NFORMATION FOR THE PROCESSING OF PERSONAL DATA AND PRIVACY POLICY

ART. 13-14 REG. EU No. 679/2016, Legislative Decree. 196/2003 and subsequent amendments

Under and for articles 13 and 14 of European Regulation no. 679/2016 GDPR, the data provided will be processed in compliance with the aforementioned regulations, as well as with the confidentiality and security rules established by the Regulation and by law.

This information is also prepared for Art. 13 of Legislative Decree no. 196/2003, Code regarding the protection of personal data, and Art. 13 of EU Regulation no. 2016/679, concerning the protection of individuals about the processing of personal data and the free movement of such data.

PRIVACY POLICY

1. This section contains information on how to manage the IPL Law Firm website concerning the processing of sensitive data and also applies to Art. 13 of Legislative Decree no. 196/2003, Code regarding the protection of personal data, and the art. 13 EU Regulation no. 2016/679, and can be reached at the address corresponding to the page: https://ipl.law/privacy-police/

2. The purpose of this document is to provide information on the methods, timing, and nature of the information that the data controllers must provide to users when connecting to the web pages of IPL Law Firm regardless of the purpose of the connection itself, according to Italian and European legislation.

3. The information may change due to the introduction of new regulations in this regard, the user is therefore invited to periodically check this page.

4. If the user is under the age of sixteen, under art. 8, ch. 1 EU regulation 2016/679, he will have to legitimize his consent through the authorization of his parents or guardians.

DATA PROCESSING

1. The data controller is the natural or legal person, public authority, service, or other body which, individually or together with others, determines the purposes and means of processing personal data. He also takes care of the security profiles.

2. About this website, the data controller is IPL Law Firm (Attorneys Andrea Mannocci and Federica Malacarne in via Benedetto Croce n. 79, Pisa, post code 56125, Italy) and for any clarification or exercise of the user’s rights, he can write to the following email address: info@ipl.law

3. In IPL Law Firm only those subjects who will need it for the indicated purposes will have access to data, by way of example lawyers, consultants, and collaborators of the Law Firm, in compliance with the corporate obligations of the GDPR.

4. The data may be transmitted externally where necessary for the development and/or fulfillment of user requests or in the face of another form of obligation or legal authorization, except for all other cases in which express consent is expressed;

5. IPL Law Firm processes the data collected in digital format from the website without express consent (art. 6 GDPR) for the following purposes: to carry out the ordinary activities of answering questions received through the various modules and forms on the site website, fulfill pre-contractual, contractual and tax obligations deriving from existing relationships with the user, fulfill obligations established by law, regulations and community legislation or by an order from the Authority (for example tax communications and issuing invoices) or exercise of rights of the owner (for example exercise of defense in court).

6. Responsible for data processing may be external suppliers used for the provision of services, or for the supply of contractually relevant contents, who may use the data only for the specified purposes and according to the instructions received, or public bodies, Authorities, and governmental institutions, such as prosecutors, courts or tax authorities to which personal data must be transmitted to fulfill legal obligations, having regard to article 6, paragraph 1, letter c) of the GDPR.

7. In addition to the owner, in some cases, categories of persons involved in the organization and maintenance of the website (staff and administrative and marketing consultants, lawyers, system administrators) or external subjects (third-party technical service providers) may have access to the data. , postal carriers, hosting providers, IT companies, and communication agencies).

METHOD OF TREATMENT

1. IPL Law Firm adopts the principle of minimization of personal data, and the IT systems used to manage the information collected are configured in such a way as to minimize the use of personal data.

2. Contact methods are therefore preferred which involve the indication of the least number of sensitive data, limiting the indications of data essential for re-contact and effective communication between the parties.

3. The processing of data consists, by way of example, of operations of collection, registration, organization, conservation, extraction, consultation, use, communication, and cancellation of personal data. It is carried out, for the aforementioned purposes, according to principles (ex art. 5 of the GDPR n. 2016/679) of lawfulness, correctness, transparency, minimization of data, and accuracy.

6. The data are processed by telephone, paper, computer, and telematic methods. The processing takes place using suitable tools, and technical and organizational measures adequate to guarantee security, integrity, and confidentiality, avoiding, in particular, the risk of loss, unauthorized access, illicit use, and dissemination, in compliance with the provisions also of the art. 32 of the GDPR n. 2016/679, by the subjects and in compliance with the provisions of Art. 29 of the GDPR n. 2016/679 and art. 2-quaterdecies of the Privacy Code.

7. Like all websites, this site also makes use of log files in which information collected in an automated manner is kept during user visits. The information collected could be the following: Internet protocol (IP) address; – Browser type and device parameters used to connect to the site; – Name of the Internet service provider (ISP); – Date and time of visit; – Web page of origin of the visitor (referral) and exit; – Possibly the number of clicks.

8. The aforementioned information is test rate in an automated form and collected in an exclusively aggregated form to verify the correct functioning of the site and for security reasons. This information will be tested rates based on the legitimate interests of the owner.

9. For security purposes (anti-spam filters, firewalls, virus detection) the automatically recorded data may also include personal data such as the IP address, which could be used, by the laws in force on the subject, to block attempts of damage to the site itself or to cause damage to other users or harmful activities or activities constituting a crime. These data are never used for the identification or profiling of the user, but only to protect the site and its users, this information will be used based on the legitimate interests of the owner.

10. In the case of specific services requested by the user, including the possibility of sending requests for assistance, the site automatically detects and records some identification data of the user, including the email address. These data are intended to be voluntarily provided by the user at the time of requesting the provision of the service. By filling in the appropriate contact tools on the site, the user expressly accepts the privacy policy and the data received will be used to provide the requested service and only for the time necessary to provide the service.

11. The information that users of the site deem to make public, through the services and tools made available to them, are provided by users knowingly and voluntarily, exempting this site from any liability regarding any violations of the law. It is up to the user to verify that they have permission to enter the personal data of third parties or contents protected by national and international standards.

12. Any transfer of data outside the EU will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses envisaged by the European Commission and/or binding company regulations.

TREATMENT PURPOSES

1. The personal data expressly provided by users who send requests of any kind via direct e-mail or contact form are used to follow up on them and are communicated only to third parties involved in processing the request.

2. The optional, explicit, and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to reply to communications via e-mail, as well as any other personal data entered spontaneously in the e-mail. -mail.

3. The data used for security purposes (eg: blocking attempts to damage the site) are kept for the time necessary to achieve the previously indicated purpose.

4. IPL Law Firm processes the data collected in digital format from the website without express consent (art. 6 GDPR) to carry out the ordinary activities of responding to requests received through the website contact tools, fulfilling to pre-contractual, contractual and tax obligations deriving from relationships with users, fulfill the obligations established by law, regulations, community regulations or by orders of the Authority (for example tax communications and invoices), as well as to exercise rights of the owner himself (by way of example: the right of defense in court).

5. The provision of data for mandatory purposes does not require consent and in the absence of such data, services cannot be provided. The provision of data for other purposes is optional and requires express consent. In your absence, you will not be able to receive newsletters, information material, or communications on services offered by the Data Controller.

6. Subject to specific and distinct consent (articles 6 and 7 of the GDPR), the data may be processed for marketing purposes, such as sending mail, newsletters, commercial communications, and/or information material on products and/or services offered by the Data Controller and collection the degree of satisfaction with the quality of services.

DURATION OF TREATMENT, CONSERVATION, AND CANCELLATION OF DATA

1. Where the description of the individual services does not provide information on the specific retention period or the deletion of the data, the personal data will be kept for the time necessary for the pursuit of the intended purposes or, in the case of consent, until it has been consent revoked. In case of objection to the processing, the user’s data will be deleted, unless further processing is necessary to pursue other legitimate purposes of the processing.

2. Personal data will also be canceled in response to express legal obligations and in the event of the loss of the legal basis on which the processing is based unless further conservation is necessary to fulfill professional or legal obligations or to pursue other legitimate purposes of the processing and without prejudice to any further conservation necessary to fulfill legal obligations in tax matters or document conservation.

COOKIES

1. The website uses cookies to facilitate the user’s browsing experience: Cookies are small strings of text used to memorize some information that may concern the user, his preferences, or the internet access device (computer, tablet, or mobile phone) and is mainly used to adapt the functioning of the site to the user’s expectations, offering a more personalized browsing experience and memorizing the choices previously made.

2. A cookie consists of a small set of data transferred to the user’s browser from a web server and can only be read by the server that made the transfer. It is not executable code and does not transmit viruses.

3. Cookies do not record any personal information and any identifiable data will not be stored. If you wish, you can prevent the saving of some or all cookies. However, in this case, the use of the site and the services offered could be compromised. To proceed without changing the options relating to cookies, simply continue browsing.
TYPES OF COOKIES

Technical Cookies

1. There are numerous technologies used to store information on the user’s computer, which is then collected by other sites. Among these the best known and used is HTML. They are used for navigation and to facilitate the user’s access and use of the site. They are necessary for the transmission of communications on the electronic network or for the supplier to provide the service requested by the customer.

2. The settings to manage or disable cookies may vary depending on the internet browser used. In any case, the user can manage or request the general deactivation or cancellation of cookies by changing the settings of his internet browser. This deactivation can slow down or prevent access to some parts of the site.

3. The use of technical cookies allows safe and efficient use of the site.

4. The cookies that are inserted in the browser and retransmitted through Google Analytics or the statistics service of bloggers or similar are technical only if used to optimize the site directly by the owner of the site itself, who will be able to collect information in aggregate form soul number of users and how they visit the site. Under these conditions, the same rules apply for Analytics cookies, in terms of information and consent, as for technical cookies.

5. From the point of view of duration, temporary session cookies can be distinguished which are automatically deleted at the end of the browsing session and are used to identify the user and therefore avoid logging in to each page visited, and the permanent ones which remain active in the PC until upon expiration or cancellation by the user.

6. Session cookies may be installed to allow access and permanence in the reserved area of the portal as an authenticated user.

7. They are not memorized permanently but exclusively for the duration of the navigation until the browser is closed and disappear when the same is closed. Their use is strictly limited to the transmission of session identifiers consisting of random numbers generated by the server necessary to allow safe and efficient exploration of the site.

Third-party cookies

1. About the origin, the cookies sent to the browser directly from the site you are visiting and those of third parties sent to the computer from other sites and not from the one you are visiting can be distinguished.

2. Permanent cookies are often third-party cookies.

3. Most third-party cookies consist of tracking cookies used to identify online behavior, understand interests and therefore customize advertising offers for users.

4. Analytical third-party cookies may be installed. They are sent from domains of the aforementioned third parties external to the site.

5. Third-party analytical cookies are used to detect information on user behavior on the website. The detection takes place anonymously, to monitor performance and improve the usability of the site. Third-party profiling cookies are used to create user profiles, to propose advertising messages in line with the users’ choices.

6. The use of these cookies is governed by the rules established by the third parties themselves. Therefore, users are invited to read the privacy information and the indications for managing or disabling cookies published on the relative web pages.
Profiling cookies

1. Profiling cookies create user profiles and are used to send advertising messages in line with the preferences expressed by the user while surfing the net.

2. The user can also manage cookies through the settings of his browser. However, deleting cookies from your browser could remove the preferences you have set for the site. For more information and support, you can also visit the specific help page of your web browser.

3. The plugins and/or buttons integrated on the site for social networks allow easy sharing of content on social networks chosen by users. These plugins are normally programmed so as not to set any cookies when accessing the page to safeguard user privacy. Eventually, cookies are set if so provided by social networks, only when the user makes effective and voluntary use of the plugin. Keep in mind that if the user browses being logged into the social network then he has already consented to the use of cookies conveyed through this site when registering with the social network.

4. The collection and use of information obtained through the plugin are governed by the respective privacy policies of the social networks, to which please refer.
USER’S RIGHTS

1. art. 13 co. 2 of the EU Regulation of 2016/679 lists the user’s rights. 2. This website, therefore, intends to inform the user about the existence:

– the right of the interested party to ask the owner for access to personal data (Article 15 of the EU Regulation), their updating (Article 7, paragraph 3, letter an of Legislative Decree 196/2003), rectification (art. 16 EU Regulation), the integration (art. 7, co. 3 lett. a Legislative Decree 196/2003), the limitation of the treatment that concerns him (art. 18 EU Regulation) or to oppose, for reasons legitimate, to their treatment (art. 21 EU Regulation), in addition to the right to data portability (art. 20 EU Regulation);

– the right to request cancellation (art. 17 EU Regulation), transformation into anonymous form, or blocking of data processed in violation of the law, including data whose retention is not necessary for relation to the purposes for which the data are been collected or subsequently processed (art. 7 co. 3, letter b of Legislative Decree 196/2003);

– the right to obtain the attestation that the updating, rectification, data integration, cancellation, data blocking, and transformation operations have been brought to the attention, also about their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right (art. 7 co. 3, letter c of Legislative Decree 196/2003).

2. Requests can be sent to the data controller at his aforementioned email address (without formalities) or by using the model provided by the Guarantor for the protection of personal data.

3. If the treatment is based on the art. 6 paragraph 1 letter a – express consent to use – or on art. 9 paragraph 2 letter a – express consent to the use of genetic, biometric, health-related data revealing religious, philosophical beliefs or union membership, revealing racial or ethnic origin, political opinions – the user has the right to revoke the consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation.

4. Likewise, in the event of a violation of the law, the user has the right to complain to the Guarantor for the Protection of Personal Data, the authority responsible for monitoring data processing in the Italian State.

5.. For a more in-depth examination of your rights, see articles 15, 77 et seq. Of the EU Regulation 2016/679 and the art. 7 of Legislative Decree 196/2003.

FULFILLMENTS

1. The holder notifies the Guarantor of the processing of personal data with which he intends to proceed, only if the processing concerns:

– genetic, biometric data or data indicating the geographical position of persons or objects via an electronic communication network;

– data suitable for revealing the state of health and sexual life, processed for assisted procreation, provision of health services via telematics relating to databases or the supply of goods, epidemiological surveys, detection of mental, infectious, and diffusive diseases, seropositivity, organ and tissue transplantation and monitoring of health expenditure;

– data suitable for revealing sexual life or the psychic sphere, processed by non-profit associations, bodies, and organizations, even if not recognized, of a political, philosophical, religious, or trade union nature;

– data processed with the aid of electronic tools aimed at defining the profile or personality of the interested party or at analyzing consumption habits and choices or monitoring the use of electronic communication services with the exclusion of processing that is technically essential to provide the services same to users;

– sensitive data recorded in databases for personnel selection purposes on behalf of third parties as well as sensitive data used for opinion polls, market research, and other sample research;

– data recorded in special databases managed with electronic tools and relating to the risk of economic solvency, the financial situation, the correct fulfillment of obligations, and illicit or fraudulent conduct.

DATA SECURITY

1. This site processes user data lawfully and correctly, adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification, or unauthorized destruction of data. The processing is carried out using IT and/or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.

2. We inform you that, even though the owner does everything reasonably possible to protect the site and any personal data provided by navigators, in the current state of technology it is not possible to completely avoid the risk of security in navigation or transmission of data via e-mail: No Internet or e-mail transmission is ever perfectly secure or error-free.

3. The use of passwords, identification numbers (IDs), or other special access keys on this website is under the responsibility of the user.

CHANGES TO THIS DOCUMENT

1. This privacy policy may be subject to changes or updates and previous versions of the document will be available, however, at this page:  https://ipl.law/privacy-police/

2. The document was updated on 04.06.2025 to comply with the relevant regulatory provisions and EU Regulation 2016/679.