AXORI
Energy Platform
ITEN
Privacy Policy

How we handle your personal data

Information under Articles 13 and 14 of EU Regulation 2016/679 (GDPR). We explain in plain language what we collect, why, and your rights.

Last updated: May 10, 2026
Document under review. This document is an initial template and does not replace a privacy policy drafted by a lawyer. Before commercial go-live it will be validated by specialised GDPR legal counsel.

1. Data controller

The data controller is AXORI Srl, with registered office in Italy. To exercise GDPR rights contact us at privacy@axori.it.

2. Types of data collected

We collect the following personal data:

  • Contact data: name, email, phone, company (collected via demo request forms)
  • Browsing data: anonymised IP address, pages visited, session duration (only with analytics cookies consent)
  • Platform operational data: for registered customers, data on managed assets (capacity, generation, revenues, contracts)

3. Purposes of processing

We process your data for the following purposes:

  • Respond to contact and demo requests (legal basis: pre-contractual measures)
  • Provide AXORI platform services (legal basis: contract execution)
  • Comply with tax and accounting legal obligations (legal basis: legal obligation)
  • Send commercial communications, only with explicit consent (legal basis: consent)
  • Aggregated analytics to improve the service (legal basis: legitimate interest, opt-out via cookie banner)

4. Data retention

Data collected via contact forms is retained for 24 months from last contact. Customer operational data is retained for the contract duration + 10 years for tax obligations. Anonymised browsing data is retained for 26 months.

5. Data recipients

Your data may be shared with:

  • Technology providers (hosting, email, analytics) — all contracted as Data Processors under Art. 28 GDPR
  • Regulatory authorities (Terna, GSE, ARERA) for necessary operational compliance
  • Professional advisors (legal, tax) under confidentiality obligations

We do not share data with third parties for marketing purposes, nor do we sell to data brokers.

6. Extra-EU transfer

Data is hosted on EU-based servers (Italy/Germany/Ireland). For some technical services (e.g. AI advisor based on Anthropic Claude) data may transit to USA with adequate safeguards (Standard Contractual Clauses, Data Processing Agreement with the provider).

7. Your rights

You can exercise the following GDPR rights at any time:

  • Access to data concerning you (Art. 15)
  • Rectification of inaccurate data (Art. 16)
  • Erasure ("right to be forgotten") (Art. 17)
  • Restriction of processing (Art. 18)
  • Portability of data (Art. 20)
  • Objection to processing (Art. 21)
  • Complaint to the Italian Data Protection Authority (www.garanteprivacy.it)

To exercise these rights write to privacy@axori.it. We will respond within 30 days.

8. Cookies

For detailed information on the cookies used see our Cookie Policy.

9. Changes to this policy

AXORI may update this policy over time. We will notify you of substantial changes by email. The current version is always available on this page with the date of the latest update.