Privacy Policy
(Information notice on the processing of personal data pursuant to Articles 13 and 14 of EU
Regulation 679/2016)
Solomei AI S.r.l., in its capacity as Data Controller (hereinafter “Solomei” or “Data
Controller”) pursuant to EU Regulation 679/2016 (hereinafter “Regulation”), considers privacy
and the protection of personal data to be one of the main objectives of its business. We
therefore invite you to read this Privacy Policy carefully because it contains important
information on the protection of your personal data.
This Privacy Policy:
- shall be deemed to have been made for the site www.solomei.ai (hereinafter referred to as the ‘Site’),
and
- is made pursuant to Articles 13 and 14 of the Regulation, to those who interact with the
Site.
The processing of your personal data will be based on the principles of correctness, lawfulness,
transparency, purpose limitation and storage, minimisation and accuracy, integrity and
confidentiality, as well as on the principle of accountability set out in Article 5 of the
Regulation. Your personal data will therefore be processed in accordance with the legal
provisions of the Regulation and the confidentiality obligations set out therein.
Processing of personal data means any operation or set of operations which is performed upon
personal data or sets of personal data, whether or not by automated means, such as collection,
recording, organisation, structuring, storage, adaptation or alteration, retrieval,
consultation, use, disclosure by transmission, dissemination or otherwise making available,
alignment or combination, restriction, erasure or destruction.
INDEX
Below we provide the table of contents of this Privacy Policy so that you can easily find the
information regarding the processing of your personal data that concerns you.
- DATA CONTROLLER
- PERSONAL DATA BEING PROCESSED;
- Data on navigation ;
- Data that you voluntarily provide us
- PURPOSE OF PROCESSING
- LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF PROCESSING
- RECIPIENTS OF PERSONAL DATA
- TRANSFERS OF PERSONAL DATA
- RETENTION OF PERSONAL DATA
- RIGHTS OF THE DATA SUBJECT
- CHANGES
- CONTACTS
1. DATA CONTROLLER
The Data Controller is Solomei AI S.r.l. with registered office in Piazzetta dei Sapienti no. 1,
hamlet of Solomeo, Corciano, Italy, ZIP code 06073.
2. PERSONAL DATA BEING PROCESSED
Personal data means any information capable of directly or indirectly identifying a natural
person, for example, by reference to an identifier such as a name, an identification number,
location data, an online identifier or one or more factors specific to the physical,
physiological, mental, economic, cultural or social identitỳ capable of making the person
concerned identified or identifiable, depending on the type of services requested. The Site does
not collect any information associated with the user’s identity or information intended to
uniquely identify the user except for what is strictly necessary for browsing the Site.
a. Site navigation
The computer systems and software procedures used for the operation and security of the Site
acquire, in the course of their normal operation, certain information whose transmission is
implicit in the use of Internet communication protocols. This information is not collected in
order to be associated with identified interested parties, but by its very nature could, through
processing and association with data held by third parties, allow users to be identified. This
category of data includes the IP addresses or domain names of the computers used by users
connecting to the Site, the URI (Uniform Resource Identifier) notation addresses of the
resources requested, the time of the request, the method used to submit the request to the
server, the size of the file obtained in response, the numerical code indicating the status of
the response given by the server (successful, error, etc.) and other parameters relating to the
user’s operating system and computer environment.
These data used for the sole purpose of gaining anonymous statistical information on the use of
the Site to control the correct operation thereof, to identify any anomalies and/or abuse, are
deleted straight after being processed. The data could be used for ascertaining responsibility
in the event of any IT crimes that may damage the Site or third parties.
b. Data voluntarily provided by the user
This Privacy Policy shall also apply to the processing of data that you voluntarily provide when
you request information , sending your own request or filling any form available on the Site. If
so, we will process the following personal data:
- Name and surname
- Email address;
- Name of your company or organization (if applicable); and
- Any other information (e.g. further contact details or details about your interest in our
services as part of your request.
Please be cautious to include only personal data strictly necessary to address your request, thus
refraining from sharing any irrelevant information, including information related to third
parties and/or information that may fall within the scope of special categories of personal data
referred to in Article. 9 of the Regulation ([…]personal data revealing racial or ethnic origin,
political opinions, religious or philosophical beliefs, or trade union membership, genetic data,
biometric data capable of uniquely identifying a natural person, data concerning a person’s
health or sex life or sexual orientation).
3. PURPOSE OF PROCESSING
Your personal data will be processed for the following purposes:
3.1 To allow you browsing the Site, to manage the Site, and to provide you with the services
available therein;
3.2 for securing the Site and preventing, monitoring and addressing any security issue with the
Site;
3.3 to fulfil any obligations under applicable laws, regulations or EU legislation, or to comply
with requests from the authorities;
3.4 to respond to your requests for information and contact.
Specific security measures are implemented to prevent data loss, illicit or incorrect use and
unauthorized access.
4. LEGAL BASIS AND MANDATORY OR
OPTIONAL NATURE OF PROCESSING
The legal basis for the processing of personal data for the purposes referred to in section 3.1
is Article 6(1)(b) of the Regulation ([…]processing is necessary for the performance of a
contract to which the data subject is part of, or in order to take steps at the request of the
data subject prior to entering into a contract), as processing is necessary for the provision of
services and for the user to enjoy an interactive and immersive browsing experience according to
the choice made by the user.
The legal basis for the processing of personal data for the purposes set out in section 3.2 is
Article 6(1) (f) of the Regulation ([…]processing is necessary for the purposes of the
legitimate interests pursued by the data controller or by a third party, except where such
interests are overridden by the interests or the fundamental rights and freedoms of the data
subject which require the protection of personal data, in particular where the data subject is a
child). More specifically, the Data Controller may have a legitimate interest in guaranteeing
the correct and safe operation of the Site and ensuring the protection of its systems and the
safety of the users who navigates it. The user is not required to provide directly any personal
data for this purpose.
The legal basis for the processing of personal data for the purposes set out in section 3.3 is,
on the other hand, Article 6(1)© of the Regulation ([…]processing is necessary for compliance
with a legal obligation to which the data controller is subject).
The legal basis for the processing of personal data for the purposes referred to in section 3.4
is Article 6(1)(b) of the Regulation ([…]processing is necessary for the performance of a
contract to which the data subject is party or in order to take steps at the request of the data
subject prior to entering into a contract), as the processing is necessary for the purpose of
following up your possible requests for information or contact.
5. RECIPIENTS OF PERSONAL DATA
Your personal data may be shared, for the purposes set out in section 3 of this Privacy Policy,
with:
- subjects typically acting as data processors pursuant to Article 28 of the Regulation, i.e.,
subjects cooperating with the Data Controller for the pursuit of the above purposes,
including subjects delegated to perform technical maintenance activities (collectively,
“Recipients”);
- subjects, bodies or authorities to whom it is mandatory to communicate your personal data by
virtue of legal provisions or orders of the authorities;
- persons authorized by the Data Controller, pursuant to Article 29 of the Regulation, to
process personal data necessary to carry out activities strictly related to the provision of
services, who have committed themselves to confidentiality or have an appropriate legal
obligation of confidentiality.
An up-to-date list of the entities that may process your personal data, in their capacity as data
controllers, is available by sending a written request to the Data Controller at the addresses
indicated in the ‘Contact’ section of this notice.
6. TRANSFERING OF PERSONAL DATA
Some of your personal data may be shared with Recipients located outside the European Economic
Area. The Data Controller ensures that the processing of your personal data by these Recipients
is carried out in compliance with Articles 44 - 49 of the Regulation. Further information is
available by sending a written request to the Controller at the addresses indicated in the
“Contact” section of this notice.
7. RETENTION OF PERSONAL DATA
The personal data processed for the purposes set out in sections 3.1 and 3.2 will be kept for the
time strictly necessary to allow the user to browse the Site and, in any case, no longer than
the end of the individual browsing session.
Personal data processed for the purposes set out in section 3.3 will be kept for as long as
required by the specific obligation or rule of law applicable.
Personal data processed for the purposes set out in section 3.4 will be kept for as long as is
strictly necessary to process your requests and deleted soon after.
Further information regarding the data retention period and the criteria used to determine such
period may be requested by sending a written request to the Data Controller at the addresses
indicated in the “Contacts” section of this policy. This is without prejudice, in any case, to
the possibility for the Controller to retain your personal data for the period of time provided
for and permitted by Italian law to protect its interests (Art. 2947(1)(3) Italian Civil Code).
8. RIGHTS OF THE DATA SUBJECT
Pursuant to Art. 15 et seq. of the Regulation, you have the right at any time to obtain:
- confirmation as to whether or not your personal data are being processed and, if so, to
obtain access to the personal data and information concerning you (right of access);
- rectification of your personal data if they are inaccurate, incomplete or no longer
up-to-date (right of rectification);
- the deletion, under certain circumstances, of your personal data (right to be forgotten);
- the restriction of the processing of your personal data in the cases provided for in Article
18 of the Regulation (right to restriction);
- the transmission of your personal data, in a structured, machine-readable format, to a third
party indicated by you (right to portability).
Furthermore, where the processing is based on the legitimate interest of the Controller, you have
the right, at any time, on grounds relating to your particular situation, to object to the
processing of your personal data.
Requests should be addressed in writing to the Data Controller at the addresses indicated in the
“Contact” section of this information notice. In any event, you always have the right to lodge a
complaint with the competent supervisory authority (Personal Data Protection Authority),
pursuant to Article 77 of the Regulation, if you consider that the processing of your data is
contrary to the legislation in force.
9. CHANGES
The Data Controller reserves the right to modify or simply update the content, in part or in
full, also due to changes in applicable legislation. The Data Controller therefore invites you
to visit this section regularly in order to be aware of the most recent and updated version of
the Privacy Policy, so that you are always up to date on the data collected and how Solomei uses
it.
To exercise the above rights or for any other request, you may write to the Data Controller at
the physical address indicated above, or through the dedicated
contact, preferably by including the words ‘request to exercise privacy rights’ in the
subject line of the communication.