Privacy Policy

Courtesy translation. In case of discrepancies, the Italian version shall prevail for legal purposes.

Dear User, this Privacy Policy is provided pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (the “GDPR”) and the relevant provisions of the Italian Privacy Code (Legislative Decree No. 196/03), as amended by Legislative Decree No. 101/18, concerning the protection of personal data, to those who connect to the website https://www.studiobrambillastp.eu/ and use the related services. This page describes how the website owned by Studio Brambilla & Sons S.r.l. S.T.P. (also referred to as the “Data Controller”) is managed and the processing operations carried out on the personal data of users who access and browse the website. This notice refers only to the above-mentioned page and not to any other websites that the user may consult via specific links. Users/visitors must read this Privacy Policy carefully before sending any personal information and/or completing any electronic form on the website.

1. DATA CONTROLLER

Pursuant to Article 4(7) of the GDPR, the Data Controller is the entity that “determines the purposes and means of the processing of personal data”. With reference to this website, the Data Controller is: Studio Brambilla & Sons S.r.l. S.T.P. – Via Nino Bixio, 1, Monza (MB), 20900 - VAT No. IT10082100966, email: info@studiobrambillastp.eu, Tel: 039384041, PEC (certified email): studiobrambillastp@pec.it.

2. DATA PROTECTION OFFICER

The Data Protection Officer (DPO) is a role provided for by Article 37 of the GDPR to perform support and oversight, advisory, training and information functions; its appointment is mandatory only in the cases set out in Article 37(1)(b) and (c) of the GDPR. This role is not mandatory for the Data Controller of this website.

3. TYPES OF DATA AND PURPOSES OF PROCESSING

A. Browsing data

The IT systems and software procedures used to operate this web page acquire, during their normal operation and for the duration of the connection only, certain personal data the transmission of which is implicit in the use of Internet communication protocols.

This information is not collected in order to be associated with identified data subjects, but by its very nature may, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses or domain names of the computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server (successful, error, etc.), the country of origin, temporal characteristics of the visit (e.g., time spent on each page) and other parameters related to the user’s operating system and IT environment.

Such data may be used for:

  • i) statistics: collection of data and information in aggregated and anonymous form to verify the correct functioning of the website. None of this information is linked to the natural person who is the site user and it does not allow identification in any way.
  • ii) security: collection of data and information to protect the security of the website (e.g., firewall filters and virus detection) and users, and to prevent or ascertain unlawful conduct to the detriment of the website.

B. Data provided voluntarily by the user

This category includes:

  • Data that the user provides by sending emails to the email addresses indicated on the website or by telephone communications to the contact numbers indicated therein. In particular, in addition to the user’s email address, which is necessary to reply, any other personal data contained in the email message or provided during the telephone communication will be acquired.
  • Data that the user provides by voluntarily completing the form on the website, which includes the following fields: Name, Email, Message.

Such data may be used to respond to requests for information or to requests of any kind made by the User.

The voluntary and explicit sending of personal data through the above channels entails the subsequent acquisition of the user’s data necessary to respond to the requests submitted and/or to provide the requested service. In that case, the data acquired will be processed exclusively for the purpose of responding to users’ requests. To better contextualize the request, users may be contacted by email, by phone, or through other communication systems by an operator appointed by the Administration. Failure to provide the data (e.g., personal details, email address, or telephone number) necessary to provide the service may make it impossible to obtain what is requested.

If the Data Controller intends to further process personal data for a purpose other than that for which it was collected, it will first provide the data subject with all necessary information and will request consent where required.

C. Cookies

Cookies are small text strings that the websites visited by the user send to the user’s device (usually the browser), where they are stored and then transmitted back to the same websites on the user’s next visit.

Some cookies are installed by the website operator (“first-party” cookies). While browsing a website, the user may also receive cookies sent by different websites or web servers (“third-party” cookies).

Cookies may be “session” cookies when the data remains for the duration of a session and is deleted when the user closes the browser used to browse the web. There may also be persistent cookies, which remain stored on the user’s device for a certain period of time (e.g., to enable simplified user authentication within the website).

The types of cookies used by the website are indicated below, along with their characteristics, purposes and retention periods. For any other information, please refer to the cookie policy.

i. Technical cookies

Technical cookies allow the transmission of a communication over an electronic communications network, or, insofar as strictly necessary, to the provider of an information society service explicitly requested by the subscriber or user to provide that service. The following are present:

  • session or browsing technical cookies that ensure normal browsing and use of the website.
  • a first-party, persistent functionality technical cookie that facilitates the user’s browsing on this website by preventing the short cookie notice from being shown again once the user has clicked the “Accept all” button on the cookie banner.

ii. Analytical cookies

Analytics cookies are used to obtain information about the number of users and how they visit the website. In particular, the website includes third-party cookies related to statistics services (session and persistent): such cookies make it possible to know how the user visits this website and allow assessment and possible changes regarding how information and services can be used (by way of example only, such cookies allow knowing the number of visitors, average time spent on the website, the channels through which the user accesses the website, the most visited pages, etc.). To perform these operations, the Data Controller currently uses Google Analytics – a web analytics service provided by Google that releases cookies on the user’s device. Google uses this information to evaluate the user’s use of the website, compile reports on website activity and provide other services relating to website activity and Internet usage. Google may also transfer this information to third parties where required by law, or where such third parties process the information on Google’s behalf. Specific settings have been enabled to reduce the identifying power of the collected data. The privacy notice and further details are available at: http://www.google.com/analytics/ and http://www.google.com/analytics/learn/privacy.html. The methods to delete and block tracking through this service are available at: http://tools.google.com/dlpage/gaoptout?hl=it.

iii. Profiling cookies

Profiling cookies are used to track the user’s browsing and analyze their behavior for advertising profiling purposes, in order to propose personalized content based on the interests shown during browsing.

In particular, this website uses the cookie _gac_GTY6DLRWCW, released by Google Analytics, which allows associating the information collected on the website with advertising campaigns active through Google Ads.

This third-party cookie, with a duration of two years, allows measuring conversions and attributing them to advertising sources by linking the user’s interactions with ads displayed on other Google channels. Due to these characteristics, the cookie qualifies as a third-party profiling cookie and is installed only after the user’s explicit consent, provided through the cookie banner or the cookie preferences management section. It is always possible to withdraw consent through that section.

For more information, please refer to Google’s privacy policy available at: https://policies.google.com/privacy.

4. LEGAL BASIS

The legal bases for the processing of personal data for the purposes indicated in the previous section are as follows:

  • purposes set out in § 3, letter A), points i) and ii) and letter C) point i): the Data Controller’s legitimate interest;
  • purposes set out in § 3, letter B): contract and pre-contractual negotiations;
  • purposes set out in § 3, letter C) points ii) and iii): the data subject’s consent.

5. NATURE OF DATA PROVISION

Apart from what is specified for browsing data, the user is free to provide personal data by sending email messages or contacting the Data Controller. The provision of such data is therefore optional.

If the user provides, publishes, shares or otherwise processes personal data of third parties when using the website’s functionalities, the user warrants that they are entitled to process such data and, where necessary, that they have previously obtained the third party’s consent to the processing of information concerning them, assuming all responsibility in this regard and holding the website’s Data Controller harmless.

5.1. Managing cookie preferences

When accessing any page of the website, a banner is displayed that contains a short notice. Within the banner there is a link that allows access to the tool for managing preferences regarding cookie installation. Consent to the use of cookies is recorded by means of a functionality “technical cookie”.

Technical cookies are generated when the website is opened and are deleted by clearing the browser cache. The user may manage preferences relating to cookies directly within their browser and, for example, prevent third parties from installing cookies, delete cookies installed in the past, including the cookie that may have stored consent to the installation of cookies by this website. For more information, consult the specific help page of the web browser being used.

The user may exercise the following options:

  • Block third-party cookies: third-party cookies are generally not indispensable for browsing, so you may refuse them by default through your browser’s specific functions.
  • Enable Do Not Track: the Do Not Track option is present in most latest-generation browsers. If enabled, the website automatically stops collecting certain browsing data.
  • Delete cookies directly allows deleting all cookies in a single action.

With reference to cookies installed by third parties, the user may also manage their settings and withdraw consent by visiting the relevant opt-out link (where available), using the tools described in the third party’s privacy policy, or contacting the third party directly.

For more information on managing the website’s cookies, please consult the cookie policy.

6. METHODS AND PLACE OF PROCESSING, DISCLOSURE AND DISSEMINATION OF DATA

Personal data are processed lawfully, fairly and transparently and, in any case, in compliance with Articles 5 and 6 of Regulation (EU) 2016/679 (GDPR). Your personal data are processed using manual and IT tools with logic strictly related to the purposes for which they were acquired and in such a way as to ensure the security and confidentiality of the data.

Personal data may be disclosed to and processed by internal collaborators and/or employees of the Data Controller, as persons authorized to process data, within the scope of their respective functions and in accordance with the instructions given by the Data Controller.

In some cases, data may be disclosed to external parties acting on behalf of the Data Controller, duly appointed, where necessary, as Data Processors pursuant to Article 28 of the GDPR, such as:

  • natural and legal persons providing website development and maintenance services or IT consulting;
  • third parties providing services on behalf of the Data Controller where disclosure is necessary for the purposes indicated;
  • public bodies and authorities to which disclosure is required by law.

The updated list of Data Processors may always be requested from the Data Controller. Your data will not be disseminated to indeterminate third parties.

Data may be transferred to countries outside the European Union where necessary to pursue the purposes indicated in §3. In such cases, the Data Controller ensures that any extra-EU transfer will be carried out in accordance with applicable legal provisions, entering into agreements, where necessary, that ensure an adequate level of protection or adopting the standard contractual clauses approved by the European Commission. Data collected via Google Analytics cookies may be transferred by that third party outside the European Union, in particular to the United States of America, in compliance with applicable privacy rules. In any case, for further information, please consult Google’s cookie policy.

7. RETENTION PERIOD

Without prejudice to what has already been specified regarding cookies, the collected data are retained for the time strictly necessary to carry out the activities specified in § 3. Upon expiry, data will be deleted or anonymized, unless there are additional purposes for retaining them.

8. USER RIGHTS

You may exercise your rights vis-à-vis the Data Controller using the following contacts: (i) email info@studiobrambillastp.eu, (ii) Tel: 039384041, (iii) PEC: studiobrambillastp@pec.it.

To ensure proper exercise of rights, you must make yourself identifiable unequivocally. The Data Controller undertakes to respond within 30 days and, if unable to meet this deadline, to provide reasons for any extension of the time limits. The response will be free of charge except in cases of unfounded requests (e.g., no data exists concerning the requesting data subject) or excessive requests (e.g., repetitive over time), for which a fee may be charged not exceeding the actual costs incurred for the search carried out in the specific case.

At any time, pursuant to Articles 15 to 22 of the GDPR, you may exercise the right to:

  1. request confirmation as to whether or not personal data concerning you exist;
  2. obtain information about the purposes of processing, categories of personal data, recipients or categories of recipients to whom personal data have been or will be disclosed and, where possible, the retention period;
  3. obtain rectification and erasure of data;
  4. obtain restriction of processing;
  5. obtain data portability, i.e., receive your data from a data controller in a structured, commonly used and machine-readable format, and transmit it to another data controller without hindrance;
  6. object to processing at any time, including in the case of processing for direct marketing purposes;
  7. object to automated decision-making processes concerning natural persons, including profiling;
  8. request from the data controller access to personal data and the rectification or erasure of personal data or restriction of processing concerning you, or object to processing, in addition to the right to data portability;
  9. withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal;
  10. lodge a complaint with a supervisory authority.

You may also manage preferences expressed regarding the use of cookies in the ways specified in the cookie policy.

9. CHANGES TO THIS DOCUMENT

This document constitutes the privacy policy of this website. It may be subject to changes or updates. Where changes and updates are significant, they will be notified to users through specific notices.

Cookie preferences

This website uses technical cookies necessary for the proper functioning of the Site and, subject to the User’s consent, third-party cookies for analytical purposes.
You can consent to the use of these technologies by clicking the “Accept all” button, refuse them by clicking “Reject all”, or select only certain cookies through “Manage preferences”.
For more information about the cookies used on this website, please consult our privacy policy and cookie policy.