Privacy Policy
Privacy Policy
Last updated: April 28, 2026
This Privacy Policy explains how CO-ON processes personal data in connection with the website https://www.co-on.it, business communications, consulting activities, and solution assets made available through Databricks Marketplace or other business channels.
1. Data Controller
The data controller is:
CO-ON / Virginia Appella
VAT No.: 04115490361
Registered or business address: Via le Lame 3 Montefiorino 41045 Modena
Modena, Italy
Email: info@co-on.it
Phone: +39 328 8212674
CO-ON has not appointed a Data Protection Officer. Privacy requests can be sent to `info@co-on.it`.
2. Scope
This Policy applies to:
- visitors of `https://www.co-on.it`;
- prospects, customers, partners, and suppliers who contact CO-ON;
- users and organizations that evaluate, request, access, or use CO-ON solution assets through Databricks Marketplace;
- individuals whose personal data may be included in business communications, support requests, or project documentation shared with CO-ON.
CO-ON's Databricks Marketplace assets are intended for business users and are designed to support structured data foundations, process analysis, process optimization, AI-assisted workflows, and agentic AI use cases. Unless expressly stated otherwise in a specific listing or agreement, CO-ON does not require customers to provide personal data in order to evaluate Marketplace assets.
3. Categories of Personal Data Processed
Depending on the interaction, CO-ON may process the following categories of personal data:
- identification and contact data, such as name, surname, business email address, phone number, company name, role, and country;
- information submitted through website forms, email, WhatsApp, video calls, demos, or other business communications;
- business relationship data, such as requests, proposals, support tickets, meeting notes, commercial preferences, and project requirements;
- billing and administrative data necessary to issue invoices, manage accounting, and comply with legal obligations;
- technical and usage data related to the website, such as IP address, browser type, device information, pages visited, timestamps, cookie identifiers, and similar data where applicable;
- Databricks Marketplace interaction data that may be shared by Databricks with CO-ON in connection with a listing, such as organization details, user contact details, access requests, support requests, and listing usage information;
- business process information voluntarily provided by customers for analysis, configuration, optimization, or support purposes.
CO-ON does not intentionally collect special categories of personal data, such as health data, biometric data, political opinions, religious beliefs, trade union membership, or other sensitive personal data. Customers and users must not submit such data unless a specific written agreement and appropriate legal basis are in place.
4. Purposes and Legal Bases
CO-ON processes personal data for the following purposes:
1. Responding to requests and managing pre-contractual communications.
Legal basis: performance of pre-contractual measures requested by the data subject or legitimate interest in responding to business inquiries.
2. Providing consulting, configuration, training, support, and process optimization services.
Legal basis: performance of a contract or pre-contractual measures.
3. Providing, maintaining, documenting, and supporting Databricks Marketplace solution assets.
Legal basis: performance of a contract, pre-contractual measures, and legitimate interest in operating and improving business-to-business solution assets.
4. Managing commercial relationships, proposals, demonstrations, and follow-up communications.
Legal basis: legitimate interest in developing and managing business relationships, unless consent is required by applicable law.
5. Sending marketing communications, newsletters, or updates about CO-ON services and solution assets.
Legal basis: consent, where required. Consent can be withdrawn at any time.
6. Managing billing, accounting, tax, administrative, and legal obligations.
Legal basis: compliance with legal obligations.
7. Protecting security, preventing misuse, debugging issues, and preserving evidence in case of disputes.
Legal basis: legitimate interest in protecting CO-ON, its customers, its systems, and its legal rights.
8. Improving CO-ON methodologies, documentation, and reusable solution patterns.
Legal basis: legitimate interest, provided that personal data is minimized, anonymized, or aggregated whenever reasonably possible.
CO-ON does not use personal data to make decisions based solely on automated processing that produce legal effects or similarly significant effects on individuals.
5. Databricks Marketplace and Customer Data
CO-ON may publish solution accelerators, notebooks, templates, workflows, AI agents, MCP servers, models, or related documentation on Databricks Marketplace.
Unless expressly stated otherwise in a listing:
- CO-ON Marketplace assets are designed not to include personal data;
- sample data should be synthetic, anonymized, aggregated, or otherwise non-personal;
- customers remain responsible for the data they upload, process, or connect inside their own Databricks environment;
- CO-ON does not access customer Databricks workspaces, datasets, logs, or production data unless the customer grants access under a separate written agreement;
- if CO-ON processes personal data on behalf of a customer, the parties will define the applicable roles and, where required, enter into a data processing agreement.
AI agents and process optimization tools supplied by CO-ON are intended to support analysis and decision-making. They should not be used as the sole basis for decisions that have legal, financial, employment, health, or similarly significant effects on individuals without appropriate human review, governance, and validation.
6. Sources of Personal Data
CO-ON may collect personal data:
- directly from the individual or organization contacting CO-ON;
- through website forms, email, phone, WhatsApp, video calls, or business meetings;
- from Databricks in connection with Marketplace listings, access requests, usage data, or support interactions;
- from customers, partners, suppliers, or publicly available professional sources, where permitted by law.
7. Recipients and Processors
Personal data may be disclosed to or processed by:
- website hosting, CMS, and infrastructure providers;
- email, collaboration, calendar, video call, and productivity service providers;
- Databricks, where necessary in connection with Marketplace listings and platform interactions;
- accounting, tax, legal, and professional advisors;
- cloud, security, backup, and IT support providers;
- public authorities, courts, law enforcement, or regulators where required by law.
CO-ON selects service providers that provide appropriate technical, organizational, and contractual safeguards.
8. International Transfers
Some service providers may process personal data outside the European Economic Area. Where this occurs, CO-ON relies on appropriate safeguards under the GDPR, such as adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms.
9. Retention Periods
CO-ON keeps personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, and contractual requirements.
Indicative retention periods are:
- contact and pre-sales requests: up to 24 months from the last meaningful interaction;
- customer, contract, billing, and accounting records: for the period required by applicable tax and accounting laws, generally up to 10 years;
- support and project communications: for the duration of the relationship and up to 5 years thereafter, unless a longer period is necessary to protect legal rights;
- marketing data: until consent is withdrawn or the data is no longer reasonably relevant;
- technical logs and cookie data: for the period required for security, analytics, or cookie management purposes.
Where possible, CO-ON anonymizes or aggregates data used for internal analysis or methodology improvement.
10. Cookies and Similar Technologies
The website may use technical cookies required for the operation of the site and, where enabled, analytics or third-party cookies. Users can manage cookies through the website banner or browser settings, where applicable.
If analytics, advertising, embedded content, or third-party tracking tools are enabled on the website, CO-ON will provide the information and consent mechanisms required by applicable law.
11. Data Subject Rights
Under the GDPR, individuals may have the right to:
- access their personal data;
- request rectification of inaccurate or incomplete data;
- request erasure of personal data, where applicable;
- request restriction of processing;
- object to processing based on legitimate interests;
- request data portability, where applicable;
- withdraw consent at any time where processing is based on consent;
- lodge a complaint with a supervisory authority.
In Italy, complaints may be submitted to the Garante per la protezione dei dati personali: `https://www.garanteprivacy.it`.
Requests can be sent to `info@co-on.it`. CO-ON may need to verify the identity of the requester before responding.
12. Security
CO-ON applies reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include access controls, authentication, secure configuration, backups, provider due diligence, and data minimization.
No method of transmission or storage is completely secure. Customers and users are responsible for using appropriate security measures in their own systems and Databricks environments.
13. Minors
CO-ON services and Databricks Marketplace assets are intended for business users and are not directed to minors. CO-ON does not knowingly collect personal data from minors.
14. Changes to This Policy
CO-ON may update this Privacy Policy to reflect changes in legal requirements, services, technologies, or business operations. The updated version will be published on the website with a new "Last updated" date.
15. Contact
For privacy questions or requests:
CO-ON / Virginia Appella
Email: info@co-on.it
Phone: +39 328 8212674
Website: `https://www.co-on.it`