FeaturesTutorialPricingFAQAccediStart Analysis
← Back to home

Privacy Policy

Last Updated: 02 April 2026

1. Introduction and Data Controller

This Privacy Policy governs the processing of personal data in connection with the use of the GetNearMe browser extension (the "Service"). This Policy is intended to comply with Regulation (EU) 2016/679 (GDPR), Italian Legislative Decree 196/2003 (Italian Privacy Code) as amended by Legislative Decree 101/2018, and Directive 2002/58/EC (ePrivacy Directive) regarding access to and storage of information on user terminal equipment.

Data Controller: Antonio Scirica acting commercially under the trade name "GetNearMe" Email: as.scirica@gmail.com

2. Nature of Data Processing

To ensure data minimization and strictly respect third-party intellectual property rights, the Service operates primarily as a local, client-side utility.

  • Local Processing: The analysis of real estate properties is performed dynamically within the User's browser. The Service does not index, or reproduce third-party databases on its own servers to create a competing search engine.
  • No Data Transfer for Aggregation: Content visible on the User's screen is processed temporarily in the browser's volatile memory and is not transmitted to the Controller's servers for permanent storage or aggregation.
  • Property-related data processed locally by the Service primarily relates to real estate objects and locations and does not typically constitute personal data of identifiable natural persons within the meaning of Article 4 GDPR.

3. Categories of Data Processed

We process only the data strictly necessary to deliver the Service, categorized by storage location:

3.1. Server-Side Data (Account & Technical Logs)

Our backend infrastructure processes limited metadata required for account management and security:

  • Identity Data: Email address and User ID (authenticated via Supabase) to manage your account and subscription.
  • Transactional Data: Subscription status, credit balance, and payment identifiers processed securely by Stripe (we do not store full credit card numbers).
  • Technical Service Logs: Technical service validation events confirming that a requested operation was successfully executed (used strictly for credit deduction and debugging), without storing listing content or attributes.
  • Security & Retention: IP addresses and technical logs are retained only for the limited period strictly necessary to fulfill their specific purpose (security monitoring, debugging, and service validation) and are periodically deleted in accordance with internal retention policies to comply with the principle of Storage Limitation (Art. 5(1)(e) GDPR).

3.2. Client-Side Data (Local Device Only)

To display comparisons and contextual insights, the Service processes the following data exclusively on your device:

  • Temporary Session Data: The Extension utilizes the browser's Local Storage API (chrome.storage.local) to temporarily cache limited factual data necessary for analysis visible on the page required for the User's requested analysis. This data remains sandboxed within your browser and is not accessible to the Controller.

This local storage is technically necessary for the functioning of the Service, is not used for tracking or advertising purposes, and remains sandboxed within the User's browser.

3.3. Voluntary Marketing Data

Only if you explicitly consent via a separate checkbox, we process your email address and limited activity metrics (such as daily usage streaks) to administer the optional Daily Bonus system and to send the Newsletter.

3.4. Team and Referral Data

If you use the Team or Referral features of the Service, we additionally process:

  • Team Data: Email address of invitees, team role (owner/member), team ID, and invitation status. Email addresses of unaccepted invitations are deleted after 7 days.
  • Referral Data: Referral code, email address of the inviting and invited user, referral status, and bonus credits awarded.

4. Third-Party Processors and Data Recipients

  • Infrastructure and Payments: We utilize Supabase (EU) for database hosting and authentication services, and Stripe (Global) for secure PCI-DSS compliant payment processing.
  • Transactional Emails: We use Resend (USA) as our email delivery provider for transactional emails (verification codes, team invitations, notifications).
  • Email Marketing: We use Brevo (Sendinblue, EU — France) for newsletter management and marketing communications, subject to User consent.
  • AI Description Analysis: If the User activates the listing description analysis feature, the description text is transmitted to Groq (USA) for automated quality assessment. No personal User data is included in the request.
  • Video Generation: If the User uses the social post video generation feature, listing text data (price, address, features) is transmitted to Remotion/AWS Lambda (EU — eu-central-1, Frankfurt) for video rendering. No listing photos are transmitted.
  • Maps and Routing: To calculate distances and travel times, the Service transmits approximate location coordinates to routing and mapping services.
  • Market Data & Valuations: Specific property location data may be cross-referenced with Public Market Data Sources to retrieve estimated market valuations.
  • Contextual Events & Activities: To display nearby activities, the Service queries Contextual Event & Activity Providers. These providers receive general location coordinates and dates to return relevant events; no User identity or personal browsing history is shared with them.
  • AI Image Processing: If the User voluntarily triggers the "Virtual Staging" feature by uploading their own photo, the image is transmitted transiently to Replicate (USA) solely for the generation of the requested content.

5. International Data Transfers

Some of our service providers operate in the United States (Resend, Groq, Replicate, Stripe). Such transfers are carried out on the basis of:

  • Standard Contractual Clauses (SCCs) approved by the European Commission under Art. 46(2)(c) GDPR.
  • EU-US Data Privacy Framework, where the provider is certified.
  • Supplementary technical (encryption in transit and at rest) and organizational safeguards implemented by the providers.

Transfers to Remotion/AWS occur within the EU (region eu-central-1, Frankfurt). Brevo and Supabase operate within the EU.

6. Legal Basis for Processing

In compliance with Article 6 of the GDPR, we process data based on the following grounds:

  • Performance of a Contract (Art. 6(1)(b)): For the core delivery of the analysis service, routing calculations, valuation estimates, account management, and processing payments.
  • Legitimate Interest (Art. 6(1)(f)): For ensuring the security of the Extension, preventing fraud (e.g., credit abuse), and maintaining platform integrity.
  • Explicit Consent (Art. 6(1)(a)): For optional features such as marketing communications, the Daily Bonus system, and AI-generated content.
  • Legal Obligation (Art. 6(1)(c)): For tax reporting and accounting compliance.

7. Data Retention Periods

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected:

  • Account data (email, user ID): for the duration of the account and deleted within 30 days of a deletion request.
  • Transactional data (payments, credits): retained for 10 years as required by Italian tax law (Art. 2220 Civil Code).
  • Technical logs and IP addresses: retained for a maximum of 90 days, then automatically deleted.
  • Marketing data (bonus emails, newsletter): retained until consent is withdrawn or the user unsubscribes.
  • Team data — unaccepted invitations: automatically deleted after 7 days.
  • Referral data: retained for the duration of the inviting user's account.
  • AI images (Virtual Staging): processed in real time and not stored by the Controller. AI providers (Replicate) delete images within 24 hours of processing.
  • AI description analysis: text is transmitted to Groq solely for the duration of processing and is not stored.

8. Automated Decision-Making and Profiling

Pursuant to Art. 22 of the GDPR, we inform you that the Service uses automated decision-making processes in the following features:

  • AI Description Analysis: The automated quality analysis of real estate descriptions generates a score from 1 to 10 using artificial intelligence models (Groq/LLaMA). This score is purely informational and does not produce legal effects or similarly significantly affect the User.
  • AI Virtual Staging: The generation of virtual furnishing images via AI (Replicate) occurs exclusively at the User's voluntary request and does not involve automated decisions with significant effects.

None of these features produce decisions based solely on automated processing that produce legal effects or similarly significantly affect the data subject. The User may in any case request human intervention by contacting as.scirica@gmail.com.

9. User Rights

Under Articles 15-22 of the GDPR, you have the right to:

  • Access (Art. 15): obtain confirmation of whether your personal data is being processed.
  • Rectification (Art. 16): obtain rectification of inaccurate personal data.
  • Erasure (Art. 17): obtain erasure of your data ("right to be forgotten").
  • Restriction (Art. 18): obtain restriction of processing.
  • Portability (Art. 20): receive your data in a structured, machine-readable format.
  • Objection (Art. 21): object to processing based on legitimate interest.
  • Withdrawal of consent: withdraw consent given for marketing or AI features at any time, without affecting the lawfulness of prior processing.

To exercise these rights, please contact: as.scirica@gmail.com.

You also have the right to lodge a complaint with the supervisory authority: Garante per la protezione dei dati personali Piazza Venezia 11 — 00187 Rome, Italy www.garanteprivacy.it Email: protocollo@gpdp.it

10. Changes to this Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes via the Extension interface or email.