Legal

Privacy Policy

Last updated: January 2025

1. Introduction

Lazzarotti & Associati ("we", "us", "our") is committed to protecting the privacy and personal data of visitors to our website lazzarottiassociati.com. This Privacy Policy explains how we collect, use, store and protect your personal information in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Italian data-protection legislation.

2. Data Controller

The data controller is Lazzarotti & Associati, with registered office at Via T. D'Aquino 18/a, 55042 Forte dei Marmi (LU), Italy. Email: info@lazzarottiassociati.com.

3. Data We Collect

We may collect the following personal data:

  • Contact form submissions: Name, email address, phone number, project-type preference and message content.
  • Analytics data: Anonymised/pseudonymised usage data including pages visited, device type, browser, approximate geographic location and referral source.
  • Cookies: Technical and optional analytics cookies as described in our Cookie Policy.

4. Purpose & Legal Basis

We process personal data for the following purposes:

  • Responding to enquiries (Art. 6(1)(b) GDPR — contract performance / pre-contractual measures).
  • Website analytics (Art. 6(1)(f) GDPR — legitimate interest in improving our website), or Art. 6(1)(a) when consent-based analytics tools are used.
  • Legal obligations (Art. 6(1)(c) GDPR) where applicable.

5. Data Retention

Contact-form data is retained for up to 24 months from submission, after which it is deleted unless a contractual relationship has been established. Analytics data is retained in anonymised form for up to 26 months.

6. Your Rights

Under the GDPR you have the right to:

  • Access, rectify or erase your personal data.
  • Restrict or object to processing.
  • Request data portability.
  • Withdraw consent at any time (where processing is based on consent).
  • Lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali).

To exercise these rights, contact us at info@lazzarottiassociati.com.

7. Third-Party Services

We may share data with trusted third-party processors solely for the purposes described above, including hosting providers, analytics services and scheduling tools (e.g. Calendly). All processors are bound by data-processing agreements compliant with Art. 28 GDPR.

8. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or destruction.

9. Changes to This Policy

We may update this policy from time to time. The "Last updated" date at the top of this page will be revised accordingly.