This website does not use profiling cookies. We use technical cookies, in particular session navigation cookies, to maintain the status of the user within the requests of the webpage (e.g. the language selected).
The contents of the site, including blogs and any articles or links to third-party websites, do not constitute professional legal advice. The purpose is exclusively informational.
All original content on this Website are published under a Creative Commons Attribution 4.0 license, unless otherwise specified.
Notice on the Processing of Personal Data
pursuant to art. 13 of the General Data Protection Regulation - EU Reg. No. 2016/679
This notice is provided to you pursuant to art. 13 of the European Regulation No. 2016/679 ("Regulation"), which establishes rules concerning the protection of individuals with regard to the processing of personal data, as well as rules concerning the free movement of such data.
This notice only concerns the website www.avvocatomasi.com ("Website") and does not cover other websites, which might be available via any links on the Website.
Personal and identification data
Personal data means any information concerning a natural person, identified or identifiable, also indirectly by reference to any other information. The personal data that may be collected through the Website are the following: name, surname, e-mail address, telephone number. Sensitive data (i.e. those concerning religious beliefs, union membership, sexual preferences and other information listed in Article 9 of the Regulation) are not processed through the Website, hence, we kindly ask all users to not include them when contacting us via the Website, or in other forms of interaction provided by the Website. Should it be necessary to process data of this kind, we will request prior consent from the data subject/user.
The computer systems and software procedures used to operate the Website, acquire some kind of personal data whose transmission is implicit in the use of Internet communication protocols during their normal operation. This kind of information is not collected to be associated with identified parties, however due to its very nature, it might allow users to be identified by means of processing and association of data held by third parties.
This category of data includes, for instance, the IP addresses or domain names of the computers used by the users connecting to the Website, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the IT environment of the data subject/user.
Data provided voluntarily by the data subject / user
Transmission (always optional and at the discretion of the data subject/user) of e-mails to the e-mail addresses indicated on the Website and/or through other interactions with the Website, entails the acquisition of the sender's address, necessary to respond to requests, as well as of any other personal data provided by the data subject/user. Specific information may be displayed on the Website with regard to particular services provided by the controller.
2. Purposes of the processing and its lawfulness
The processing of personal data is based on principles of correctness, lawfulness and transparency to protect the privacy and rights of users. The purposes for which personal data collected through the Website are used are:
PURPOSE: Management and execution of pre-contractual and contractual obligations, in particular the management of messages sent through the Website (e.g. requests for information or quotation, job applications).
LEGAL BASIS: Processing permitted as necessary for the implementation of a contract of which the data subject is a party, or for the execution of pre-contractual measures adopted at the request of the same - art. 6.1. (b) of the Regulation.
PURPOSE: Compliance by the controller with the obligations established by applicable Italian and European legislation, including for instance, the management of tax and accounting obligations.
LEGAL BASIS: Processing permitted as necessary to fulfil a legal obligation to which the controller is subject - art. 6.1 (c) of the Regulation.
Each data subject/user is free to provide personal data in e-mails sent to the e-mail addresses indicated on the Website, or through other interactions with the Website. In the event in which the data required to answer the message has not been provided, we will be unable to follow up on the request.
3. Processing methods
The processing of personal data is carried out using IT tools in compliance with the provisions on the protection of personal data and, in particular, the appropriate technical and organizational measures pursuant to art. 32.1 of the Regulation, and with the observance of every precautionary measure that guarantees their integrity, confidentiality and availability.
4. Categories of recipients of personal data
Personal data may be communicated, in strict relation to the purposes indicated above, to the following recipients or categories of recipients:
a) recipients in relation to which the current legislation imposes the duty of communication, e.g. in compliance with the provisions of the tax and accounting legislation, or to fulfil and order by an Authority of competent jurisdiction;
b) professionals and third-party companies with which the controller cooperates, should it be necessary for the functioning of the Website or for the management of the data subject/user request through the website.
With regard to paragraph b), we undertake to rely exclusively on recipients who provide adequate guarantees regarding data protection and - where necessary - to appoint such professionals and third parties as Data Processors pursuant to art. 28 of the Regulation. Upon request, the complete list of the Data Processors will be made available by the controller.
The Website is hosted by Wix.com Inc and such corporation may transfer personal data (in particular the web browsing data listed above) to the United States of America. Furthermore, we rely on software for the management of e-mails and other IT tools necessary for our operations, which are provided by companies in the Microsoft Group. The Microsoft Group mat transfer personal data to the United States of America, as well as to other countries outside the European Economic Area (EEA). In the latter case, the Microsoft Group relies on a variety of legal mechanisms, including contracts, to ensure your data subject rights and protections. As far as transfers to the United States of America are concerned, Wix.com Inc and the Microsoft Group act strictly in compliance with the EU-U.S. Privacy Shield Framework. More information about the EU-U.S. Privacy Shield, including the list of certified organizations (including Wix.com Inc and Microsoft Corporation), can be found at https://www.privacyshield.gov.
5. Retention period
Personal data are kept in the archives of the controller and are stored for a period of 10 (ten) years from the last interaction with the data subject/user, in consideration of the limitation period of any claims arising from the contact between the controller and the data subject/user, as set forth by law.
6. Rights of the data subject
At any time, the data subject/user may assert the rights provided by the articles 15 to 22 of the Regulation against the controller, i.e. the right to request:
access to personal data, i.e. the right to be acquainted with his/her personal data held by the controller, the purposes for which they are processed, their origin and other information required by art. 15 of the Regulation;
rectification of personal data in case of inaccuracy of the same;
erasure of personal data (so-called 'right to be forgotten');
restraint of the processing of personal data, or the right to obtain the suspension of the processing of personal data for a period necessary to verify the request for rectification of personal data, or in other cases provided for by art.18 of the Regulation.
Furthermore, the data subject/user has the right to:
data portability, i.e. the right to receive personal data in a structured, commonly used and machine-readable format - and to request the direct transfer to another controller;
the right to lodge a complaint with the Italian Data Protection Authority or with the Data Protection Authority of the place of residence or work, or of the place where the violation occurred, where he/she considers that the processing of personal data violates the Regulation.
7. Plug-ins for Social Networks
Some of the pages of the Website may contain plug-ins of social networks (e.g. Twitter, LinkedIn). By clicking on these plug-ins - that are identifiable with the same symbol of the social network which they refer to - the browser directly connects to the servers of the social network and opens an additional page or tab of the browser, linked to the social network. In the event that the data subject/user connects/is connected to their social account, some personal data may be associated to the social account. Indeed, this connection can remain active even if the social network page is closed, for instance when the user visits the social network while being logged in. Further information on the collection and use of data by social networks in general, as well as on the rights and procedures available to protect the privacy of the data subject/user in this situation, are indicated on the pages of social networks. If the data subject/user does not wish to associate the visit to our Website with his/her social account, he/she must log-off from the social network before visiting our Website and clear their cookies.
The controller reserves the right to amend, update, add or remove sections of this privacy notice, at its discretion and at any time, with effect for the future. In order to facilitate examination of any revisions/updates, the notice will specify the update date.
9. Identity and contact details of the Controller
Last update: August 20, 2019