Privacy Policy
Last updated: February 26, 2026
1. Data Controller
Ferro is developed and operated by an individual developer based in Italy. For any questions regarding data protection, you can contact us at: ferroai@gmail.com
This privacy policy is provided in accordance with Art. 13 of EU Regulation 2016/679 (General Data Protection Regulation — GDPR).
2. What Data We Collect
2.1 Website (ferroai.app)
- Contact form submissions: name, email address, and message content — collected only when you voluntarily submit the contact form.
- No cookies: this website does not use cookies or any tracking technologies.
- No analytics: we do not use Google Analytics, Meta Pixel, or any third-party analytics services.
- Fonts: all fonts are self-hosted. No requests are made to external font services.
2.2 iOS App (Ferro)
- Local-first architecture: all timer data, preferences, and settings are stored locally on your device. We do not have access to this data.
- AI text processing: when you use voice or text input to create timers, your text input is sent to a third-party AI service (via a secure proxy) for natural language processing. The text is processed in real-time and is not stored by us or the third-party service beyond the duration of the request.
- No account required: Ferro does not require you to create an account or provide any personal information to use the app.
- Subscriptions: if you subscribe to Ferro Premium, billing is handled entirely by Apple through the App Store. We do not collect or have access to your payment information.
3. Purpose & Legal Basis
| Data | Purpose | Legal Basis |
|---|---|---|
| Contact form data | Respond to your inquiry | Consent (Art. 6(1)(a) GDPR) |
| AI text input | Process natural language to create timers | Legitimate interest (Art. 6(1)(f) GDPR) |
4. Data Sharing & Transfers
- Hosting: this website is hosted on Vercel (Vercel Inc., San Francisco, CA, USA). Vercel may process server logs containing IP addresses. Vercel complies with GDPR and provides data processing agreements.
- AI processing: text input in the app is processed via a secure proxy through a third-party AI service. Data is processed transiently and not stored.
- We do not sell, rent, or share your personal data with third parties for marketing purposes.
5. Data Retention
- Contact form data: retained for as long as necessary to respond to your inquiry, and then deleted. Maximum retention: 12 months.
- AI text input: processed in real-time and not stored.
- App data: stored locally on your device. Deleted when you delete the app.
6. Your Rights
Under the GDPR, you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate personal data
- Erase your personal data ("right to be forgotten")
- Restrict processing of your personal data
- Data portability — receive your data in a structured, machine-readable format
- Object to processing based on legitimate interest
- Withdraw consent at any time, without affecting the lawfulness of processing before withdrawal
To exercise any of these rights, contact us at ferroai@gmail.com.
7. Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Italian Data Protection Authority:
Garante per la protezione dei dati personali
Piazza Venezia 11, 00187 Roma, Italy
Website: www.garanteprivacy.it
Email: garante@gpdp.it
8. Changes to This Policy
We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.