Effective Date: 28.08.2025
Data Controller:
Secondface LLC.
Registered Administrative Office: Delaware, United States
Research and Operational Office: Piazzale Rodolfo Morandi 2, 20121 Milano, Italy
Contact: privacy@secondface.ai
Introduction
This Privacy Policy explains how secondface.ai (“the Website”), operated by Secondface LLC, collects and processes personal data.
Because the Website is primarily developed and operated in Europe, the processing of personal data complies with the General Data Protection Regulation (EU Regulation 2016/679, “GDPR”) as well as applicable Italian law.
Nature of the Project
secondface.ai is a private scientific and research project with limited public availability.
The Website is not intended as a consumer service and does not actively collect personal data beyond what is strictly necessary for communication and minimal analytics.
Data We Collect
Voluntary Data Provided by Users
Contact information (e.g., name, email address) if you contact us via email or through a contact form.
Any other data voluntarily provided in such communications.
Automatically Collected Data (minimal)
Technical details such as IP address, browser type, operating system, access time and date.
Basic usage information (e.g., pages visited, time spent) – only if analytics tools (with anonymization) are enabled.
We do not intentionally collect sensitive personal data.
Purpose of Processing
Personal data may be processed for the following purposes:
Responding to user inquiries and communications.
Maintaining the security and functionality of the Website.
Conducting basic, anonymized analytics to understand visits (if enabled).
Complying with legal obligations.
Legal Basis for Processing
We process personal data under the following legal bases:
Consent (Art. 6.1.a GDPR) when you voluntarily provide data (e.g., via contact form).
Legitimate interest (Art. 6.1.f GDPR) to maintain Website security and perform minimal analytics.
Legal obligation (Art. 6.1.c GDPR) when compliance with applicable law requires it.
Data Storage and Retention
Data are stored securely on servers located within the European Union, or in the United States when using specific services (with appropriate safeguards).
Personal data are kept only as long as necessary to fulfill the purposes stated above.
Data Sharing and International Transfers
Personal data will not be sold or shared with third parties for commercial purposes.
Data may be transferred to the United States (Delaware) for administrative purposes, or to trusted service providers (e.g., hosting, email).
Where transfers occur outside the EU/EEA, they are subject to appropriate safeguards in line with GDPR (e.g., Standard Contractual Clauses).
Data Subject Rights (GDPR)
As a user, you have the following rights under GDPR:
Right of access to your data.Right to rectification or erasure.Right to restrict or object to processing.Right to data portability.Right to withdraw consent at any time.Right to lodge a complaint with a supervisory authority (in Italy: Garante per la Protezione dei Dati Personali).
Requests may be submitted to: privacy@secondface.ai
Cookies and Analytics
The Website may use minimal technical cookies for basic functionality.
If analytics are enabled, only anonymized, non-identifiable data are collected.
Full details are provided in the [Cookie Policy].
Security
We implement reasonable technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or destruction.
Updates to this Policy
This Privacy Policy may be updated to reflect changes in law, regulation, or project needs.
The “Last updated” date at the top will be modified accordingly.