Privacy Policy
This Privacy Policy of Oreste Pollicino & Partners AIDVISORY (hereinafter, the “Firm”) serves as a notice pursuant to Article 13 of Regulation (EU) 679/2016, concerning the protection of natural persons with regard to the processing of personal data, as well as the free movement of such data (hereinafter, “GDPR”).

Data Controller
The Data Controller is Oreste Pollicino & Partners AIDVISORY, Via Visconte Di Modrone 6, Milano, 20122; email address: info@orestepollicino.eu

Definition of “Personal Data”
For the purposes of this Privacy Policy, “personal data” – in accordance with Article 4 of the GDPR – refers to “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.”

This Privacy Policy applies exclusively to personal data collected through the website www.pollicinoaidvisory.eu (hereinafter, the “Website”) or through other means indicated in this notice. This Privacy Policy does not apply to third-party websites accessible via links on the Website. Please review the privacy policies of those third-party sites regarding their processing of personal data.

Types of Data Processed

1) Data Voluntarily Provided by the Data Subject
The Firm collects certain personal data (such as name, surname, email address, phone number, postal address, job position, etc.) voluntarily provided by users through registration forms on the Website (e.g., newsletter subscription), via email, or in other ways (e.g., exchanging business cards, email exchanges, or any other contact indicating an active interest in the Firm’s activities). The same policy applies to individuals submitting job applications to the Firm.

2) Browsing Data
The Website’s computer systems and software procedures acquire certain personal data during their normal operation, the transmission of which is implicit in the use of Internet communication protocols. These data are not collected to be associated with identified individuals but, by their nature, could allow users to be identified through processing and association with data held by third parties. This category includes IP addresses of computers connecting to the Website, URI (Uniform Resource Identifier) addresses of requested resources, request times, the method used to submit requests to the server, the file size obtained in response, numerical codes indicating the server response status (successful, error, etc.), and other parameters related to the user’s operating system. These data are used solely to obtain anonymous statistical information on the Website’s use and to ensure proper functionality. They are deleted immediately after processing. Data may also be used to investigate responsibility in the event of cybercrimes against the Website.

3) Use of Cookies
The Website uses cookies in accordance with our **Cookie Policy**.

Purpose and Methods of Processing
The Firm processes personal data voluntarily provided by the data subject solely for:

a) Subscription to newsletters; event and seminar invitations; inclusion in mailing lists for communications about the Firm’s activities (organized events, received certifications and awards, career opportunities at the Firm).

b) Requests for information about the Firm or contact inquiries.

The Firm protects users’ personal data by adopting the security measures required by the GDPR. Personal data will be processed only for the time necessary to achieve the purposes described above. Processing may be carried out with or without electronic means and automated systems.

Legal Basis for Processing

For cases under (a):
– The data subject may request to subscribe to our newsletter through the Website, choosing to receive legal articles, judicial updates, and other information relevant to the Firm’s practice areas; or
– The data subject may receive information about our events and seminars based on our legitimate interest in maintaining contact with them if they have previously registered for one of our events or newsletters, subject to their right to opt out; or
– The data subject may be added to our mailing list due to prior contact with the Firm or one of its professionals (e.g., exchanging business cards or demonstrating an active interest in the Firm), constituting our legitimate interest in maintaining communication, subject to their right to opt out.

For cases under (b), the Firm processes personal data as necessary to take pre-contractual steps at the data subject’s request and to meet their inquiries.

Optional Nature of Providing Personal Data
Apart from browsing data, the data subject may freely choose whether to provide personal data via the Website’s registration forms or email. However, providing such data is mandatory to receive requested articles, newsletters, or information from the Firm.

Disclosure and Transfer of Personal Data

– Data Transfer Abroad
Collected personal data will be accessible to the Firm’s employees and consultants, who are formally designated as data processors or authorized personnel. Some data may be shared in an anonymized and aggregated form with third parties for statistical purposes. In any case, these data do not allow identification of the data subjects. Except as permitted by law or specified in this Privacy Policy, personal data will not be disclosed or transferred without the data subject’s consent.

Data Subject Rights Regarding Personal Data
The data subject has the right to obtain confirmation at any time regarding the existence of their personal data, request them in a structured, commonly used, and machine-readable format to transmit them to another data controller, and request their integration, updating, or rectification.

The data subject also has the right to request the deletion of their personal data, restrict processing, or object, in whole or in part, to its processing for legitimate reasons. In particular, they may opt out of direct marketing communications, including via the unsubscribe link in every communication. However, the exercise of these rights may be subject to limitations under GDPR and applicable law.

Where processing is based on consent, the data subject has the right to withdraw consent at any time without affecting the lawfulness of processing before the withdrawal.

Complaints
Without prejudice to any other administrative or judicial remedy, if the data subject believes that the processing of their personal data violates data protection laws, they have the right to file a complaint with the **Data Protection Authority**.

Changes to This Privacy Policy
The Firm may amend this Privacy Policy to comply with changes in national and/or EU regulations, technological advancements, or other reasons.

New versions of this Privacy Policy will be posted on the Website. The data subject is encouraged to review this Privacy Policy periodically to check for updates or revisions.

Exercising Rights and Contact Information
To exercise their rights or for any questions regarding the processing of personal data by the Firm, the data subject may contact us using the information provided in this Privacy Policy, specifically at: info@orestepollicino.eu