Privacy Policy

Information on the processing of personal data pursuant to EU Regulation 2016/679 (GDPR)

1. Data Controller

S.E.T. Group srl

Via Toscana, 41/43
20052 Vignate (MI) - Italy

VAT Number: 11212660150

Email: privacy@biofix.io

2. Types of Data Collected

2.1 Landing Page (biofix.io)

The public landing page does not collect or store personal data. We only use strictly necessary technical cookies for the functioning of the website (language preferences). No personal data is stored on our servers from landing page visits.

2.2 Biofix Platform (SaaS Service)

When you use the Biofix platform as a registered customer, we collect and process:

  • Account data: name, surname, email address, phone number, company name
  • Technical data: IP address, browser type, access times, device information
  • Usage data: call records, maintenance schedules, equipment data, documents uploaded
  • Communication data: support tickets, email correspondence

3. Purpose and Legal Basis of Processing

We process your personal data for the following purposes:

  • Service provision: to provide the Biofix platform services (Legal basis: Contract execution - Art. 6(1)(b) GDPR)
  • Technical support: to respond to support requests and troubleshoot issues (Legal basis: Contract execution - Art. 6(1)(b) GDPR)
  • Legal obligations: to comply with applicable laws and regulations (Legal basis: Legal obligation - Art. 6(1)(c) GDPR)
  • Service improvement: to analyze usage and improve platform functionality (Legal basis: Legitimate interest - Art. 6(1)(f) GDPR)

4. Data Processing Methods

Personal data is processed using electronic and automated tools, with organizational and technical measures to ensure data security and prevent unauthorized access, disclosure, modification, or destruction.

Security Measures:

  • End-to-end data encryption (SSL/TLS)
  • Servers hosted in Germany (EU territory) in GDPR-compliant data centers
  • Regular security audits and vulnerability assessments
  • Role-based access control (RBAC)
  • Regular encrypted backups

5. Data Retention Period

Landing page data: Technical cookies are stored only for the duration of the browsing session or until language preference change. No personal data is permanently stored.

Biofix platform data: Your data is retained for the duration of your subscription and for 3 (three) months after subscription cancellation. After this period, all data is permanently deleted from our systems, unless we are required by law to retain certain information for a longer period.

6. Data Sharing and Recipients

Your personal data may be shared with:

  • Technical service providers (hosting, cloud infrastructure) bound by confidentiality agreements
  • IT maintenance and support personnel
  • Legal advisors and consultants when necessary for legal compliance
  • Public authorities when required by law

Your data will not be sold, rented, or shared with third parties for marketing purposes.

7. International Data Transfers

Your data is stored exclusively on servers located in Germany (European Union territory). We do not transfer personal data outside the EU/EEA. Should this become necessary in the future, appropriate safeguards will be implemented in accordance with Art. 44-49 GDPR.

8. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15): obtain confirmation of data processing and access to your data
  • Right to rectification (Art. 16): request correction of inaccurate data
  • Right to erasure (Art. 17): request deletion of your data ('right to be forgotten')
  • Right to restriction (Art. 18): request limitation of data processing
  • Right to data portability (Art. 20): receive your data in a structured, machine-readable format
  • Right to object (Art. 21): object to data processing based on legitimate interest
  • Right to lodge a complaint: file a complaint with the Italian Data Protection Authority (Garante Privacy)

To exercise your rights, contact us at: privacy@biofix.io

9. Cookies

The landing page uses only strictly necessary technical cookies to store language preferences (EN/IT). These cookies do not require consent under GDPR as they are essential for the website's basic functionality. No third-party cookies, tracking cookies, or analytics cookies are used on the landing page.

The Biofix platform may use additional cookies for authentication and session management, which are necessary for the service provision and covered by the service agreement.

10. Automated Decision Making

We do not use automated decision-making processes or profiling that produce legal effects or similarly significantly affect you.

11. Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. Changes will be published on this page with an updated effective date. We recommend checking this page periodically for any updates.

12. Contact Information

For any questions or requests regarding this Privacy Policy or your personal data, please contact:

S.E.T. Group srl - Privacy Officer

Email: privacy@biofix.io

Address: Via Toscana, 41/43 - 20052 Vignate (MI) - Italy

Last updated: January 4, 2026