This Privacy Policy describes how IAT Search collects, uses, and protects personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, "GDPR") and Legislative Decree 196/2003 as amended by Legislative Decree 101/2018 (Italian Privacy Code).
1. Data Controller
Individual data controller (persona fisica), Italy
Email: support@admintribunals.com
For all privacy-related enquiries, requests to exercise your rights, or complaints, please contact the Data Controller at the email address above. A postal address can be provided on written request from data subjects or competent authorities.
1.bis Beta Phase Notice
During the beta phase:
- Access is provided gratuitously; the Data Controller does not derive revenue from individual beta accounts.
- The features, scope, behaviour, and availability of the Service may change at any time, without prior notice and without compensation.
- The Data Controller does not guarantee continuity of the Service, nor the migration of user accounts, query history, saved judgments, or any other user-generated data to any future commercial version. The beta may be terminated, in whole or in part, at any time.
- In addition to the purposes set out in Section 3 (Legal Bases for Processing), personal data processed during the beta phase — in particular query content, AI-generated responses, usage patterns, and feedback submissions — may be processed by the Data Controller under the legal basis of legitimate interest (Art. 6(1)(f) GDPR) for the purpose of testing, evaluating, debugging, and improving the Service, including the analysis of search relevance, the review of AI-generated outputs in pseudonymized form where feasible, the identification of bugs and edge cases, and the refinement of ranking, classification, and prompt engineering. The general framework for this improvement processing is also described in Section 9 of the Terms of Service.
- You may object to the legitimate-interest processing described above at any time by writing to support@admintribunals.com; objection does not affect your ability to continue using the Service. See Section 7 (Your Rights).
This Beta Phase Notice will be removed or substantially revised when the Service exits beta and becomes generally available; users will be notified by email of the change at least 14 days in advance.
2. Personal Data Collected
2.1 Account data
- Email address — required for registration, login, and service communications.
- Full name — optional; provided voluntarily during registration.
- Password — stored exclusively as a bcrypt hash (one-way cryptographic function). The plain-text password is never stored, logged, or accessible to anyone, including the Data Controller.
- Subscription plan — the tier (Standard, Professional, Premium) associated with your account.
- OAuth identifier (only if you sign in with Google or LinkedIn) — the stable subject identifier (
sub) issued by the identity provider, used to authenticate you on subsequent logins. No password is stored for accounts created via OAuth.
2.2 Usage data
- Query history — the legal queries you submit to the AI analysis function, together with the AI-generated responses and the list of judgments consulted.
- Saved judgments — the tribunal judgments you choose to bookmark within the application.
- Session data — authentication tokens stored as HttpOnly cookies, identifying your active session.
2.3 Billing data
Billing, invoicing, and payment processing are handled exclusively by Paddle.com Market Limited ("Paddle"), which acts as Merchant of Record for all subscription transactions (see Section 5). This means Paddle, not the Data Controller, is the legal seller of the subscription to you: Paddle issues the invoice, calculates and collects any applicable VAT or sales tax according to your jurisdiction, and handles refunds and chargebacks under its own terms.
The Data Controller does not collect, process, or store payment card details at any point. From Paddle the Data Controller receives only the data strictly necessary to manage your subscription on this Service: a Paddle customer identifier, your billing email, your country (for tax-jurisdiction reporting), the plan and billing cycle, and the status of each transaction (paid, refunded, failed). Records necessary for the Data Controller's own fiscal and accounting compliance under Italian law are retained as set out in Section 4.
2.4 Technical and log data
- Server access logs (IP address, HTTP method, endpoint, timestamp, HTTP status code).
- Error logs generated by the application.
3. Legal Bases for Processing
| Data category | Purpose | Legal basis (GDPR Art. 6) |
|---|---|---|
| Account data (email, name, password hash) | Registration, authentication, account management | Art. 6(1)(b) — performance of contract |
| Query history and saved judgments | Providing the service; enabling the user to retrieve past analyses | Art. 6(1)(b) — performance of contract |
| Subscription plan and quota data | Access control; enforcement of service tier limitations | Art. 6(1)(b) — performance of contract |
| Billing records | Fiscal and accounting obligations under Italian law | Art. 6(1)(c) — legal obligation |
| Server logs | Security monitoring, error diagnosis, abuse prevention | Art. 6(1)(f) — legitimate interest |
| Email address (service communications) | Account verification, password reset, policy updates | Art. 6(1)(b) — performance of contract |
4. Retention Periods
| Data category | Retention period | Basis |
|---|---|---|
| Account data | Until account deletion, plus a 30-day grace period for recovery | Contractual necessity |
| Query history and saved judgments | Until the user deletes individual records or closes the account | Contractual necessity; user control |
| Billing and fiscal records | 10 years from the date of the underlying transaction | Art. 2220, Italian Civil Code (Codice Civile) — mandatory accounting record retention |
| Server access logs | 90 days, then automatically purged | Legitimate interest; proportionality |
| Authentication tokens (cookies) | Until logout or browser session end | Technical necessity |
5. Data Processors and Sub-processors
The Data Controller engages the following third-party processors, each bound by a data processing agreement (DPA) and subject to GDPR-equivalent safeguards:
| Processor | Role | Location | Data transferred |
|---|---|---|---|
| Hetzner Online GmbH | Cloud infrastructure and hosting | Germany (EU) | All application data stored on servers within the European Economic Area. No transfers outside the EEA. |
| Paddle.com Market Limited | Merchant of Record (billing, invoicing, payment processing, tax collection) | United Kingdom (with EU subsidiary Paddle.com Market BV in the Netherlands) | Paddle is the legal seller of subscriptions and the controller of the payment relationship with you. Paddle independently determines the means of processing your payment data (card details, billing address, tax identifiers) under its own Privacy Policy and applicable EU/UK adequacy frameworks. The Data Controller receives from Paddle only the limited subscription metadata described in Section 2.3. Paddle's Privacy Policy: paddle.com/legal/privacy. |
| Resend (Resend Inc.) | Transactional email delivery (account verification, password reset, service notifications) | United States (with EU sending infrastructure) | Your email address and the content of transactional messages (verification links, password reset links, service notices) are transmitted to Resend for delivery. Transfers are covered by Standard Contractual Clauses (SCCs). Resend acts as data processor on behalf of the Data Controller. |
| Anthropic, PBC | AI language model provider (Claude API) | United States | The text of your legal queries and the retrieved judgment excerpts are transmitted to the Anthropic API to generate AI responses. Anthropic processes this data under its API usage policy and does not use API inputs to train models by default. Transfers are covered by Standard Contractual Clauses (SCCs). Users should avoid including personal data of third parties or confidential client information in queries. |
| Google LLC / LinkedIn Ireland Unlimited Company (only if you choose to sign in with Google or LinkedIn) | OAuth identity providers (authentication) | United States (Google) / Ireland (LinkedIn) | If you elect to authenticate via Google or LinkedIn, you are redirected to the chosen provider, which authenticates you and returns a stable subject identifier together with your email address and (optionally) your name. The Data Controller does not receive your password or any other account credential. The provider is an independent controller of the authentication transaction; transfers to Google are covered by Standard Contractual Clauses (SCCs). |
6. Cookies
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
auth_token |
Essential / HttpOnly | Maintains your authenticated session. Cannot be read by JavaScript. Required for the service to function. | Until logout or after 2 hours of inactivity |
oauth_state |
Essential / HttpOnly | Set only during a sign-in attempt with Google or LinkedIn. Stores a CSRF anti-forgery token used to validate the callback from the identity provider. Deleted as soon as the sign-in flow completes (success or failure). | 10 minutes |
cookies_accepted |
Functional | Records that you have acknowledged this cookie notice, so it is not shown again. | 1 year |
No advertising, profiling, or third-party tracking cookies are used. A complete description of cookies and browser local storage used by the Service is available in the Cookie Policy.
7. Your Rights under the GDPR
As a data subject, you have the following rights, exercisable by contacting the Data Controller at support@admintribunals.com:
- Right of access (Art. 15) — obtain confirmation of whether your personal data is being processed and receive a copy.
- Right to rectification (Art. 16) — request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17) — request deletion of your data, subject to the limitations described in Section 4.
- Right to restriction of processing (Art. 18) — request that processing be limited in certain circumstances.
- Right to data portability (Art. 20) — receive your personal data in a structured, machine-readable format.
- Right to object (Art. 21) — object to processing based on legitimate interest.
- Right to lodge a complaint — you may lodge a complaint with the Italian supervisory authority, the Garante per la protezione dei dati personali (www.garanteprivacy.it), or with the supervisory authority of your EU member state of habitual residence.
Requests will be responded to within 30 days. The period may be extended by a further two months where necessary, with notification of the reason for the extension.
8. Security Measures
- Passwords stored exclusively as bcrypt hashes (cost factor 12); plain-text passwords are never retained.
- Authentication via signed JWT tokens transmitted in HttpOnly, SameSite cookies.
- All data at rest stored on Hetzner infrastructure within the EU.
- Application-level access controls with role-based permissions.
No security measure is infallible. In the event of a personal data breach likely to result in a risk to your rights and freedoms, you will be notified without undue delay in accordance with Art. 34 GDPR.
9. Minors
This service is intended exclusively for legal professionals and is not directed at persons under 18 years of age. The Data Controller does not knowingly collect personal data from minors.
10. Updates to This Policy
This Privacy Policy may be updated to reflect changes in the service, applicable law, or processing activities. Material changes will be communicated to registered users by email at least 14 days before taking effect. The current version and its effective date are always indicated at the top of this page.
Continued use of the service after the effective date of an updated policy constitutes acceptance of the changes.
11. Contact
Mariano Fernando Iguera (Italy)
Email: support@admintribunals.com
Supervisory Authority (Italy)
Garante per la protezione dei dati personali
Piazza Venezia 11, 00187 Roma
www.garanteprivacy.it