IT🇮🇹 EN🇬🇧

Privacy Policy

Data Controller

The Data Controller is Avv. Riccardo Berti, with offices at Via G. Garibaldi 18, 37121 Verona, Italy. The Controller may be contacted by email at riccardo.berti@rblex.it.

Categories of Data Processed

This privacy notice applies to the processing of personal data carried out through this website and in the context of professional engagements received. Through this website, browsing data and personal data contained in communications spontaneously sent to the email address indicated in the "Contact" section are mainly processed. In the context of professional engagements, common personal data, special categories of personal data and data relating to criminal convictions and offences may be processed.

Purposes and Legal Bases of Processing

Processing is aimed at the correct and complete management of the website and/or the performance of the professional engagement received, both in judicial and extrajudicial contexts. Your data (or those of the client's representatives/employees who will come into contact with the Firm and to whom this notice should be extended by the client) will also be processed in order to: fulfil tax and accounting obligations, and comply with the obligations incumbent on the professional under applicable law.

Methods of Processing

Personal data may be processed by means of both paper and electronic filing systems, using methods strictly necessary to fulfil the purposes indicated above. Processing is carried out by the Controller and/or by persons expressly authorised by the Controller, as well as by persons appointed as data processors.

Provision of Data

The provision of personal data is optional for the purpose of visiting the website, whereas it is strictly necessary for the purpose of contacting the professional and carrying out the professional engagement received. Any refusal by the data subject to provide personal data may result in the impossibility of establishing a relationship with the Controller.

Data Disclosure

For the purposes set out in this notice, your data may be disclosed in the performance of the mandate and where necessary for its fulfilment, where a legal obligation requires the disclosure of such data, or to persons who work with the Controller on a stable basis and provide assistance and consultancy of a fiscal, accounting or IT nature, or to external of counsels and/or local agents/substitutes.

Special Categories of Personal Data

Pursuant to Articles 26 and 27 of Legislative Decree No. 196/2003 and Articles 9 and 10 of EU Regulation 2016/679, the data subject may provide the Controller with data qualifying as "special categories of personal data", namely data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data processed for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person's sex life or sexual orientation. Such categories of data may be processed by the Controller pursuant to Article 9(f) of EU Regulation 2016/679 in the context of judicial engagements, for the purpose of establishing, exercising or defending legal claims, or, subject to the data subject's explicit consent, in the context of extrajudicial engagements where it is necessary or appropriate to process special categories of data. With regard to data relating to criminal convictions and offences, such data may be processed on the basis and within the limits of Italian Data Protection Authority's Authorisation No. 7/2016 and Measure of 13 December 2018 [9068972].

International Transfers and Profiling

Your personal data are not subject to dissemination or to any fully automated decision-making process, including profiling. Personal data may be transferred outside the European Union in the context of the Controller's collaboration with selected technology partners. Where data are transferred to countries outside the European Union (EU) or the European Economic Area (EEA) that have not been deemed adequate by the European Commission, the transfer tools referred to in Article 45 of the GDPR will be used, and the possible implementation of "supplementary measures" will be assessed in order to guarantee a level of protection substantially equivalent to that required by European Union law.

Retention Period

Personal data will be retained until the purpose for which they were collected has been fulfilled. Data whose retention is necessary for tax purposes are in any case retained for ten years from the completion of the service (or, depending on the type of engagement received, until the judgment becomes final or until the extrajudicial professional engagement has been concluded), subject in any case to the provisions of Article 2961 of the Italian Civil Code and to exceptional circumstances that justify extended retention. Browsing data are retained for periods compatible with the technical purposes of security and operation of the website.

Rights of Data Subjects

You may exercise the following rights at any time:

Right of access: the right to obtain from the Controller confirmation as to whether or not personal data concerning you are being processed and, where that is the case, access to the personal data.

Right to rectification: the right to obtain from the Controller the rectification of inaccurate personal data concerning you without undue delay, and the completion of incomplete personal data, including by means of a supplementary statement.

Right to erasure: the right to obtain from the Controller the erasure of personal data concerning you without undue delay, where one of the grounds specified in Article 17 of the General Data Protection Regulation applies.

Right to restriction of processing: the right to obtain from the Controller restriction of processing where one of the conditions referred to in Article 18 of the General Data Protection Regulation applies.

Right to data portability: the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the conditions set out in Article 20 of the General Data Protection Regulation are met.

Right to object: the right to object at any time, on grounds relating to your particular situation, to processing of personal data concerning you, in the cases and according to the methods set out in Article 21 of the General Data Protection Regulation.

Right to withdraw consent pursuant to Article 7(3) of the General Data Protection Regulation, without prejudice to the lawfulness of processing carried out on the basis of the consent given prior to its withdrawal.

Right not to be subject to automated decision-making pursuant to Article 22 of the General Data Protection Regulation (it is specified that no such activities are currently carried out).

Right to lodge a complaint with a supervisory authority: if you consider that processing relating to you infringes the applicable legislation, you may lodge a complaint with the competent supervisory authority which, for Italy, is the Italian Data Protection Authority (Garante per la protezione dei dati personali – www.garanteprivacy.it). Alternatively, you may lodge a complaint with the supervisory authority of the EU Member State in which you habitually reside or work, or of the place where the alleged infringement occurred (if within the European Union).