DAPI Terms of Service

Last updated: January 2026

1. Service Description

DAPI is a public digital identity certification service that enables users to:

• Obtain a public identity verification card on the website verify.dapi-certification.com
• Receive a unique DAPI NUMBER as certification identifier
• Use verifiable digital badges to attest their certified identity
• Protect published content and, through DAPI-IDS, their digital identity against deepfake, voice cloning and impersonation

The service is provided by Informatica in Azienda di Emanuel Celano and requires submission of biometric and personal documentation according to the procedures indicated in the DAPI-IDS request process included in the service.

2. Request Procedure and Costs

2.1 How to request

Requests for DAPI-IDS reception or DAPI-PUB publication are submitted through the same form available at:

https://dapi-certification.com/request-certification/

Upon form submission, a unique DAPI NUMBER is automatically generated, linked to the DAPI-IDS or DAPI-PUB request and constituting the only authentication system for the first communication between parties.

2.2 Service costs

Service costs are indicated on the request page. Payment is made via invoice issued after preliminary verification of submitted documentation. The service is fee-based and does not offer free trials or demo versions.

2.3 Processing time

DAPI-IDS certification and/or DAPI-PUB publication is processed manually by our technical staff. Processing times vary based on workload, but are generally, indicatively, between 3 and 7 business days from receipt of payment and complete documentation.

3. Service Access Requirements

3.1 Minimum age and legal capacity

The DAPI-IDS and DAPI-PUB service is reserved exclusively for:

• Adult individuals (18+ years) with full legal capacity
• Citizens possessing valid identity documents issued by recognized governmental authorities
• For minors, only DAPI-IDS can be requested, but the request must be made by parents or legal guardians

It is absolutely forbidden to request DAPI-PUB publication without DAPI-IDS using third-party identity documents.

3.2 Request ownership

Certification requests can be made exclusively by the legitimate owner of the documents and biometric data provided for DAPI-IDS. Any attempt to request certification using documents or identities of third parties will result in:

• Immediate rejection of the request
• Possible report to competent Authorities
• Potential legal action for criminal and civil liability

4. Publishable Content and Prohibitions

4.1 Permitted content

DAPI-IDS does not involve any publication. The public DAPI-PUB card may contain the following data:

• Verified Identifier, Verification Real Name, Verified Contact Email, Official Website, Verified Contact Phone, DAPI Number. Among these, only the DAPI NUMBER and Verified Identifier (a nickname chosen by the DAPI-IDS holder) will be published mandatorily, while other data is at the publisher’s discretion.
• DAPI certification digital badge on the author page which will have the chosen Verified Identifier as permalink.

4.2 Updates and Modifications to Already Published DAPI-PUB Content

Updates to already published DAPI-PUB card content are subject to the following limitations: Deadline for modifications:

• Modification or integration requests must be received within 3 business days from the card publication date
• After this deadline, no content update requests will be accepted

Permitted modification types: Modifications are exclusively allowed for:

• Correction of material errors or non-substantial typos
• Updates to data not bound to the original DAPI-IDS certification
• Integrations that do not alter already certified personal and biometric data

Prohibited modifications: The following cannot be modified in any way:

• Personal data certified through DAPI-IDS (name, surname, date of birth)
• Face photograph, audio and video files required for DAPI-IDS
• Assigned DAPI NUMBER
• Any element that was subject to documentary verification during the initial certification phase

Creating a new card: Should the user need substantial modifications to published content, they must request a new DAPI-PUB certification, with full payment of the service and submission of new compliant documentation.

4.3 Allowed file types and size limits

Content associated with DAPI-PUB publications must comply with specific technical requirements in order to ensure service sustainability, proper storage management, and long-term verifiability. Allowed file formats:

• Video: MP4 (standard H.264 / H.265 codecs)
• Documents: PDF
• Images: JPG, PNG
• Other formats are allowed only after prior technical evaluation by Informatica in Azienda

Size limits:

• Maximum size per published file: 300 MB

The user may apply appropriate compression or encoding techniques, provided that the final file complies with the specified size limit. The following is not permitted:

• requests to publish files exceeding the maximum size limit;
• content that results in disproportionate or unsustainable use of storage resources.

Review and refusal: Informatica in Azienda reserves the right to:

• refuse publication of files exceeding the stated limits;
• request technical reprocessing of the content;
• in exceptional cases, propose a dedicated technical assessment with possible additional costs, to be agreed in writing in advance.

The user acknowledges that DAPI-PUB certification is not a hosting or long-term storage service, but a system for identity and content verification, and expressly accepts the technical limits stated above.

4.4 Prohibited content

It is absolutely forbidden to request publication of cards containing or associated with:

• Nudity or sexually explicit content
• Violent, offensive or threatening content
• Content inciting hatred, discrimination or violence toward individuals or groups
• Defamatory material or content damaging others’ reputation
• Content violating third-party rights (copyright, privacy, intellectual property)
• Illegal material or content promoting illegal activities
• Content impersonating third parties or falsifying identities
• Any form of deceptive or fraudulent content

4.5 Moderation and control

Informatica in Azienda:

• Performs preliminary verification of documentation upon request
• Reserves the right to refuse publication without obligation to provide detailed justification
• Operates a report-based moderation system for published content
• Cannot be held responsible for content that, while not violating these conditions, may violate specific regulations or laws not immediately identifiable

5. Publication Duration and Retention

5.1 Guaranteed period

The public DAPI-PUB listing and the related digital badge remain published on verify.dapi-certification.com with a guaranteed availability period of at least 1 year (12 months) from the publication date. It is important to clarify that the legal and technical value of the DAPI certification does not expire if the hosted file or public listing is removed. Even after the removal of hosted files, the certification retains its full evidentiary and technical validity. Specifically, the user retains:

• the .TSR timestamp file;
• the cryptographic hash (SHA-256) of the certified content;
• the DAPI NUMBER as the historical identifier of the certification.

These elements allow independent verification, with legal and evidentiary value, of the authenticity, integrity, and certified timestamp of the content, even if the original file is no longer hosted on DAPI systems. The responsibility for preserving the original files and technical evidence (files, hashes, and TSR records) lies with the user, who may rely on them in any verification, dispute, or identity protection context.

5.2 Retention beyond guaranteed period

After the 1-year period:

• The card and badge may be removed at any time at Informatica in Azienda’s discretion, without prior notice
• Users desiring permanent retention of the card beyond the first year must communicate this in advance and in writing to: info@dapi-certification.com
• Retention requests beyond the above terms may be subject to additional costs to be agreed upon; if not accepted, they will automatically result in card deletion after the stipulated terms.

5.3 Consequences of removal

In case of public card removal from the site:

• The DAPI badge link becomes non-functional only if there are no other active publications
• The author page is removed if no other active publications exist
• The DAPI NUMBER remains valid as a historical identifier, but no longer verifiable online
• The original files provided by the user (DAPI-IDS document, face, video, voice) remain in the user’s possession, already received via PEC, and maintain validity as identity proofs.

5.4 User retention of original files

Users are responsible for personal retention of all original files provided during the certification procedure:

• Identity document
• Face photograph
• Verification video
• Voice recording with DAPI declaration
• Downloaded digital badge
• Digitally signed DAPI certificate
• Content of each publication, published file with related .tsr signature downloadable from the site

Informatica in Azienda does not permanently retain original DAPI-IDS files beyond the time strictly necessary for certification verification and publication (see Section 8 – Privacy).

6. DAPI Badge Use and Identity Verification

6.1 Permitted badge use

The DAPI digital badge may be used by legitimate holders to:

• Attest their certified identity on websites, social profiles and digital platforms
• Demonstrate the validity of their identity in professional or personal contexts
• Protect their digital reputation against impersonation

6.2 Improper badge use – Immediate sanctions

It is absolutely forbidden to:

• Use the DAPI badge on profiles, sites or accounts belonging to persons different from the certification’s legitimate holder
• Transfer, sell or assign the badge to third parties, even by having it uploaded to third-party sites
• Graphically modify the badge or alter its content
• Use the badge for fraudulent or deceptive purposes

6.3 Identity verification for subsequent DAPI-PUB publication requests

When an already certified user requests new publications in their DAPI-PUB card: If the request comes from the same email used for the original certification:

• The request is processed without further documentary verification but with confirmation via WhatsApp message to the number indicated during the request phase.

If the request comes from a different email address or no WhatsApp account is available:

• The user must provide their DAPI NUMBER
• The user must send a copy of their identity document for verification
• The document will be used exclusively for verification and will be deleted within 48 hours of card publication or, if publication does not proceed, within 48 hours of verification outcome.

This measure is necessary to protect the user’s certified identity, prevent unauthorized access and fraudulent publications.

7. Reporting Abuse and Violations

7.1 Reporting system

Anyone detecting inappropriate content, improper DAPI badge use or violations of these conditions can report it to the dedicated address:

abuse@dapi-certification.com

7.2 Report handling procedure

Upon receipt of a documented report:

1. Verification within 72 business hours of the received report
2. Request for clarification from the concerned user (if necessary)
3. Immediate content removal if violation is confirmed, or suspension in any case
4. Notification to the user of actions taken
5. Possibility of counter-report by the user within 14 days for possible reactivation

7.3 Report content

Reports must contain:

• URL of the contested DAPI-PUB card or DAPI NUMBER
• Detailed description of the alleged violation
• Supporting documentation (screenshots, links, evidence)
• Reporter’s details (name, email, possible legitimate interest)

8. Personal Data Processing and Privacy (GDPR)

The DAPI-PUB service complies with Regulation (EU) 2016/679 (GDPR). Collected data is processed exclusively for digital identity certification purposes.

8.1 Collected data

During the DAPI certification procedure, the following data is collected and processed: Personal data:

• Name and surname
• Date and place of birth
• Identity document (for verification only, not published)
• Email address
• Billing data

Biometric data:

• Face photograph (not published)
• Identity verification video (not published)
• Voice recording with DAPI declaration (not published)

8.2 Processing purposes

Personal and biometric data are used for:

• Requester identity verification
• DAPI-IDS certification creation
• Verified DAPI-PUB card publication on the site
• Digital badge generation
• Technical support and assistance
• Legal and tax compliance (invoicing)

8.3 Legal basis for processing

Data processing is based on:

• Art. 6, par. 1, lett. b) GDPR: contract execution at the data subject’s request
• Art. 9, par. 2, lett. a) GDPR: explicit consent for biometric data processing
• Art. 6, par. 1, lett. c) GDPR: compliance with legal obligations (invoicing, accounting document retention)

8.4 Data retention and deletion

Original verification files (document, video, voice):

• Used exclusively for identity verification
• Deleted within 48 hours of DAPI-PUB card publication
• Never made public nor stored in biometric databases

Data published on DAPI-PUB card:

• Remain published on the site for the duration indicated in Section 5
• Automatically removed upon card deletion

Email communications containing personal data:

• Retained for 30 days from procedure completion
• Automatically deleted after this period

Billing data:

• Retained for 10 years as required by Italian tax regulations

8.5 Data subject rights

Users have the right to:

• Access their personal data
• Request rectification of inaccurate data
• Request data deletion (right to be forgotten)
• Object to processing
• Request processing limitation
• Request data portability
• Revoke consent at any time
• Lodge a complaint with the Data Protection Authority

To exercise these rights, users can write to: info@dapi-certification.com

8.6 Complete privacy policy

For more details on personal data processing, consult the complete privacy policy available at:

DAPI Privacy Policy

9. Responsibilities and Limitations

9.1 User responsibility

Users are solely and exclusively responsible for:

• Truthfulness and authenticity of provided data and documents
• Correct and lawful use of the DAPI badge and obtained certification
• Retention of original files provided during the procedure
• Compliance with these terms of use
• Any legal violations resulting from improper service use

9.2 Liability limitations

Informatica in Azienda cannot be held responsible for:

• Falsification or alteration of documents provided by the user
• Improper use of the DAPI badge by the user or third parties
• Erroneous interpretations of certification by third parties
• Loss of original files by the user
• Failure to renew or request permanent card retention
• Damages from temporary service interruptions for maintenance or updates

9.3 Warranty exclusions

DAPI-PUB certification:

• Exclusively attests that provided documentation was verified at the time of request
• Does not constitute anti-mafia, anti-money laundering or other legal/judicial verifications
• Does not guarantee person’s identity in contexts other than digital
• Does not replace official identity documents issued by governmental authorities

10. Right of Withdrawal

In accordance with Art. 59 of the Consumer Code, the right of withdrawal does not apply to digital services once execution has begun with the user’s express consent. By submitting the DAPI-PUB certification request and providing the required documentation, users:

• Expressly request immediate service execution
• Waive the right of withdrawal provided for distance contracts
• Acknowledge that, once certification is completed, they have no right to any refund

11. Modifications to Terms of Service

11.1 Right to modify

Informatica in Azienda reserves the right to modify these conditions for:

• Technical service improvements
• Regulatory adaptations (GDPR, digital certification regulations)
• Introduction of new features
• Interpretive clarifications

11.2 Communication of modifications

Any modifications will be communicated through:

• Publication of the new version on this page
• Email to certified users (when possible)
• Notice on dapi-certification.com or verify.dapi-certification.com subdomain

11.3 Entry into force

New conditions will enter into force 15 days from publication date on this page. Continued service use after this period constitutes full and unconditional acceptance of the new conditions.

12. Intellectual Property

All content, code, operational logic, graphics and interfaces of the DAPI-PUB service are the exclusive property of Informatica in Azienda and are protected by copyright and intellectual property regulations. It is forbidden to:

• Reproduce, copy or duplicate the DAPI system
• Use the “DAPI” name, logo or associated trademarks without written authorization
• Create derivative or competing services based on the DAPI system
• Reverse engineering of code or certification procedures

13. Competent Court and Applicable Law

These conditions are governed by Italian law. For any dispute arising from the interpretation or application of these conditions, the Court of Bologna shall have exclusive jurisdiction, except for mandatory consumer protection provisions.

14. Severability Clause

Should one or more clauses of these conditions be found null or ineffective, such nullity will not invalidate the entire document. The parties agree to replace null clauses with others of similar economic content and legally valid.

15. Acceptance of Conditions

By submitting the DAPI-PUB certification request through the online form, users declare to:

16. Contacts and Legal Information