Privacy Policy
AuthenGene S.r.l.
Effective Date: 02/19/2026
1. Controller Information
AuthenGene S.r.l.
Registered Office: 20121, 59 Foro Buonaparte, Milan
Email: connect@authengene.com
Website: https://authengene.com
AuthenGene S.r.l. ("AuthenGene", "we", "us") acts as Data Controller for personal data processed in connection with our genomic wine authentication services, producer-specific genomic reference generation, scientific reporting, and related digital platform.
2. Scope
This Privacy Policy applies to:
- Visitors of our website
- Customers using our genomic wine authentication services
- Users creating platform accounts
- Individuals submitting wine samples by mail or courier
- Producer representatives participating in vineyard reference collection
- Business contacts involved in orders, logistics, producer coordination, payment, reporting, or support
Our services include genomic wine authentication, producer-specific genomic reference generation, vineyard reference management, scientific reporting, and related verification activities involving agricultural products. We do not process human genetic data.
3. Categories of Personal Data
Identity and Contact Data
- Name and surname
- Company name
- Business role or title
- Email address
- Phone number
- Billing and shipping address
- VAT / Tax ID
Account, Order and Commercial Data
- Login credentials
- Quotation requests
- Order history
- Project references
- Invoices and payment records
- Contractual records and accepted Terms of Service
- Customer communications and support records
Sample Submission and Logistics Data
- Wine sample identifiers
- Declared varietal, producer, vineyard, and origin information
- Shipping and tracking information
- Customs documentation and shipment-related records
- Sample receipt and chain-of-custody records
Producer and Vineyard Reference Data
- Producer identity and business contact information
- Vineyard identifiers and reference sample metadata
- Sampling records and project reference information
- Chain-of-custody information relating to authenticated vineyard material
- Location or vineyard information where necessary for the requested service
Scientific and Report Data
- Authentication reports and scientific assessments
- Digital certificates
- Laboratory and sequencing metadata
- Bioinformatic analysis records
- Genomic information relating to agricultural products and vineyard reference material
Technical Data
- IP address and server logs
- Session identifiers
- Device and browser information where necessary for security and platform functionality
4. Legal Basis (GDPR Art. 6)
- Contract performance and pre-contractual measures, including quotation requests, order processing, service delivery, and report issuance
- Legal obligations, including tax, accounting, invoicing, customs, and regulatory compliance
- Legitimate interest, including fraud prevention, service security, producer coordination, quality assurance, scientific validation, service improvement, and protection of legal rights
- Consent where required by law
5. Purpose of Processing
- Provision of genomic wine authentication services
- Producer participation management
- Vineyard reference generation and maintenance
- Creation and maintenance of genomic reference databases
- Sample logistics, customs coordination, and project administration
- Processing laboratory analyses and delivering reports
- Billing, invoicing, payment administration, and compliance
- Account management and customer support
- Service security and fraud prevention
- Quality assurance and improvement of verification methodologies
6. Cookies and Web Monitoring
We use only essential cookies strictly necessary for session control and secure authentication.
- No analytics cookies
- No tracking cookies
- No behavioral profiling
- No third-party monitoring services
- No marketing pixels
We do not use Google Analytics or any third-party web monitoring services.
Session cookies expire automatically and are used exclusively for secure login and platform functionality.
7. Data Sharing
We do not sell, rent, share, or disclose personal data for marketing purposes.
Personal data is not provided to third-party marketing companies or advertising platforms.
Data may be shared only with service providers or recipients reasonably necessary for the requested services, including:
- Laboratory, DNA extraction, sample preparation, and sequencing partners
- Couriers, logistics providers, customs brokers, and customs authorities
- Payment service providers for transaction processing
- Cloud infrastructure, data hosting, software, and security providers
- Professional advisors, including legal, tax, accounting, and compliance advisors
- Legal, regulatory, customs, or governmental authorities where required by law
8. International Compliance
European Union (GDPR)
Data processing complies with Regulation (EU) 2016/679.
United States (including California CPRA/CCPA)
We do not sell personal information. California residents may request access, correction, or deletion of personal information.
Japan (APPI)
Personal data of individuals located in Japan is processed in accordance with the Act on the Protection of Personal Information.
China (PIPL)
For individuals located in the People’s Republic of China, personal data processing is limited to necessary contractual purposes and conducted with appropriate safeguards.
9. International Transfers
In order to provide international genomic authentication services, personal data and project-related information may be transferred to service providers located outside the European Economic Area (EEA).
Where such transfers occur, AuthenGene implements appropriate safeguards as required under applicable data protection laws, including the General Data Protection Regulation (GDPR).
Transfers are limited to those reasonably necessary for provision of the requested services, including payment processing, logistics, customs coordination, laboratory services, cloud infrastructure, customer support, and scientific analysis.
10. Data Retention
- Accounting and tax records: 10 years
- Contractual documentation: 10 years
- Order and payment records: 10 years
- Customer account data: until account deletion plus applicable statutory retention periods
- Scientific reports and verification assessments: retained as necessary for contractual, legal, quality assurance, and business purposes
- Authenticated vineyard reference records and associated project metadata: retained for operation of AuthenGene verification services, quality assurance, database maintenance, scientific validation, and future verification projects unless otherwise required by law
- Server logs: retained for security and operational purposes for limited periods
11. Data Security
- Encrypted transmission (TLS)
- Access controls
- Separation of laboratory, identity, order, and project data where appropriate
- Secure infrastructure management
- Use of specialized service providers where necessary for secure processing
12. Data Subject Rights
Depending on jurisdiction, individuals may request:
- Access to personal data
- Correction
- Deletion
- Restriction of processing
- Data portability
- Objection to processing where applicable
- Withdrawal of consent where processing is based on consent
Requests may be sent to: connect@authengene.com
13. Children
Our services are business-oriented and not directed to minors.
14. Updates
This Privacy Policy may be updated periodically. The updated version will be published on this page with a revised effective date.