Privacy Policy

Privacy Policy

This statement describes the methods for managing the website (hereinafter, the “Site”) and the processing of personal data of users who consult it.

This information is provided pursuant to article 13 del Regolamento UE n. 13 of EU Regulation no. 2016/679 (hereinafter, the “GDPR”). This Privacy Policy shall be deemed to refer and therefore applicable only to the Site and the services offered by the Owner through it, without extending to the pages or sites accessible through links and managed by third parties. Each user is therefore invited to carefully read the relevant privacy policy for a more detailed understanding of the processing carried out through such sites.

1. Data Controller

Personal Data shall be processed by the Data Controller, by the Data Processors appointed by him/her and by the persons in charge of the processing who are strictly authorized.

The Data Controller is Studio Ricotti di Enrico Ricotti
Via Del Cairo, 34
21100 – Varese

Contact details of the Data Controller Enrico Ricotti
Enrico Ricotti

2. Place and methods of data processing

The processing operations connected to the web services of this website shall take place at the Data Controller’s premises and shall be carried out using manual and/or computerised and telematic tools with organisational and processing logics strictly related to the purposes of the processing itself and in any case in such a way as to guarantee the security, integrity and confidentiality of the Data in compliance with the organisational, physical and logical security measures provided for by the provisions in force.

All personal data are processed both in paper format and, mainly, electronically. The same will be stored in a form that allows identification of the user only for the time strictly necessary to achieve the purposes for which the data were originally collected and, in any case, within the limits of the law. Specific security measures are observed to prevent data loss, unlawful or incorrect use and unauthorised access, in accordance with the GDPR.

3. Purpose of processing

With reference to the Website, the purpose of data processing is the provision of services accessible through
the Site itself and in particular for

  • deepening of what are the activities, and possibly events and other initiatives, organised or carried out by the Owner;
  • managing and processing, in relation to what is indicated in the previous point, the questions and requests for interaction with the Firm and its professionals that the interested party forwards to the e-mail addresses and addresses indicated on the Site.

The performance of the activities listed above does not require the user’s consent, since these are services or performances carried out in execution of requests made directly by the interested parties.

4. Types of data processed

4.1 Navigation data

The computer systems and software procedures used to operate this Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or the domain names of the computers used by users connecting to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site.

4.2 Data provided voluntarily by the user

The optional, explicit and voluntary sending of an e-mail address to the addresses indicated on the Site, as well as the sending of messages and/or curriculum vitae, entails the subsequent acquisition of the sender’s address and any other personal data indicated.

5. Scope of circulation of data

The Data are not disclosed or transferred to third parties.
The Data are stored on servers located in Milan (MI), within the European Union.

6. Links to other websites

The Owner does not control nor has any way of supervising either the content or the personal data processing policies of the websites and services of third parties accessible through the links contained in the Site. The Owner, therefore, cannot in any case be held responsible for the processing carried out through or in relation to these third party sites.
Users are therefore invited to pay the utmost attention in this regard, reading the conditions of use and privacy policies published on the portals visited.

7. Rights of the interested parties

Data subjects are entitled to the rights set forth in the GDPR.
By way of example, the parties to whom the personal data refer may, at any time, exercise their right to

  • to access the data;
  • to obtain the rectification or deletion of the same or the limitation of the processing
    which concern them;
  • to object to the processing
  • to data portability;
  • to revoke consent: revocation of consent does not affect the lawfulness of processing based on the consent given before revocation;
  • to lodge a complaint with the supervisory authority (Garante Privacy) in accordance with the procedures indicated on
    Internet site of the Guarantor accessible at:

8. Methods of exercising rights

In order to exercise your rights, please send an email to Enrico Ricotti