PERSONAL DATA CONTROLLER
The data controller is
Trevisan & Cuonzo Avvocati (hereinafter “Firm” or “Data Controller”), based in 20121 – Milan, Palazzo Beccaria, Via Brera, 6, Italy;
T: +39 02 8646 3313;
Email:
privacy@trevisancuonzo.com.
PERSONAL DATA PROCESSED
T&C may process the following data/information:
Browsing data
The transmission of this data is implicit in the use of the Internet network and includes data such as the IP address of the device connected to the Website, the type of browser used, the name of the Internet service provider (ISP), the date and time of the visit and other parameters relating to the user’s operating system and computer environment.
Such data are processed exclusively to guarantee the correct functioning and use of the Website, as well as for the security and correct functioning of the IT infrastructures, as well as to ascertain any liability in the event of alleged computer crimes.
Data provided voluntarily by the user
The optional, explicit, and voluntary sending of communications to the email addresses indicated on the Website entails the subsequent acquisition of the personal data contained in the communication (e.g., name, email address, any additional information provided by the user).
The processing of such data is solely for the purpose of responding to requests received and managing any pre-contractual or contractual relationships.
PURPOSE AND LEGAL BASES OF PROCESSING
| Purpose | Legal Base |
| enable navigation of the Website and ensure its correct technical functioning | Legitimate interest of the Data Controller in the management and security of the site (Article 6, paragraph 1, letter f GDPR) |
| respond to user requests that may have been received using the contact details available in the dedicated sections of the Website | Performance of pre-contractual measures taken at the request of the data subject prior to entering into a contract (Article 6, paragraph 1, letter b GDPR) |
| ensure the security of the Website, prevent abuse or fraudulent activities, ascertaining any possible liability in the event of alleged illegal activities | Legitimate interest of the Data Controller in protecting its rights and ensuring system security (Article 6, paragraph 1, letter f GDPR) |
| comply with legal obligations or requests from competent authorities | Fulfillment of legal obligations (Article 6, paragraph 1, letter c GDPR) |
COOKIES AND TRACKING TOOLS
The Website uses cookies and/or similar tools.
Detailed information regarding the types, purposes, duration, and management methods of cookies is available in the dedicated Cookie Policy. Any non-technical cookies will be installed only with the user’s consent.
NATURE OF THE PROVISION AND CONSEQUENCES OF REFUSAL
Providing browsing data is necessary to enable proper use of the Website. Without such data, the technical functioning of the site may not be guaranteed.
Providing personal data via email is optional; however, failure to provide it will make it impossible for the Data Controller to respond to your request.
Any provision of data via non-technical cookies, where present, will be subject to the user’s prior consent, where required by applicable law.
METHODS OF PROCESSING AND SECURITY MEASURES
Personal Data is processed using IT and electronic tools, using methods strictly related to the purposes indicated. The Website is protected via HTTPS protocol and appropriate technical and organizational measures are implemented pursuant to Art. 32 GDPR, aimed at ensuring the security, integrity, and confidentiality of the data.
DATA RECIPIENTS
The Personal Data shall not be disclosed and may be known and processed by employees and collaborators of the Firm assigned to the management of the Website and/or involved in the response to requests that may be received through the contact details given on the Website.
The data may be communicated to third parties carrying out certain processing activities and/or activities connected with and instrumental to the same on behalf of the Data Controller, as well as to competent authorities to fulfil legal obligations.
These entities process and will process Personal Data as autonomous Data Controllers or duly appointed Data Processors. The updated list of Data Processors is available upon request.
TRANSFER TO NON-EU COUNTRIES
Personal data is not transferred outside the European Union, except for encrypted communications to Microsoft Azure data centers located exclusively in EU countries.
In any case, where data transfers to countries outside the European Union are necessary, the Data Controller guarantees that the provisions of Articles 44 et seq. of the GDPR will be complied with.
RETENTION PERIOD
Personal Data will be kept for the period of time strictly necessary for the purpose for which it was acquired and, in any case, in compliance with the principles of proportionality and storage limitation of Article 5 of the GDPR.
- browsing data (technical logs) are retained for a period not exceeding 12 months;
- data collected via cookies are retained for the period indicated in the Cookie Policy;
- data contained in communications sent via email are retained for the time necessary to process the request and for the period required by legal obligations.
THIRD-PARTY LINKS AND SOCIAL NETWORK
The Website may contain links to external platforms (e.g., LinkedIn, YouTube, Spotify). These links consist exclusively of links to third-party sites and do not contain embedded multimedia content that automatically transmits personal data during browsing.
Any data processing which occurs directly on the external platforms will operate under their respective privacy policies.
If third-party content is integrated in the future via embedded tools (e.g., iframes or scripts), this policy will be updated and, where necessary, the user’s consent will be requested.
USER RIGHTS
The data subject may exercise the rights provided for in Articles 15–22 of the GDPR at any time, including: right of access, right to rectification, right to erasure, right to restriction of processing, right to object, and right to data portability.
Requests can be sent to the Data Controller by post (20121 – Milan, Palazzo Beccaria, Via Brera, 6) or by email to
privacy@trevisancuonzo.com
.
The user has the right, at any time, to lodge a complaint with the Italian Data Protection Authority.
UPDATES AND MODIFICATIONS
This notice may change over time. Changes will apply from the date of publication on the Website. Users are invited to consult this section regularly to check the publication of the most up-to-date version of this privacy policy.
Last update: March 2026
