Privacy Policy

1. Data Controller

Sanaitio is a brand of Trilenda SRL, a limited liability company (SRL) incorporated under Belgian law.
Registered office: Rue Clément Ader 10, 6041 Charleroi, Belgium
BCE/KBO: BE1028.924.134
For any privacy-related question, please use the contact form.

2. Scope

This Privacy Policy applies to all personal data processed by Trilenda SRL (operating under the Sanaitio brand) in connection with: (a) the sanaitio.com website; (b) our professional services (consulting for the development, validation, and deployment of AI-based medical devices); and (c) any other interaction with us.

3. Personal Data We Collect

3.1 Data you provide directly. Contact details, contract / billing information, and communication content.

3.2 Data collected automatically. Website usage data (IP, browser, pages visited, access times). See our Cookie Policy.

3.3 Data processed on behalf of clients. Governed by the Data Processing Agreement (DPA) with the client; we act as data processor.

4. Legal Basis for Processing

• Contract performance and pre-contractual steps: Art. 6(1)(b) GDPR.
• Sending invoices, managing payments: Art. 6(1)(b) GDPR.
• Responding to inquiries: Art. 6(1)(f) GDPR (legitimate interest).
• Compliance with legal obligations: Art. 6(1)(c) GDPR.
• Protecting our rights: Art. 6(1)(f) GDPR.

5. Data Retention

Contract-related data: 7 years post-contract. Communication data: 3 years. Client data as processor: per DPA.

6. Data Sharing

We do not sell personal data. Service providers (cloud hosting, accounting software, email) act as sub-processors under appropriate safeguards.

7. International Transfers

Data is primarily processed within the EEA. International transfers use SCCs or an adequacy decision.

8. Security

Appropriate technical and organisational measures including access controls, encryption, and regular security assessments.

9. Your Rights

Access, rectification, erasure, restriction, portability, objection, withdrawal of consent. Contact us via the contact form; we respond within 30 days.

10. Complaints

Belgian Data Protection Authority — Autorité de protection des données (APD)
Rue de la Presse 35, 1000 Bruxelles
www.autoriteprotectiondonnees.be

11. Changes

Material changes will be notified via this website.

Trilenda SRL · Rue Clément Ader 10, 6041 Charleroi · BCE/KBO: BE1028.924.134