Privacy Policy

This Privacy Policy describes how the personal data of users of the website angeleye.tech (hereinafter referred to as the “Website”) is processed in compliance with the applicable international data protection laws. In particular, AngelEye Srl ensures compliance with Regulation (EU) 2016/679 (GDPR) and with equivalent laws in other jurisdictions, including: the UK General Data Protection Regulation (UK-GDPR) together with the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR); the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA) in the United States; the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada; the Privacy Act 1988 in Australia; the Protection of Personal Information Act (POPIA) in South Africa; and the Lei Geral de Proteção de Dados (LGPD) in Brazil.

This notice also takes into account various U.S. state privacy laws, including but not limited to: the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Delaware Personal Data Privacy Act (PDPA), the Virginia Consumer Data Protection Act (CDPA), the Montana Consumer Data Privacy Act (MCDPA), the Data Privacy Acts adopted by states such as Nebraska and New Hampshire (DPA), Nevada’s privacy law (NRS 603A), the New Jersey Data Privacy Law (DPL), the Oregon Consumer Privacy Act (OCPA), the Texas Data Privacy and Security Act (TDPSA), and the Utah Consumer Privacy Act (UCPA). AngelEye is committed to processing personal data lawfully, fairly, and transparently, ensuring the confidentiality and security of the information provided to us.

Data Controller

The Data Controller of personal data is Riccardo Casadei, acting as the legal representative of AngelEye Srl, a company headquartered at Via S. Osvaldo 1b, 39100 Bolzano (Italy), VAT No. 02641370214. You may contact the Controller at info@angeleye.it for any questions or requests concerning data protection.

Personal Data Collected and Collection Methods

AngelEye collects users’ personal data through various tools available on the Website, including:

  • Contact and Technical Support Forms (Salesforce/Pardot) – When a user fills out the contact form or the technical assistance form, AngelEye collects the provided information, which may include first name, last name, email address, and other details voluntarily entered by the user. These forms are managed through Salesforce/Pardot.
  • Newsletter Subscription – When users subscribe to AngelEye’s newsletter, we collect their name (if requested) and email address to send periodic communications. Subscription management and email distribution are handled through our internal platform (e.g., Pardot).
  • Google Analytics – The Website uses Google Analytics (or equivalent tools) to collect information about user interactions, such as pages visited, session duration, and general site usage patterns. These data are collected in aggregated and typically anonymized form for statistical purposes, but may include the user’s IP address (truncated or anonymized) and cookie identifiers. Google Analytics is only activated after obtaining the user’s consent through the cookie banner.
  • Cookies and User Preferences – Through the cookie banner or other preference management tools, AngelEye records the user’s choice regarding non-essential cookies. This consent (or refusal) is stored in a technical cookie on the user’s browser.

The categories of personal data collected may include, as applicable: name, surname, email address, IP address, browsing data (pages visited, interactions, cookie preferences), and any other voluntarily provided information. Data collection is always limited to what is necessary for the stated purposes.

Purpose and Legal Basis of Processing

Personal data collected through the Website are used for the following purposes:

  • Responding to inquiries or support requests – Data submitted via the contact or support forms are used solely to respond to user requests. Legal basis: performance of a contract or pre-contractual measures, or AngelEye’s legitimate interest in managing such requests.
  • Sending newsletters and marketing communications – The email address (and other provided data) are used to send AngelEye’s periodic newsletter and updates about products/services, only with the user’s explicit consent. Legal basis: consent, which may be withdrawn at any time.
  • Traffic analysis and Website improvement – Data collected through Google Analytics or similar tools are processed to analyze Website usage in aggregate form to improve content and services. These analyses are conducted on anonymized data; when personal data (such as IP) are involved, processing occurs based on user consent provided via the cookie banner. Without such consent, the Website remains fully functional.
  • Cookie preference management – Data related to user cookie preferences are retained to document consent or refusal, as required by law (ePrivacy/PECR). Legal basis: legal obligation and legitimate interest in maintaining proof of consent.
  • Compliance with legal obligations or protection of rights – When necessary to comply with legal requirements (e.g., accounting, tax) or to establish, exercise, or defend legal claims. Legal basis: legal obligation or legitimate interest.

Data Retention Period

AngelEye Srl retains personal data only as long as necessary to achieve the purposes for which they were collected, following applicable regulations and best international practices. Afterward, data will be deleted or anonymized unless longer retention is required by law.

  • Contact/support data: retained for the time required to process the request and for a limited subsequent period (e.g., up to 1 year) for internal administrative or legal reasons.
  • Newsletter data: retained until the user unsubscribes or withdraws consent, after which they are deleted or anonymized within a reasonable timeframe.
  • Analytics data: kept in aggregated and anonymized form for up to 14 months, unless further anonymized or required otherwise by law.
  • Cookie preferences: technical cookies storing user consent are retained for 6–12 months before automatic deletion.

Data Processing Location

Personal data are processed primarily at AngelEye’s offices and via IT systems hosted within the European Union. The Website’s hosting is located on servers in Europe. Where transfers outside the European Economic Area (e.g., to Google or Salesforce) are required, AngelEye ensures adequate safeguards pursuant to Articles 44–49 GDPR (e.g., Standard Contractual Clauses, certifications, or other approved mechanisms) to maintain an equivalent level of protection.

Data Sharing and Disclosure

AngelEye Srl processes personal data confidentially. Data are not sold, shared, or transferred to third parties outside AngelEye for their own purposes.

However, data may be disclosed to external service providers acting on behalf of AngelEye for the purposes described above, such as:

  • CRM and marketing platforms (e.g., Salesforce/Pardot);
  • Email communication and newsletter delivery systems;
  • Web analytics providers (e.g., Google Analytics);
  • Website hosting and technical maintenance providers.

These parties act as data processors under Article 28 GDPR or equivalent provisions, bound by contracts ensuring confidentiality, security, and lawful use of data solely for AngelEye’s purposes.

AngelEye does not publicly disclose user data or sell contact lists. Furthermore, for users in jurisdictions such as California, AngelEye confirms that it does not sell or “share” personal data as defined under the CPRA or similar state privacy laws.

User Rights

Users have the following rights concerning their personal data:

  • Right of access: to obtain confirmation of whether data concerning them are being processed and, if so, access to those data and related information.
  • Right to rectification: to correct inaccurate data and complete incomplete data.
  • Right to erasure: to request deletion of personal data under certain circumstances (e.g., when no longer necessary or upon withdrawal of consent).
  • Right to data portability: to receive provided personal data in a structured, machine-readable format and transmit them to another controller where technically feasible.
  • Right to object: to object at any time, for reasons related to their situation, to processing based on legitimate interest or public task, and to opt out of direct marketing.
  • Right to restriction: to request restriction of processing in cases permitted by law (e.g., pending accuracy verification or objection to deletion).
  • Right to withdraw consent: to withdraw consent at any time without affecting prior lawful processing.

Users may exercise their rights by contacting the Data Controller at info@angeleye.it. AngelEye will respond within statutory time limits (typically 30 days).

If users believe their data have been processed unlawfully, they may lodge a complaint with the relevant Data Protection Authority (in Italy, the Garante per la Protezione dei Dati Personali) or pursue legal action.

Data Security

AngelEye implements appropriate technical and organizational measures to protect personal data from loss, misuse, unauthorized access, or disclosure, in accordance with industry standards and legal requirements. However, no transmission or storage system is completely secure. AngelEye continually updates its security practices and encourages users to safeguard their login credentials and report any unauthorized access.

Changes and Updates

This Privacy Policy may be updated periodically to reflect changes in services or applicable law. Significant updates will be communicated via the Website or, where appropriate, directly to users. Please check this page regularly for the latest version.

Last updated: October 8, 2025