PRIVACY POLICY AND DATA PROCESSING INFORMATION

Last updated: 23/12/2024

1. Introduction

This Privacy Policy explains how Brots S.r.l. (hereinafter referred to as "We," "Us," or "the Company") processes personal data in connection with the Otello.ai service. We are committed to protecting your privacy and complying with applicable laws, including Regulation (EU) 2016/679 (GDPR).

By using our services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy.

2. Data Controller

The data controller for Otello.ai is:

Company: Brots S.r.l.
Address: Via Roberto da Sanseverino 95, 38122 Trento (TN), Italy
Email: lorenc.miri@brots.cloud
PEC: brots@pec.it

3. Data We Collect

3.1 Data You Provide Directly

• Contact information: Name, email, phone number, company name.
• Payment details: Billing address, payment information (processed securely via Stripe).

3.2 Data Collected Automatically

• Technical data: IP address, browser type, operating system, access logs.
• Cookies: Data collected through cookies and similar technologies (refer to our Cookie Policy for details).

3.3 Data Collected from Integrated Platforms

When users connect third-party platforms such as Google, we may collect additional data:

Google User Data (via Gmail): Emails sent and received, email metadata (sender, recipient, subject, timestamp), and Google account information (name, email).

Important: We do not use Google Workspace APIs to develop, improve, or train generalized AI or ML models. Any data collected through Google Workspace APIs is used solely to provide and support the functionalities requested by the user, in accordance with Google’s API Services User Data Policy.

4. How We Use Your Data

We process your personal data for the following purposes:

To Provide and Improve Our Services

• Display and manage communication channels (email, messaging platforms) in a unified interface.
• Facilitate email sending and receiving through integrations like Gmail.
• Improve the functionality of the Otello.ai platform.

To Comply with Legal Obligations

• Respond to lawful requests from authorities or comply with applicable regulations.

For Marketing and Communication (if consented)

• Send updates, promotional content, or other communications related to Otello.ai.

We do NOT use personal data for purposes unrelated to the provision or improvement of our services, nor do we sell personal data to third parties.

5. Data Sharing and Disclosure

We only share your data under the following circumstances:

• Service Providers: Third-party vendors (e.g., Stripe for payments, cloud providers) who assist in delivering our services.
• Legal Requirements: When required by law or to protect our legal rights.

Google User Data, if collected, is never shared outside the scope of providing the functionalities requested by the user.

6. Data Protection Measures

We implement robust security measures to protect your data:

• Encryption: All data in transit is encrypted using TLS/SSL.
• Access control: Data access is restricted to authorized personnel only.
• Monitoring and Audits: Regular audits are conducted to ensure data security.

7. Data Retention and Deletion

Retention Periods:

• Communication data: Retained as long as necessary to provide the service or as required by law.
• Google User Data: Automatically deleted upon disconnection of the Google account.
• Metadata: Retained for up to 12 months for operational purposes unless the user requests earlier deletion.

Deletion Requests: Users may request data deletion at any time by contacting alessandro.marin@otello.ai. Requests will be processed within 30 days.