Leadero - Privacy Policy & Cookies

Privacy Policy

‍

Last Updated: 8th January 2026

‍

Welcome to Leadero.io (the "Site"). This Site is owned and operated by LEADERO S.R.L. (“We”, “Us”, or “Our”), a Società a Responsabilità Limitata registered in Italy under REA (Repertorio Economico Amministrativo) no. MI - 2785803, trading as Leadero. This Privacy Policy describes how Leadero S.r.l. collects and uses personal data when you visit Leadero.io (the “Site”) or contact us (e.g., to request information or book a demo). We provide this information to you in accordance with the transparency obligations under Articles 13 and 14 of the GDPR.

‍

By accessing or using our Site, you agree to be bound by these Terms of Service ("Terms") and our Privacy Policy. If you do not agree to these Terms, please do not use our website ¹ or services.

‍

Effective Date: 8th January 2026

‍

1. Introduction, Data Controller (Titolare del trattamento) and Contacts

Welcome to Leadero. This Privacy Policy explains how LEADERO S.R.L., trading as Leadero ("Leadero," "we," "us," or "our"), collects, uses, shares, and protects your personal data when you visit our website https://leadero.io (the "Site") or interact with us.

LEADERO S.R.L. is a Società a Responsabilità Limitata registered in Italy under REA (Repertorio Economico Amministrativo) no. MI - 2785803. Our registered office is at VIA BOCCHETTO 6 CAP 20123 MILANO (MI)

We are committed to protecting your privacy and complying with applicable data protection laws in Italy, including the Garante / General Data Protection Regulation (GDPR).  

For any questions about this Privacy Policy or our data protection practices, please contact us at: Email: hello@leadero.io Postal Address: Via Bocchetto 6 Cap 20123 Milano (MI)

‍

Data Controller: LEADERO S.R.L.

Registered office: MILANO (MI) VIA BOCCHETTO 6 CAP 20123

REA: MI - 2785803

Email for privacy: hello@leadero.io

PEC: leadero@namirialpec.it

‍

2. What Personal Data We Collect

Depending on how you use the Site, we may collect and process the following types of personal data:

• Identity & Contact Data: Your first name and last name if you provide it (e.g., when filling out a contact form).
• Contact Data: Your email address, phone number (if provided), company / role (if provided) and the content of your query when you contact us.
• Technical Data:
  
  • Internet Protocol (IP) address of visitors to our Site. This is collected by our web hosting provider (Webflow) for essential purposes such as security, diagnosing technical problems, and ensuring the operational integrity of the Site. This data is generally aggregated or pseudonymised and not used to personally identify you unless for security investigations.
  • Information about your browser type and version, operating system, and device type, primarily collected by our web hosting provider for ensuring compatibility and optimal display of our Site.

We do not currently use cookies for tracking, analytics, or advertising purposes. Our website platform, Webflow, may use essential cookies that are strictly necessary for the proper functioning of the Site (e.g., session cookies, security cookies). For more information on Webflow's practices, please refer to Webflow's own Privacy Policy and Cookie Policy.

‍

3. How We Collect Your Personal Data

We collect personal data in the following ways:

• Direct Interactions: When you voluntarily provide it to us, such as when you:
  
  • Fill in a contact form on our Site.
  • Correspond with us by email or phone.
  • Request information about our services.
• Automated Technologies or Interactions:
  
  • As mentioned above, our web server (hosted by Webflow) automatically collects limited Technical Data (like IP addresses) as part of its standard operation and for security purposes.

‍

Cookies and similar technologies: Cookies are not used for the transmission of personal information, and neither are persistent cookies of any kind used, i.e.systems for tracing the Data Subjects. Therefore, the Application does not acquire the Personal Data of the Data Subjects usingthese technologies. Use is made of session technical cookies (not persistent), strictly limited to what is necessary for the safe andefficient navigation of the Application.

‍

‍

4. Lawful Basis for Processing Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• To respond to your enquiries and communicate with you: Where you have contacted us, we process your Identity Data and Contact Data based on our legitimate interest in responding to your communication and addressing your query, or to take steps at your request prior to potentially entering into a contract with you. Legal basis: Art. 6(1)(b) GDPR (steps at your request prior to entering into a contract) and/or Art. 6(1)(f) (legitimate interest in responding to business enquiries).

• To operate and secure our Site: We process Technical Data (such as IP addresses) based on our legitimate interest in maintaining the security and operational integrity of our Site, preventing fraud, and diagnosing technical issues. Legal basis: Art. 6(1)(f) GDPR (legitimate interests in ensuring the security and proper functioning of the Site).
• To comply with a legal obligation: We may process your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to. Legal basis: Art. 6(1)(c) GDPR (legal obligation) and/or Art. 6(1)(f) (legitimate interests).
• With your consent: If we wish to use your personal data for any other purpose not covered by another lawful basis (for example, for future marketing communications if we were to introduce them), we would seek your explicit consent beforehand and you would have the right to withdraw that consent at any time.

‍

5. How We Use Your Personal Data

We use the personal data we collect for the following purposes:

• To respond to your enquiries and provide you with information you have requested.
• To manage our relationship with you.
• To ensure the security and stability of our Site.
• To administer and protect our business and this Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data).
• To comply with legal and regulatory requirements.

‍

6. Disclosure of Your Personal Data

We do not sell or rent your personal data to third parties. We may have to share your personal data with the parties set out below for the purposes described in Section 5:

• Service Providers:
  
  • Webflow, Inc.: Our website hosting and platform provider. Webflow processes Technical Data on our behalf as a data processor to enable the functioning and security of our Site. Webflow may store and process data in various locations, including the United States. We rely on Webflow's adherence to appropriate data transfer mechanisms (such as the Extension to the EU-US Data Privacy Framework or Standard Contractual Clauses with an International Data Transfer Agreement) to ensure that any data transferred outside of Italy / EU is adequately protected. Please refer to Webflow's Privacy Policy for more details on their data handling practices.
  • Other IT and system administration service providers acting as processors who provide essential support for our business operations.
• Professional Advisers: Acting as processors or joint controllers including lawyers, bankers, auditors, and insurers based in Italy who provide consultancy, banking, legal, insurance, and accounting services, where necessary for our legitimate business interests or legal compliance.
• Regulators and Other Authorities: Public authorities or other regulators based in Italy where required, reporting of processing activities in certain circumstances.

‍

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions, ensuring they have appropriate data processing agreements in place.

‍

7. International Data Transfers (outside the EEA)

As noted above, our website is hosted on Webflow. This means that personal data, particularly Technical Data, may be transferred to, stored, and processed in countries outside of Italy / the European Economic Area, including the United States.

When we transfer your personal data out of Italy, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the Italian authorities (an "adequacy decision").
• Where we use certain service providers, we may use specific contracts approved by the Italian authorities which give personal data the same protection it has in the Italy / EU.
• For transfers to providers in the US, we may rely on their certification under the EU Extension to the EU-US Data Privacy Framework, provided they are certified.

‍

We reply on approriate transfer safeguards such as: Standard Contractual Clauses (SCCs) and/or other GDPR-compliant transfer mechanisms implemented by the provider (as described in their DPA).

‍

Please contact us if you want further information on the specific safeguards used by us when transferring your personal data out of Italy.

‍

8. Data Security (Art. 32 GDPR)

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. These measures include access controls, encryption where appropriate and staff training on data protection.

In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

‍

9. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

For example:

• Correspondence relating to general enquiries may be kept for up to 24 months.
• Technical logs (like IP addresses for security) may be kept by our hosting provider for a limited period necessary for security and operational integrity.
• Contractual/customer data: for the contract duration plus any retention required by law.

‍

10. Your Legal Rights (Capo III GDPR)

Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:

• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing your personal data.
• Request transfer of your personal data.
• Right to withdraw consent (where consent is the lawful basis).

‍

If you wish to exercise any of the rights set out above, please contact us at hello@leadero.io.

You will not usually have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

‍

11. Children's Privacy

The Site and services are not intended for children. If we ever offer “information society services” directly to minors and rely on consent, Italy sets the relevant age threshold at 14; below that age, consent must be given/authorized by a parent or legal guardian.

‍

12. Links to Other / Third-party Sites

Our Site may contain links to third-party websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

‍

13. Changes to This Privacy Policy

We keep our Privacy Policy under regular review. This version was last updated on 8th January 2026. Any changes will be posted on this page. We may also notify you of significant changes by email if we hold your email address and the change directly affects you.

‍

14. Complaints (Garante)

We hope to resolve any query or concern you raise about our use of your information. Please contact us in the first instance at hello@leadero.io.

If you believe our processing violates data protection law, you also have the right to make a complaint with the 'Garante per la protezione dei dati personali', the Italian supervisory authority (https://www.garanteprivacy.it). We would, however, appreciate the chance to deal with your concerns before you approach the Garante, so please contact us first.