This Privacy Policy applies to the inTheEU Assist platform accessible at assist.intheeu.com and to the inTheEU Assist application distributed to authorised professional users. The data controller for information collected through this website and the pilot registration process is WIDE di D. Papa, Sant'Antimo (NA), Italy, operating under licence from ae Aeonian Engineering Limited, Hong Kong (collectively, "inTheEU Assist", "we", "us").
For professional deployments: inTheEU Assist operates as an on-premise platform installed within the infrastructure of the subscribing professional firm (the "Tenant"). In this context, the Tenant is the data controller for all client and case data processed through the platform. We act as data processor on behalf of the Tenant exclusively for the purposes of licence validation and platform support, subject to a Data Processing Agreement.
Contact: support@intheeu.com
This policy covers data collected through assist.intheeu.com, including pilot registration and contact forms, and data processed by us in our capacity as data processor for Tenant deployments to the extent described in Section 7. It does not govern data processed by a Tenant on their own infrastructure. Tenants are responsible for their own privacy obligations in relation to the client and case data they process using the platform.
When you use assist.intheeu.com, we may collect:
We process personal data on the following legal bases under Regulation (EU) 2016/679 (GDPR):
Pilot registration and contact form data is retained for 24 months from submission, unless you request earlier deletion or we enter a subscription agreement. Server log data is retained for 90 days. Display preference cookies expire when you clear your browser data.
We do not sell personal data. We do not share personal data with advertising networks or data brokers. Data may be shared with EU infrastructure providers bound by data processing agreements, professional advisors under confidentiality obligations, and competent authorities where required by law.
inTheEU Assist is an on-premise platform. When deployed by a Tenant, the inference server, document store, knowledge base, case data, and audit records reside on the Tenant's own hardware. We do not have routine access to this data. We process data on behalf of Tenants only for licence key validation and support engagements explicitly authorised by the Tenant, governed by a Data Processing Agreement. Tenants are independently responsible as data controllers for all personal data they process through the platform.
inTheEU Assist incorporates AI systems that assist professional users in their work. In accordance with Regulation (EU) 2024/1689 (EU AI Act) and our platform design principles:
The platform incorporates cryptographic identity mechanisms aligned with the principles of Regulation (EU) No 910/2014 (eIDAS) and its successor framework (eIDAS 2.0). Authentication relies on device-bound cryptographic credentials. No passwords are stored centrally. These mechanisms support the integrity and non-repudiation properties of the platform's audit records.
Professional practices using inTheEU Assist — including law firms, notarial offices, medical practices, accounting firms, and labor consultants — remain subject to the professional secrecy and data confidentiality obligations applicable to their sector under national and EU law. The on-premise architecture is designed to support compliance with these obligations by ensuring client data does not leave the Tenant's infrastructure. Tenants are responsible for verifying that their use of the platform is consistent with their professional obligations.
Where Tenants qualify as operators of essential services or digital service providers under Directive (EU) 2022/2555 (NIS2), they are responsible for ensuring their use of inTheEU Assist is consistent with their NIS2 obligations, including incident reporting and supply chain security requirements. We maintain appropriate technical and organisational security measures for the components we operate directly, including this website and the licence validation service.
Under GDPR you have the right to access, correct, delete, restrict processing of, and port your personal data collected through this website. You have the right to withdraw consent at any time and to object to processing based on legitimate interest. Contact support@intheeu.com. We will respond within 30 days. Where your data is processed by a Tenant as controller, contact that Tenant directly.
You have the right to lodge a complaint with the Italian data protection authority (Garante per la protezione dei dati personali, www.garanteprivacy.it) or with the supervisory authority in your EU member state of residence.
We may update this policy to reflect changes in our services, applicable law, or regulatory guidance. The current version is always available at assist.intheeu.com/privacy.html. Material changes will be communicated to registered users by email with at least 30 days notice.