Privacy Policy

INTRODUCTION

As Data Controller, AI-light S.r.l., with registered office in Via Antonio Rosmini 17, CAP 37123, Verona, Italia, VAT IT04850490238, hereby informs you that, pursuant to and for the purposes of Art. 13 EU Regulation 2016/679 (General Data Protection Regulation, hereinafter GDPR), the data acquired and/or provided, will be processed, in accordance with the national and European legislation in force on the processing of personal data and as such, always in compliance with the transparency, lawfulness, appropriateness and protection of your privacy and of your rights.

The privacy policy informs you about which and how personal data are acquired and processed in order to provide the Services offered by the company AI-light S.r.l., with registered office in Via Antonio Rosmini 17, CAP 37123, Verona, Italia, VAT IT04850490238 (hereinafter, the "Company"). The Services can be provided via the ai-light.app website (hereinafter, the "Site") and the AI-light mobile application ("App" and, jointly with "Site", the "Platforms") which are owned by the Company, as the Data Controller of the personal data of users who access, browse and want to use the service offered through the Platforms (hereinafter "Users") pursuant to art. 13 of the GDPR.

The Platforms and any services offered through the Platforms are reserved for individuals who have reached the age of eighteen. The Data Controller therefore does not collect personal data relating to persons under the age of 18. At the request of the Users, the Data Controller will promptly delete all personal data involuntarily collected and relating to subjects under the age of 18.

The Data Controller takes the utmost care in respect of the right to privacy and protection of the personal data of its Users. For any information in relation to this privacy statement, Users can contact the Data Controller at any time, through the following means:

The Data Controller has appointed a Data Protection Officer who can be contacted at the email address info@ai-light.app.

PURPOSE OF DATA PROCESSING

The Users' personal data will be processed lawfully by the Data Controller pursuant to Art. 6 of the Regulation for the following processing purposes:

  1. contractual obligations and provision of the Services, to allow navigation of the Platforms and to use the Services or to execute the Conditions of Use of the Platforms, which are accepted by the User during the trial and/or purchase of any of the Services; fulfill specific User requests. The User data which are collected by the Data Controller, so that the latter can use the Services, include the e-mail address and the Billing Data (specifically, name, surname, company, address, city, postcode, country, province, e-mail). The additional data requested for payment purposes will not be processed by the Data Controller but by different and autonomous owners, managers of the chosen payment circuit.

    Unless the User gives the Data Controller a specific and voluntary consent to the processing of their data for the additional purposes set out in the following paragraphs, the User's personal data will be used by the Data Controller for the exclusive purpose of ascertaining the identity of the User (also by validating the e-mail address), thus avoiding possible fraud or abuse, and for the purpose of contacting the User for service reasons only (e.g.: sending notifications relating to the Services). Without prejudice to the provisions elsewhere in this privacy statement, in no case will the Data Controller make the Users' personal data accessible to other Users and/or third parties;

  2. marketing purposes, with the express consent of the User, in order to send news on products, services or offers promoted by the Owner;

  3. administrative-accounting purposes, or to carry out activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations;

  4. legal obligations, or to fulfill obligations established by law, by an authority, by a regulation or by European legislation.

The provision to the Owner of the personal data requested for collection on various occasions may be necessary for the pursuit of the purposes identified in the specific information, or they may be optional. The mandatory or optional nature of the provision is specified, from time to time, at the time of individual data collection, by adding a particular symbol (*) to the mandatory information. Any refusal to communicate certain data marked as mandatory makes it impossible to pursue the main purpose of the specific data collection: such refusal could, for example, make it impossible for the Data Controller to provide the Services available. The provision of further data is optional and does not entail any consequence in relation to the pursuit of the main purpose of the collection. With the express consent of the User, personal data may be processed by the Data Controller for commercial and promotional purposes.

PROCESSING METHODS AND DATA RETENTION TIMES

The Data Controller will process the Users' personal data both manually and using IT, following protocol strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of said data.

The data are processed for the time necessary to perform the service requested by the User or in general to achieve the purposes for which they were collected. The User can always request the interruption of the processing or the deletion of data. Users' personal data are kept for the entire period necessary for the provision of the services and products requested. Furthermore, some data will be kept for longer periods by virtue of the obligations relating to fiscal-administrative-accounting fulfilments (10 years pursuant to Article 2220 of the Italian Civil Code). As regards marketing purposes, the retention period is 24 months.

SCOPE OF COMMUNICATION AND DISSEMINATION OF DATA

The employees and/or collaborators of the Data Controller in charge of managing the Platforms may become aware of the personal data of the Users. These subjects, who are formally appointed by the Data Controller as "data processors", will process the User's data exclusively for the purposes indicated in this information and in compliance with the provisions of the privacy legislation in force.

Third parties who may process personal data on behalf of the Data Controller as "Data Processors" may also become aware of the Users' personal data, such as, by way of example, suppliers of IT and logistics services functional to the operation of the Platforms, outsourced or cloud computing service providers, professionals and consultants. Users have the right to obtain a list of any data processors appointed by the Data Controller, making a request to the Data Controller in the manner indicated in the "Rights of the interested parties" section.

RIGHTS OF THE INTERESTED PARTIES

The Users can exercise the rights guaranteed to them by the Applicable Law, by contacting the Owner in the following ways:

Pursuant to the current privacy legislation, the Data Controller advises that Users have the right to obtain information pertaining to

Furthermore, Users have the right:

The Owner is not responsible for updating all the links that can be viewed in this Notice, therefore whenever a link is not functional and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites named in this link.

The information in this document is constantly updated: the Data Controller reserves the right to make changes at any time, also in consideration of the modification of the laws or regulations that govern this matter and protect your rights. The changes will apply from the date of publication on the website. We therefore invite you to consult this section regularly to check the publication of the most updated Privacy Policy.