European Data Protection Regulation No. 679/2016, GDPR

In compliance with the obligations arising from the national (Legislative Decree No. 196 of 30 June 2003, Code on the Protection of Personal Data) and Community legislation, (European Regulation for the Protection of Personal Data No. 679/2016, GDPR) and subsequent amendments, this Site respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe the rights of users.

Data Controller

Simone Lucini Paioni
Via Edmondo de Amicis, 19 - 20010 Buscate (MI)
Holder's email address: info@simonelucinipaioni.com

Types of Data Collected

Among the Personal Data collected by this site, either independently or through third parties, are: Cookie, Usage Data, First Name, Last Name, Phone, E-mail, ZIP Code, City, Province.

Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific informational texts displayed before the data is collected.

Personal Data may be freely provided by the User or, in the case of Usage Data, automatically collected while the User is on the Site.

Unless otherwise specified, all requested Data are mandatory. If the User refuses to communicate them, it may be impossible to provide the requested Service. In cases where some Data are optional, Users are free to refrain from communicating them, without this having any consequence on the availability of the Service or its operation.

Users in doubt about which Data are mandatory are encouraged to contact the Controller.

Any use of Cookies - or other tracking tools - where not otherwise specified, is for the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for third party Personal Data obtained, published or shared through this Site and warrants that he or she has the right to communicate or disseminate it, releasing the Owner from any liability to third parties.

Method and place of processing of collected Data

Mode of treatment

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.

The processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes. In addition to the Data Controller, in some cases, other subjects involved in the organization of this Site (administrative, commercial, marketing, legal, system administrators personnel) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, Data Processors by the Data Controller may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.

Legal basis for processing

The Owner processes Personal Data related to the User if one of the following conditions exists:

the User has given consent for one or more specific purposes; Note: In some jurisdictions, the Data Controller may be authorized to process Personal Data without the need for the User's consent or another of the legal bases specified below, as long as the User does not object (“opt-out”) to such processing. However, this does not apply if the processing of Personal Data is governed by European legislation on the protection of Personal Data;
processing is necessary for the performance of a contract with the User and/or the execution of pre-contractual measures;
processing is necessary to fulfill a legal obligation to which the Controller is subject;
the processing is necessary for the performance of a task of public interest or the exercise of public authority vested in the Controller;
processing is necessary for the pursuit of the legitimate interest of the Owner or third parties.

However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each processing and in particular to specify whether the processing is based on law, required by a contract or necessary to conclude a contract.

Location

The Data are processed at the Holder's operational offices and at any other location where the parties involved in the processing are located. For more information, please contact the Data Controller.

The User's Personal Data may be transferred to a country other than the country where the User is located. To obtain more information about the processing location, the User may refer to the section on Personal Data processing details.

The User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organization under public international law or formed by two or more countries, such as the UN, as well as regarding the security measures taken by the Data Controller to protect the Data.

Should any of the transfers just described take place, the User may refer to the respective sections of this document or request information from the Owner by contacting him at the contact details given at the beginning.

Retention period

Data are processed and kept for the time required by the purposes for which they were collected.

Therefore:

Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the performance of that contract is completed.
Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.

When processing is based on the User's consent, the Controller may retain Personal Data longer until that consent is revoked. In addition, the Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period, the Personal Data will be deleted. Therefore, at the expiration of this period the right of access, deletion, rectification and the right to Data portability can no longer be exercised.

Purposes of the Processing of Collected Data

User Data is collected to enable the Owner to provide its Services, as well as for the following purposes: Interaction with social networks and external platforms, Contacting the User, Statistics, Displaying content from external platforms, Session Registration and Protection from SPAM. To obtain further detailed information on the purposes of processing and the Personal Data concretely relevant for each purpose, the User may refer to the relevant sections of this document.

Details of the processing of Personal Data

Personal Data are collected for the following purposes and using the following services:

Interaction with social networks and external platforms

This type of service allows for interactions with social networks, or other external platforms, directly from the pages of this Site. The interactions and information acquired are in each case subject to the User's privacy settings related to each social network. In the event that a social network interaction service is installed, it is possible that, even if Users do not use the service, it may collect traffic data related to the pages where it is installed.

YouTube Video Widget (Google Inc.)
YouTube is a video content display service operated by Google Inc. that allows this Application to embed such content within its pages.
Personal Data Collected: Cookies and Usage Data.
Place of processing: United States - Privacy Policy. Privacy Shield adherent subject.

Facebook's Like button and social widgets (Facebook, Inc.).
The Facebook “Like” button and social widgets are Facebook social network interaction services provided by Facebook, Inc.
Personal Data Collected: Cookies and Usage Data.
Place of processing: United States - Privacy Policy

+1 button and Google+ social widgets (Google Inc.).
The +1 button and Google+ social widgets are services for interacting with the Google+ social network, provided by Google Inc.
Personal Data Collected: Cookies and Usage Data.
Place of processing: United States - Privacy Policy

Contact User

Contact form

The User, by filling out the contact form with their Data, consents to their use to respond to requests for information, quotes, or any other nature indicated by the header of the form.
Personal Data Collected: Last Name, First Name, E-mail, Phone, Zip Code, City, Province

Mailing List or Newsletter

By registering for the mailing list or newsletter, the User's email address is automatically added to a contact list to which email messages containing information, including information of a commercial and promotional nature, relating to this Site may be sent. The User's email address may also be added to this list as a result of registering with this Site or after making a purchase.
Personal Data Collected: Last Name, First Name, E-mail

Displaying content from external platforms

This type of service allows to display content hosted on external platforms directly from the pages of this Application and interact with them. In the event that such a service is installed, it is possible that, even if Users do not use the service, it may collect traffic data related to the pages where it is installed.

Google Fonts (Google Inc.)
Google Fonts is a font style display service operated by Google Inc. that allows this Application to integrate such content within its pages.
Personal Data Collected: Usage Data and various types of Data as specified by the service's privacy policy.
Place of processing: United States - Privacy Policy. Privacy Shield adherent subject.

Widget Google Maps (Google Inc.)
Google Maps is a map display service operated by Google Inc. that allows this Application to integrate such content within its pages.
Personal Data Collected: Cookies and Usage Data.
Place of processing: United States - Privacy Policy

User Rights

Users may exercise certain rights with respect to the Data processed by the Data Controller.

In particular, the User has the right to:

Revoke consent at any time. The User may revoke the previously expressed consent to the processing of his/her Personal Data.
Object to the processing of their Data. You may object to the processing of your Data when it is done on a legal basis other than consent. Further details on the right to object are provided in the section below.
Access to your Data. You have the right to obtain information about the Data processed by the Data Controller, certain aspects of the processing and to receive a copy of the Data processed.
verify and request correction. Users may verify the accuracy of their Data and request that it be updated or corrected.
Obtain restriction of processing. When certain conditions apply, the User may request the restriction of the processing of its Data. In this case, the Data Controller will not process the Data for any purpose other than its preservation.
Obtain the deletion or removal of their Personal Data. When certain conditions are met, the User may request the deletion of their Data by the Data Controller.
Receive their Data or have their Data transferred to another owner. The User has the right to receive his or her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred unimpeded to another data controller. This provision is applicable when the Data are processed by automated means and the processing is based on the User's consent, a contract to which the User is a party or contractual measures related thereto.
propose complaint. The User may bring a complaint to the relevant data protection supervisory authority or take legal action.

Details of the right to object

When Personal Data are processed in the public interest, in the exercise of public powers vested in the Data Controller or in pursuit of a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.

Users are advised that if their Data were processed for direct marketing purposes, they may object to the processing without providing any reasons. To find out whether the Data Controller processes Data with direct marketing purposes, Users can refer to the respective sections of this document.

How to exercise rights

To exercise the User's rights, Users may address a request to the contact details of the Controller indicated in this document. Requests are filed free of charge and processed by the Holder as soon as possible, in any case within one month.

More information about the treatment

Litigation defense

The User's Personal Data may be used by the Owner in legal proceedings or in the preparatory stages of its possible establishment for the defense against abuse in the use of this Site or related services by the User. The User declares that he/she is aware that the Data Controller may be required to disclose the Data at the request of public authorities.

Specific disclosures

Upon the User's request, in addition to the information contained in this privacy policy, this Site may provide the User with additional and contextual disclosures regarding specific services, or the collection and processing of Personal Data.

System logs and maintenance

For operation and maintenance purposes, this Site and any third-party services it uses may collect System Logs, which are files that record interactions and may also contain Personal Data, such as the User's IP address.

Information not contained in this policy

More information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact information.

Exercise of Rights by Users

The subjects to whom the Personal Data refer have the right at any time to obtain confirmation of the existence or non-existence of the same at the Data Controller, to know its content and origin, to verify its accuracy or request its integration, deletion, updating, rectification, transformation into anonymous form or blocking of Personal Data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing. Requests should be addressed to the Data Controller.

This Site does not support “Do Not Track” requests.

To find out whether any third-party services used support them, the User is encouraged to consult their respective privacy policies.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to Users on this page. Therefore, please consult this page often, taking as reference the date of last modification indicated at the bottom. If you do not accept the changes made to this privacy policy, you must cease using this Site and may request the Data Controller to remove your Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to Personal Data collected up to that point.

About this privacy policy

The Data Controller is responsible for this privacy policy.

Definitions and legal references

Personal Data (or Data)

Personal data is any information relating to a natural person who is identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.

Usage Data

This is the information collected automatically by this Site (or by third party services that this Site uses), including: the IP addresses or domain names of the computers used by the User who connects with this Site, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.. ) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the length of time spent on each page) and the details of the itinerary followed within the Site, with particular reference to the sequence of pages consulted, the parameters relating to the User's operating system and computer environment.

User

The individual using this Site, who must coincide with or be authorized by the Data Subject and whose Personal Data is being processed.

Interested

The natural or legal person to whom the Personal Data refers.

Data Processor (or Manager)

The natural person, legal entity, public administration and any other entity, association or body entrusted by the Controller with the processing of Personal Data, in accordance with the provisions of this privacy policy.

Data Controller (or Owner)

The natural person, legal entity, public administration and any other entity, association or body which is responsible, even jointly with another owner, for decisions regarding the purposes, methods of processing of personal data and the tools used, including the security profile, in relation to the operation and use of this Site. The Data Controller, unless otherwise specified, is the owner of this Site.

Site

Tool by which Users' Personal Data are collected.

Cookie

Small portion of data stored within the User's device.

Legal references

Notice to European Users: this privacy policy is drafted in fulfillment of the obligations under Art. 10 of Directive No. 95/46/EC, as well as the provisions of Directive 2002/58/EC, as updated by Directive 2009/136/EC, regarding Cookies.

Ultimo aggiornamento: 03 Febbraio 2025.