Set up a call

Privacy Policy

Privacy Policy of the website www.lacchiappasonno.com

HI
this privacy policy contains important information on the processing and protection of personal data of users of the www.lacchiappasonno.com.

The data collected through the site are processed according to the principles of correctness, lawfulness, transparency, limitation of purposes and conservation, minimization and accuracy, integrity and confidentiality, as required by EU Regulation 679/2016 (GDPR).

Data Controller
The data controller is Anna Pasotti, Milan, VAT number 11606110960, mail anna@lacchiappasonno.com.

Website
Anna Pasotti is the owner and owner of the contents of the site www.lacchiappasonno.com hereinafter “Site”.
The Site is hosted on hosting managed by Artera whose servers are located in Switzerland and in Italy.
Here: https://www.artera.net/it/informativa-privacy/ Artera’s data processing policy.

What personal data is collected and why (type of data, purpose and legal basis)
By browsing this site, personal data may be collected, as better specified below.
Cookies are also installed, as you can read in the cookie policy.

    • Navigation data
      The computer systems of the site implicitly collect, during their operation, some personal data (required by Internet communication protocols). These are not associated with specific subjects, except through a complex and complicated system of processing and association with other data held by third parties. This category of personal data includes the IP addresses or domain names of the computers used by users who connect to the site, the browsers and the parameters of the computer system used to connect to the site, navigation data, including the time of the request and response obtained from the server.
      Data processed: IP addresses or domain names of the computers used by users who connect to the site, browsers and parameters of the computer system used to connect to the site, navigation data, including the time of the request and response obtained from the server.
      Purpose: use of the site, any anonymous statistics on the use of the site.
      Legal basis: legitimate interest of the Data Controller.
      Non-EU data transfer: yes
    • Contact form
      When completing the contact form on the Site, the User is required to provide their name, surname and email address, necessary for the Owner to respond to the request received.
      Data processed: name, surname, email address.
      Purpose: response to a request received from the User.
      Legal basis: consent, expressed at the bottom of the form.
      Non-EU data transfer: yes.
    • Newsletters
      To subscribe to the newsletter, it is necessary to provide your name and e-mail address, which the User enters in the form.
      The provision of this data is voluntary, but necessary in order to obtain the sending of the newsletter.
      The personal data provided is processed for the sole purpose of sending the newsletter to which the User has asked to subscribe, through the Site.
      The data processing relating to the sending of the newsletter takes place through and on the servers used by Brevo, located in France. Brevo plays the role of data controller pursuant to art. 28 GDPR. You can read the Brevo privacy policy at this link: https://www.brevo.com/it/legal/privacypolicy/
      Data processed: name, email address.
      Purpose: sending of the newsletter.
      Legal basis: consent given by the user.
      Non-EU data transfer: no.
    • Booking call
      Through the Calendly application, it is possible to book and purchase lessons and calls. You must provide your name, surname, email address, telephone number, tax code, residential address. The provision of this data is voluntary, but necessary to use the services. The personal data provided is processed for the sole purpose of booking/purchasing/invoicing lessons and calls.
      Calendly, which is the independent data controller for the provision of the service, also collects other data (such as log data, cookies, etc.) which are not communicated to the data controller in any way and which are used according to the policy of the application, posted here: https://calendly.com/pages/privacy.
      Data processed: name, surname, email address, telephone number, tax code, residential address.
      Purpose: booking/purchase/invoicing of lessons and calls
      Legal basis: consent given by the User.
      Non-EU data transfer: yes.
    • Links to social profiles
      On the site there are links to access the social profiles connected to the site (Facebook, Instagram, Mail). These are links that lead to pages external to the Site, which involve data processing directly by the related social networks, without the involvement of the Site.
    • Affiliate link to Amazon
      The Site is a member of the Amazon EU Affiliate Program, an affiliate advertising program designed to provide sites with a method to earn advertising commissions, through the creation of advertisements and links to Amazon.
      It could therefore happen that links to products that can be purchased on Amazon are inserted on the Site, on the purchase of which small commissions will be recognized to the Site.
      Only by clicking on the links (and only in that case) will Amazon install some cookies on the user’s browser, which allow the purchase to be tracked, but the Site will not have access to the management of cookies, nor to any data relating to the navigation of the Users from Amazon links, nor their purchases.
      With reference to the affiliation service, Amazon is the independent data controller, which is used according to the company policy, published here: https://www.amazon.it/gp/help/customer/display.html?ie=UTF8&nodeId =200545460&ref_=footer_privacy.
    • Social sharing buttons
      Social sharing buttons are installed on the site, which allow the User to share blog articles on the main social networks.
      The use of the social buttons involves the sharing of some information of the User (better specified below) with the social network concerned, which can collect, memorize, analyse, archive it, based on the provisions of the specific information of each social network (linked below). In some cases, the collection of User data could take place through the use of cookies.
      Facebook
      Data processed: cookies, usage data
      Purpose, legal basis and storage time: see https://www.facebook.com/about/privacy/
      Non-EU data transfer: yes.
      Twitter
      Data processed: cookies, usage data
      Purpose, legal basis and storage time: see https://twitter.com/it/privacy
      Non-EU data transfer: yes.
      Telegram
      Data processed: cookies, usage data
      Purpose, legal basis and storage time: see https://telegram.org/privacy
      Non-EU data transfer: yes.
    • Google Fonts
      The Google Fonts tool is used to view styles and fonts within the site – https://policies.google.com/privacy?hl=it
      Processed data: site usage data.
      Purpose: visualization of styles and fonts.
      Legal basis: legitimate interest of the Data Controller.
      Non-EU data transfer: yes.
    • Tag management
      The tag management tool is used to monitor the activity of users of a site (anonymously) in order to make decisions for the management of the site itself. This site uses Google Tag Manager – https://policies.google.com/privacy?hl=it
      Processed data: site usage data.
      Purpose: tag management.
      Legal basis: legitimate interest of the Data Controller.
      Non-EU data transfer: yes.ù
    • You Tube widgets
      Through the dedicated widget, it is possible to integrate videos from YouTube into the site. Here the related policy: https://policies.google.com/privacy?hl=it&gl=it.
      Processed data: cookies and site usage data.
      Purpose: use of the YouTube tool.
      Legal basis: legitimate interest of the Data Controller.
      Non-EU data transfer: yes
    • Google reCaptcha spam filter
      Protects the site from spam. Here the relative policy: https://policies.google.com/technologies/cookies?hl=it
      Processed data: site traffic data.
      Purpose: Site protection from spam.
      Legal basis: legitimate interest of the Data Controller.
      Non-EU data transfer: yes.
    • Google Analytics 4 (anonymized IP)
      Analyze traffic data on the site. Here the related policy:
      https://support.google.com/analytics/answer/6004245?hl=it&utm_id=ad
      Processed data: site usage data.
      Purpose: Analysis of traffic data on the Site.
      Legal basis: consent.
      Non-EU data transfer: yes.

Methods of treatment and conservation
Data processing is carried out in an automated form, in compliance with the provisions of art. 32 of the GDPR 2016/679 regarding security measures; that is, the data is processed and managed in such a way as to avoid or in any case limit the risks of loss, destruction, theft and in such a way as to allow their recovery, should one of the cases described occur.
Based on the provisions of art. 4 of the GDPR 2016/679, the data provided can be: collected, recorded, organised, stored, consulted, processed, modified, selected, extracted, compared, used, interconnected, blocked, communicated, canceled and destroyed. Appropriate systems for data protection have been adopted.

Data retention period
The data is kept for the technical times necessary for the indicated uses.
In any case, the User has the right to request the destruction or cancellation of the data provided.
The data may also be kept for a longer period, to fulfill fiscal obligations or the order of an Authority.
At the end of the period necessary for conservation, the data will be deleted and no longer recoverable.

Communication and dissemination of data
Personal data will never be disclosed and will not be communicated without the explicit consent of the User.

Data access
The data could be made accessible due to a legal obligation, which may involve the transfer of data to public bodies, judicial authorities, insurance bodies.
The data could be visible to a consultant/IT technician who has to operate for the repair/maintenance of IT systems and to the administrative assistant.
For any information you can write by email to anna@lacchiappasonno.com.

Transfer of personal data
The data could be transferred to third countries not belonging to the European Union, based on what is better specified above, with reference to each function.

Special categories of personal data
The Site does not collect or process data that can be classified as “particular categories of personal data”, pursuant to articles 9 and 10 of the GDPR 2016/679.

Rights of the interested party
At any time, the user may exercise, pursuant to articles 15 to 22 of the GDPR 2016/679, the right to:
a) request confirmation of the existence or not of personal data concerning him;
b) obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the retention period;
c) obtain the rectification and cancellation of data;
d) obtain the limitation of the treatment;
e) obtain data portability, i.e. receive them from a data controller, in a structured format, commonly used and readable by an automatic device, and transmit them to another data controller without impediments;
f) oppose the treatment at any time and also in the case of treatment for direct marketing purposes;
g) oppose an automated decision-making process relating to natural persons, including profiling;
h) ask the data controller to access personal data and correct or cancel them or limit their processing or to oppose their processing, in addition to the right to data portability;
i) withdraw the consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
j) propose a complaint to a Supervisory Authority.

Methods of exercising rights
To exercise the aforementioned rights or to receive clarifications or other information regarding the processing of personal data, you can write to the e-mail address anna@lacchiappasonno.com. An answer will be given within 30 days.

If you intend to lodge a complaint with the Guarantor Authority, you can visit the website https://www.garanteprivacy.it/home/diritti/come-agire-per-tutelare-i-tuoi-dati-personali, for any information.

Policy revised in April 2023.