Privacy Policy

Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR) and current national legislation.

This Privacy Policy governs the methods and purposes of the processing of personal data of users who access and consult the website of Edoardo Pignatti (hereinafter, the "Site"), as well as the use of cookies and similar tools.

This Policy is provided in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 ("General Data Protection Regulation", hereinafter "GDPR"), Legislative Decree no. 196 of June 30, 2003 ("Personal Data Protection Code"), as amended by Legislative Decree no. 101 of August 10, 2018, as well as the Guidelines of the Italian Data Protection Authority (Garante) of June 10, 2021, regarding cookies and other tracking tools.

This Policy refers exclusively to the Site of Edoardo Pignatti and does not extend to other websites that may be accessed via hypertext links.

1. Data Controller

(Art. 4, par. 1, no. 7 GDPR)

The Data Controller is Edoardo Pignatti. For any communication regarding the processing of personal data, the Controller can be contacted at the following email address: edoardopignatti095@gmail.com

2. Scope of Processing and Categories of Personal Data

(Art. 4 GDPR)

The Controller processes the following categories of personal data:

a) Data provided voluntarily by the Data Subject: The voluntary submission of requests for information or communications through the Site entails the acquisition of the personal data provided by the user, including, but not limited to, name, surname, telephone number, email address, and any further information provided by the Data Subject.
b) Navigation Data: The computer systems and software procedures used to operate the Site acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This data includes, for example, IP addresses, domain names of the devices used, request times, and parameters related to the user's operating system and IT environment.

3. Purposes of Processing

(Arts. 5 and 6 GDPR)

Personal data are processed for the following purposes:

Management of information requests;
Compliance with legal or regulatory obligations, or provisions from competent Authorities;
Ensuring the correct functioning, security, and usability of the Site;
Processing of anonymous statistics on Site usage.

4. Legal Basis for Processing

(Art. 6 and Art. 9 GDPR)

The processing of personal data is based on the following legal grounds:

Performance of pre-contractual or contractual measures to which the Data Subject is a party (Art. 6, par. 1, letter b GDPR);
Compliance with legal obligations to which the Controller is subject (Art. 6, par. 1, letter c GDPR);
Consent of the Data Subject, where required (Art. 6, par. 1, letter a GDPR).

5. Processing Methods and Security Measures

(Arts. 4, no. 2 and 32 GDPR)

The processing of personal data is carried out using computer and electronic tools, according to logic strictly related to the purposes indicated above. The Controller adopts appropriate technical and organizational measures to ensure a level of security appropriate to the risk, in order to prevent unauthorized access, disclosure, loss, or destruction of personal data.

6. Data Retention Period

(Art. 5, par. 1, letter e GDPR)

Personal data are kept for a period no longer than necessary for the purposes for which they are processed and, in particular:

Data related to requests are kept for the time strictly necessary to manage the service or until the Data Subject's withdrawal;
Contact data are kept until the request is fulfilled;
Data processed for legal obligations are kept for the terms provided by current legislation.

A copy of the confirmation for each request is sent to the Data Subject, who is notified and independently retains evidence thereof.

7. Recipients of Personal Data

(Art. 13, par. 1, letter e GDPR)

Personal data may be communicated to third parties providing services instrumental to the operation of the Site, such as IT service providers, hosting, statistical analysis, and third-party service integrations. These subjects act, where applicable, as Data Processors pursuant to Art. 28 GDPR.

Personal data are not subject to dissemination.

8. Cookies and Tracking Tools

(Art. 122 Legislative Decree 196/2003 – Garante Guidelines of June 10, 2021)

The Site uses cookies and similar tools to ensure the correct functioning of the pages and to improve the user's browsing experience.

a) Technical Cookies: Session and technical cookies are used, which are necessary for navigation and Site operation. These cookies do not require the user's consent.
b) Analytical Cookies: The Site may use analytical cookies to collect statistical information in an aggregate and anonymous form regarding Site usage.
c) Third-Party Cookies: The Site may integrate content and services provided by third parties (such as maps or social networks). The installation of such cookies is governed by the policies of the respective providers.

Users can manage cookie preferences through their browser settings; disabling technical cookies may compromise the correct functioning of the Site.

9. Rights of the Data Subjects

(Arts. 15–22 GDPR)

Data Subjects may exercise the rights recognized by the GDPR at any time, including:

Right of access to personal data;
Right to rectification or erasure (right to be forgotten);
Right to restriction of or objection to processing;
Right to data portability;
Right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

Requests may be addressed to the Data Controller at the email address provided above. Data Subjects also have the right to lodge a complaint with the Data Protection Authority (www.garanteprivacy.it).

10. Updates to the Policy

This Policy may be subject to changes or updates as a result of regulatory variations or technical developments of the Site. Users are encouraged to consult this page periodically.

Last update: 14/03/2026