Logo of Compri with white text
  • Customers
  • Agents
  • How it works
  • Security
  • FAQ
Book a demo →
IT
CustomersAgentsHow it worksSecurityFAQ
Book a demo →IT
Logo of Compri with white text

The AI Workforce for Supply Chain

Info

  • Customers
  • Workforce
  • Architecture
  • Security
  • Try it

Company

  • About us
  • Referral
  • Careers
  • Contacts

Resources

  • Projects
  • Newsletter
  • LinkedIn
© COMPRI.AI·VAT: IT13568830965
Privacy & Compliance
AI Workforce for Supply Chain
Badge of NextGenerationEU
Legal

Privacy Policy

This privacy notice is provided pursuant to Article 13 of EU Regulation 2016/679 (GDPR) and relates to the processing of personal data carried out by Compri s.r.l. in the context of the Compri SaaS. Last updated: 15 April 2026.

1. Data Controller

Compri s.r.l. (hereinafter "Compri" or the "Data Controller") is the data controller within the meaning of Article 4(7) GDPR. Contact: privacy@compri.ai or Via Luigi Porro Lambertenghi 7, 20159, Milan (MI), Italy.

2. Personal Data Processed

Compri may collect and process the following personal data:

  • Identification data (user ID, IP address);
  • Contact data (email address);
  • Account data (password, ticket numbers, support requests);
  • Navigation data (data collected via internet protocol and tracking tools).

Where images are uploaded, these may incidentally contain identifiable individuals. Such images are not recommended in the SaaS instructions and will be deleted where possible.

3. Processing Activities

Personal data is processed for the following purposes and on the following legal bases:

3.1 User account management and IT infrastructure

Purpose: provision of SaaS services, IT infrastructure management, user account creation and management.

Legal basis: performance of contract (Art. 6(1)(b) GDPR).

Retention period: 10 years from account deletion.

3.2 IT infrastructure security management

Purpose: monitoring and prevention of abuse or unlawful activity to ensure SaaS security.

Legal basis: legitimate interest of the controller (Art. 6(1)(f) GDPR).

Retention period: 10 years from collection.

3.3 HelpDesk and priority support

Purpose: management of HelpDesk and user support activities.

Legal basis: performance of a service requested by the data subject (Art. 6(1)(b) GDPR).

Retention period: 1 year from collection.

3.4 Statistical analysis

Purpose: anonymisation of data for statistical analysis of user experience and SaaS performance, aimed at product improvement.

Legal basis: legitimate interest of the controller (Art. 6(1)(f) GDPR).

Retention period: 1 year from collection.

3.5 Compliance and legal obligations

Purpose: fulfilment of legal obligations related to SaaS management.

Legal basis: compliance with a legal obligation (Art. 6(1)(c) GDPR).

Retention period: as required by applicable legal obligations.

3.6 Protection of Compri's rights and legitimate interests

Purpose: protection of Compri's rights and legitimate interests in disputes or before competent authorities.

Legal basis: legitimate interest of the controller (Art. 6(1)(f) GDPR).

Retention period: as required by applicable limitation periods.

4. Processing Methods and Security

Processing is carried out using electronic and organisational means in compliance with GDPR principles. Compri implements appropriate technical and organisational security measures to protect personal data.

5. Recipients of Personal Data

Personal data may be shared with:

  • Service providers (e.g. cloud providers, third-party services integrated into the SaaS);
  • Professional advisors (e.g. lawyers, accountants, auditors);
  • Competent authorities and law enforcement.

Data will never be disseminated. Recipients act as data processors or independent controllers.

6. Cookies and Tracking Tools

The SaaS uses technical cookies and tracking tools for security, technical, and analytical purposes. These are not used for commercial or marketing purposes. Please refer to our Cookie Policy for further information.

7. International Transfers

Any transfer of personal data outside the European Economic Area (EEA) is carried out in compliance with Chapter V of the GDPR.

8. Data Subjects' Rights

In accordance with the GDPR, data subjects have the following rights:

  • Access: obtain information on processing and a copy of personal data (Art. 15 GDPR);
  • Rectification: request correction of inaccurate or incomplete data (Art. 16 GDPR);
  • Erasure: request deletion of personal data in circumstances provided under Art. 17 GDPR;
  • Restriction: request restriction of processing in circumstances under Art. 18 GDPR;
  • Objection: object to processing based on legitimate interests (Art. 21 GDPR);
  • Data portability: receive data in a structured, machine-readable format where applicable.

9. Right to Lodge a Complaint

Data subjects may lodge a complaint with the Italian Data Protection Authority (Garante): Piazza Venezia 11, 00187 Rome, tel. +39 06.696771, email: protocollo@gpdp.it or urp@gpdp.it.

10. Contact Us

To exercise your rights or for any questions on data processing, contact Compri at: privacy@compri.ai.

11. Changes to This Notice

This notice is subject to periodic updates. Last updated: 15 April 2026. Any material changes will be communicated to data subjects through appropriate channels.