Privacy Policy

1. Data Controller

The Data Controller responsible for processing your personal data is:

2. Types of Data Collected

This website collects the following categories of data:

2.1 Data voluntarily provided by users

• Full name
• Email address
• Phone number (if provided)
• Message or inquiry submitted through the contact form

2.2 Automatically collected data

• Navigation data: IP address, browser type, operating system, pages visited, timestamps
• Technical cookies: essential for website functionality (e.g., dark/light theme preferences)
• Analytics cookies: Google Analytics (if present) for anonymous usage statistics

Note: This website does not collect sensitive data (ethnic origin, political opinions, religious beliefs, health information).

3. Purpose of Processing and Legal Basis

Personal data collected is processed for the following purposes:

3.1 Managing contact requests

• Responding to information requests or quotes
• Providing technical or business consulting
• Managing contractual relationships

Legal basis: Explicit consent of the data subject (Art. 6(1)(a) GDPR) or performance of pre-contractual measures (Art. 6(1)(b) GDPR).

3.2 Statistical analysis and service improvement

• Analyzing user behavior on the website
• Enhancing navigation experience and content
• Optimizing technical performance

Legal basis: Legitimate interest of the Controller (Art. 6(1)(f) GDPR) and consent to analytics cookies.

3.3 Legal compliance

• Fulfilling tax, accounting, and regulatory obligations
• Responding to requests from competent authorities

Legal basis: Legal obligation (Art. 6(1)(c) GDPR).

4. Processing Methods

Personal data is processed using automated and manual tools, implementing appropriate technical and organizational security measures to ensure data protection.

• Data is stored on secure servers with restricted access
• Communications occur through encrypted protocols (HTTPS)
• Data access is granted only to authorized and trained personnel
• Periodic backups are performed to ensure data integrity

5. Data Retention

Personal data is retained only for the time strictly necessary to achieve the purposes for which it was collected:

• Contact data: until completion of the request or contractual relationship, except for legal obligations (e.g., 10-year tax retention)
• Navigation data and cookies: up to 26 months (Google Analytics) or according to browser settings
• Data for tax compliance: 10 years from termination of the relationship

After the retention period expires, data will be permanently deleted or anonymized.

6. Data Sharing with Third Parties

Personal data is not sold, transferred, or shared with third parties for commercial purposes. It may be disclosed exclusively to:

• Technical service providers: hosting, maintenance, technical support (e.g., Netlify for hosting)
• Analytics tools: Google Analytics (Google LLC) for aggregated and anonymous statistics
• Cookie consent management: Cookie-Script.com for GDPR-compliant cookie consent banner
• Professional advisors: accountants, legal counsel, IT consultants (under confidentiality obligations)
• Public authorities: upon request for legal compliance or judicial orders

All third parties act as Data Processors (Art. 28 GDPR) or Independent Controllers, implementing appropriate security measures.

7. International Data Transfers

Personal data may be transferred to countries outside the EU exclusively to destinations that guarantee an adequate level of protection (e.g., United States for Google Analytics in compliance with Standard Contractual Clauses).

In all cases, transfers are conducted in compliance with the safeguards provided by GDPR (Arts. 44-50).

8. Your Rights

As a data subject, you have the right to:

• Access (Art. 15 GDPR): obtain confirmation of the existence of personal data and receive a copy
• Rectification (Art. 16 GDPR): correct inaccurate or incomplete data
• Erasure (Art. 17 GDPR): request deletion of data (right to be forgotten)
• Restriction (Art. 18 GDPR): limit processing in specific cases
• Portability (Art. 20 GDPR): receive data in a structured format and transfer it to another controller
• Objection (Art. 21 GDPR): object to processing for legitimate reasons
• Withdrawal of consent (Art. 7 GDPR): withdraw previously given consent at any time

To exercise your rights, you may submit a written request to:

The Controller will respond within 30 days of receiving your request.

You also have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

9. Cookies and Tracking Technologies

This website uses technical and analytics cookies. For detailed information on cookie usage, please consult the Cookie Policy.

10. Privacy Policy Updates

The Controller reserves the right to modify or update this Privacy Policy at any time to comply with applicable regulations or technical improvements.

Users will be notified of substantial changes through a notice on the website. We recommend checking this page periodically.

11. Contact Information

For any questions or requests regarding the processing of personal data, you may contact the Controller: