Syrto S.r.l. (“Syrto“, “we“) respects your right to privacy. This notice explains how we collect, use and protect your personal data, and what rights you have in relation to us.
The Data Controller is Syrto S.r.l., VAT no. 04144070986, with registered office at Via Settembrini 2, 20124 Milan (MI). For any questions: info@syrto.ai.
Syrto has not appointed a Data Protection Officer (DPO).
What data we collect and how we use it
Data of platform users. If you use the Syrto Next platform as a user authorised by a customer organisation, we collect the data needed to manage your access: first name, last name, business email, role and access logs. The legal basis is the performance of the contract with your organisation.
The content you enter into the platform (such as conversations with the AI chatbot or uploaded files) is processed by Syrto on behalf of your organisation, which is its Controller. This processing is governed by a specific agreement (DPA) between Syrto and your organisation.
Data of prospective customers and business contacts. If you contact us for information, fill out a form or take part in an event, we collect the data you provide us: first name, last name, email, phone, company. We use it to respond to your requests and, unless you object, to keep you updated on our services. The legal basis is our legitimate interest in developing business relationships.
Data of suppliers and partners. If you are a contact person for a supplier or partner company, we process your professional contact data to manage the contractual relationship. The legal basis is the performance of the contract.
Data of website visitors. We automatically collect some technical data when you visit our site, such as IP address and browsing data. We use privacy-friendly analytics tools that do not collect personally identifying data. For details on the use of cookies, please consult our Cookie Policy.
B2B contact data from third parties. As part of certain services, we use professional contact data (first name, last name, job title, professional email, business phone) sourced from third-party providers who collect them from public sources. If you are a business contact whose data has been provided to us in this way, you have the right to object to the processing by writing to info@syrto.ai.
Providing the data is necessary in order to deliver the services or perform the contract. Without it, we may not be able to provide the service or respond to your request.
How long we keep your data
| Category | Retention |
|---|---|
| Platform users’ data | Duration of the contract + 30 days from termination |
| Prospective customers and business contacts | 24 months from last contact |
| Suppliers and partners, contractual data | 7 years (legal obligations) |
| Suppliers and partners, contact data | 24 months from last contact |
| Website visitors | See Cookie Policy |
| B2B business contacts from third parties | 24 months from last contact |
Who we share your data with
We share your data only when necessary: with technical suppliers acting as Processors pursuant to art. 28 GDPR (cloud infrastructure, CRM, payments, security), with the competent authorities upon legitimate request, and with third parties in the event of extraordinary transactions such as mergers or acquisitions.
We do not sell your personal data to third parties.
Syrto does not use your data for decisions based solely on automated processing that produce legal effects concerning you.
Transfers outside the European Union
Some of our technical suppliers are based outside the EU. In these cases, we ensure that the transfer takes place on the basis of appropriate safeguards pursuant to Chapter V of the GDPR. Details are available in our Trust Center.
Your rights
You have the right to access your data, rectify it, erase it, restrict its processing, receive it in a portable format and object to processing. You also have the right to withdraw consent at any time, without affecting the lawfulness of the previous processing.
To exercise your rights, write to info@syrto.ai. We will respond within one month.
You have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali), www.garanteprivacy.it, Piazza Venezia 11, 00187 Rome.
If you are a user of a customer organisation and wish to exercise your rights in relation to the content you have entered into the platform, please contact your organisation directly, as it is the Controller.
Security
We adopt appropriate technical and organisational measures to protect your data from unauthorised access, loss or disclosure.
Cookies
For details on the use of cookies on our site, please consult our Cookie Policy.
Changes to this notice
This notice may be updated from time to time. In the event of substantial changes, we will provide notice on the site. The date of the last revision is indicated at the top of this page.
Contacts
For any questions: info@syrto.ai, Syrto S.r.l., Via Settembrini 2, 20124 Milan (MI)