Privacy Policy

ErectionAI, as the data controller (hereinafter the "Owner") of the website https://www.erectionai.com/ (hereinafter the "Site"), informs visitors to the Site (hereinafter the "Interested" ) pursuant to art. 13 of the European regulation n. 2016/679, the General Data Protection Regulation (GDPR).

The Data Controller is aware of the importance of processing the personal data of the interested parties and, for this reason, takes care to indicate which data are processed and how they are processed. By continuing to browse the Site or indicating the desire to use the services provided by the same, the interested party declares to have read and accepted this information (hereinafter "Privacy Policy"), thus issuing consent for the processing of personal data by of the Owner.

For any information, doubt or request relating to this Notice, the Data Controller makes the following email address available to the interested parties: info@erectionai.com.

What are the rights of the interested party in relation to the processing of personal data?
The interested party has the following rights:

-the right to be informed that there is data processing in place concerning him and, if so, to access the personal data processed;

-the right to rectify personal data;

-the right to cancellation (right to be forgotten) of personal data concerning him;

-the right to limit the processing of personal data concerning him;

-the right to data portability to receive, or have it transmitted to another Data Controller, personal data concerning him in a structured format, commonly used and readable by an automatic device;

-the right to object to the processing of personal data;

-the right to withdraw consent previously issued;

-the right to complain to the competent authorities for violation of personal data processing.

How to exercise the rights?
The interested party may exercise their rights by writing to the email address indicated above.
The Data Controller does not intend to incur any costs for the Data Subjects to exercise one of their rights, but to do so, the Data Controller may request specific information to follow up on the data subject's communications in relation to the rights.
The aforementioned communications are usually found within 30 days of receipt of the communication itself, but if this deadline cannot be respected (eg due to an excessive load of requests or complexity of the response) it will be the Data Controller's responsibility to communicate it to the interested party and keep him updated on the developments of the communication sent.

What personal data are processed?
The Data Controller processes the personal data provided to him by both the Data Subject and by third parties in order to be able to follow up on the Data Subject's contact requests received through the Site (hereinafter the "Services").

a) Data provided directly by the interested party

CATEGORY OF PERSONAL DATA - TYPES OF DATA

a) Identification and contact data: Name, surname, residence / domicile, email address

Technical data: IP address, cookies

b) Data collected by third parties

THIRD PART SOURCE OF PERSONAL DATA TYPES OF DATA

Analytics Providers

• Behavioral data
•Technical data

Aggregated data
The Data Controller may collect, use and share aggregate data, such as statistical or demographic data, for any purpose.
The aggregated data may derive from the personal data of the interested party, but once aggregated they do not constitute personal data within the meaning of the GDPR as they are not able to directly or indirectly identify the interested party. However, if the Data Controller combines or connects the aggregated data with the personal data of the Data Subject in order to allow the identification of the Data Subject, directly or indirectly, the Data Controller will process the resulting data in accordance with the provisions of the Information.

Particular Data
The Data Controller does not process any particular category of data of the interested party (by particular data we mean data relating to ethnic or racial origin, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, genetic, biometric and health data), as it does not process any data relating to criminal convictions and offenses relating to the interested party.

Why are personal data processed?
The Data Controller processes personal data for the following purposes indicated in the following table.
The GDPR requires that, for each purpose of processing personal data, the Data Controller has a legal basis for carrying out the processing.
The Data Controller may carry out the processing of the personal data of the Data Subjects through the consent of the latter as a legal basis for the processing. The consent can be revoked at any time, but the processing carried out until the consent is revoked cannot be influenced.
Below is a summary of the purposes and one of their descrition:

PURPOSE DESCRIPTION STORAGE

Provide support to Data Subjects - Resolve technical problems encountered by Data Subjects during navigation, their requests for assistance, improve the Services and the Site and provide the support requested by the Data Subjects. The data will be kept until the data subject's request for support is processed

Newsletter The Data Controller may send updates, not of commercial content, to inform the interested party regarding the development of their business such as agreements with business partners and participation in events. The data will be kept for 24 months

Communication to business partners. The Data Controller, with prior consent, may communicate the data of the interested party to the business partners indicated on the Site and with whom it has specific agreements, if not indicated on the Site The data will be kept for 12 months

Comply with the legal, regulatory and protection obligations of the owner. The Data Controller may process the personal data of the interested party to comply with legislative and regulatory obligations, as well as to comply with the provisions of the judicial and administrative authorities.
Furthermore, the Data Controller may process the data to protect their rights and interests such as, for example, in the case of judicial protection or due diligence in the event of a change in the corporate structure. Personal data will be kept for the period of time determined by law, regulation and / or the reference authority.

What happens if the interested party does not provide the necessary personal data?
If the data are necessary to provide the Services and to provide support to the Data Subjects, the Data Controller will not be able to provide them and support the Data Subject in their requests. In this case, the Data Controller may, alternatively, request the integration of personal data or delete the personal data of the interested party, preventing the provision of the Services.
For purposes other than providing the Services and providing support to Data Subjects, the provision of data is optional and failure to provide personal data will not affect the aforementioned processing purposes.

To whom are personal data communicated and disseminated?
a) Communication

The personal data of the interested parties may be disclosed to third parties with respect to the Data Controller, as better indicated in the following table:

RECIPIENTS - PURPOSE OF THE COMMUNICATION

Suppliers - The Owner's suppliers support him in the provision of the Services with, by way of example but not limited to, Site development, hosting, maintenance, backup, virtual infrastructure.

External consultants - In the event of legal obligations or obligations relating to a relationship established with the interested party, the Data Controller may communicate personal data to external consultants, such as, for example, the accountant and the lawyer.

Authorities and judicial proceedings - The Data Controller may communicate the personal data of the interested parties to state and / or administrative and / or judicial authorities if this is mandatory based on the law, regulations or provisions of the authorities or to defend one's own right and / or interests.

Business partners. - The Data Controller may communicate the data to the commercial partners indicated on the Site or, if not present, where there is a specific partnership agreement or data communication request

b) Dissemination

The personal data of the interested parties will not be disclosed.

Where do we store personal data?
The Data Controller stores personal data in paper archives within the headquarters of the Data Controller, as well as computer archives located both within the European Union and outside if this is instrumental to the pursuit of the aforementioned purposes. In the latter case, the Data Controller ensures that companies not having offices within the European Union are treating personal data with the utmost confidentiality in compliance with the adequacy decisions of the European Commission, any Privacy Shield or, if necessary, entering into agreements. that guarantee an adequate level of protection.

How are personal data processed?
The Data Controller processes the personal data of the Data Subjects by adopting appropriate security measures to prevent unauthorized access, disclosure, modification and destruction.
The data processing is carried out through IT procedures, telematic means and, residually, on paper supports by specifically authorized internal subjects as well as by external managers if appointed, and this also on the basis of the contractual agreements in place.

What is the children's data processing policy?
The Data Controller is aware of the sensitivity of the data processing of minors. In particular, the Services do not want to be provided to children under the age of 14 and the Data Controller does not voluntarily process the data of children under the age of 14: in this sense, the interested parties are requested not to request the provision of the Services if the age is under 14.
The Owner encourages those who exercise parental responsibility over minors under 14 to check that they do not require the provision of the Services and, in any case, to educate minors under 14 not to release their personal data through the Site.
If the Data Controller becomes aware that some personal data refer to minors under the age of 14, the Data Controller will take steps to delete the personal data.

What happens if there are links to other websites?
The Data Controller informs Data Subjects that this Notice applies only to the Site and, if there are links to other websites, the Data Subject must check the information on said sites before releasing their personal data.
The Data Controller does not take any responsibility for the personal data provided by the Data Subjects on other websites.

Changes to the information
The Owner reserves the right to modify this Information at any time. In the event of changes, the Data Controller will upload the new information to this page and, to that effect, if it urges the interested party to check the changes to the Information: the interested party will be able to see the information history by checking the date on it.
By continuing to use the Site after the changes, the interested party accepts these changes and agrees to the data processing as modified.