Privacy Policy

Privacy Notice pursuant to Regulation (EU) 2016/679 (GDPR)

Last updated: October 24, 2025

1. Data Controller

The data controller is Donato Paolino, headquartered in Italy, and can be contacted at: info@donatopaolino.it.

2. Types of Data Collected

During browsing on donatopaolino.it, the following data may be collected:

Browsing data: IP address, browser type, operating system, pages visited, date and time of access.
Data voluntarily provided by the user: name, email address, and messages sent through contact forms, newsletter subscriptions, or post comments.
Cookies and similar technologies: used to improve browsing experience and for statistical analysis (see Cookie Policy section).

3. Purpose of Data Processing

Personal data is processed for the following purposes:

responding to information or support requests submitted via contact forms;
managing newsletter subscriptions or periodic communications;
improving technical performance of the website and analyzing web traffic (Google Analytics, Search Console, etc.);
fulfilling legal obligations or responding to requests from competent authorities.

4. Legal Basis for Processing

Data processing is based on:

expressed consent of the user (Art. 6, par. 1, letter a GDPR);
contractual or pre-contractual necessity to respond to user requests (letter b);
legitimate interest of the controller to ensure website security and proper service operation (letter f).

5. Processing Methods

Data is processed lawfully, fairly, and transparently, mainly through electronic and IT tools.
Adequate security measures are in place to prevent loss, unlawful use, or unauthorized access to data.

6. Data Retention

Personal data is stored for the time necessary to achieve the purposes for which it was collected:

contact data: up to 12 months from the last communication;
newsletter data: until consent is withdrawn by the user;
technical and log data: up to 12 months.

7. Data Disclosure and Transfer

Data will not be shared with third parties except:

IT service providers (hosting, website maintenance, newsletter providers) acting as data processors;
public authorities where required by law.

No personal data transfer outside the European Economic Area is foreseen.

8. User Rights

Users may exercise the following rights at any time (Art. 15-22 GDPR):

access to their data;
rectification or update;
erasure (“right to be forgotten”);
restriction or objection to processing;
data portability;
withdrawal of consent without affecting lawfulness of prior processing.

Requests may be sent to info@donatopaolino.it.

9. Data Security

DonatoPaolino.it uses HTTPS protocols, firewalls, security plugins, and monitoring systems to prevent unauthorized access or data loss.

The website uses technical cookies and, with prior consent, analytical and profiling cookies for statistical and marketing purposes.
Further details can be found in the dedicated Cookie Policy.

11. Changes to this Policy

The data controller reserves the right to update this Privacy Policy at any time by publishing the new version on this page.
Changes take effect on the date of publication.

Contact

For questions about this Privacy Policy or to exercise GDPR rights:
📧 info@donatopaolino.it

U.S. Privacy Notice — State Law Compliance (Full Coverage)

This section supplements the information contained in the Privacy Policy and applies to individuals residing in U.S. states with consumer data-privacy regulations, including California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Maine, and Nevada.

Categories of Personal Data Collected

We may collect the following categories of personal data, depending on your interaction with the site:

Identifiers (e.g., name, email address, IP address)
Internet activity and usage data (e.g., browsing behavior, pages visited)
Device and technical data (e.g., browser type, OS, cookies)
Geolocation data (approximate IP-based location)
Information voluntarily provided through contact forms or newsletter subscriptions

We do not collect sensitive personal data as defined by U.S. state privacy laws.

Purposes of Data Processing

Personal data may be used for:

Responding to user inquiries and requests
Operating and securing the website
Analytics and performance monitoring
Providing newsletters and communication services (when subscribed)
Compliance with applicable laws and regulations

We do not sell personal data or engage in cross-context behavioral advertising in exchange for monetary or equivalent value.

User Rights Under U.S. Privacy Laws

Depending on your state of residence, you may have the right to:

Access your personal data
Request correction of inaccurate personal data
Request deletion of personal data
Request a copy of your data (“data portability”)
Opt-out of:
- targeted advertising (not applicable here)
- sale of personal data (not applicable here)
- automated decision-making (not used on this site)

To exercise your rights, contact us at:
📧 info@donatopaolino.it

We may require identity verification before fulfilling requests.

Authorized Agent Requests (California only)

California residents may designate an authorized agent to submit requests on their behalf. Proof of authorization is required.

Appeal Process (Virginia, Colorado, Connecticut)

If we deny your request, you may submit an appeal by replying to our denial email. We will provide a written response within legally required timelines.

Minors

We do not knowingly collect personal information from children under 16. If you believe data has been collected, contact us to request deletion.

Non-Discrimination Clause

Users exercising privacy rights will not be discriminated against. No changes in service, pricing, or access will result from exercising your rights.

Do Not Track (DNT)

Because no standard governs browser DNT signals, we currently do not act on these signals.

This post is also available in: Italiano (Italian)