Privacy & Cookie Policy
Privacy and Cookie Policy
Pursuant to Articles 13-14 of EU Regulation 2016/679 (GDPR)
Last updated: April 2026
1. Data Controller
Alessio Nozzoli Via Giovanni Pascoli, 13A – 51016 Montecatini Terme (PT), Italy VAT: IT01843810472 Tel: +39 349 160 1294 Email: info@alessionozzoli.com
2. Types of Data Collected
Browsing data
The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This category includes IP addresses or domain names of computers used by visitors, URI (Uniform Resource Identifier) addresses of requested resources, request timestamps, the method used to submit requests to the server, file sizes in responses, numerical codes indicating server response status, and other parameters relating to the user’s operating system and computing environment.
Data provided voluntarily
The optional, explicit, and voluntary submission of messages to the contact addresses of this website (contact form, email) entails the acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the communication.
3. Cookies and Tracking Technologies
This website uses cookies and similar technologies. Below is the complete list by category.
Technical cookies (necessary)
Essential for the website to function. No consent required.
| Cookie | Purpose | Duration |
|---|---|---|
| PHPSESSID | PHP session for website functionality | Session |
| wordpress_* | WordPress authentication (logged-in users only) | Session |
| wp-settings-* | WordPress interface preferences (logged-in users only) | 1 year |
| cookieyes-consent | Stores user’s cookie preferences | 1 year |
Analytics cookies (require consent)
Used to analyse website traffic in anonymised form.
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics (Google LLC) | Distinguishes users | 2 years |
| ga* | Google Analytics (Google LLC) | Maintains session state | 2 years |
| _gid | Google Analytics (Google LLC) | Distinguishes users | 24 hours |
Google Analytics and data transfer outside the EU
This website uses Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses cookies to collect information about website usage in anonymous and aggregate form (no identifying data is transmitted). IP anonymisation is enabled on this website.
Data generated by Google Analytics may be transferred to the United States. Such transfers are carried out in compliance with GDPR guarantees, on the basis of the EU-US Data Privacy Framework (European Commission adequacy decision of 10 July 2023) and Standard Contractual Clauses.
You can opt out of Google Analytics by installing the browser add-on available at: https://tools.google.com/dlpage/gaoptout
For more information on how Google processes data: https://policies.google.com/privacy
4. Purposes and Legal Basis for Processing
| Purpose | Legal basis (Art. 6 GDPR) |
|---|---|
| Technical operation of the website | Legitimate interest of the controller (Art. 6.1.f) |
| Responding to contact requests | Performance of pre-contractual measures at the data subject’s request (Art. 6.1.b) |
| Statistical traffic analysis (Google Analytics) | Consent of the data subject (Art. 6.1.a) |
| Compliance with legal obligations | Legal obligation (Art. 6.1.c) |
5. Contact Form
Personal data entered in the contact form (name, email address, message) is used exclusively to respond to the user’s request. It is not shared with third parties or used for marketing purposes. Data is retained for the time necessary to handle the communication and for a maximum of 12 months thereafter.
The contact form is managed through Contact Form 7 (WordPress plugin). Data is not transmitted to external servers.
6. Data Sharing and Disclosure
Collected personal data is not disclosed or sold to third parties. It may be shared exclusively with:
- Technical service providers acting as Data Processors (e.g. hosting provider: Aruba S.p.A., Via San Clemente 53, 24036 Ponte San Pietro (BG), Italy)
- Google LLC, limited to data processed through Google Analytics and Google Search Console, on the basis of the contractual guarantees described above
- Public authorities, in cases provided for by law
7. International Data Transfers
Data processed through Google Analytics is transferred to the United States. Such transfers are carried out on the basis of the EU-US Data Privacy Framework (European Commission adequacy decision of 10 July 2023) and Standard Contractual Clauses.
8. Retention Periods
| Type of data | Retention period |
|---|---|
| Browsing logs | Maximum 12 months |
| Contact form data | Maximum 12 months from response |
| Analytics data (Google Analytics) | 14 months (default anonymised setting) |
| Fiscal and contractual data | 10 years (legal obligation) |
9. Your Rights
Under Articles 15-22 of the GDPR, you have the right to:
- Access (Art. 15): obtain confirmation as to whether personal data concerning you is being processed and, if so, access to that data
- Rectification (Art. 16): obtain rectification of inaccurate personal data
- Erasure (Art. 17): obtain erasure of your data (“right to be forgotten”)
- Restriction (Art. 18): obtain restriction of processing
- Data portability (Art. 20): receive your data in a structured, commonly used, machine-readable format
- Object (Art. 21): object to the processing of your personal data
- Withdraw consent: withdraw any consent given at any time, without affecting the lawfulness of processing based on consent before its withdrawal
To exercise these rights, please contact the Data Controller at: info@alessionozzoli.com
You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) at www.garanteprivacy.it, or with the supervisory authority of your country of residence.
10. Security
The Data Controller implements appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access, in accordance with Article 32 of the GDPR. This website is served exclusively over an encrypted HTTPS connection.
11. Changes to This Policy
The Data Controller reserves the right to make changes to this policy at any time. Changes will be published on this page with an updated date at the top of the document. We recommend checking this page periodically.
This policy is drafted in accordance with EU Regulation 2016/679 (GDPR) and Italian Legislative Decree 196/2003 as amended by Legislative Decree 101/2018.