Last updated: 22 August 2025
This notice explains how F-T srl ("we", the Controller) processes personal data when you use UnlockGPT (the "App" or the "Service"), an AI-powered productivity assistant that integrates with your email accounts, calendars, document storage, and other services to provide intelligent task automation.
Controller: F-T srl
VAT: 07094250961
Registered office: Milan (MI), Italy
Contact email: hello@unlockgpt.ai
We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable national laws.
Depending on how you use the Service, we may process:
User-provided content: prompts, text, feedback, optional files or images you upload, and account preferences.
Technical/usage data: access logs, IP address, device identifiers, user agent, timestamps, error events, performance metrics.
Billing and commercial data: (if you subscribe to paid plans) data necessary to issue invoices and manage payments. Payments are processed by Stripe (see Section 7). We do not store full card numbers.
Cookies and similar technologies: (for the web version) technical cookies for operation; analytics/marketing cookies only with your consent, where used.
We do not intentionally collect special categories of data (Art. 9 GDPR). Please avoid entering unnecessary sensitive information.
We process data for:
Providing the Service (contract, Art. 6(1)(b) GDPR): sending prompts to AI models, returning outputs, maintaining your account, and providing support.
Security, abuse prevention, and reliability (legitimate interest, Art. 6(1)(f)): monitor anomalies, defend the Service from misuse or attacks, prevent fraud.
Product improvement and debugging (legitimate interest, Art. 6(1)(f)): aggregated/minimised analysis of feature usage to fix issues and plan improvements; non-essential analytics only with consent.
Legal compliance (legal obligation, Art. 6(1)(c)): tax and accounting duties, and responding to lawful requests.
Optional communications and marketing/analytics (consent, Art. 6(1)(a)): where applicable and only after obtaining clear, revocable consent.
To generate responses, the content you submit (prompts, files, images) is forwarded to AI model providers and cloud infrastructure that typically act as our processors. In practice:
We use technical and organisational measures to protect confidentiality, integrity, and availability (access controls, encryption in transit, least-privilege policies, hardened infrastructure). No system is perfectly secure; we maintain procedures to identify, manage, and notify personal-data breaches in line with applicable law.
We retain data only for as long as necessary to achieve the purposes above or to meet legal obligations. Criteria include: duration of the contractual relationship, tax/accounting retention periods, the need to establish or defend legal claims, backup and audit cycles. We periodically review retention to minimise storage.
We may share data with the following categories of recipients:
Payment processing: Stripe (Stripe, Inc. and its affiliates) to process payments, perform fraud prevention, and meet financial compliance obligations. When you make a purchase, relevant data (e.g., name, email, billing details, transaction amount, partial payment method information) is shared with Stripe. Stripe may act as an independent controller for certain activities (e.g., fraud monitoring). For details, please see Stripe's Privacy Policy: https://stripe.com/privacy.
AI providers: LLM and AI-moderation services that process your prompts to produce outputs.
Platform integrations: Google (Gmail, Calendar, Drive, Workspace), Microsoft (Outlook, OneDrive, Calendar), Dropbox for accessing and processing your connected account data.
Cloud and technical providers: hosting, databases, object storage, content delivery, logging/monitoring, build/deploy.
Professional advisors and authorities: accountants, auditors, or competent authorities where legally required.
We do not sell your personal data. We require recipients acting as processors to follow our documented instructions and to implement appropriate safeguards (Art. 28 GDPR).
Some providers may process data outside the EU/EEA. Where this occurs, transfers follow Chapter V GDPR (e.g., EU Standard Contractual Clauses, adequacy decisions, and supplementary technical/organisational measures). Information on specific transfers is available on request.
You have the right to: access, rectify, and erase personal data; restrict or object to processing as provided by law; data portability for data you provided; and to withdraw consent at any time (without affecting the lawfulness of prior processing). You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante) at www.garanteprivacy.it.
To exercise your rights: hello@unlockgpt.ai.
The Service is not intended for children under 14 (per Italian law). If you believe a minor has provided personal data without valid consent, contact us to request removal.
We do not carry out solely automated decisions producing legal or similarly significant effects. Any optional recommendations/personalisation are limited to improving the Service and, where not strictly necessary, operate only with consent or in aggregated/de-identified form.
We use essential cookies to operate the site/app. Any non-essential analytics or marketing cookies are used only with your consent, managed via a banner/preferences centre where applicable. You can change your choices at any time.
If you upload third-party content, you must have a lawful basis to process and share it with us and with our processors. Avoid entering unnecessary personal data.
We may update this notice to reflect legal or technical changes. Updates will be published in the App/website with the new effective date. Continued use after changes take effect constitutes acceptance of the updated notice.
For privacy questions or requests: hello@unlockgpt.ai.