BI JediHome

Privacy Policy

Last updated: 06/04/2026

This Privacy Policy describes how BI Jedi (“we”, “us”, or “BI Jedi”) collects, uses, and protects the personal data of users (“User” or “you”) who access and use the BI Jedi platform and related services (the “Service”).

Processing of personal data is carried out in full compliance with Regulation (EU) 2016/679 (GDPR) and applicable data protection laws.

1. Data Controller

The data controller is: BI Jedi, Piazza di Cestello 10, Florence, Italy – VAT: IT07527230481 – Contact email: [email protected]

2. Data We Collect

When you use BI Jedi, we collect the following categories of data:

  • Registration and account data: First name, last name, email address, encrypted password, and billing data required to manage your subscription.
  • Database connection data: Encrypted credentials (host, username, password, port) needed to connect to your external databases (MySQL, PostgreSQL, Oracle, SQL Server) or for FTP/SFTP access.
  • Data processed by the Service (your database): Data residing in databases you authorize us to access. Important: Your business data is processed solely to generate responses to your queries and to populate the Datawarehouse (if you use the relevant plan).
  • Browsing and usage data: IP addresses, system logs, query timestamps, and information about the device used to access the Service.

3. Purposes of Processing

Data is processed exclusively for the following purposes:

  1. Provision of the Service: Enabling database connections, running queries via Artificial Intelligence, and generating widgets and reports.
  2. Datawarehouse management: (For users on the relevant plan) Extracting, transforming, and loading (ETL) data according to your instructions and cron jobs.
  3. Billing and administration: Managing payments and tax obligations.
  4. Security: Preventing fraud, abuse, or unauthorized access to our infrastructure.

4. Zero AI Training (No training commitment)

BI Jedi formally commits that no business data, database schemas, or chat content will ever be used to train Artificial Intelligence models (whether proprietary or third-party). AI is used solely as a “translation engine” (from natural language to queries) in isolated environments.

5. How and Where We Process Data

Processing is carried out using electronic and telematic tools, with logic strictly related to the purposes above. BI Jedi’s infrastructure is hosted on Amazon AWS with servers located in the European Union (e.g. Frankfurt/Milan), supporting compliance with European requirements. Your Datawarehouse is subject to strict tenant isolation.

6. Data Retention

  • Account and billing data are kept for the duration of the subscription and for 5 years thereafter where required by law.
  • Data copied to the Datawarehouse is deleted when the account is closed or upon explicit request from the User.
  • External database access credentials can be revoked and deleted by the User at any time from the dashboard.

7. Your Rights (GDPR Articles 15–22)

You have the right to:

  • Access your personal data.
  • Request rectification or erasure (right to be forgotten).
  • Restrict or object to processing.
  • Request data portability.

To exercise these rights, contact us at [email protected].

8. Changes to This Policy

We may update this Privacy Policy. We will inform you of any material changes by email or through a clear notice on the platform.

9. Data protection officer (DPO) and representation

No Data Protection Officer has been appointed, as the conditions of Article 37 GDPR are not met for our current processing activities. The controller is established in the European Union (Italy); no separate EU representative under Article 27 GDPR has been designated.

10. Recipients and third parties

Data may be processed by authorized BI Jedi staff and by processors under Article 28 GDPR, including Amazon Web Services (AWS) for cloud hosting (AWS privacy) and a form relay provider for the public website contact form, limited to data you submit in that form. An up-to-date list of processors can be requested at [email protected].

11. Marketing and forms

Where marketing is based on consent, you may withdraw consent at any time using the instructions in each message or by contacting [email protected]. Forms collect only the data needed for the purposes stated on the form and in any linked short notice.

12. Cookie consent records (public website)

Cookie preferences on the public site are stored on your device (localStorage) and can be exported as JSON from Cookie preferences, including policy version and timestamp, to document your choice.