CorrettoCorretto
Back to Home

Privacy Policy

Last updated: 27/01/2026

1. Introduction

This Privacy Policy explains how Corretto ("Corretto" or the "Provider") processes personal data through the Corretto B2B SaaS platform.

Corretto mainly acts as a Data Processor under Article 28 GDPR on behalf of its business customers.

2. Roles

  • Customers: Data Controllers
  • Corretto: Data Processor; independent Controller for administrative data
  • Sub-processors: Authorized technology providers

    • 3. Categories of Data

    Including but not limited to:

  • Identification and contact data
  • Business email content
  • Call transcriptions
  • Audio recordings (if enabled)
  • Calendars and metadata

    • 4. Purposes

  • Service provision
  • AI-powered communication management
  • Security and compliance

    • 5. Legal Bases

  • Contract performance
  • Legitimate interest
  • Legal obligations
  • Consent where required

    • 6. AI Processing

    AI systems support content analysis and automation under customer instructions. No solely automated decisions with legal effects are made.

    7. Data Retention

    Configurable by customers; default maximum retention applies.

    8. Security Measures

    Encryption, access controls, segregation, and audits are implemented.

    9. International Transfers

    Transfers outside the EEA rely on SCCs and supplementary safeguards.

    10. Data Subject Rights

    Exercised via the Data Controller. Corretto provides assistance.

    11. Contact

    Email: corretto.ai@gmail.com