HomePrivacy Policy

Privacy Policy

Disclosure pursuant to art. 13 of the new European Regulation 2016/679
We hereby inform you that Regulation (EU) 2016/679 of the Parliament and the Council protects individuals and other parties in relation to the processing of personal data.
Pursuant to said regulation, the processing of personal data shall be based on the principles of fairness, lawfulness and transparency and the protection of confidentiality and the rights envisaged.
Pursuant to art. 13 of the GDPR, we provide the following information:

  1. Legal basis, purposes and methods of data processing
    The legal basis of processing for the purposes set out under point a) is art. 6(1)(b) of the GDPR (“processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”).
    Personal data shall be processed exclusively for purposes strictly connected and instrumental to fulfilling the obligations pertaining to the existing relationship. In particular:
    – for entering personal data into the law firm’s IT database;
    – for keeping accounting records;
    – for managing collections and payments;
    – for tax management
    – for fulfilling obligations set out by civil and tax laws, regulations and EU law.
    Personal data shall be processed using hard copies and IT tools, by the controller, the processor and the parties assigned to carry out processing, taking all precautionary measures to guarantee the security and confidentiality of the data.
  2. Nature of the collection of data and consequences of any non-conferral
    It is obligatory to confer the personal data in order to fulfil the obligations deriving from the mandate and, in general, legal obligations.
    Any non-conferral of the data could make it impossible for us to fulfil the obligations deriving from the mandate or the activities set out in regulations in force.
  3. Communication and dissemination of the data
    For the purposes of performing the contract and for the purposes indicated above, personal data may be communicated:
    – to all natural and legal persons (legal, administrative and tax consulting firms, independent auditors, couriers and shippers, data centres, etc.) in cases where their communication is necessary for the purposes illustrated above;
    – to banks for managing collections and payments and for any applications for credit/credit lines;
    – to factoring or debt collection companies;
    – to our specifically assigned workers and employees as part of their duties;
    – other natural and legal persons that it is necessary to involve to fulfil the purposes illustrated above.
  4. Geographical area
    Your personal data shall not be transferred to Recipients outside the European Economic Area.
  5. Duration of the processing
    Your data shall be stored in a form that permits identification of the data subject for the period of time not exceeding that necessary for the purposes, listed under point 1, for which the data were collected or subsequently processed, and according to the requirements set out in the regulations in force.
  6. Data subject’s rights pursuant to articles 12 to 22 of 2016/679 (GDPR)
    At any time, you may exercise the rights set out in relation to the data controller pursuant to articles 12 to 22 of the New European Regulation 2016/679, which we reproduce herein for your convenience.

    1. The data controller shall adopt appropriate measures to provide the data subject with all the information pursuant to articles 13 and 14 and the communications pursuant to articles 15 to 22 and art. 34 relating to processing in a concise, transparent, intelligible and easily accessible form, using clear and plain language, in particular for any information addressed specifically to a child. The information shall be provided in writing, or by other means, including, where appropriate, by electronic means. When requested by the data subject, the information may be provided orally, provided that the identity of the data subject is proven by other means.
    2. The data subject has the right to be provided with the following information:
      a) the origin of the personal data;
      b) the purposes and methods of processing;
      c) the approach applied in the event of processing with the aid of electronic tools;
      d) the identification details of the controller, the processors and the designated representative pursuant to art. 5, paragraph 2;
      e) the parties or categories of parties to which the personal data may be communicated or who may become aware of the data in their role as designated representative in the country, processors or parties assigned to processing.
    3. The data subject has the right to obtain:
      a) the update, rectification or, where interested, addition to the data;
      b) the erasure, transformation into anonymous form or blocking of data processed in breach of law, including those whose storage is not necessary in relation to the purposes for which the data were collected or subsequently processed;
      c) certification that the transactions pursuant to points a) and b) were brought to the attention, also concerning their content, to the parties to whom the data were communicated or disseminated, except in the case where such obligation is impossible to fulfil or entails an effort that would clearly be disproportionate to the right protected.
    4. The data subject has the right to fully or partially object:
      a) for legitimate reasons, to the processing of his/her personal data, even if they are pertinent to the purpose of the collection;
      b) to the processing of his/her personal data for the purposes of sending advertising or direct sales materials or for conducting market research or commercial communications.The rights pursuant to art. 12 can be exercised by sending an informal request to the controller or processor, also through an assigned party, to whom suitable feedback should be provided without delay.
  7. Data Controller
    The data controller is Studio Legale Marensi, with registered offices in Via Francesco Melzi D’Eril no. 27, Milan, Italy, Tel. +39 02-315830, avvocati@marensi.it.
  8. Complaints to the Italian Data Protection Authority
    Data subjects who deem that the processing of their personal data carried out through this site has occurred in breach of the provisions of the GDPR have the right to lodge a complaint with the Data Protection Authority, as envisaged by art. 77 of the GDPR, or to avail of the appropriate legal venues (art. 79 of the GDPR), whose contacts are published on the website https://www.garanteprivacy.it.

The data controller

Studio Legale Marensi