This Privacy Policy is made pursuant to Article 13 of European Regulation No. 679/2016 and applies exclusively to all Data collected through the Website This Privacy Policy is subject to updates that will be posted on the Website on a timely basis. This Privacy Policy, together with the Terms and Conditions, Privacy Policy and Cookie Policy of the Website, establishes the basis on which the Data Subject's Personal Data will be processed.

Data Controller

The Data Controller of the Data collected from this Web Site is Lucia Catrambone, Via Monte Grappa 12, 20010 - Arluno (MI); e-mail:

Personal Information

Personal Data means any information concerning an identified or identifiable natural person (Data Subject). An identifiable natural person is one who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier, one or more characteristic elements of his or her physical identity.

Category of Personal Data Processed

Among the Personal Data processed by this Web Site, either independently or through third parties, are Common Data such as: Usage Data, First Name, Last Name, and Email Address.

Methods of Processing Personal Data

The Personal Data provided or acquired will be subject to Processing based on the principles of fairness, lawfulness, transparency and protection of confidentiality in accordance with current regulations. The Data Controller processes Users' Personal Data by adopting appropriate security measures aimed at preventing unauthorized access, disclosure, modification or destruction of Personal Data. The Processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes.

Purpose of Personal Data Processing and Legal Basis

Personal Data may be collected autonomously by the Data Controller or through third parties. In this case, the computer systems and software procedures in charge of the operation of this Website acquire certain Personal Data of the Users, of a technical-informatics nature (e.g. IP address, type of browser used, operating system, domain name and addresses of websites from which access or exit was made, etc.), the transmission of which is inherent to the normal operation of the Internet. Such Data may be processed for the sole purpose of obtaining anonymous statistical information on the use of the site and/or to check its correct functioning and will be deleted immediately after processing.

The Data that the Data Subject chooses to voluntarily provide will be processed in compliance with the conditions of lawfulness under Article 6 GDPR and will be processed to enable the Website to provide its services, as well as for the Purposes indicated below and will be kept for the time necessary for the fulfillment of the aforementioned Purposes.

The Purpose of processing is:

- Treatment required under a contract

The Data will be processed in order to fulfill the obligations arising from the contract between the Data Subject and the Data Controller for the sale of the Services on the Website, to contact the Data Subject in relation to the Contract and for the management of the Contract, for the management of requests for legal guarantees, assistance, withdrawal requests, management and termination of the Contract

Legal Basis: this processing is necessary for the performance of the contract to which the Data Subject is a party, for the performance of pre-contractual measures or to comply with a legal obligation to which the Data Controller is subject.

Period of data retention: Ten (10) years or other legal requirement.

Tools used for the Processing of Personal Data


With the registration service, the Data Subject allows the Site to identify him/her and give him/her access to dedicated services.

The Interested Party registers directly on the site by filling out the Form and providing their Data.

Disclosure of Data

In addition to the Owner, in some cases, they may have access to the Data:

a) categories of specially trained appointees involved in the organization of the Website (administrative, sales, marketing, legal, system administrators);

b) external parties (such as third party technical service providers, hosting providers, IT companies, communication agencies) also appointed as Data Processors by the Data Controller ex art. 28 GDPR. The updated list of Data Processors, if appointed, can always be requested from the Data Controller;

c) public or private entities that can access the Data in compliance with legal obligations;

d) individuals who perform tasks that are ancillary and instrumental to the Holder's activity;

Timing of Treatment

As expressly provided for in Art. 5, co. 1, letter e) of the GDPR, the Data are kept for the time necessary for the Processing of the same in relation to the performance of the service requested by the Data Subject, or required by the Purposes described above in this document.

At the end of the retention period, Personal Data will be deleted and therefore, the rights of access, deletion, rectification, and portability of Data can no longer be exercised

Place of Processing and Transfer of Data Abroad

The Data are processed at the operational headquarters of the Data Controller. For further information you may contact the Data Controller. The Data may be processed by individuals and/or legal entities operating on behalf of the Data Controller and under specific contractual obligations and located in EU or non-EU member countries. In the event that Data is transferred outside the EEA, the Data Controller will take all appropriate contractual measures to ensure adequate protection of the Data.

Exercise of data subject's rights

The Data Subject has the right to exercise the faculties provided for in Articles 7, 15-22 of European Reg. 679/2016. In particular, he/she has the right to revoke his/her consent at any time and, upon simple request to the Data Controller, he/she may request access to the Personal Data, receive the Personal Data provided to the Data Controller and where possible transmit them to another Data Controller without hindrance (so-called portability), obtain the updating, limitation of the processing, rectification of the Data and the deletion of those processed in breach of the regulations in force. He/she has the right, for legitimate reasons, to object to the Processing of Personal Data concerning him/her and to the Processing for the purpose of sending advertising material, direct sales and for carrying out market research. He/she also has the right to lodge a complaint with the Privacy Guarantor as the supervisory authority for the protection of personal data or to take appropriate legal action. The interested party may exercise his rights by contacting the Data Controller by e-mail at:

Changes to this Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time by giving notice to Users on this page. Therefore, please consult this page often, taking as reference the date of last modification indicated at the bottom. If you do not accept the changes made to this Privacy Policy, you must cease using this Website and may request the Data Controller to remove your Personal Data. Unless otherwise specified, the previous Privacy Policy will continue to apply to the Personal Data collected up to that point. The Data Controller is not responsible for updating all links viewable in this Privacy Policy, so whenever a link is not working and/or updated, Users acknowledge and agree that they should always refer to the document and/or section of the websites referred to by that link.

Privacy Policy updated as of February 2023