Privacy Policy

    Version —

    This Privacy Policy explains how we process personal data relating to visitors to our websites, prospective customers, and the individuals who hold or use accounts on the LandingRed platform. It describes the processing for which we act as data controller.

    Pending final legal review

    This document reflects our current practices and is being finalised with legal counsel. We may refine the wording, but will not reduce your rights without prior notice. For any clarification, contact us using the details below.

    1. Data controller

    The data controller is AB Corporate Advisory S.r.l. ("LandingRed", "we", "us"), with registered office at Corso del Popolo 39/A, 31100 Treviso (TV), Italy; registered with the Companies Register of Treviso-Belluno under no. 05406430263; VAT and tax code 05406430263; REA TV-441553; certified e-mail (PEC) abcorporateadvisory@pec.it. For data-protection matters you can contact us at privacy@landingred.com or, for formal communications, at the PEC address above.

    2. Scope of this policy

    This policy covers personal data we process as controller — for example account and contact details, billing data, and usage data. Where our customers upload personal data about third parties into the Platform, the customer is the controller of that data and we act as processor under our Data Processing Agreement; that processing is not governed by this policy.

    3. Personal data we collect

    We collect: identity and contact data (such as name, business e-mail, organisation, and role) provided at sign-up or when you contact us; account and usage data (such as log-ins, actions taken in the Platform, and preferences); technical data (such as IP address and device or browser information); billing and transaction data for paid plans; and the content of your communications with us.

    4. Purposes and legal bases

    We process personal data to: provide and administer the Service and your account (Art. 6(1)(b) GDPR, performance of a contract); comply with legal obligations such as accounting and tax (Art. 6(1)(c)); secure and improve the Service, prevent abuse, and pursue our reasonable commercial interests (Art. 6(1)(f), legitimate interests, balanced against your rights); and send service or, where permitted, marketing communications (Art. 6(1)(b)/(f), or your consent under Art. 6(1)(a), which you may withdraw at any time).

    5. AI-assisted processing

    The Platform uses large-language-model technology to help generate compliance Output such as draft documentation and classifications. Where this processing involves personal data, it is carried out by a sub-processor acting on our instructions. We do not subject you to decisions producing legal or similarly significant effects based solely on automated processing within the meaning of Art. 22 GDPR; Output is intended for human review.

    6. Recipients and sub-processors

    We share personal data only as necessary, with categories of recipients including: cloud-hosting and infrastructure providers; communication and e-mail providers; analytics and product-monitoring providers; payment and billing providers; AI / large-language-model processing providers; and professional advisers or public authorities where required by law. All sub-processors act under written data-processing terms. An up-to-date list of sub-processors is available on request.

    7. International data transfers

    We aim to process personal data within the European Economic Area, with hosting in the EU (Amsterdam by default; Frankfurt on request). Where a sub-processor processes personal data outside the EEA, we rely on an appropriate safeguard under Chapter V GDPR — typically the European Commission’s Standard Contractual Clauses together with supplementary measures where needed. You may request information about these safeguards using the contact details above.

    8. Data retention

    We keep personal data only as long as necessary for the purposes described: account data for the life of the account and a limited period afterwards; billing and tax records for the period required by law (generally ten years in Italy); and technical logs for a shorter period. When data is no longer needed, it is deleted or anonymised.

    9. Security

    We implement appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, tenant isolation, audit logging, and regular review. No system is perfectly secure, but we work to protect your data against unauthorised access, loss, or alteration.

    10. Your rights

    Subject to the conditions in the GDPR, you have the right to access your personal data and to obtain rectification, erasure, restriction, and portability, and to object to processing based on legitimate interests, as well as to withdraw consent where processing is based on it. To exercise your rights, contact us using the details above. You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali, www.garanteprivacy.it) or your local supervisory authority.

    11. Cookies and similar technologies

    We use strictly necessary cookies to operate the Platform and, subject to your consent, analytics or preference cookies. You can manage your choices through the cookie banner and your browser settings. Further detail is provided in our cookie notice.

    12. Changes to this policy

    We may update this policy from time to time. We will post the updated version with a new version number and, for material changes, provide additional notice. Please review this policy periodically.

    13. How to contact us

    For any question about this policy or your personal data, contact AB Corporate Advisory S.r.l. at privacy@landingred.com, or by certified e-mail (PEC) at abcorporateadvisory@pec.it.