1. Data Controller

The Data Controller of the processing of personal data is Eden Technologies S.r.l., with registered office in Poggibonsi (SI), Italy. For any information relating to the processing of personal data or for the exercise of the rights granted by applicable law, you may contact the Data Controller at the following email address: info@eden-technologies.eu.

2. Scope of Application

This Privacy Policy describes the methods of collection, use, and protection of the personal data of users who visit and interact with the Data Controller’s website, in accordance with Regulation (EU) 2016/679 (“GDPR”) and applicable national legislation.

3. Types of Personal Data Processed

The Data Controller processes the following categories of personal data:

• Browsing data: technical information automatically collected during browsing, such as IP address, browser type, operating system, pages visited, date and time of access.
• Data voluntarily provided by the user: first name, last name, business email address, and the content of communications sent via contact forms or communication channels available on the website.
• Cookies and similar technologies: information collected through technical cookies and, where applicable, other tracking tools, as further described in the dedicated Cookie Policy.

4. Purposes of Processing

Personal data are processed for the following purposes:

• Managing and responding to requests for information or contact
• Initiating or managing pre-contractual and commercial communications
• Complying with obligations required by applicable laws, regulations, or rules
• Ensuring website security and preventing abuse or unlawful use
• Improving website functionality and the browsing experience

5. Legal Basis for Processing

The processing of personal data is based on the following legal grounds, pursuant to Article 6 of the GDPR:

• Consent of the data subject, where required
• Performance of pre-contractual measures taken at the request of the data subject
• Legitimate interest of the Data Controller, in particular for website management, security, and internal organization
• Compliance with legal obligations to which the Data Controller is subject

6. Processing Methods

Personal data are processed using IT and electronic tools, according to logic strictly related to the purposes indicated and in compliance with the principles of lawfulness, fairness, transparency, data minimization, and security.

7. Data Retention

Personal data are retained for a period no longer than necessary to achieve the purposes for which they were collected and, in particular:

• Data collected via contact forms: up to 24 months from the last contact
• Data relating to contractual or pre-contractual relationships: up to 10 years, where required by applicable law
• Browsing data: as specified in the Cookie Policy

8. Data Recipients

Personal data may be disclosed to third parties acting as data processors or independent controllers, including:

• IT and hosting service providers
• Legal, tax, and accounting advisors
• Competent authorities, where required by law

Personal data will not be disclosed and will not be transferred outside the European Union, unless adequate safeguards compliant with the GDPR are adopted.

9. Data Subject Rights

The data subject may exercise at any time the rights provided for by Articles 15–22 of the GDPR, including:

• Obtaining confirmation as to whether or not personal data concerning them exist
• Requesting access to, rectification, or deletion of data
• Requesting restriction of processing or objecting to processing
• Receiving data in a structured, commonly used format (data portability)
• Withdrawing consent given, without affecting the lawfulness of processing carried out previously

Requests may be sent to the Data Controller at: info@eden-technologies.eu.

10. Right to Lodge a Complaint

If the data subject believes that the processing of their personal data is carried out in violation of applicable law, they have the right to lodge a complaint with the Data Protection Authority.

11. Data Security

The Data Controller adopts appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including, by way of example:

• Encryption of communications (HTTPS/TLS)
• Access limitation to authorized personnel only
• Backup systems and recovery procedures

12. Automated Decision-Making Processes

Personal data are not subject to automated decision-making processes or profiling pursuant to Article 22 of the GDPR.

13. Changes to the Privacy Policy

This Privacy Policy may be updated or modified over time. Any changes will be published on this page and will take effect from the date of publication.

14. Contacts

For any clarification regarding this Privacy Policy or the processing of personal data, you may contact the Data Controller:

• Email: info@eden-technologies.eu
• Headquarters: Poggibonsi (SI), Italy