Privacy Policy

Last updated: March 6, 2026

1. Data Controller

The Data Controller responsible for processing your personal data is:

Cristian Frialdi
Via Milano 27/B
25042 Borno (BS), Italy
VAT: IT03549950982
Email: cristianfrialdi@gmail.com
Phone: +39 339 795 2833

2. Types of Data Collected

We collect and process the following categories of personal data:

2.1 Data You Provide Directly

  • Contact Information: Name, email address, phone number when you fill out contact forms or reach out to us.
  • Communication Data: Content of messages you send us, including your goals and project details.

2.2 Data Collected Automatically

  • Technical Data: IP address, browser type and version, operating system, device type.
  • Usage Data: Pages visited, time spent on pages, referral source, navigation paths.
  • Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy).

3. Purpose and Legal Basis for Processing

We process your personal data for the following purposes:

3.1 Contract Performance (Art. 6(1)(b) GDPR)

  • To respond to your inquiries and provide requested services
  • To manage and execute consulting services
  • To send invoices and manage payments

3.2 Legitimate Interests (Art. 6(1)(f) GDPR)

  • To improve our website and services
  • To analyze website traffic and user behavior
  • To prevent fraud and ensure security
  • To exercise or defend legal claims

3.3 Consent (Art. 6(1)(a) GDPR)

  • To send marketing communications (only with your explicit consent)
  • To use non-essential cookies for analytics and marketing purposes

3.4 Legal Obligation (Art. 6(1)(c) GDPR)

  • To comply with tax and accounting requirements
  • To respond to lawful requests from public authorities

4. Data Recipients and Transfers

Your personal data may be shared with:

  • Service Providers: Hosting providers, email service providers, analytics services (e.g., Google Analytics), operating as data processors under our instructions.
  • Professional Advisors: Accountants, lawyers when necessary for business operations.
  • Public Authorities: When required by law.

Some service providers may be located outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, such as:

  • EU-US Data Privacy Framework certification
  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission

5. Data Retention

We retain your personal data only for as long as necessary:

  • Contact inquiries: 2 years from the last contact, unless a business relationship is established.
  • Client data: 10 years after the end of the business relationship (as required by Italian tax law).
  • Analytics data: 26 months (Google Analytics default retention).
  • Cookie consent records: 12 months.

6. Your Rights

Under the GDPR, you have the following rights:

  • Right of Access (Art. 15): You can request a copy of your personal data.
  • Right to Rectification (Art. 16): You can request correction of inaccurate data.
  • Right to Erasure (Art. 17): You can request deletion of your data ("right to be forgotten").
  • Right to Restriction (Art. 18): You can request limitation of processing.
  • Right to Data Portability (Art. 20): You can request your data in a machine-readable format.
  • Right to Object (Art. 21): You can object to processing based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at cristianfrialdi@gmail.com.

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) at www.garanteprivacy.it.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for data transmission
  • Secure hosting with reputable providers
  • Regular security updates and monitoring
  • Access controls and authentication measures

8. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you.

9. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

11. Contact Us

For any questions about this Privacy Policy or our data practices, please contact us:

Cristian Frialdi
Via Milano 27/B
25042 Borno (BS), Italy
Email: cristianfrialdi@gmail.com
Phone: +39 339 795 2833