Cookie Policy

This Cookie Policy (hereinafter, the "Policy") was developed pursuant to art. 13 of Regulation (EU) 2016/679 "on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)" and updates the previous versions of the document released to site users.
The collection and any other processing operation (as defined in Article 4, paragraph 2, of EU Regulation 2016/679) of your personal data will be carried out in accordance with the following:

1. DATA CONTROLLER
The data controllers of data collected through the website www.studiolegaleastolfi.it (hereinafter, the “Website”) is Studio Legale Astolfi e Associati professional association, with registered office in Milan, via Larga, 8, (hereinafter, the "Controller"), who may be contacted at avvocati@studiolegaleastolfi.it.

2. DEFINITION AND TYPES OF COOKIES AND APPLICABLE LAW
The relevant legal framework on cookies is constituted, first of all, by the provisions of Directive 2002/58 / EC, as implemented at national level by art. 122 of Legislative Decree 196/2003 (hereinafter, the "Code"), as well as by EU Reg. 2016/679 (hereinafter, the "GDPR"). In addition to these regulatory provisions, the Guidelines adopted on the subject by the Data Protection Authority has adopted the provision n. 229 of 8 May 2014 (on "Identification of simplified procedures for disclosure and acquisition of consent for the use of cookies") and, lastly, the provision n. 231 of 10 June 2021 (containing "Guidelines for cookies and other tracking tools").
Cookies are text strings that the websites visited by the user (so-called “Publisher” or “first party” websites) or else different websites or web servers (so-called “third parties”) place and store within a terminal device in the user’s possession — whether directly as is the case with publisher websites, or indirectly as is the case with “third parties”, i.e. through the intermediation of the publisher websites.
Software for browsing the internet and operating these devices can store cookies and then transmit them back to the sites that generated them on the occasion of a subsequent visit by the user, thus keeping track of that user’s previous interaction with one or more websites.
Information encoded in cookies may include personal data, such as an IP address, a username, a unique identifier or an email address, but it may also include non-personal data such as language settings or information on the type of device a person is using to navigate within the website.

Based on the function and the characteristics, it is possible to classify cookies in two broad categories:
  • technical cookies, for the use of which the user’s consent is not required and which are used solely for the purpose of “carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the contracting party or user to provide that service” (see Section 122 (1) of the Code). If some specific requirements are met, as identified by the Data Protection Authority Guidance contained in the provision n. 231 of 10 June 2021, analytics cookies are treated on a par with technical cookies and, for this reason, user’s consent doesn’t have to be collected in order to use them;
  • profiling cookies, for the use of which the user’s consent is necessary and which are used to trace specific actions or recurring behavioral patterns in the use of the offered functionalities back to specific, identified or identifiable individuals for the purpose of grouping the different profiles within homogeneous, multi-sized clusters; this is aimed in turn to enable the controller to, inter alia, provide increasingly customized services beyond what is strictly necessary for the delivery of the given service and also send targeted advertising messages, i.e. messages that are in line with the preferences expressed by the user in the context of their web-browsing activities. If the specific requirements identified by the Data Protection Authority Guidance contained in the provision n. 231 of 10 June 2021 aren’t met, analytics cookies are treated on a par with profiling cookies and, for this reason, user’s consent has to be collected in order to use them.
3. TYPES OF COOKIES USED BY THIS WEBSITE
The Website does not use profiling cookies (which contain and store navigation data useful for reconstructing the user's personal profile, collecting information about the sites on which the user has navigated and the searches carried out by him) but uses only technical cookies (necessary for the proper functioning of the site).

The following table details the cookies used by the Website:
Cookie
Type of cookie
Personal data processed, purposes and legal basis of the processing
First party / third party cookie
Expiration
EU-COOKIE-LAW-HIDE Technical cookie The legal basis of the processing is that referred to in art. 6, co. 1, lett. b) of the GDPR, i.e. the execution of a contract to which the user is a party First party Always

We remind you that technical cookies are necessary in order to guarantee the correct functioning of the Website and the deactivation or disabling of the same can lead to the malfunction of some services and / or features of the Website.
In any case, you can change the privacy settings within your browser in order to block, disable or delete (in whole or in part) certain types of cookies, thus preventing their setting and reading. For more information on how to change the settings and preferences on the use of cookies through the browser, please refer to the instructions available through the following links:


4. NATURE OF THE PROVISION OF DATA
The processing of personal data carried out using technical cookies is necessary in order to allow the Website to function properly. Failure to provide the data necessary for the use of technical cookies could lead to a malfunction of some services and / or features of the Website.

5. METHOD OF PROCESSING OF DATA COLLECTED
Processing activities are carried out according to the principles of lawfulness, fairness, transparency, storage limitation, data minimisation, integrity, accuracy and confidentiality, provided for by Art. 5 of the EU Reg. 679/2016, and by adopting appropriate technical and organisational measures, in order to protect personal data and, specifically, their safety.
Processing activities are carried out through employees/collaborators of the Data Controller, as persons authorised to process personal data, and through external parties who carry out specific tasks on behalf of Data Controller and who process personal data as Data Processors (such as third-party technical service providers, hosting providers). The updated list of Data Processors may be requested at any time from Data Controller.

6. TRANSFER OF DATA OUTSIDE THE EU
Your personal data collected by means of first-party cookies are not transferred to non-EU countries.
The Data is stored on a server located in Italy, and will not be transferred outside the European Union/European Economic Area.
Should data transfer be required to countries outside the EU/EEA for the purposes indicated above, such transfer will take place in compliance with the provisions of EU Regulation no. 679/2016, stipulating, if and as necessary, agreements with recipients that guarantee an adequate level of protection of personal data by adopting the standard contractual clauses currently envisaged by the European Commission.

7. USER RIGHTS
The user can withdraw, at any time and without formalities, any consent given (when consent is the legal basis of the processing).
In any case, any withdrawal of consent does not affect the lawfulness of the data processing based on the consent given prior to the withdrawal.

Pursuant to Art. 15 et seq. of EU Reg. 679/2016, without prejudice to the exceptions and restrictions provided for by applicable legislation, the user has the right to request:
  • the access to his/her personal data;
  • the rectification and the completion of his/her personal data;
  • the erasure of his/her personal data;
  • the restriction of data processing, in the presence of certain conditions and within the limits of what is established by current legislation;
  • the data portability, that is the right to receive his/her personal data in a structured, commonly used and machine-readable format and the right to transmit them to another Data Controller, in cases where the conditions for the exercise of such a right are met (that is, when the processing is based on consent or on a contract and when the processing is carried out by automated means).
The user has also the right:
  • to object to processing, if there are reasons connected to his/her personal situation, with particular reference to the processing based on a legitimate interest of the Data Controller, including profiling;
  • not to be subject to a decision based solely on automated processing;
  • make a complaint to the competent personal data protection authority, which in Italy is the Garante per la protezione dei dati personali.
8. AMENDMENTS TO THIS POLICY
Changes could be made to this Policy at any time, and, in this case, Users will be informed through the publication on this page. Therefore, please consult this page regularly and refer to the date of the most recent amendment.
If the changes involve processing activities whose legal basis is consent, the Data Controller must collect the User's consent according to law, before the processing of Data.
For further information, please contact avvocati@studiolegaleastolfi.it

9. CONTACT DETAILS OF THE DATA CONTROLLER
Studio legale Astolfi e Associati
Via Larga, n. 8
20122 Milano
e-mail: avvocati@studiolegaleastolfi.it
fax: n. 02 88556216