Personal data protection – Privacy policy
Dear user, we would like to inform you that the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”) provides for the protection of natural persons with regard to the processing of personal data as a fundamental right. Pursuant to Article 13 of the GDPR, therefore, we inform you that Princivalle Apruzzi Danielli – Studio Legale will process some of your personal data as specified below.
CATEGORIES OF PERSONAL DATA:
SOURCE OF PERSONAL DATA: The personal data held by our law firm is collected directly from the data subject.
DATA CONTROLLER: The data controller is the professional association named Princivalle Apruzzi Danielli – Law Firm with registered office in Via Santo Stefano 50, 40125 Bologna, TAX Code and VAT 03082431200; it can be contacted by phone at +39 051 0930400 or by email at info@padlex.com.
DATA PROCESSING PURPOSES AND LEGAL BASIS: The processing of your personal data is carried out for the following purposes:
RECIPIENTS OF DATA: Within the limits relevant to the purposes of processing indicated, your data may be disclosed to third parties who will process them as independent data controllers, tax agencies and authorities and justice bodies, credit institutions, insurance companies, carriers and freight forwarders, as well as being communicated or accessible to service providers, consultancies, accounting and marketing companies, hosting providers and digital services, acting as “data processors”. Your data will not be distributed in any way. The information relating to the data processors and the personnel authorized by the Data Controller are available in an updated list at regular intervals at the Data Controller.
TRANSFER OF DATA ABROAD: As part of the processing, the data collected may be transferred outside the European Economic Area (EEA). In particular, our law firm uses the cloud-based storage service offered by Synology with data center located in the European Union and parent company in the USA. The transfer is carried out by adopting the standard contractual clauses pursuant to art. 46 of the GDPR for the transfer of personal data.
RETENTION PERIOD: The data collected will be kept for a period of time not exceeding the achievement of the purposes for which they are or according to the deadlines provided by law. The check on the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically.
CONSENT, MANDATORY OR NOT: The provision of your data is optional in relation to the purposes described above, however, this is necessary because failure to provide it will not allow the submission of the application or the receipt of the newsletter by the law firm or the receipt of commercial and marketing information.
DATA PROCESSING METHODS: The personal data you provide, shall be the subject of processing operations in compliance with the aforementioned legislation and the obligations of confidentiality that underlie the activity of the Data Controller and the ethical obligations for the legal profession. The data will be processed both by computer tools both on paper and on any other type of suitable media, in compliance with the appropriate security measures pursuant to Art. 5 par. 1 letter f) of the GDPR.
RIGHTS OF THE DATA SUBJECT: The data subject always has the right to request from the Data Controller access to his/her data, the rectification or cancellation of the data, the limitation of the processing or the possibility of opposing the processing, to request data portability, to revoke the consent to processing by asserting these and the other rights provided for by the GDPR by simple communication to the Data Controller. The data subject may also file a complaint with a supervisory authority.
July 2023, Princivalle Apruzzi Danielli