The following information is provided pursuant to Article 13 of EU Regulation no. 2016/679 (hereinafter, the “GDPR”) and should be considered to regard and thus only be applicable to the Website and the services provided through it, without including any web pages or websites that can be accessed via links and are operated by third parties. You are thus strongly advised to carefully read the privacy policies of those websites in order to obtain a more detailed understanding of how your data will be processed by them.
1. Data controller
Your personal data shall be processed by the data controller, the data processers appointed by same and parties specifically authorized to conduct data processing operations.
The data controller is Studio CM & PARTNERS – STUDIO LEGALE ASSOCIATO
Via Carlo Crivelli 15/1, 20122 Milano (MI)
VAT Reg. no.: 04237230958
Taxpayer no.: 04237230958
2. Place and methods of data processing operations
Data processing operations connected with the web services provided in the Website take place at the data controller’s offices and are conducted using manual and/or computerized and telematic devices on the basis of organizational and processing criteria that are strictly connected with the purposes for which your data will be processed and in any event in such way as to assure the security, completeness and confidentiality of your data in compliance with the organizational, physical and logical security measures imposed under applicable laws.
Personal data are processed mostly electronically, but also in hard copy format, and are stored in a way that enables the data subject’s identification only for the time strictly necessary to achieve the purposes for which their data were originally collected and, in any case, within the time limits established by law. Specific security measures are in place to prevent the loss, unlawful or improper use or unauthorized access of data, as required under the GDPR.
3. Purposes of data processing
Personal data gathered via the Website are processed in order to provide the services that are accessible through it,
and specifically those concerning:
- the provision of further information about the data controller’s activities and any events or other projects it may be organizing or involved in;
- the handling and processing, in connection with the aforesaid information, of any questions and/or requests for further contact with the Firm or its lawyers that you may send to the e-mail or other addresses provided in the Website.
The above-listed data processing operations do not require your consent since they concern services or work performed in direct response to your requests.
4. The types of data processed
4.1 Browsing data
In the course of their normal use, the computer systems and software procedures used to operate the Website collect certain personal data whose transmission is implicit in Internet communication protocols.
It is information that is not collected in order to be associated with identified data subjects, but, by its very nature, could make it possible to identify Website users if processed in certain ways and matched with data held by third parties.
This category of data includes the IP addresses or domain names of computers used to connect to the Website, the URI (Uniform Resource Identifier) of requested resources, the time a request is made, the method used to submit a request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the user’s operating system and computer environment.
These data are used only to obtain anonymous statistical information on the use made of the Website and to check that it is working properly, and they are deleted immediately once processed. Browsing data may be used to ascertain responsibility in cases of possible computer crimes committed against the Website.
4.2 Data provided by users voluntarily
Whenever a user decides to voluntarily and explicitly send an e-mail address and/or a message or curriculum vitae to an address provided in the Website, the system automatically acquires the sender’s e-mail address and any additional personal data provided in that electronic communication.
5. Circulation of data
Your personal data shall not be released or transferred to third parties.
Your personal data shall be stored in servers located in Milan (Italy), within the European Union.
6. Links to other websites
The data controller does not control and is unable to supervise either the contents or the data processing policies of third-party websites and/or services that can be accessed via links contained in the Website. Therefore, under no circumstance can the data controller be held liable for data processing operations conducted via or in connection with such third-party websites.
7. Data subjects’ rights
Data subjects are granted rights under the GDPR.
For example, data subjects may at any time exercise their right:
- to obtain access to their data;
- to obtain the rectification or erasure of their data or restrictions on how their data are
- to object to the processing of their data;
- the portability of their data;
- to withdraw consent: the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;
- to lodge a complaint with the relevant supervisory authority (in Italy, the Garante Privacy, by following the procedures set forth in its website:
8. How to exercise your rights
You may exercise your rights by simply sending an e-mail to firstname.lastname@example.org.