AD Cube Privacy Policy

Dear User,

you have certainly heard about European Regulation no. 679/2016 (better known as the “GDPR”) concerning the protection of personal data and the safeguarding of natural persons.

Well, precisely in compliance with this regulation and the applicable national legislation, below we provide you with the information necessary to understand how we process the data you provide through your use of the website www.adcube.ai, owned by the company AD Cube S.r.l.

We invite you to read this page as if you were the one asking us the questions set out in the following paragraphs and we were providing you with the related answers: should you have any further doubts, do not hesitate to contact us, we are here for you. You are the subject to be protected, and we want to show you our transparency in doing so.

Let’s begin!

Who is the data controller?

AD Cube S.r.l. – via Rosso di San Secondo 1 – 20134 – Milan (MI)

VAT no. and Tax Code: 12692890960

E-mail: management@adcube.ai Tel.: (+39) 02 5656 8408

The company AD Cube S.r.l. (hereinafter “AD Cube” and/or “Data Controller”) is the controller of the processing of personal data of users (hereinafter also “Data Subjects”) who browse, interact with and use the website www.adcube.ai (hereinafter the “Site”), including its subdomains. Through the Site, AD Cube provides a set of “Services”, including consulting, advisory and software development: for further details, we invite you to read our Terms and Conditions.

What data do we process through the site?

Data collected through browsing and interaction on the Site:

    • Cookies and pixels (in compliance with our Cookie Policy);
    • IP address, information about the browser and device used by the user.

Data collected through the completion of the “contact us” form on the Site:

  • Username
  • City and reference company
  • E-mail address and telephone number
  • Subject and content of the message (field freely filled in by the user).

Limited use disclosure

AD Cube’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. This ensures that all data obtained through restricted scopes is handled securely and responsibly.

Although AD Cube does not need to process any data other than that set out above, any further information that the Data Subject provides through the use of the Site and the forms contained therein will be processed in accordance with this Privacy Policy, the Terms and Conditions, and in full compliance with the applicable regulations (hereinafter, personal data and special categories of data will be jointly referred to and defined as “Data”)

For what purposes do we process the data?

A. To allow access to and the proper functioning of the Site
On what legal basis is it processed? Legitimate interest of the Data Controller in providing the Services through the Site

How long is it kept? See our Cookie Policy for the Site

B. To respond to requests relating to the Services

On what legal basis is it processed? Legitimate interest of the Data Controller in responding to any user requests

How long is it kept? The Data will be kept for the period strictly necessary to fulfil the request

C. To establish the contractual relationship relating to the Services and to fulfil contractual obligations with the user (contractual purposes)

On what legal basis is it processed? Performance and management of the contract for the provision of the Services offered. Provision of the Data is necessary for the proper delivery of the Services

How long is it kept? The Data will be kept for a period equal to the duration of the contract (including any renewals) and for the following 10 years (with regard to tax, payment and invoicing data, unless different terms are provided in accordance with the applicable regulations)

D. To fulfil the administrative and accounting obligations required by law (for example regarding anti-money laundering, accounting and invoicing management)

On what legal basis is it processed? Legitimate interest of the Data Controller in fulfilling legal obligations

How long is it kept? The Data will be kept for a period equal to the duration of the contract (including any renewals) and for the following 10 years (with regard to tax, payment and invoicing data, unless different terms are provided in accordance with the applicable regulations)

E. To promote the Services through both traditional communication tools and remote communication tools (marketing purposes, e.g. via Newsletter)

On what legal basis is it processed? Consent. Consent is optional and may be revoked at any time

How long is it kept? Consent. Consent is optional and may be revoked at any time

The Data is processed by manual or computerised tools, including automated tools, suitable to guarantee the confidentiality, integrity and privacy of the Data itself, in compliance with the appropriate technical measures and in accordance with current legislation.

The electronic storage of the Data is carried out using cloud computing tools on servers located within the territory of the EU (AWS Paris AZ eu-west-3b): for further information on the security, compliance and conformity standards with the requirements set forth by current EU and national legislation on the matter and adopted by the chosen external providers, please refer to the dedicated privacy policy.

Once the retention periods indicated above have expired, the Data will be destroyed, deleted or made anonymous, in accordance with the technical procedures for deletion and backup.

To whom is the data disclosed?

  • Suppliers of services connected to the activities of the Data Controller and public institutions
  • Suppliers of assistance, tax and legal consultancy services
  • Suppliers of IT or storage services and external service providers

AD Cube does not share, sell or transfer user data to third parties for analytical, marketing, AI modelling, further data processing or any other purposes outside the uses described in this document.

The Data provided through the Site will be processed solely to ensure the proper enjoyment of the Services and may be viewed and used by AD Cube’s team (employees and collaborators) duly authorised for the processing.

The Data may also be communicated for legitimate interest purposes for the performance of activities functional to any securitisations, assignments of receivables and issuance of securities, transfers of business and business units, acquisitions, mergers, demergers or other transformations, and for the execution of such operations.

The parties indicated above may act, depending on the case, as external data processors or autonomous data controllers in compliance with current legislation. You may request the updated list of companies to which the Data will be communicated at any time from the Data Controller, by means of a specific request to be sent using the contact channels indicated in this Privacy Policy

Is the data transferred abroad?

The Data will mainly be processed within national territory and the European Union, but may also be transferred to non-EU countries.

Any transfer of the Data Subject’s Data to countries located outside the European Union will only take place in compliance with adequate safeguards for the transfer itself (and in particular by complying with the provisions of articles 45, 46 and 49 of the GDPR), that is, on condition that the European Commission has confirmed that the third country provides an adequate level of data protection or that other guarantees relating to data protection exist, such as binding corporate rules or the signing of EU standard contractual clauses.

You have the right to obtain from the Data Controller a copy of the data held abroad and to obtain information about where such data is stored, by making an express request to be sent using the contact details indicated in this document.

What are my rights?

By contacting the Data Controller’s e-mail address at the contact details indicated above, you may ask AD Cube at any time:

  • to access the Data concerning you, to rectify inaccurate Data, to integrate incomplete Data, to erase it (right to be forgotten), to restrict processing in the cases provided for in Art. 18 of the GDPR;
  • to receive in a structured, commonly used and machine-readable format the Data concerning you in the cases provided for in Art. 20 of the GDPR; as well as, where technically feasible, to transmit such data to another data controller without hindrance;
  • to revoke at any time the consent given; as well as to object at any time to the processing of the Data pursuant to Art. 21 of the GDPR, providing evidence of the reasons justifying the objection;
  • any other request for clarification regarding the data processing carried out by the Data Controller.

Finally, we remind you that it is always possible to lodge a complaint with the competent Supervisory Authority (the Italian Data Protection Authority – “Garante per la Protezione dei Dati Personali”) pursuant to Art. 77 of the GDPR, should you believe that the processing carried out by the Data Controller is contrary to current legislation.

The Data Controller may make changes and/or additions to this Privacy Policy, also as a consequence of changes in the applicable legislation. You can view the constantly updated text of the Privacy Policy on the Site in the Privacy Policy section, or make an explicit request by directly contacting the Data Controller at the contact details indicated above.

Last updated: April ’26