimate reasons, to the processing of personal data concerning the Data Subject, even if pertinent to the purpose of the collection;
  4. whereby it is believed that processing of the data is in breach of the Regulations, the right to file a complaint with the Supervisory Authority (in the Member State in which the Data Subject normally resides, in which they work or in which the alleged violation has occurred). The supervisory authority is the Data Protection Commissioner with offices in Canal House, Station Road, Portarlington, Co. Laois (https://www.dataprotection.ie/) The supervisory authority for the UK is The Information Commissioner's Office with offices in Water Lane, Wycliffe House Wilmslow – Cheshire SK9 5AF (https://ico.org.uk).


The Controller is not responsible for updating all links that can be viewed in this Policy, therefore whenever a link is not functional and/or current, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by the link.