Skip to main content

Privacy Policy

The personal data provided within the site or acquired in the context of the activity of Studio Notarile Massimiliano Ferraro will be processed in accordance with the principles of fairness, lawfulness, transparency and protection of confidentiality in compliance with EU Regulation 679/2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data.

Pursuant to Art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”), we inform you that the processing of the data you provide will be carried out using methods and procedures aimed at ensuring that the processing of personal data is carried out with respect for the fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality and security, personal identity and the right to protection of personal data.
This Privacy Policy applies to all data collected through the website notaiomassimilianoferraro.it.

DataController
The Data Controller of the data collected from this Web Site is
Notary Massimiliano Ferraro
Via Giovanni da Verazzano 51
10129 Turin (TO)
Tel. 02 65 52 184
Mail: info@mfnotaio.it

Subject of processing and origin of data
The use of the services offered through the site notaiomassimilianoferraro.it may involve the acquisition of personal and professional information of users, in order to satisfy their requests. More specifically, personal data acquired through the site could be as follows:

Data voluntarily provided by the user
Types of personal data processed through the website are those strictly necessary for the provision of the service offered and may consist of personal data, contact data (e.g., address, e-mail, telephone number and fax number), tax data (e.g., company name, tax code and VAT number), professional data, data spontaneously provided by the user also in relation to the type of request made and data contained in any attachments spontaneously transmitted by the user. The provision of some of these data is mandatory, since without them those services that presuppose availability (e.g., contact data) cannot be provided to the user.

The user has the right to provide additional personal data, expressly marked as non-compulsory and completely irrelevant in relation to the provision of the service, but whose inclusion – optional, explicit and voluntary – involves their acquisition and processing in order to respond to requests forwarded by the user.

Users who have any doubts about whether certain data are mandatory should contact the Data Controller.

Personal data provided by the user must be true and up-to-date; the user assumes all responsibility in connection with the provision of false or out-of-date data.

Should the user provide personal data of third parties (e.g., family members or friends), he/she will make him/herself the autonomous Data Controller of the processing of such data, assuming all legal obligations and responsibilities and conferring on the point the widest indemnity with respect to any dispute or claim that should be addressed to Studio Notarile Massimiliano Ferraro by the third parties themselves.

Special Categories of Data
It is possible that you give the Data Controller special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to a person’s health or sex life or sexual orientation. These categories of data will be processed only with the explicit consent of the user, manifested at the time of sending their request.

Navigation data
The architecture responsible for the operation of the website acquires some personal data of the user, the transmission of which is, however, inherent in the use of network protocols. This is information that is not collected for the purpose of being associated with the user, but which by its very nature could, through processing and association with other data, allow the user to be identified. These are data that are collected for statistical purposes, with the aim of monitoring the proper functioning of the site, and are also data that could be used for advertising purposes or to ascertain responsibility in case of hypothetical computer crimes against the site or third parties.

Purpose of Processing and Legal Basisfor Processing
The Data Controller may use the data collected, including users’ personal information, in order to provide, personalize and improve the service offered through the website and to carry out related administrative, accounting, tax and legal requirements.

The processing operations put in place for these purposes are necessary for the fulfillment of contractual obligations and do not require specific consent from the data subject.

Ensuring the technical functionality of the service offered and analyzing its use by users. The processing operations put in place for these purposes are based on a legitimate interest of the Data Controller and do not require specific consent from the data subject.

To provide the user with functionality, information, advertising or other similar content. The processing put in place for these purposes is carried out with the specific consent provided by the user, with the exception of commercial communications relating to products and/or services similar to those already subscribed to by the user, for which the processing is based on a legitimate interest of the Controller.

Processing Methods
Processing is limited to the following operations and in the following manner:

  • Data collection from the data subject by filling out online forms;
  • Computer-based recording and processing;
  • Organization of archives in mainly automated form, through business applications and computerized master records;
  • Possible communication of data to third parties, duly authorized by the Data Controller.

Data will be processed using appropriate means to ensure confidentiality, integrity and availability, in compliance with appropriate technical and organizational security measures required by the GDPR.

The processing shall be carried out by means of computerized and/or automated systems and shall include all the operations or set of operations provided for in Art. 4 of the GDPR and necessary for the processing in question, including communication to the persons in charge of the processing itself.

Retention of data
Personal data provided by the user will be processed for the time strictly necessary to achieve the purposes for which they were collected or, in any case, for the period provided for the fulfillment of legal obligations, provided that it is not necessary to retain them further in order to defend or enforce a right or to comply with orders of the Authorities.

Access to Processing
Data will be made accessible, for the purposes stated above:

  • To employees/collaborators in their capacity as authorized processors, subject to appropriate appointment;
  • To third parties, identified as Data Processors by the Data Controller.

Your data will not be disclosed to unauthorized third parties.

Data Transfer
The management and storage of personal data will take place on servers located within the European Union of the Data Controller and/or third party companies contracted and duly appointed as Data Processors. Data will not be transferred outside the European Union.

Nature of provision of data and consequences of refusal to respond
The provision of data for the purposes mentioned above is mandatory. In their absence, it will not be possible to proceed with the intake and response to your contact request.

Rights of the Data Subject
According to the provisions of the GDPR, the data subject has the following rights vis-à-vis the Data Controller:

  • To obtain confirmation as to whether or not personal data concerning him or her are being processed, and if so, to obtain access to the personal data (Right of Access Art. 15);
  • To obtain the rectification of inaccurate personal data concerning him/her without undue delay (Right to Rectification Art. 16);
  • obtain the erasure of personal data concerning him or her without undue delay, and the data controller has an obligation to erase personal data without undue delay if certain conditions are met (Right to be forgotten Art. 17);
  • Obtain limitation of processing in certain cases (Right to limitation of processing Art. 18);
  • receive in a structured, commonly used and machine-readable format the personal data concerning him or her that he or she has provided and has the right to transmit such data to another Data Controller, without hindrance from the Data Controller to whom he or she has provided it, in certain cases (Right to Data Portability Art. 20);
  • object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her (Right to object art. 21);
  • Receive without undue delay notice of the personal data breach suffered by the Data Controller (Art. 34);
  • Revoke express consent at any time (Conditions for Consent Art. 7).

Ways of exercising the right
You may also exercise your right to withdraw consent at any time, without affecting the lawfulness of the processing based on your prior consent. Should you believe that the processing of your personal data has been carried out unlawfully, you may file a complaint with the Data Protection Authority. To exercise these rights, report problems or ask for clarification on the processing of personal data, you can send an e-mail to info@mfnotaio.it or by registered mail to the address of the Data Controller

Updating thisPrivacy Policy
This Privacy Policy is subject to updates that will be posted on the Website on a timely basis.

Last updated 29/09/2024