Website’s users privacy policy

Data Controller
The data controllers of data collected through www.studiolegaleastolfi.it is Studio Legale Astolfi e Associati professional association, with registered office in Milan, via Larga, 8, (hereinafter, the "Data Controller"), that may be contacted at avvocati@studiolegaleastolfi.it.

Types of Data Collected


Browsing data
Only data required for the site to function and to fulfil legal requirements and contractual obligations with clients are collected, including IP addresses, domain names of computers used by users connecting to the site, the addresses in URI notation (Uniform Resource Identifier) of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.), and other information relating to the operating system and the user's computer environment.

Data provided voluntarily by the user
Data provided by the user for the purpose of registering on the site to sign up for newsletters on legislative and jurisprudential news in the main areas of work of the law firm:
- e-mail.

Nature of the provision of data
The browsing data requested by this site are mandatory to enable the services to be provided. Where this site indicates some data as optional, users are free to refrain from communicating such data; this will not have any effect on the availability of the service or its operation. The communication of data for transmission of newsletters is optional; failure to communicate data for this purpose will prevent Data Controller from transmitting them.

Cookies
Any use of Cookies (or other tracking tools) by this site or owners of third-party services used by this site, unless otherwise specified, is intended to provide the Service requested by the User as well as the additional purposes described in this document. Please refer to the Cookie Policy as regards data processing through cookies.

Method of processing of data collected
Processing activities are carried out according to the principles of lawfulness, fairness, transparency, storage limitation, data minimisation, integrity, accuracy and confidentiality, provided for by Art. 5 of the EU Reg. 679/2016, and by adopting appropriate technical and organisational measures, in order to protect personal data and, specifically, their safety. Processing activities are carried out through employees/collaborators of the Data Controller, as persons authorised to process personal data, and through external parties who carry out specific tasks on behalf of Data Controller and who process personal data as Data Processors (such as third-party technical service providers, hosting providers). The updated list of Data Processors may be requested at any time from Data Controller.

Purpose and legal basis of processing activities
The Personal Data relating to the User are processed:
  • with reference to the purposes related to the registration on the site for sending of newsletters, by filling in his/her e-mail address in the relevant form, with the consent of the User, pursuant to Art. 6, para. 1(a), EU Reg. 679/2016;
  • with reference to the purposes connected with the need to ensure operation of the website, with the consent of the User, pursuant to Art. 6, para. 1(a), EU Reg. 679/2016, expressed through persistent browsing of the website (conclusive conduct).


Transfer of Data outside the EU
Data is managed and stored using servers (including email servers) located in Italy and, in any case, within the EU/EEA.
In the event of data transfers to third countries (non-EU/EEA), such transfers will in any case comply with the applicable laws, that is, by virtue of a European Commission decision of adequacy, or by stipulating specific agreements that guarantee an adequate level of data protection or by adopting the standard contractual clauses contemplated by the European Commission for transfers of this type.

Retention period
User data (browsing data and e-mail address) is stored by the Data Controller for the period strictly necessary for the provision of the service, without prejudice to the right of users to revoke their consent at any time.
Data processed through the use of cookies are stored for the period of time indicated in the Cookie Policy.
Data Controller may be obliged to retain the Personal Data for a longer period in accordance with a legal obligation or by order of an authority. Personal Data will be erased at the end of the storage period.

User Rights
User may withdraw at any time and without formalities his/her consent (whenever the consent is the legal basis for the processing).
In any case, the withdrawal of the consent doesn’t affect the lawfulness of processing based on consent before its withdrawal.
Furthermore, without prejudice to the limitations and exceptions provided for by the law in force, according to Art. 15 et seq. of EU Reg. 679/2016, the User has the right to ask:
  • the access to his/her Data;
  • the rectification or integration of his/her Data;
  • the cancellation or deletion of his/her Data;
  • the limitation of processing activities when certain conditions are met and within the limits provided for by the law in force;
  • the Data portability, that is the right to receive the personal data provided in a structured, commonly used format and to transmit those data to another controller, when the conditions for the exercise of that right exist (when the processing is based on consent or on a contract and when it’s carried out by automated means).


The User has also the right:
  • to request Data portability, that is the right to receive the personal data provided in a structured, commonly used format and to transmit those data to another controller, when the conditions for the exercise of that right exist (when the processing is based on consent or on a contract and when it’s carried out by automated means).
  • not to be subject to a decision based solely on automated processing;
  • to lodge a complaint with the competent personal data protection authority (which in Italy is the Garante per la protezione dei dati personali).


Amendments to this privacy policy
Changes could be made to this privacy policy at any time, and, in this case, Users will be informed through the publication on this page. Therefore, please consult this page regularly and refer to the date of the most recent amendment. If the changes involve processing activities whose legal basis is consent, the Data Controller must collect the User's consent according to law, before the processing of Data.

For further information, please contact avvocati@studiolegaleastolfi.it

Contact details of the Data Controller
Studio Legale Astolfi e Associati
Via Larga, n. 8
20122 Milan
e-mail: avvocati@studiolegaleastolfi.it
fax: 02 88556216


Last modified 8/9/2022