Privacy, Cookie & Legal Policy
Last updated: December 2025
Welcome to fabriziomazzei.it (hereinafter "the Site"). This policy describes how the site is managed with reference to the processing of personal data of users who consult it, as well as practices regarding cookies and integrated third-party services.
The Site is primarily for informational, educational, and professional contact purposes. It does not provide for the creation of persistent user accounts nor the sending of direct marketing newsletters without explicit separate consent.
1. Data Controller
2. What Data We Collect and Why
A) Navigation Data and Hosting
The Site is hosted on the cloud infrastructure of Vercel Inc. (servers located in USA/EU). The computer systems responsible for the operation of the Site automatically acquire certain technical data (e.g., IP address, browser type, request time). These data are used exclusively for technical purposes (diagnostics, security, load balancing) and retained for the strictly necessary time provided by the hosting provider.
B) Appointment Booking Service
If you use the "Book a Call" function (/book), we collect the following data you voluntarily provide:
- Name and Surname: To identify you during the appointment.
- Email Address: To send you the confirmation and video call link.
- Optional Notes: Additional information about the reason for the call.
Processing: This data is processed to create an event on Google Calendar. The event may include a link to Google Meet. Data is visible only to the Controller and, limited to technical aspects, to service providers (Google). We do not use this data for marketing unless explicitly requested.
C) Intelligent Chatbot (Fabrizio AI)
The Site integrates a virtual assistant based on Generative Artificial Intelligence. When you send a message in the chat:
- The text of your question is sent in real-time to Google Gemini APIs (Google Cloud) to generate the response.
- Your name or identity is neither requested nor saved. Conversations are anonymous server-side.
- Warning: We invite you never to enter sensitive personal, financial, or health data into the chat.
D) Audio Podcast Playback
The audio player integrated into the site (/podcast) is a proprietary technology that does not use third-party trackers (like Spotify or Apple Podcast embeds). The audio file is downloaded directly from the Site's server. However, downloading the file technically involves logging your IP address in the server access logs (see point A), necessary for data transmission.
E) "Request Lab" Module
If you fill out the form to report a "boring problem," we collect your nickname and the problem description. Data is sent securely to a private spreadsheet (Google Sheets) and used only for internal analysis. AI may process the text to improve its readability before saving.
F) "AI Audit" Tool
The AI Audit service automatically analyzes a user-provided website to generate a strategic report.
- Data Collected: website URL, business email address, public data on the target site (via automated scraping).
- Purpose: generation and delivery of the personalized strategic report. The email is used exclusively to deliver the report.
- Automated Process: the service uses scraping algorithms and Artificial Intelligence (Google Gemini) to evaluate site content.
- Sharing: public site data and provided context are processed by Google servers (Gemini API) which do not use them to train their public models (Enterprise API policy).
G) AI Tools - Client-Relay Architecture
The tools in the "AI Tools" section operate with a technical architecture defined as "Client-Relay" or "Stateless".
- No Storage (No Logs): the server acts exclusively as a technical bridge. We do not save, store, or retain prompts or generated responses in databases. Data resides in volatile memory (RAM) only for the milliseconds required for processing.
- API Key Management (BYOK): if required, your API Key is saved exclusively in your device's Local Storage. It is sent encrypted to the AI provider only at the time of the request and is never saved on our servers.
- AI Sub-processors: by using the tools, you accept that data entered into prompts is transmitted to language model providers: OpenAI, Google (Gemini), Anthropic (Claude), and Perplexity.
- Responsibility: the user is solely responsible for the data entered. We advise against entering sensitive personal, health, or financial data into prompts.
3. Extended Cookie Policy
This Site uses cookies and similar technologies divided into three categories, manageable via the banner or settings button (bottom left).
| Category | Purpose & Details | Providers / Examples | Consent |
|---|---|---|---|
| Technical & AI (Essential) | Necessary for navigation, security, and preferences (language). Includes technical data transmission to AI providers (Client-Relay) required to provide the requested service. | LocalStorage, NEXT_LOCALE, OpenAI/Gemini (Transient) | Not Required |
| Analytics | Anonymous statistical analysis of traffic and site performance. | Google Analytics 4, Microsoft Clarity, Vercel | Required (Opt-in) |
| Marketing | Used for advanced features (e.g., video, social) and building interest profiles (if enabled). | Google Signals (GA4), YouTube, LinkedIn | Required (Opt-in) |
Consent Management (Consent Mode v2): Upon first access, non-essential cookies are blocked by default. You can modify your choices at any time by clicking the "Cookie" icon at the bottom left.
4. Terms of Use & Liability Disclaimer
⚠️Important AI Disclaimer
The services provided on this Site (including Chatbots, Audits, and AI Tools) are provided "as is" for demonstrative and informational purposes only.
Assumption of Risk: by using the tools, you acknowledge that responses are generated by Artificial Intelligence systems and may contain inaccuracies, errors, or "hallucinations." Fabrizio Mazzei assumes no responsibility for business, legal, financial, or medical decisions made solely based on the outputs generated by this site. The user is solely responsible for verifying the information.
5. Data Recipients (Third Parties)
To provide the services described above, we use selected technical providers acting as Data Processors or independent Controllers:
- Vercel Inc. (Hosting and server infrastructure) - USA.
- Google Ireland Ltd. (Analytics, Calendar, Meet, Gemini AI, Sheets) - Ireland/USA.
- OpenAI, L.L.C. (GPT Models) - USA.
- Anthropic, PBC (Claude Models) - USA.
- Perplexity AI, Inc. (AI Search Engine) - USA.
- Microsoft Corporation (Clarity Analytics) - USA.
- Email SMTP Provider (for sending audit reports).
Data transfer to the USA takes place on the basis of Standard Contractual Clauses (SCC) or the Data Privacy Framework (where applicable), ensuring adequate protection levels.
6. Rights of the Data Subject
Under the GDPR (Arts. 15-22), you have the right at any time to:
- Request confirmation of the existence of your data.
- Know its content, origin, and processing methods.
- Request updates, rectification, or integration.
- Request deletion (right to be forgotten), transformation into anonymous form, or blocking of data processed in violation of the law.
- Object in whole or in part to processing for legitimate reasons.
To exercise these rights, contact the Controller at: hello@fabriziomazzei.it.