Privacy Policy

Last updated: 22 April 2026

This Privacy Policy explains how ExportWinner AI processes personal data in connection with the platform, the website and related commercial or support activities.

1. Who we are

ExportWinner AI is a B2B SaaS workspace that helps users analyze export markets, generate buyer shortlists, create export plans, manage outreach workflows and produce reports.

The data controller for the processing described in this Privacy Policy is:

Gogodigital S.r.l.s.
P. IVA 12692491009
Via Nizza 59
00198 - Roma (RM)
Tel. 3293713607/8
E-mail: amministrazione@gogodigital.it

2. Personal data we process

• Account data: name, email address, workspace, authentication and billing status.
• Workspace data: searches, target markets, lead notes, saved client profiles, Buyer Rooms, follow-up tasks and meeting requests.
• Product and business data: store URLs, catalog text, uploaded files, product descriptions, country targets, geographic focus and commercial preferences.
• Generated content: AI-generated market strategies, compliance summaries, export cost estimates, action plans, pitch drafts, reports and prioritization notes.
• Technical data: IP address, browser data, logs, security events, timestamps and usage limits.
• Payment data: plan, subscription status and billing events handled through payment providers. We do not store full card numbers.

3. Why we process data

• To provide the SaaS service, run searches, score leads and generate reports.
• To create and maintain user accounts, workspaces and subscription access.
• To improve reliability, prevent abuse, debug errors and secure the platform.
• To send operational emails, password or login messages, billing notices and service updates.
• To comply with legal, accounting and tax obligations.

4. AI, search and third-party providers

ExportWinner may send product context, search terms, URLs, catalog excerpts, lead snippets and user instructions to AI, search, email, billing and infrastructure providers only as needed to deliver the service. Users should avoid uploading confidential information that they are not authorized to process through external providers.

5. Legal bases

For EU/EEA users, processing may rely on contract performance, legitimate interests, consent where required, and compliance with legal obligations. Optional marketing or analytics cookies, if introduced, require consent before activation.

6. Data retention

Account, workspace and billing records are retained while the account is active and for the period required for legal, tax, security or dispute purposes. Users may request deletion of their account and workspace data, subject to lawful retention obligations.

7. International transfers

Some providers may process data outside the user country or the EEA. Where required, we rely on appropriate safeguards such as standard contractual clauses, adequacy decisions or equivalent transfer mechanisms.

8. User rights

Depending on applicable law, users may request access, correction, deletion, restriction, portability or objection to processing. Users may also withdraw consent where processing is based on consent. Requests can be sent to amministrazione@gogodigital.it.

9. Security

We use technical and organizational measures designed to protect accounts and workspace data, including authentication, access control, logging and provider-level security controls. No system is completely secure, so users must protect their credentials and avoid uploading unnecessary sensitive data.

10. Changes

We may update this Privacy Policy when the product, providers or legal requirements change. Material changes will be communicated through the product or by email where appropriate.

11. Contact

For privacy-related questions, requests or notices, users can contact Gogodigital S.r.l.s. at amministrazione@gogodigital.it or by mail at Via Nizza 59, 00198 - Roma (RM), Italy.