INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH REGULATION (EU) 2016/679
Article 13 of the “European Regulation on the protection of personal data” (Regulation EU/2016/679) and the Italian Privacy Code (Legislative Decree No. 169/2003, as amended by Legislative Decree No. 101/2018), impose the requirement to provide essential information on personal data processing to the data subjects concerned. To comply with the foregoing requirement, the Firm hereby informs you of the following.
The data controller is Studio Maffei Alberti e Associati, with registered office in Bologna (BO), Via Galliera, 39, in the person of its legal representative, Prof. Alberto Maffei Alberti (tax identification number MFFLRT35H04E289U), resident in Bologna (BO), Via Galliera, 39 (hereinafter the “Data Controller”).
Your data is collected exclusively to enable you to visit the website www.studiomaffeialberti.it (hereinafter, “Website”) and to be contacted, where requested. This notice does not cover third-party websites that are accessed via the links provided on this Website.
2. DATA PROCESSING AND STORAGE METHOD
In relation to the purposes referred to in Art. 1, the processing of personal data is carried out by means of hard copy, computer, electronic or other telecommunications systems, with a view to ensuring the security and confidentiality of the data. Your data will be kept for no longer than is strictly necessary for the purposes above and for the time period established in the current regulatory requirements. Personal data may be processed by the Data Controller’s employees, collaborators and consultants in their capacity as data processors, who are authorised to carry out specific processing operations for the purposes above, under the direct authority and responsibility of the Data Controller.
3. NATURE OF DATA PROVISION AND CONSEQUENCES OF REFUSAL
The provision of your personal data is optional, since the information is provided exclusively for the purpose of being contacted.
4. LEGAL BASIS FOR PROCESSING
Your personal data is processed on the basis of your consent.
- DATA RECIPIENTS
Your personal data are processed by the Firm’s employees, who are specifically authorised, pursuant to art. 4, paragraph 10 of the Regulation, to process data in accordance with the specific instructions given by the Data Controller.
Your personal data will not be disclosed to third parties for use by them for their own promotional purposes and will not be disseminated in any way.
Your data may be disclosed to the police and to judicial and administrative authorities, in accordance with laws in force, for the investigation and prosecution of crimes, the prevention of and protection from public security threats and to allow the Firm to exercise or protect its own rights or those of third parties before the competent authorities, as well as for other reasons related to the protection of the rights and freedoms of others.
- DATA RETENTION
In accordance with the principles of proportionality and necessity, your data will not be kept for longer than is necessary for the purposes indicated above and, therefore, commensurate with the service offered or for the time specified in the relevant rules of law.
- YOUR RIGHTS
You have the following rights with regard to the personal data covered by this information notice, as provided for in the GDPR:
- Right of access and rectification (articles 15 and 16 of the GDPR): you have the right to access your personal data and to have your personal data corrected, modified or completed. If you wish, we will provide you with a copy of the data concerning you in our possession.
- Right to erasure (Art. 17 of the GDPR): in the cases provided for by the current legislation, you have the right to request the erasure of your personal data. If your request is found to be legitimate, we will stop processing your personal data and your data will be erased.
- Right to restriction of processing (Art. 18 of the GDPR): you have the right to obtain the restriction of the processing of your personal data if the processing is unlawful or if the accuracy of the personal data is contested by you.
- Right to data portability (Art. 20 of the GDPR): you have the right to obtain your personal data from the Data Controller and the right to transmit those data to another controller, in the cases provided for in Art. 20 above.
- Right to object (Art. 21 of the GDPR): you can object, at any time, to our processing of your personal data on the basis of our legitimate interests, by explaining the reasons for your request, which will be duly considered by the Firm before granting your request.
- Right to lodge a complaint (Art. 77 of the GDPR): you have the right to lodge a complaint with the competent Data Protection Supervisory Authority if you believe that your data are or have been processed in violation of your rights under the GDPR.
Your rights with regard to the Firm’s specific processing of your personal data can be exercised at any time. Further information about your rights, as the data subject, can be obtained by asking the Data Controller to provide a full extract of the articles mentioned above. Without prejudice to the foregoing, the abovementioned rights may also be exercised by any person who has a personal interest, or who is acting to protect your interests, as your representative, or for family reasons which deserve specific protection pursuant to art. 2-terdecies of Italian Legislative Decree No. 101/2018.
- SECURITY MEASURES
The Firm adopts appropriate and preventive security measures to safeguard the confidentiality, integrity, completeness and availability of your personal data. Technical, logistical and organisational measures have been developed to prevent the destruction, loss (even accidental), alteration and improper or unauthorized use of the personal data processed.