PRIVACY POLICY
This information is provided pursuant to and for the purposes of Article 13 of Regulation
EU 2016/679 (cd. GDPR) (hereinafter also only “GDPR”, the full text of which can be consulted at the following link: https://www.garanteprivacy.it/il-testo-del-regolamento) – to users/visitors who access the website and web services of Ghia Studio Legale Associato, with registered office in Rome (RM), via delle Quattro Fontane n. 10 (hereinafter the “Firm” or “Ghia Studio Legale Associato”), through the domain www.ghia.legal.
This information is therefore provided to those who interact with the web services of Ghia Studio Legale Associato electronically accessible from the address: www.ghia.legal, corresponding to the home page of the official website of Ghia Studio Legale Associato.
This privacy policy applies only to the Ghia Studio Legale Associato website and not to other websites (including those of third parties) that may be accessed by the user through links present on the above domain.
DATA CONTROLLER
By, or as a result of, consulting the Site, data relating to identified or identifiable persons may be processed. The “owner” of the processing is Ghia Studio Legale Associato, C.F. and P.IVA 16259381008, with registered office in Rome (RM), via delle Quattro Fontane n. 10, PEC: ghia@legalmail.it, telephone: (+39) 06 4201 2618. PEO: privacy@ghia.legal
DATA PROTECTION OFFICER
Ghia Studio Legale Associato has appointed a data protection officer in accordance with art. 37 and 39 of GDPR its own Data Protection Officer.
Therefore, users may contact the Data Protection Officer (or “DPO”) for all matters pertaining to data processing at the following contact details:
e-mail: privacy@ghia.legal
telephone: (+39) 06 4201 2618,
address: Ghia Studio Legale Associato, via delle Quattro Fontane n. 10, Rome.
NAVIGATION DATA
During their normal operation, the computerized systems as well as the software procedures used to operate the Ghia Studio Legale Associato website may acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interests, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data also includes IP addresses or domain names of computers used by users connecting to the site, addresses in URI notation (Uniform Resource Identifier) of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the computer environment used by the user/visitor.
COOKIES
We do not use cookies to transmit information of a personal nature, nor do we use persistent cookies of any kind, i.e. systems for tracking users/visitors. The use of session cookies (which are not persistently stored on the user/visitor’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the Site. The session cookies used on the Site avoid the use of other IT techniques that could potentially prejudice the confidentiality of users/visitors’ browsing and do not allow the acquisition of personal data identifying the user/visitor.
The data provided and processed in connection with the Site are not disclosed to third parties or disseminated in any way, except as indicated below. The personal data provided by users/visitors who forward requests and/or computer material (files, photos, etc.) in order to obtain commercial and technical information, regarding the Studio’s products or activities, are used for the sole purpose of performing the service or provision requested and are communicated to third parties only if necessary for that purpose.
The optional, explicit, and voluntary sending of messages using the “Newsletter” and “Recruiting” service on the Website or by sending communications and/or e-mail messages to the Studio’s contact details, entails the subsequent acquisition of the sender’s e-mail address, which is necessary to reply to requests, as well as any other personal data included in the message.
Specific summary information will be progressively reported or displayed on the pages of the Website set up for services on request.
CONFERMENT OF DATA
Apart from what is specified for browsing data, the user/visitor has the option of providing personal data to take advantage of the “Newsletter” and “Recruiting” services on the Site to obtain communications, informative, commercial, and technical, relating to the professional services or activities of Ghia Studio Legale Associato.
Failure to provide such information may make it impossible to obtain what has been requested.
We invite all those who intend to transmit their curriculum vitae not to include any sensitive and/or data in the same. Consent to the possible transfer abroad of the data contained in the curriculum vitae will be requested during the cognitive and informative interview.
PURPOSE OF THE PROCESSING – LEGAL BASIS – PERIOD OF STORAGE
The personal data processed by Ghia Studio Legale Associato following navigation of its website by users/visitors are processed for the sole purpose of obtaining anonymous statistical information on the use of the Website and to check its correct functioning.
Website navigation
The legal basis provided for this purpose is the legitimate interest pursuant to Art. 6(f) and recital 47.
The storage period of the relevant data is until the end of the duration of the browsing session by the user/visitor.
Filling in data collection forms for contacts
The legal basis underlying this type of processing is the execution of pre-contractual measures also taken at the request of the user/visitor.
The data retention period is 1 year.
Direct marketing
Subject to prior consent and until opposition: the Firm’s direct marketing activities, market research, satisfaction surveys, sending of newsletters and promotional, commercial and advertising material or relating to events and initiatives, by Ghia Studio Legale Associato by automated means of e-mail, telefax, SMS, MMS or other types of messages.
The legal basis underlying this type of processing is constituted by consent ex art. 6 (paragraph 1 letter a).
As regards the data retention period for direct marketing purposes, Ghia Studio Legale Associato may retain personal data until the user/visitor exercises his/her right to object.
The data could also be used to ascertain responsibility in case of hypothetical crimes, including computer crimes, against the Site or Ghia Studio Legale Associato.
PROCESSING METHODS
Personal data are processed using automated and manual instruments for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
Recipients and communication of Data
For the purposes of the correct performance of the activities identified above, for certain activities underlying the processing of Data, Ghia Studio Legale Associato may communicate the Data to third parties, who will act as Data Processors and/or as subjects authorized by the Data Controller. The persons authorized to process data who may become aware of your personal data, by way of example only, may belong to the following professional categories: internal collaborators (such as employees, lawyers, consultants, interns) and external collaborators (such as domiciliaries, technical consultants) to Ghia Studio Legale Associato, subjects operating in the judicial sector, counterparties and their advocates, boards of arbitrators and, in general, all those subjects to whom communication is strictly necessary.
By way of example only, your Data may be processed, solely for the purposes indicated above, by subjects belonging to the following categories:
- companies that provide IT services to Ghia Studio Legale Associato;
- subjects and/or companies that provide specific consultancy of a professional nature to Ghia Studio Legale Associato;
- Authorities and Public Administrations;
- Supervisory and control bodies internal and/or external to Ghia Studio Legale Associato.
These subjects may act as Data Processors or, in some cases, as autonomous Data Controllers.
The complete and updated list of persons designated as Data Processors can be requested by sending an e-mail to the following address: privacy@ghia.legal
DISSEMINATION AND PROFILING
Personal data are subject neither to dissemination, nor to profiling, nor to any fully automated decision-making process.
TRANSFER OF DATA
Personal data may be transferred to countries outside the European Union and to international organizations, pursuant to and in full compliance with:
- 44 of the GDPR, as well as recitals 101 and 102;
- 45 of the GDPR, as well as recitals 103, 107 and 167-169, concerning the transfer based on an adequacy decision;
- 46 of the GDPR, as well as recitals 108, 109 and 114, concerning the transfer subject to adequate safeguards.
RIGHTS OF THE DATA SUBJECTS
At any time, the user/visitor may exercise the rights set out in Articles 15, 16, 17, 18, 19, 20, 21 and 22 GDPR by contacting the data controller as identified above, or by contacting the D.P.O., using the contact details above.
In particular, Article 13 par. 2 of the GDPR grants the data subject specific rights, including the right to request access to and rectification or erasure of personal data or limitations to the processing of personal data concerning him or her, or to object to the processing thereof, as well as the right to data portability; the data subject also has the right to lodge a complaint with the Supervisory Authority (Garante Privacy – www.garanteprivacy.it), without prejudice to the possibility of lodging administrative or judicial appeals if the processing of data violates the provisions of the GDPR.
Where the processing is based on consent, it will be possible to revoke it at any time. Processing based on consent shall remain valid and lawful until revoked.