This privacy statement was last updated on 16 October 2023 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.

In this privacy statement, we explain what we do with the data we obtain about you via https://gianlucagentile.com/en. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

• we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
• we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
• we first request your explicit consent to process your personal data in cases requiring your consent;
• we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
• we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose, data and retention period

2. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy. 

3. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organization is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

We have concluded a data Processing Agreement with Google.

Google may not use the data for any other Google services.

The inclusion of full IP addresses is blocked by us.

4. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

The security measures we use consist of:

• Login Security
• DKIM, SPF, DMARC and other specific DNS settings
• (START)TLS / SSL / DANE Encryption

5. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

6. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

7. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:

• You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
• Right of access: You have the right to access your personal data that is known to us.
• Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
• If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
• Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
• Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

8. Submitting a complaint

If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Data Protection Authority.

9. Contact details

Gianluca Gentile
Via di Gagia 22, 38086 Giustino
Italy
Website: https://gianlucagentile.com/en
Email: info@gianlucagentile.com
Phone number: 3885891615

10. Data Requests

For the most frequently submitted requests, we also offer you the possibility to use our data request form

Annex

1. Categories of Personal Data processed

   The Data Controller processes the following types of Personal Data voluntarily provided by the Data Subject:
   • Contact information: first name, last name, address, e-mail, telephone, pictures, authentication credentials, any additional information submitted by the Data Subject, etc.
   • Tax and payment information: tax code, VAT number, credit card information, bank account details, etc.
   The Owner processes the following types of Personal Data collected in an automated manner:
   • Technical Data: Personal Data produced by the devices, applications, tools and protocols used, such as, for example, information about the device being used, IP addresses, browser type, Internet Service Provider (ISP) type. Such Personal Data can leave traces that, particularly when combined with unique identifiers and other information received by servers, can be used to create profiles of individuals
   • Application browsing and usage data: such as, for example, pages visited, number of clicks, actions taken, session duration, etc.
   • Data on the exact location of the Data Subject: e.g., geolocation data that precisely identifies the location of the Data Subject that may be collected via the satellite network (e.g., GPS) and other means, collected with the consent of the Data Subject. The Data Subject may withdraw consent at any time.
   Failure by the Data Subject to provide Personal Data for which there is a legal or contractual obligation or if they are a necessary requirement for the conclusion of the contract with the Data Controller, will result in the impossibility of the Data Controller to establish or continue the relationship with the Data Subject. The Interested Party who communicates to the Controller Personal Data of third parties is directly and exclusively responsible for their origin, collection, processing, communication or dissemination.

2. Cookies and similar technologies

   The Application uses cookies, web beacons, unique identifiers and other similar technologies to collect Personal Data of the Data Subject about the pages, links visited and other actions performed when the Data Subject uses the Application. They are stored and then transmitted the next time the Data Subject visits. The full Cookie Policy can be viewed at: https://www.gtechgroup.it/politica-dei-cookie-ue/

3. Legal basis and purpose of processing

   The processing of Personal Data is necessary:
   1. For the execution of the contract with the Interested Party, namely:
      1. fulfillment of any obligation arising from the pre-contractual or contractual relationship with the Interested Party
      2. Registration and authentication of the Data Subject: to enable the Data Subject to register on the Application, log in and be identified also via external platforms
      3. support and contact with the Interested Party: to respond to the requests of the Data Subject.
      4. payment management: to handle payments by credit card, bank transfer or other means
   2. By legal obligation and specifically:
      1. The fulfillment of any obligations under current regulations, laws and regulations, in particular, on tax and fiscal matters
   3. Based on the legitimate interest of the Owner, to:
      1. Email marketing purposes of products and/or services of the owner To directly sell the Controller's products or services using the e-mail provided by the Data Subject in the context of the sale of a product or service similar to the one being sold
      2. Management, optimization and monitoring of the technical infrastructure: to identify and solve any technical problems, to improve the performance of the Application, to manage and organize information in a computer system (e.g., server, database, etc.)
      3. security and anti-fraud: to ensure the security of the Holder's assets, infrastructure and networks
      4. statistics with anonymous data: to perform statistical analysis on aggregated and anonymous data to analyze the behavior of the Data Subject, to improve the products and/or services provided by the Data Controller and better meet the expectations of the Data Subject
   4. Based on the consent of the Data Subject, to:
      1. profiling of the Data Subject for marketing purposes: to provide the Data Subject with information about the Controller's products and/or services through automated processing designed to collect personal information for the purpose of predicting or assessing the Data Subject's preferences or behavior
      2. retargeting and remarketing: to reach with a personalized advertisement the Data Subject who has already visited or has shown interest in the products and/or services offered by the Application using his/her Personal Data. The Data Subject may opt-out by visiting the page of the Network Advertising Initiative
      3. Marketing purposes of the Owner's products and/or services: to send commercial and/or promotional information or materials, to carry out direct sales activities of products and/or services of the Owner or to carry out market research by automated and traditional means
      4. Marketing purposes of third-party products and/or services: to send information or commercial and/or promotional materials of third parties, to carry out direct sales activities or to perform market research of their products and/or services by automated and traditional means
      5. Disclosure of Personal Data for third-party marketing purposes: to communicate Personal Data to third parties operating in the Marketing and Communication sector so that they may use it to send them commercial and/or promotional information or materials or to carry out direct sales activities of their products and/or services or to carry out market research using automated and traditional methods
      6. detection of the exact location of the Interested Party: to detect the presence of the Interested Party, to control the accesses, times and presence of the Interested Party in a certain place, etc.
   Based on the legitimate interest of the Data Controller, the Application allows interactions with external platforms or social networks whose processing of Personal Data is governed by their respective privacy policies to which please refer. The interactions and information acquired by this Application are in any case subject to the privacy settings that the Data Subject has chosen on such platforms or social networks. This information - in the absence of specific consent to processing for further purposes - is used for the sole purpose of enabling the use of the Application and providing the requested information and services. The Data Subject's Personal Data may also be used by the Data Controller to protect itself in court before the competent judicial bodies.

4. Methods of processing and recipients of Personal Data

     The processing of Personal Data is carried out by means of paper and computer tools with organizational methods and logic strictly related to the stated purposes and through the adoption of appropriate security measures. Personal Data are processed exclusively by:
   • persons authorized by the Data Controller to process Personal Data who have committed to confidentiality or have an appropriate legal duty of confidentiality;
   • Parties operating independently as separate data controllers or by parties designated as data processors by the Data Controller in order to carry out all processing activities necessary to pursue the purposes set forth in this policy (e.g., business partners, consultants, IT companies, service providers, hosting providers);
   • Subjects or entities to which it is mandatory to communicate Personal Data by legal obligation or by order of the authorities.
     The individuals listed above are required to use appropriate safeguards to protect Personal Data and may only have access to those necessary to perform the tasks assigned to them. Personal Data will not be disseminated indiscriminately in any way.

5. Location

   If necessary, Personal Data may be transferred to entities located outside the territory of the European Economic Area (EEA). Whenever Personal Data is to be transferred outside the EEA, the Data Controller will take all appropriate and necessary contractual measures to ensure an adequate level of protection of Personal Data, including - among others - agreements based on the standard contractual clauses for the transfer of data outside the EEA, approved by the European Commission. To request information on the specific safeguards adopted, the Data Subject may contact the Data Controller at the following e-mail address [email protected].

6. Period of Retention of Personal Data

   Personal Data will be kept for the period of time necessary to fulfill the purposes for which it was collected, specifically:
   • for purposes related to the execution of the contract between the Data Controller and the Data Subject, will be kept for the entire duration of the contractual relationship and, after termination, for the ordinary limitation period of 10 years. In the case of judicial litigation, for the entire duration of the same, until the exhaustion of the terms of admissibility of the actions of appeal
   • for purposes related to the legitimate interest of the Owner, will be retained until the fulfillment of that interest
   • for the fulfillment of a legal obligation, by order of an authority, and for protection in court, shall be retained in accordance with the timeframes stipulated in said obligations, regulations, and in any case until the fulfillment of the prescriptive period stipulated in the regulations in force
   • For purposes based on the consent of the Data Subject, will be kept until the consent is revoked. For marketing purposes for a period not exceeding 24 months.
     At the end of the retention period, all Personal Data will be deleted or stored in a form that does not allow the Data Subject to be identified.

7. Rights of the Interested Party

   Data Subjects may exercise certain rights with respect to Personal Data processed by the Data Controller. In particular, the Data Subject has the right to:
   • Be informed about the processing of their Personal Data
   • withdraw consent at any time
   • limit the processing of your Personal Data
   • object to the processing of their Personal Data
   • access their Personal Data
   • verify and request rectification of their Personal Data
   • obtain the restriction of the processing of their Personal Data
   • obtain the deletion of their Personal Data
   • transfer their Personal Data to another controller
   • Propose complaints to the supervisory authority for the protection of their Personal Data and/or take legal action.
   To exercise their rights, Data Subjects may address a request to the following e-mail address [email protected]. Requests will be taken up by the Holder immediately and processed as soon as possible, in any case within 30 days.