Privacy Policy of www.naratiezzi.it
This privacy notice describes how we process the personal data of Users who interact with the website www.naratiezzi.it (hereinafter, the “Site”), in compliance with Regulation (EU) 2016/679 (“GDPR”) and applicable national legislation.
1. Data Controller
📩 Email: privacy@naratiezzi.it
2. Types of Data Collected
The Personal Data collected by the Site, independently or through third parties, includes:
- first name, last name, email, city, province, country, state;
- company name, business sector;
- usage data (anonymized IP addresses, browser and device information, system logs, session statistics, city latitude and longitude);
- data voluntarily provided through contact forms or newsletter subscriptions;
- cookies and tracking tools (refer to the Cookie Policy).
| Data category | Details / Examples | Source |
|---|---|---|
| Personal identification | Name, surname, email, city, province, country, state | Provided by the User (form) |
| Company data | Company name, sector of activity | Provided by the User |
| Usage data (anonymized) | Anonymized IPs, browser/device info, system logs, session statistics, lat/long city | Automatically collected |
| Communications | Data entered in contact forms / newsletters | Provided by the User |
| Cookies / tracking | Technical cookies, preferences, analytics, marketing | Automatic / third party |
Unless otherwise specified, all requested Data is mandatory: failure to provide it may make it impossible to provide the requested services.
The User assumes responsibility for the Personal Data of third parties communicated through the Site.
3. Purposes and legal basis for processing
| Purpose | Legal basis | Ref. art. 6 GDPR |
|---|---|---|
| Contact request management | Execution of pre-contractual measures or contract | art. 6(1)(b) |
| Subscription to newsletters / commercial communications | User Consent | art. 6(1)(a) |
| Traffic statistics and analysis (Google Analytics with anonymized IP) | Consent | art. 6(1)(a) |
| Tag Management (Google Tag Manager) | Legitimate interest of the Data Controller (technical management) | art. 6(1)(f) |
| Displaying content from external platforms (Google Fonts, Google Maps, YouTube) | Consent | art. 6(1)(a) |
| Compliance with legal obligations | Legal obligation | art. 6(1)(c) |
| Protection of rights in court or in case of abuse | Legitimate interest of the Data Controller | art. 6(1)(f) |
4. Methods and place of processing
The processing is carried out using IT and electronic tools, according to the principles of lawfulness, fairness, transparency, and security.
The Data is processed at the Data Controller’s operating offices and possibly by suppliers and partners appointed as Data Processors (hosting providers, IT companies, communications agencies, etc.).
👉 The updated list of Data Processors can be requested by writing to the Data Controller.
Some data may be transferred outside the European Union (e.g., to the USA, via Google or Meta services), with appropriate measures compliant with Articles 44 et seq. of the GDPR (e.g., Standard Contractual Clauses).
5. Retention period
| Type / Purpose | Duration of storage |
|---|---|
| Data collected for contractual purposes | Until the end of the relationship |
| Data processed for legitimate interest | Until the interest is satisfied |
| Data processed with consent (e.g. newsletter) | Until consent is revoked and in any case for a maximum of 24 months from the last interaction |
| Data collected via contact form | Max 12 months from the closing of the request |
| Browsing data / technical logs | Max 12 months |
| Legal obligations | As required by applicable law |
At the end, Data is deleted or anonymized.
6. User Rights (art. 15-22 GDPR)
The User has the right to:
- withdraw consent at any time;
- object to the processing of their Data;
- access their Data and obtain a copy;
- request rectification or updating;
- request deletion (“right to be forgotten”);
- restrict processing;
- receive their Data in a portable format (portability);
- file a complaint with the Data Protection Authority: www.garanteprivacy.it.
Requests can be sent free of charge to privacy@naratiezzi.it.
7. Minors
The Site does not intentionally collect data relating to individuals under 14 years of age.
If they are collected inadvertently, they will be deleted without delay.
8. Legal Defense
Personal Data may be used by the Controller in legal proceedings or for defense against Site abuse, based on the Controller’s legitimate interest (art. 6(1)(f) GDPR).
9. Changes to this Privacy Policy
The Controller reserves the right to make changes to this notice at any time, informing Users on this page and, where possible, via email.
Last updated: August 2024
