Avvocato Massimo Donna, with registered office at Piazza Luigi Vittorio Bertarelli 1 (hereinafter, the “Controller”, or the “Law Firm”), owner of the website https://www.paradigma-law.com (hereinafter, the “Website”), hereby provides the notice on the processing of personal data pursuant to Article 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, the “Regulation”; the Regulation and the Italian Privacy Code, Legislative Decree No. 196/2003, as amended by Legislative Decree No. 101/2018, are together referred to as “Applicable Legislation”).
This Website and any services offered therethrough may only be accessed by persons over the age of eighteen. Therefore, the Controller does not collect personal data relating to persons under eighteen. Upon the Users’ request, the Controller will promptly delete all personal data involuntarily collected and relating to persons under eighteen.
Website browsing and registration
PURPOSE AND LEGAL BASIS OF THE PROCESSING
The personal data of persons browsing the Website or registering through one of the forms on the Website (the “Users”) will be lawfully processed by the Controller pursuant to Article 6 of the Regulation for the following processing purposes:
a) Browsing of the Website, in relation to the possibility of collecting User data that are technically necessary in order to browse the Website.
b) Response to requests for information, received through the appropriate contact form.
c) Legal obligations, i.e. to fulfil obligations required by the law, an Authority, a regulation or European legislation.
The provision of personal data for the abovementioned processing purposes is optional, but it is necessary insofar failure to provide such data will make it impossible for the User to browse the Website and use the services offered by the Controller on the Website.
As to the purposes referred to in letters a) and b), the legal basis of the processing is the performance of the services provided through the Website and requested by the User (pursuant to Article 6, paragraph 1, letter b of the Regulation); as to the purposes referred to in letter c) of the previous paragraph, the legal basis of the processing is the compliance with a legal obligation to which the Controller is subject (pursuant to Article 6, paragraph 1, letter c of the Regulation).
GENERAL INFORMATION ON THE PROCESSING CARRIED OUT
1. Processing methods and data storage term
The Controller will process through manual and computer tools the personal data collected. The logic applied will be strictly related to the purposes of the processing and will ensure that data are processed securely and confidentially. Personal data will be kept strictly for no longer than is necessary for the purposes for which they were collected. If the consent is withdrawn or a User objects to the processing, such data will be deleted.
2. Scope of communication and dissemination of data
Employees and/or staff of the Controller may become aware of the personal data collected. These persons, who have been formally appointed by the Controller as “authorised to process”, will process the data exclusively for the purposes indicated in this notice and in compliance with the provisions of the Applicable Legislation.
Furthermore, the information collected may be disseminated to third parties who may process personal data on behalf of the Controller as “External Data Processors”, including, but not limited to, IT and logistics service providers serving the operation of the Website, outsourcing or cloud computing service providers, professionals and consultants.
At any time a list of any data processors appointed by the Controller may be obtained, by making a request to the Controller as indicated below.
3. Data Subjects’ Rights
The rights granted by the Applicable Legislation, expressly recognised by Articles 15 et seq. of the Regulation, may be exercised by contacting the Controller at the e-mail address email@example.com .
If the processing carried out by the Law Firm is considered in breach of the Regulation, a complaint may be lodged with a Supervisory Authority (in the Member State where the Data Subjects habitually reside, in the Member State where the Data Subjects work or in the Member State where the alleged breach has occurred). The Italian Supervisory Authority is the Garante per la protezione dei dati personali, with office at Piazza Venezia no. 11, 00187 – Rome (http://www.garanteprivacy.it/) E-mail: firstname.lastname@example.org Fax: (+39) 06.69677.3785 Telephone switchboard: (+39) 06.69677.1.