Your GDPR Rights

Last updated: 15 April 2026

The General Data Protection Regulation (EU 2016/679) grants you specific rights over your personal data. This page explains each right and how to exercise it with Aibilia.

1. Your Rights

Right of Access (Art. 15)

You can request confirmation of whether we process your personal data, and if so, receive a copy of that data along with information about how it is processed.

Right to Rectification (Art. 16)

You can request correction of inaccurate personal data or completion of incomplete data we hold about you.

Right to Erasure (Art. 17)

You can request deletion of your personal data when it is no longer necessary for the purpose it was collected, when you withdraw consent, or when you object to processing. Also known as the "right to be forgotten".

Right to Restriction (Art. 18)

You can request that we limit the processing of your data while a dispute about accuracy or lawfulness is being resolved.

Right to Data Portability (Art. 20)

You can request your personal data in a structured, commonly used, machine-readable format (e.g. JSON or CSV), and have it transmitted to another controller where technically feasible.

Right to Object (Art. 21)

You can object to processing based on legitimate interest (Art. 6(1)(f)). We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.

Right to Withdraw Consent (Art. 7(3))

Where processing is based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing performed before withdrawal.

2. How to Make a Request

Send an email to admin@aibilia.com with the subject line "GDPR Request". Include:

Your full name and the email address you used to contact us
Which right you wish to exercise
Any additional details to help us locate your data

We may ask for proof of identity to prevent unauthorized access to personal data. This will be limited to verifying the email address associated with your original inquiry.

3. Response Timeline

We will acknowledge your request within 72 hours and provide a substantive response within 30 calendar days, as required by GDPR Art. 12(3).

If your request is complex or we receive a high volume of requests, we may extend the response period by an additional 60 days. If so, we will inform you of the extension and the reasons within the initial 30-day period.

All requests are handled free of charge, unless manifestly unfounded or excessive (Art. 12(5)).

4. Data We Hold

Aibilia collects minimal personal data. If you submitted our contact form, we hold:

Name, email, company name, website URL, and message
Submission timestamp
Your IP address (logged by Formspree during form submission)

We do not hold browsing history, behavioral profiles, or data from cookies or analytics tools. For full details, see our Privacy Policy.

5. Complaint to Supervisory Authority

If you are unsatisfied with our response or believe we have violated your data protection rights, you have the right to lodge a complaint with the competent supervisory authority.

As the data controller is based in Italy, the lead authority is:

Garante per la protezione dei dati personali
Piazza Venezia 11, 00187 Roma, Italy
Phone: +39 06 696771
Website: www.garanteprivacy.it
Email: protocollo@gpdp.it
PEC: protocollo@pec.gpdp.it

If you reside in another EU/EEA member state, you may also lodge a complaint with your local Data Protection Authority.

6. Contact

For any data protection matter:

Andrea Feo — Data Controller
P.IVA 05310510267
Email: admin@aibilia.com