Home Phone Email

Dear Client,
as required by EU Regulation 2016/679 (GDPR), we provide you with the following information regarding the processing of your personal data.

1 – Identity and contact details of the data controller

1.1
The data controller is BLUETENSOR S.R.L., with its registered office in Via Primo Maggio 9, 38123 Trento (TN), Italy – Tax ID and VAT number: 02525420226.

1.2
You can also contact the Data Controller at the following email address: info@bluetensor.ai.

2 – Purposes, legal basis of the processing, and types of processed data

2.1
The collection and processing of your personal data (ordinary data) are carried out for the following purposes:

  • Execution of the contractual or pre-contractual relationship (legal basis: performance of a contract or pre-contractual measures);
  • Fulfillment of related management, administrative, and accounting obligations (legal basis: as above);
  • Protection of the Data Controller’s rights, if necessary (legal basis: legitimate interest of the Controller);
  • Registration of your personal data in the company IT databases;
  • Management of collections and payments;
  • Compliance with civil, tax, accounting, and regulatory obligations, including EU regulations;
  • Sending updates on our products and services by email, as well as conducting market research or commercial communication (via fax, telephone, email).

2.2
Your personal data will be processed lawfully, fairly, and transparently for managing the contractual and/or pre-contractual relationship and to respond to your requests.

2.3
The processing will be carried out using both paper and electronic systems by the Data Controller, processors, and authorized persons, adopting all necessary security measures to ensure data confidentiality and integrity, in compliance with appropriate technical and organizational measures suitable to the level of risk.

2.4
Providing your personal data – except for the purposes referred to in point g) above – is mandatory in order to fulfill contractual and legal obligations. Failure to provide such data may prevent us from fulfilling our contractual obligations.

2.5
The Data Controller may process only ordinary personal data strictly necessary for the purposes described, such as personal identification data, email and telephone contacts, professional role within the client company/entity, economic and financial data, company name, registered office, and bank details of the Client.

3 – Possible recipients and categories of recipients

3.1
Your personal data may be disclosed to:

  • Suppliers of products or services necessary for the execution of the contractual relationship;
  • Public administrations or authorities to comply with legal obligations;
  • Insurance companies and credit institutions;
  • Internal staff of the Controller, duly instructed;
  • External entities appointed as data processors;
  • Professionals or companies providing administrative and management services (acting as independent controllers).

3.2
The Data Controller does not intend to transfer your personal data to any third country outside the European Union.
With your prior consent, the Data Controller may process and publish images and/or videos of your works on its website. Consent may be withdrawn at any time.

4 – Data retention period

Your data will be processed for the period permitted or required by applicable regulations for managing the contractual relationship and to ensure legal protection for both you and the Controller, in both contractual and extra-contractual matters.
Data will be retained for 10 years from the conclusion of the last contractual relationship.

5 – Data subject’s rights

5.1
At any time, you may exercise your rights towards the Data Controller pursuant to Article 15 of EU Regulation 679/2016, including:

a) The right to obtain confirmation of whether personal data concerning you exist, even if not yet recorded, and their communication in an intelligible form;

b) The right to be informed about:

  • the origin of the personal data;
  • the purposes and methods of processing;
  • the logic applied in case of processing carried out with electronic means;
  • the identification details of the Controller and any processors;
  • the recipients or categories of recipients to whom the data may be disclosed or who may become aware of them as designated representatives, processors, or authorized persons;

c) The right to obtain:

  • the updating, rectification, or, where interested, integration of data;
  • the erasure, anonymization, or blocking of data processed unlawfully, including those whose retention is unnecessary for the purposes for which they were collected or subsequently processed;
  • certification that the above operations have been notified to those to whom the data were communicated or disseminated, unless this requirement proves impossible or involves a disproportionate effort;

d) The right to object, in whole or in part:

  • for legitimate reasons, to the processing of personal data concerning you, even if relevant to the purpose of collection;
  • to the processing of personal data for sending advertising material, direct sales, market research, or commercial communications.

5.2
For a full overview of your rights, please consult Articles 15–23 of the GDPR at the following link (Italian Data Protection Authority): https://www.garanteprivacy.it/regolamentoue/diritti-degli-interessati.

5.3
You may exercise your rights by sending a request, without formalities, directly to the Data Controller (also through a delegate). A reply will be provided without undue delay.
Requests may also be sent by registered letter, fax, or email to info@bluetensor.ai.

6 – Termination of processing and duration

In case of termination of processing, pursuant to Article 17 of the GDPR, your data will be:

a) erased, after fulfilling the retention obligations required by Article 2220 of the Italian Civil Code, Articles 19 and 22 of Presidential Decree 600/1973 (10 years), or other applicable regulations;
b) transferred to another controller, provided the processing is compatible with the purposes for which the data were collected;
c) kept exclusively for personal use and not subject to systematic communication or dissemination;
d) retained or transferred to another controller for historical or statistical purposes, in accordance with the law, regulations, EU legislation, and codes of conduct under Article 40 of the GDPR.

7 – Data processors

The list of external data processors can be requested directly from the Data Controller.

For further details, please refer to EU Regulation 679/2016 and applicable Italian legislation.