Privacy Policy

Information on Data Processing

paoloconcari.com

​

​

With this document, I aim to explain the characteristics and methods of processing data collected through navigation on the website paoloconcari.com, in accordance with Article 13 of the European Regulation 2016/679 (“GDPR”) and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018.

This disclosure pertains solely to the website paoloconcari.com and not to third-party sites, potentially reachable by clicking on their respective links.

​

Data Controller

The data controller for personal data processing (“Controller”) is me, Paolo Concari, CF. CNCPLA90E04L781N.

You can contact me at any time for information regarding the processing of your data by sending an email to info@paoloconcari.com and specifying "Privacy Request" in the email subject.

​

Collected Data

Navigation Data:

During navigation, the site collects certain personal data, the transmission of which is implicit in the use of Internet communication protocols. This includes information not collected to be associated with identified individuals but which, by their nature, could, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses or domain names of computers used by users who connect to the site, the time of the request, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user's operating system and computer environment.

​

Voluntarily Provided Data:

In case you send requests using the contact details on the website, you may provide me with your personal data or information about yourself. I inform you that this site does not install any cookies.

​

Purpose of Processing, Lawfulness Conditions, and Nature of Data Provision

Navigation Data:

These data are processed to obtain anonymous statistical information about the use of the site and to monitor its proper functioning.

• The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site, as well as for transmitting data to public bodies and authorities and for fulfilling any legal or regulatory obligations.
• The legal basis for processing these data consists of the legitimate interest of the Controller (Art. 6, para.1, letter f of the GDPR) and compliance with legal obligations (Art. 6 para.1, letter c of the GDPR).
• The provision of navigation data is mandatory to navigate the site.

​

Voluntarily Provided Data:
• These data are processed solely to respond to your requests. If additional purposes for processing arise, I will provide you with a new, specific notice.
• The legal basis for processing these data is the execution of pre-contractual measures taken at your request (Art. 6 para.1, letter b of the GDPR).
• The provision of this data is optional, but failure to communicate it, in whole or in part, may prevent me from fully responding to the request.

​

Data Storage and Security

The storage of your data will be electronic. The Controller adopts specific security measures to prevent any violation of personal data, such as loss of data, illicit or incorrect use, and unauthorized access.

However, these measures, given the nature of the online transmission medium, cannot completely limit or exclude any risk of unauthorized access or data dispersion. Therefore, I recommend periodically checking that your device has suitable software devices for protecting the transmission of data over the network, both inbound and outbound (e.g., updated antivirus systems), and that the Internet provider has adopted suitable measures (e.g., firewalls and spam filters).

​

Data Storage Period

The processing of data occurs for the time strictly necessary to achieve the purposes outlined above. More precisely:
• Navigation data is not stored.
• Voluntarily provided data will be stored for the time strictly necessary to respond to your request. Afterward, unless additional processing purposes arise (for which appropriate information will be provided), the data will be deleted.
• In case the processing becomes necessary to exercise the legitimate interests of the Controller, as illustrated above, or for compliance with legal obligations, the storage will have a differentiated duration according to the relevant legislation.
• After the aforementioned storage periods expire, the data will be destroyed, deleted, or anonymized.

​

Categories of Subjects to Whom Your Data Could be Communicated

Your personal data will not be disclosed to third parties, except when necessary and only to the extent strictly necessary to achieve the purposes of the processing.

Therefore, such data may be communicated to:
• My collaborators, authorized, and trained in data processing.
• Third-party technical service providers, such as hosting providers, IT service providers, appointed from time to time, if necessary, as data processors under Article 4, No. 8 of the GDPR.
• Subjects to whom the right to access data is granted by laws or regulations, and other subjects provided for by law.
 
In any case, you can always ask the Controller for an updated list of data processors. Your data will never be transferred or disseminated, meaning communicated to undetermined subjects.

​

Transfer of Data outside the EU

Personal data is stored on servers located within the European Union and will not be transferred outside the European Union.

​

Your Rights

In conformity with the GDPR, you can exercise the following rights:

​

• Right of Access (Article 15 GDPR). You can request confirmation of whether or not data concerning you is being processed and, if so, obtain access to your personal data and additional information regarding the processing.

• Right to Rectification (Article 16 GDPR). You can obtain the rectification of inaccurate personal data concerning you without undue delay and the completion of incomplete personal data.

• Right to Erasure (or "Right to be Forgotten" – Article 17 GDPR): You can request the erasure of data acquired or processed by the Controller without undue delay, provided that, alternatively:

  - They are no longer necessary for the purposes for which they were collected.
  - Consent has been withdrawn, and there is no other legal basis for the processing.
  - You have objected to the processing of your personal data.
  - The data have been unlawfully processed.
  - There is a legal obligation to erase the data.

• Right to Restriction of Processing (Article 18 GDPR): You can request the restriction of the processing of personal data when one of the following scenarios applies:

  - You contest the accuracy of your data, for the period necessary for the Controller to verify its accuracy.
  - The processing is unlawful, and you oppose the deletion of the data, requesting instead that its use be restricted.
  - Although the Controller no longer needs it for processing purposes, you require the data for the establishment, exercise, or defense of your legal claims.
  - You have objected to processing under Article 21, para. 1, of the GDPR, pending verification of whether the legitimate grounds of the Controller override your legitimate grounds.

• Right to Data Portability (Article 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller without hindrance, where applicable, under the conditions set out in the GDPR.

• Right to Object (Article 21 GDPR): You have the right to object to the processing of personal data concerning you, unless the Controller demonstrates compelling legitimate grounds

 for the processing that override your interests.

Additionally, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal (Article 7, para. 3, GDPR).

​

Finally, you have the right to lodge a complaint with the Supervisory Authority, which in Italy is the Garante per la Protezione dei Dati Personali.

For a better understanding of these rights, please refer to Articles 15 and following of the GDPR.

To exercise your rights, you can send a request using the contact details on the website or write an email to info@paoloconcari.com, specifying "Privacy Request" in the email subject.

​

Updates to the Information

I inform you that this information may be subject to periodic updates. Any updates will be highlighted through publication on the site.

Last updated: January 10, 2024.