Information regarding the processing of personal data pursuant to articles 13-14 of Reg. (EU) 2016/679 GDPR (General Data Protection Regulation) and of art. 13 of Legislative Decree 30 June 2003 n. 196 (Privacy Code).
Last revised: 26 September 2018
This website ("Site", "Website") is managed by Andrea Stanzione ("Noi" or "nostro").
When you visit our Site or use our services we may collect some personal data on your account, data that you provide us directly or that we infer from your browsing session and collect automatically.
We are committed to protecting and respecting your data and your privacy. We will use the information we collect about you only in accordance with the General Data Protection Regulation (GDPR - EU 2016/679).
We will use your personal information only in the ways and for the purposes described on this page. Please read it carefully because it contains important information on how we will treat your personal information.
For any need regarding this policy, for information or to exercise your rights you can write to us at firstname.lastname@example.org , we will try to answer you as soon as possible.
By visiting our website, using our services or providing your data, you accept and consent to it processing your personal data according to the practices described in this policy.
1. Data controller
The data controller of the data collected on this site is architect Andrea Stanzione , p.za Baiamonti 3, 20154 Milan.
2. Purpose of the processing
We use the data collected to offer you our services, inform you about our activities or answer your questions and only if we have a reason (legal basis) to do so among those listed below.
- User Consent : You have provided explicit consent authorizing us to process your data for this purpose. We remind you that you can at any time withdraw or change your consent by writing to email@example.com .
- Contract fulfillment: the processing of your data is necessary to fulfill the contractual obligations between the parties or to make possible the elaboration of a contract, including the conclusion and finalization of a sale.
- Legal obligation : treatment is necessary to fulfill the obligations of a law in force.
- Legitimate interest : the processing is carried out to respond to our legitimate interest or a legitimate interest of third parties. If you believe your interest is higher than indicated, you can oppose this treatment at any time.
We list in this table the purposes of the processing and the related legal basis.
Purpose of the treatment
Understand how our site is used (analytics)
Answer questions and complaints relating to our site or our services
Legitimate interest - Legal obligation
Inform you about changes to our products or services
Manage the security of our site and our services, prevent and detect fraud, respond to requests from the competent authorities
Legitimate interest - Legal obligation
3. General information
Users are informed (hereinafter "interested", as defined in the GDPR and the Privacy Code) of the following general profiles, valid for all areas of treatment:
- all data are processed in a lawful, correct and transparent manner with regard to the interested party, in compliance with the general principles set forth in the GDPR and the Privacy Code;
- we collect and process your data only for the purposes indicated in this Notice or for the specific purposes already shared with you and / or for which you have given your consent;
- we aim to collect, process and use as few personal data as possible;
- when we need to collect your personal information, we make sure that it is as accurate and up-to-date as possible;
- if the personal data we collect are no longer necessary for any purpose and we are not required to keep them for legal obligations, we will do everything possible to delete them, destroy them or anonymize them;
- specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access;
- your personal data will not be shared, sold, made available or communicated to parties other than those indicated in the Information.
4. Types of data processed
4.1 Navigation data
The computer systems and software procedures used to operate the site acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's IT environment. These data are used by Andrea Stanzione exclusively in anonymous form and for statistical purposes related to the use of the site and its correct functioning.
4.2. Data provided voluntarily by the user
The collection of users' personal data can take place voluntarily, by sending electronic mail to the addresses listed on the site or by sending the electronic forms present on the same by users. The sending of electronic mail involves the collection, by the Owner, of the email address of the sender, necessary to respond to the request, as well as of any other personal data contained in the communication. The personal data collected in this way will be used by the Data Controller for the sole purpose of responding to the e-mail message received and for any subsequent related communications.
The sending of information request forms involves the collection of information sent via the forms.
4.3. General information on cookies
When you access a site it or related sites may set or read cookies and / or other types of identifiers about the browser and / or the device you are using.
A cookie is a small text file that is stored on the computer of the person viewing a website for the purpose of recording certain information about the visit as well as creating a system to recognize the user even in subsequent moments. Device identifiers, on the other hand, are generated by collecting and processing certain information such as the IP address and / or user agent (browser version, type and version of the operating system) or other features of the device, always with the aim of reconnecting certain information to a specific user.
4.4. - Request information or contact
When you contact us through one of the addresses published on our Website via e-mail, we will store your e-mail address, the metadata relating to the sending and all the information that you send us in the body of the message or in its attachments.
4.5. - Links to other sites
5. Data security and conservation policies
How we guarantee the security of your data
We try to guarantee maximum security to your data, adopting strict internal policies and state-of-the-art technologies. In particular we take care that:
- only the staff and suppliers strictly necessary for processing access your data;
- your data is stored only for the time necessary for processing or to comply with legal obligations;
- redundant or no longer needed data is deleted or anonymized;
- all data transmissions take place over a secure connection (SSL / TLS);
- any passwords are securely encrypted and are never stored in clear text;
- all data is backed up periodically.
We are committed to securing your personal information. However, there is no completely safe and risk-free system: therefore we cannot guarantee that our databases are completely secure or that your data cannot be intercepted when you send them through the Internet.
How and why we share your personal information with third parties, consultants and suppliers
The data collected can be communicated to companies that perform functions that are strictly connected and instrumental to the technical, managerial, fiscal and legal operations in the provision of our services, or to administrative and judicial bodies and authorities by virtue of legal obligations.
Your personal information may be transferred outside the European Union to be processed by some of our service providers. In this case, we ensure that this transfer is carried out in compliance with the legislation in force and that an adequate level of protection of personal data is guaranteed.
In no case shall we transfer or sell your personal data to third parties.
We share anonymized data with traffic analysis platforms (eg Google Analytics ) that help us understand how our site is used and to improve and optimize our services.
How long we keep your data
We store your data in electronic and / or paper form for the time strictly necessary to provide the services requested, respecting privacy and current regulations.
Type of data
Period of conservation
Data useful for security and identification or prevention of fraud
Up to 36 months
Data for analysis aimed at the development and improvement of services
Up to 36 months
Data for marketing or profiling purposes
Up to 12 months
Data relating to telematic traffic in accordance with EU Directive 2017/541 on counter-terrorism
Up to 6 years
Know that if you exercise the right to oblivion, by requesting the personal data to be deleted explicitly, your data will be stored, in a protected form and with limited access, solely for the purpose of ascertaining and suppressing crimes, for a period of time not exceeding 12 months from the date of the request and subsequently they will be safely deleted or irreversibly anonymized.
6. Rights of the interested party
Pursuant to the European Regulation 679/2016 (GDPR) and the national legislation, the interested party may, according to the procedures and within the limits established by current legislation, exercise the following rights:
- request confirmation of the existence of personal data concerning him (right of access);
- know its origin;
- receive intelligible communication;
- have information about the logic, methods and purposes of the processing;
- request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
- in cases of treatment based on consent, to receive their data provided to the holder, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
- the right to lodge a complaint with the Supervisory Authority , the Italian Data Protection Authority ; for information you can consult this page: http://www.garanteprivacy.it/home/diritti/come-agire-per-tutelare-i-nostri-dati-personali .
Your rights may be exercised by sending an e-mail request to the data controller firstname.lastname@example.org.
7. Changes to this statement