Privacy Policy - Ferretti Firm

Privacy Policy

The information set forth herein describes the policy applied by Ferretti Firm pursuant to European Regulation EU 2016/679 (“GDPR”) and to the national and international laws on personal data protection applicable from time to time ("Privacy Laws"), in connection with the processing of your personal data on the website www.ferrettifirm.com (the "Website"). This policy does not apply to pages or websites that may be managed by third parties and accessed through links; therefore, you are invited to pay attention in such respect and read carefully the conditions of use and privacy policies published on external websites.

1. Data Controller and Data Processors

As your personal data may be processed following access to this Website, you are hereby informed, in accordance with GDPR and the Privacy Laws, that the controller of those data shall be Ferretti Firm, with main office located at Via B. Cairoli, 46 – 51016 Montecatini Terme (PT), Italy and satellite office located at Piazza IV Novembre 4, 20124 Milan, represented by the Managing Attorney, Avv. Daniele Ferretti, Esq. (the “Data Controller”).

Pursuant to GDPR and the Privacy Laws, data relating to the web services provided on this Website shall be processed at the offices of the Data Controller by the person in charge of the processing, or by technicians outside the Data Controller's organization duly appointed in writing as responsible for the processing. The updated list of the processors and system administrators is retained at the main office of the Data Controller.

2. Data Processed

(a) Web Surfing

This Website may collect your personal data through internet communication protocols while operating. Those data are acquired for the sole purpose of obtaining anonymous statistical information on your use of this Website (including to ascertain responsibility in the event of any illegal operation) and to improve the structure thereof.
Those data may include, among others, IP addresses or domain names of computers used by users accessing the Website, URIs (Uniform Resource Identifiers) or data processed by using cookies, along with details of the requests sent to the Website's server, which make navigation possible (e.g. the time at which the request is submitted, the size of the file obtained in response, the method used to submit the request to the server, the numerical code indicating the state of the reply given by the server, and other parameters relating to your IT environment).

(b) Electronic Communication

Any communication sent to the addressed specified on the Website results in the subsequent acquisition of your email address and other personal data contained therein.

3. Purposes and Legal Bases of Data Processing

Your personal data are processed for the following purposes and legal bases:

• The execution of the agreement and/or the fulfillment of pre-contractual requirements, in particular:
• The management of contractual and pre-contractual relationships;
• Data Controller’s fulfillment of law provisions, such as:
• the fulfillment to the obligations set forth by laws, regulations and national or European laws, or imposed by the competent authorities;
• The pursuit of a legitimate interest of the Data Controller, specifically:
• sending updates related to the main regulatory and case law developments, etc.: you will be always entitled to ask at any time to stop receiving unwanted emails or to select the subjects of greater interest: the Data Controller is bound to the general interest of a professional association to promote the above-mentioned updates and is considered as legitimate pursuant to the national data protection laws;
• the prevention and repression of unlawful acts and the exercise of rights of the Data Controller in court and litigation management: the interest of the Data Controller is the right of court action guaranteed by Italian Constitution (article no. 24) and, as such, is socially acknowledged as prevailing with respect to the interests of the single data subject.

4. Data Processing Methods

In accordance with the provisions of GDPR and the Privacy Laws, specific measures are applied to prevent unauthorized access to your data, their loss or their improper or unlawful use. Your data shall be processed using automated means and shall be stored only for the time strictly necessary to achieve the purposes for which they were collected.
Your personal data may be processed either in paper format or in electronic format for as long as is strictly necessary to achieve the objectives for which such data have been collected. Please report to the email address contactus@ferrettifirm.com any change in your personal data to keep them updated, detailed and complete.

No data acquired on this Website will be disseminated or assigned to third parties without your express consent, unless disclosure is required by law, pursuant to a decision of a competent authority or to follow up your requests.

5. Rights of the Data Processing Subject

The Data Controller informs you that you, as data subject, where the limitations provided by law are not applicable, has the right to:

• obtain confirmation over the existence or inexistence of personal data relating you, even if not yet registered, and their communication in a comprehensible way;
• obtain the indication and, if necessary, the copy of the: a) source and category of the personal data; b) logic applied in case the processing is performed by means of electronic instruments; c) purposes and modalities of the processing; d) identification references of the Data Controller and the data processors; e) subjects or categories of subjects to whom personal data may be communicated or who may come to know, in particular if recipients are extra-EU countries or international organizations; e) period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period; f) existence of an automated decision-making process and, in this case, information about the logic involved, the significance and consequences for the data subject; g) existence of adequate safeguards in case of transfer of personal data to an extra-EU country or international organization;
• obtain, without undue delay, the update, the rectification or, whether you are interested, the integration of incomplete data;
• withdraw the conferred consents at any time, easily, without hindrances, using, when possible, the same channels used to provide them;
• obtain the cancellation, the transformation into anonymous form or blocking of the data: a) processed in breach of the law; b) no longer necessary in relation to the purposes for which the data have been collected or subsequently processed; c) if you withdraw consent on which the processing is based and there is no other legal basis for the processing; d) if you object to the processing and there are no overriding legitimate basis for the processing; e) to comply with a legal obligation; f) in case of data referred to children. The Data Controller may refuse to erase them when the processing is necessary: a) to exercise the right of freedom of expression and information; b) in compliance with a legal obligation, for the performance of a task carried out in the public interest or in the exercise of public authority; c) for reasons of public health interest; d) to achieve purposes in the public interest, scientific or historical research purposes or statistical purposes; e) to exercise a right in a court;
• obtain the restriction of processing in case of: a) the accuracy of the personal data is contested; b) unlawful processing by the Data Controller in order to prevent the erasure of the personal data; c) exercise of your right in court; d) verification on the possible existence of overriding legitimate interests of the Data Controller with respect to those of the data subject;
• receive the personal data related to you in a structured, commonly used and machine-readable format and transmit those data to another data controller, without hindrance, from the data controller to which the personal data have been provided, where the processing is carried out by automated means;
• object, in whole or in part: a) for lawful causes, to the processing of personal data related to you, regarding your particular situation; b) to the processing of personal data that relates to you for the purpose of sending advertising material, by means of automated call systems without the intervention of an operator, e-mail and/or traditional methods by telephone and/or paper mail;
• lodge a complaint to the competent supervisory authority.

For all cases mentioned above and in case you have exercised your rights, the Data Controller will inform – if necessary - third parties to whom your personal data were disclosed, except for specific cases (e.g.: where impossible or involve a manifestly disproportionate use of resources compared to the right protected by the law).

6. Modalities to Exercise your Rights

You can at any time exercise your rights:

• sending an email to the following address: contactus@ferrettifirm.com;
• calling the number +39 0572 092613.

This policy may be updated periodically.