Privacy Policy

Last updated:

1. Who we are

Barrel S.r.l ("Barrel", "we", "us") is the data controller responsible for your personal data. Our registered address is:

Barrel S.r.l
Galleria delle Porte Contarine, 4
35137 Padova (PD) Italy
Email: info@barrel.digital
Phone: +39 389 445 0080

2. Personal data we process

We may collect and process the following categories of personal data:

  • Identification and contact data: name, email address, phone number, organization details
  • Account and authentication data: login credentials, hashed passwords, user roles and permissions
  • Usage data: pages viewed, features used, session duration, device and browser information, IP address
  • Order and support data: support requests, download history, technical assistance tickets
  • Marketing preferences: newsletter subscriptions and communication preferences (opt-in only)

3. Purpose and legal bases (GDPR Art. 6)

We process your personal data for the following purposes and on the following legal bases:

Service provision and security

Legal basis: Performance of contract, legitimate interest
To provide and secure our solar configurator and portal services, maintain system functionality, and protect against fraud and abuse.

Authentication and access control

Legal basis: Performance of contract
To manage user accounts, authenticate portal access, and provide role-based permissions to technical documentation and resources.

Customer support and downloads

Legal basis: Performance of contract
To respond to support requests, provide technical assistance, and enable downloads of manuals and resources.

Usage analytics and improvement

Legal basis: Legitimate interest (with privacy safeguards)
To analyze how our services are used and improve functionality, user experience, and system performance.

Marketing communications

Legal basis: Consent (opt-in only)
To send newsletters, product updates, and relevant information about solar energy solutions. You can withdraw consent at any time.

Legal compliance

Legal basis: Legal obligation
To comply with applicable laws, regulations, and legal processes.

4. Data retention

We keep your personal data only as long as necessary for the purposes outlined above and to comply with our legal obligations. After this period, we will delete or anonymize your data. Specific retention periods may vary based on the type of data and applicable legal requirements.

5. Sharing and processors

We may share your personal data with trusted service providers who help us operate our services, including:

  • Cloud hosting and infrastructure providers
  • Data storage and backup services
  • Analytics and monitoring services
  • Email delivery services
  • Customer support platforms

All processors are bound by data processing agreements that ensure appropriate protection of your data.We do not sell your personal data to third parties.

6. International transfers

If your personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or other adequate protection measures.

7. Your rights (GDPR)

Under the General Data Protection Regulation, you have the following rights:

Right of Access

Request information about your personal data we process

Right of Rectification

Request correction of inaccurate personal data

Right of Erasure

Request deletion of your personal data

Right of Restriction

Request limitation of processing activities

Right of Portability

Request your data in a structured, machine-readable format

Right of Objection

Object to processing based on legitimate interest or for marketing

To exercise any of these rights, please contact us at info@barrel.digital.

8. Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Role-based access controls and authentication
  • Regular security monitoring and vulnerability assessments
  • Staff training on data protection and security practices
  • Incident response and breach notification procedures

While we strive to protect your data using industry-standard security measures, no method of transmission or storage is 100% secure. We maintain appropriate safeguards proportional to the risks involved.

9. Cookies and similar technologies

We use cookies and similar technologies to enhance your browsing experience and analyze usage patterns. For detailed information about our cookie practices and your choices, please see our Cookies Policy.

10. Contact and complaints

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local Data Protection Authority.

11. Changes to this notice

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make significant changes, we will notify you through our website or other appropriate communication methods. The "Last updated" date at the top of this policy will always reflect the most recent version.