Information provided pursuant to art. 13 of EU

Regulation 2016/679 (Regulation for brevity) – to users who access the website The information contains: the nature of the personal information processed; the purposes and legal bases of the processing of personal information (art. 13.1.c and 13.1.d of the Regulation); the identity and contact details of the data controller (art. 13.1.a and 13.1.b of the Regulation); any third parties involved in the processing activities (art. 13.1.e and 13.1.f of the Regulation); the retention period of personal information (art. 13.2.a of the Regulation); the nature of the provision of data and the consequences of any refusal (art. 13.2.e of the Regulation); the rights of users (art. 13.2.b, 13.2.c and 13.2.d of the Regulation). DATA CONTROLLER The data controller is Roberto Attolini, Via Beno dè Gozzadini, 37 – 20083 Gaggiano (MI) VAT No. 09062620969. His contact details are

TYPES OF DATA PROCESSED, LEGAL BASIS AND PURPOSE OF THE PROCESSING Browsing data The site collects some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow the user to be identified.

This category of data includes the IP addresses or domain names of the computers used by the user who connects to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

Data provided voluntarily by the user The optional, explicit and voluntary sending of messages using the "Contact us" service on the site or by sending e-mail messages to the company address involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the request. The legal basis of this processing is art. 6.1.b of the Regulation, i.e. the execution of measures requested by the user. Registration on the site Registering for an account involves entering some personal data which must be true and accurate.

The data that must be entered are clearly indicated, the other data are entered voluntarily and failure to enter does not entail any consequences. The user is invited to keep this data updated by accessing their personal account. The legal basis of this processing is art. 6.1.b of the Regulation, i.e. the execution of measures requested by the user. The user who chooses to activate the account via social media must be aware that the site may collect some data that the user has already provided to that social media (e.g. e-mail address and public profile).

The data controller has no control over the social media and does not establish the privacy settings of the social media. The user must therefore refer to the privacy policy of the social media they use. Newsletter and commercial communications The user can voluntarily choose to receive newsletters and commercial communications. The site asks for explicit and free consent before undertaking promotional initiatives of this type and may ask the user for additional information in order to create personalized and more relevant communications. The user can always easily revoke his consent which is the legal basis of this processing (art. 6.1.a of the Regulation).


The purpose of profiling is to propose products, services and initiatives that are more suited to the preferences, habits and interests of users. Personal data may be used for remarketing, retargeting or profiling purposes also through third parties (e.g. social networks). As far as users of the site are concerned, it is in the legitimate interest of the site to process personal data to offer more interesting and personalized services by improving the performance of the site itself. Minors The site invites parents and all those who supervise minors to instruct them on how to process personal data on the internet in a safe and responsible way.

Minors must not transmit personal data to the site without the consent of their parents. The site undertakes not to intentionally collect the personal data of minors, not to use them in any way and not to communicate them to third parties.


The owner may transfer the user's personal data to third parties qualified as data processors or data processors to carry out technical or commercial operations necessary to perform the services related to the best management of the site (for example couriers and postal operators; advertising, commercial and social media; IT service providers; branding service providers; customer support service providers).

In such cases, the communication of data is essential to satisfy contractual commitments and to improve the performance of the site. The owner undertakes through data processing agreements to ensure that those responsible manage the data appropriately and securely. The user can request the list of managers using the email address of the data controller. Furthermore, the owner may be required to share the user's personal data when required by law or by order of the public authority or to protect its own rights or the rights of third parties. The owner does not transfer the data outside the European Union.

Third Party Sites

This information does not concern other sites or platforms to which the site may link (e.g. banners, advertising messages and other links to third-party sites or platforms) to which you are invited to refer by reading the relevant privacy policies.


Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.


The owner stores personal data for the time necessary to provide the user with the requested services or to fulfill legal or tax obligations or for the minimum period required by law. In order to determine the appropriate period of retention of personal data stored by the site with the user's consent, the owner also takes into consideration the following criteria: the specific purposes explained in the information for which the site stores personal information; the type of ongoing relationship with the user (how often the user accesses their account; whether the user makes requests via contact form; whether the user continues to receive newsletters or commercial communications; how regularly they browse the site , etc.); any specific user request to delete their data or withdraw consent; the legitimate commercial interest of the data controller. The site will promptly delete or anonymize personal data whose storage is no longer required by law.


Apart from what is specified for navigation data, the user can freely provide their data via contact forms or to receive promotional communications or to purchase goods or services and failure to provide them may make it impossible to obtain what required. Within the various forms it is always specified which data are mandatory in order to be able to respond to what the user requests.


The user has the right to receive confirmation regarding the possible existence of his personal data processed by the data controller. In this case, pursuant to the Regulation, the user has the right to: be informed about the collection and use of your personal information; access your personal information at no cost; obtain rectification or completion of inaccurate or incomplete personal information; obtain the deletion of personal information; under specific conditions, obtain the limitation or deletion of your personal information; obtain and reuse your personal information for your own purposes between different services when the processing is based on a contract or on consent and is executed automatically (“the right to data portability”); under specific conditions, object to the processing of their personal information; the right to submit complaints relating to the collection and processing of personal information to the competent Guarantor authority; the right to withdraw consent to the processing of personal data at any time, without prejudice to the lawfulness of the processing carried out up to this point at that time on the basis of the revoked consent.

For any information, the user is invited to consult the website of the Guarantor Authority for the protection of personal data - - ​​where he will find a section dedicated to these rights


Any changes to this information will be published on the site. The user is invited to check for any updates or changes.