Public legal
Privacy
GDPR privacy notice for DossierCFO controlled B2B access.
Privacy
Last updated: 9 June 2026. Effective date: 9 June 2026.
DossierCFO processes accounting documents, workspace metadata, and generated outputs to prepare verifiable financial dossiers. The service is operated by Focus Digital S.r.l. and is currently offered as controlled B2B access with manual AI enablement and no public checkout.
Controller and contacts
Controller for Focus Digital's own processing activities:
- Focus Digital S.r.l.
- Tax code / VAT number: 13860890964
- Registered office: Via Paolo Sarpi 21, 20154 Milano (MI), Italy
- Operating office: Via Fabio Filzi 33, 20124 Milano (MI), Italy
- Email: info@focus-digital.it
- Phone: +39 02.800.16.418
Use info@focus-digital.it for privacy, support, and security requests until dedicated role inboxes are published. Include the subject prefix Privacy, Support, or Security incident so the request can be routed. DPO/RPD contact details are not published for DossierCFO at this stage; privacy requests remain routed through the controller contact above.
Controller and processor roles
Focus Digital is normally an independent controller for account administration, access enablement, security, logs, support, service communications, and website/app operation.
When a business customer uploads workspace documents and Focus Digital processes those documents under that customer's instructions to provide DossierCFO, Focus Digital may act as processor under Article 28 GDPR. In that case, the customer's signed agreement or DPA controls if it conflicts with this public summary.
Data processed
- Account profile, email verification state, language preference, and access status.
- Case, document, analysis, evidence task, report, export, and audit metadata.
- Documents uploaded by users or through evidence request links.
- Extracted text, normalized accounting facts, KPI values, scores, review notes, report sections, and generated outputs to prepare verifiable financial dossiers.
- Support messages and sanitized operational metadata needed to resolve issues.
- Technical logs, request metadata, security events, and abuse-prevention signals.
- Pseudonymous Terms and Privacy acceptance records, including accepted versions, locale, app URL, source, and timestamp.
DossierCFO is not designed for special-category data, criminal-offence data, or unnecessary personal data. Business documents can still contain names, tax identifiers, payroll, bank details, shareholder details, or other personal data. Users must upload only documents they are allowed to process and should avoid unnecessary sensitive data.
Purposes and legal bases
| Purpose | Legal basis |
| ------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------- |
| Account creation, authentication, email verification, and workspace access | Contract performance and legitimate interest in secure access |
| Providing DossierCFO workflows, document processing, reports, and export state | Contract performance; for customer workspace content, customer instructions under the DPA |
| Manual AI access enablement, abuse prevention, rate limits, and service safety | Legitimate interest in operating a controlled B2B service |
| Support, incident handling, and service communications | Contract performance and legitimate interest |
| Security logs, audit events, infrastructure protection, and legal defence | Legitimate interest and legal obligations |
| Accounting, tax, corporate, and administrative records where applicable | Legal obligation |
| Optional marketing communications, if introduced | Consent or another lawful basis permitted by law with opt-out |
AI and OCR boundary
Files selected before sign-in stay in the browser session only until sign-in resumes upload. Closing the tab or clearing browser storage can require reselecting them.
After authentication and a clean scan, scanned PDFs and images may be sent to OCR-assisted extraction as raw files for text/layout extraction. Text sent to the analysis AI is redacted first; OCR-derived values feed outputs only after source mapping, completeness, confidence, and review checks pass.
Unless separately agreed or disclosed, DossierCFO does not make solely automated decisions that produce legal or similarly significant effects on individuals. AI outputs are informational support for qualified users. They are not accounting, tax, legal, investment, lending, audit, M&A, insolvency, or restructuring advice.
Production AI/OCR provider routes and subprocessors are listed in the subprocessor register and AI data processing page.
Cookies and local storage
DossierCFO uses strictly necessary cookies, local storage, and session storage for authentication, language, theme preference, security, and protected upload continuity. Non-essential marketing trackers are disabled and must not be enabled before the Cookie page and privacy review are updated.
Recipients and subprocessors
Data may be processed by authorised Focus Digital personnel, infrastructure providers, backend/database/storage providers, authentication providers, transactional email providers, AI/OCR route providers, support/security providers, and professional advisers where needed.
The current production subprocessor register is published at Subprocessors. Adding a subprocessor, enabling marketing tracking, or changing the AI/OCR route requires a docs update and privacy review before live customer use.
Transfers outside the EEA
If personal data is transferred outside the European Economic Area, Focus Digital relies on appropriate GDPR transfer safeguards such as adequacy decisions, the EU-US Data Privacy Framework for certified organisations, Standard Contractual Clauses, supplementary measures, or another valid transfer basis.
Retention and deletion
Account deletion has a 30-day grace period. When deletion completes, DossierCFO removes account profile, upload intents, cases, analyses, documents, generated report/export metadata, report export files, evidence-request links, AI thread metadata, and account-linked audit events from the app tables, subject to backup cycles, legal hold, security, and mandatory retention exceptions.
Google-managed accounts without an app password use a support-assisted flow.
Pseudonymous legal acceptance records may be retained where needed to document contract formation, legal compliance, or legal defence.
The account export includes profile, case, document, analysis, upload, and audit metadata. It does not embed raw file binaries, raw OCR text, raw extracted document text, source-span raw text, or provider prompts.
Data subject rights
Where provided by GDPR, data subjects may request access, rectification, erasure, restriction, portability, objection, withdrawal of consent, objection to direct marketing, and protection from solely automated decisions with legal or similarly significant effects.
Send requests to info@focus-digital.it with subject prefix Privacy. Focus Digital may request information to verify identity and, where it acts as processor, may direct the request to the customer controller.
Security and support access
Support should use case, analysis, document, export IDs, and sanitized error categories. Raw document content should not be requested or copied into unapproved channels.
Complaints
You may lodge a complaint with the Italian Data Protection Authority, Garante per la protezione dei dati personali, at https://www.garanteprivacy.it/, or with another competent EU supervisory authority.