Borderless Translation · Piazza Bra 28, 37121 Verona, Italy
Borderless Translation ("Borderless", "we", "us") protects personal data processed through borderlesstranslation.com ("Website") and in the course of delivering translation services. This Privacy Policy describes our data practices under the General Data Protection Regulation (GDPR — Regulation (EU) 2016/679) and Italian data protection legislation (D.Lgs. 196/2003 as amended by D.Lgs. 101/2018). This policy covers data collected via our Website, email, project management platforms, and payment systems.
Borderless Translation, Piazza Bra 28, 37121 Verona, Italy. Email: hello@borderlesstranslation.com. Phone: +39 045 802 3167. All data protection queries answered within 30 calendar days per GDPR Article 12.
3.1 Contact Data: Name, email, phone, company, project details submitted through our forms or email correspondence. Collected directly from you for the purpose of responding to enquiries and delivering services.
3.2 Source Materials: Documents and files submitted for translation. These frequently contain third-party personal data (names in legal documents, patient identifiers in medical records, employee details in HR materials). Such data is processed exclusively for the purpose of translation, under strict confidentiality obligations binding on all linguists and staff.
3.3 Payment Data: Payment is processed by Stripe, Inc. (PCI DSS Level 1). Borderless does not collect, process, or store credit or debit card details. Stripe collects name, email, billing address, and card details directly. See Stripe's Privacy Policy at stripe.com/privacy.
3.4 Analytics: We use Plausible Analytics (EU-hosted, cookie-free). No personal data is collected or stored by our analytics service. We receive only aggregate, anonymous traffic statistics.
3.5 Communication Records: Email correspondence and project communications retained for service delivery, quality assurance, and dispute resolution purposes.
Translation projects routinely involve documents containing sensitive personal data: medical records, court proceedings, immigration status, financial information. We process this data solely for the purpose of providing translation services, relying on GDPR Article 9(2)(f) (establishment or defence of legal claims) and/or the explicit consent of the data subject as communicated through our client. All linguists handling sensitive documents are bound by confidentiality agreements, professional codes of conduct, and, where applicable, healthcare or legal professional obligations.
(a) Responding to enquiries, providing quotes — pre-contractual steps, Art. 6(1)(b). (b) Delivering translation services — contract performance, Art. 6(1)(b). (c) Payment processing via Stripe — contract, Art. 6(1)(b). (d) Maintaining translation memories and glossaries — legitimate interest in service quality and client benefit, Art. 6(1)(f). (e) Anonymous website analytics — legitimate interest, Art. 6(1)(f). (f) Italian fiscal record-keeping — legal obligation, Art. 6(1)(c). (g) Marketing communications — explicit consent, Art. 6(1)(a), withdrawable at any time.
We share data only with: Freelance linguists (NDA-bound, receiving only the source material necessary for their assignment, with data processing agreements in place); Stripe, Inc. (payment, US-based, EU SCCs); Plausible Analytics (EU-hosted, no personal data); Hosting provider (EU-based); Italian authorities as legally required. Data is never sold, rented, or traded.
When translators are based outside the EEA, transfers are protected by Standard Contractual Clauses (Commission Decision 2021/914) and supplementary measures per the Schrems II ruling. All non-EEA linguists are contractually bound to equivalent data protection standards. Source materials containing sensitive data are transmitted via encrypted channels with access logging.
Contact enquiries: 3 years from last interaction. Source materials: deleted 90 days after project completion unless client requests extended retention. Translation memories: retained indefinitely (contain linguistic data, not personal data). Payment/invoicing records: 10 years (Italian fiscal law, Art. 2220 Civil Code). Project files: 12 months for QA, then permanently deleted. Communication records: 3 years.
You have the right to: access your data (Art. 15), rectify inaccuracies (Art. 16), request erasure (Art. 17, subject to legal retention), restrict processing (Art. 18), data portability (Art. 20), object to processing (Art. 21), and withdraw consent where applicable. Contact: hello@borderlesstranslation.com, subject "Data Rights Request". Complaints: Garante per la protezione dei dati personali, Piazza Venezia 11, 00187 Roma, Italy (garanteprivacy.it).
TLS/SSL encryption on all transmissions, 2FA on all internal systems, encrypted file transfer for source materials, NDAs with all linguists, role-based access controls, encrypted EU-hosted backups, regular vulnerability assessments, secure deletion protocols for completed projects. Updated: March 2026.