Privacy Policy

Information provided pursuant to Art. 13 et seq. of EU Regulation 679/2016, hereinafter referred to as "GDPR" and Articles 13 and 122 of the Personal Data Protection Code (Legislative Decree 196/03) to users connecting to the site www.zerostudio.it, hereinafter referred to as "site".

Purpose of Treatment

Personal data provided through the site, or otherwise acquired in compliance with applicable legislative and contractual provisions, will be processed in accordance with the above-mentioned regulations and confidentiality obligations exclusively for the following purposes:

  • purposes related to registration and authentication on the site as a registered user;
  • purposes related and/or instrumental to the performance of the requested activity
  • Sending the periodic newsletter with any commercial information of interest to the registered user;
  • Sending personal communications in response to and/or pertaining to requests submitted via the site's contact forms (requesting clarification, reporting errors, suggestions, etc.).
  • Publication of professional records, subject to further user authorization, for contributors to the site's editorial staff;
  • Management of articles submitted by users and contributors, as referred to in the respective policy.

The processing of information concerning the user shall be based on the principles of fairness, lawfulness, transparency and protection of confidentiality.
Therefore, any use other than and/or conflicting with the interests of the user is excluded.

Information subject to processing

With regard to the data processed, a distinction must be made based on the activities the user performs on the site.

 

1) Navigation

Applies to the user (registered or not) who browses the site to consult texts or use online applications.

Information entered into the site's online application masks is not stored permanently on the server but remains available to the user only for the duration of the work session.

Also not maintained on the server is any information related to accounting documents (invoices, notations, estimates, etc.) that the user completes through this site, such as, for example, the subject the number and date of the document.

For textual content, we record in aggregate form the number of readings of each article.

 

2) Interaction via contact form

Applies to requests for online counseling, domiciliation, page reporting, suggestion submission, etc.

In addition to the data expressly entered by the user in the form (name, email, telephone where required, etc.), we record the following information in our databases:

  • Consent to the processing of data in accordance with this policy.
  • The IP address from which requests originate (this information is classified by the GDPR as "personal data").
  • The type of browser used and whether it is a mobile device.
  • The anonymous user identifier created by a proprietary internal algorithm. The identifier is constructed in such a way that it cannot be traced back to the user's IP address.
  • in some cases also the page of the site visited immediately before submitting the request.
  • The date and time of the operation.

Relative to requests for legal advice submitted through the site, additional documents may be requested to be sent by email or PEC for which the GDPR regulations and in any case professional ethics regarding confidentiality apply.

 

3) Site registration

It applies at the stages when the user wishes to register on the site to open his or her own personal account and use his or her own restricted area.

Passwords for registered users to access the site are stored in such a way that their original contents can never be traced.

In addition to the data requested at the time of registration (user name, email and password), we store in special files the information that the user, after registration, enters in their private area.

Registered users who become contributors to the site by submitting articles for publication free of charge, as indicated in the appropriate notice, can publish their professional record via an option available in the restricted area.

 

4) Newsletter subscription

Applies to users who do not intend to register on the site but wish to subscribe to the newsletter.

In this case, we will record in our records only the email address entered by the user at the time of registration, in addition to what is described in point 2).

Unsubscribing from the newsletter and its archives can be done directly by the user through a special link inserted at the bottom of each newsletter.
Registered users can also unsubscribe from the newsletter from the restricted area.

 

5) Sending articles to the editorial office

Applies for users who submit their articles to the site's editorial staff for publication.

The same considerations seen for 1) apply.

In addition, if the user is registered as a contributor, he/she can make his/her professional record public, which will be automatically linked in all published articles.

 

6) Webmaster code

Applies to those who wish to use the webmaster code that allows application masks to be shared on third-party sites under the conditions stated in the policy.

For statistical purposes, we record webmaster code usage in aggregate form, storing in our archives the following information that does not pertain to users visiting the site that makes use of such code but only to the use of the code itself:
domain name, shared application, number of views, last view date.

In accordance with the GDPR, the submission of data for the purposes set out in points 2), 3), 4) and 5) requiresexplicit acceptance by placing a "tick" on an appropriate field found in the various masks from which this policy can be directly accessed.

In the absence of such acceptance, the execution of the requested online transaction cannot proceed.

The site does not currently perform any user location tracking.

Method of processing and storage

The data will be processed by means of instruments suitable to guarantee security and confidentiality and may also be carried out by means of automated tools designed to store, manage and transmit the data.

Information is maintained with computer tools protected by security systems (e.g., firewalls, hacker attack monitoring tools, tools for automatic detection of malware and possible vulnerabilities, etc.).
The site is developed with a proprietary CMS with tools and techniques that implement best-practices in software security and robustness.

The contents of the web pages as well as all data entered on the site sent to the server are encrypted using the SSL(secure browsing) protocol; the use of the secure browsing protocol can be detected by the presence of Internet addresses beginning with https:// and the words "Secure" that most modern browsers place in the address bar at the Internet address visited.

However, if all security systems put in place are not sufficient to avert theft of information, as stipulated in Article 33 of the GDPR, the owner undertakes to promptly report and notify the National Guarantor of any theft of information related to users' personal data.

The data of registered users are stored without any predetermined expiration date, and the user can request their deletion (right to be forgotten) under Article 17 of the GDPR at any time by following the procedure prepared within the restricted area, which is adequately documented.

To provide the pages to the user we use the Apache web-server which, like all web servers, records in special protected log files not accessible from the outside the requests of users to the resources of the site (web pages, images and other files necessary for operation).
The purpose of such log files is to detect possible users who perform malicious actions to the detriment of the site ( hacker attacks) and at the same time to counteract possible abuses of the site's resources for the protection of other users.
Such files are kept on the server for a maximum of 10 days and in some cases, if necessary, we can make copies in other archives, protected and inaccessible from the outside, for a longer storage, not exceeding, however, 3 months.

Nature of conferment, refusal and withdrawal of consent

Providing personal data is not a legal requirement.

However, the absence of the same, refusal or withdrawal of consent to the processing in the manner specified below, will result in the impossibility of having any professional advisory relationship with the user or perfecting the use of the online services of the site listed below:

  • The request for professional advice and collaboration.
  • site registration.
  • The user's request for assistance with both the restricted area and the use of applications.
  • Sending communications and messages to the editorial staff or webmaster via the site.
  • The receipt of the newsletter.
  • Access to confidential documents (ex: case law attached to articles).
  • The publication of the professional form for editorial staff members.

Communication/dissemination

The data will not be disclosed to other parties, nor will it be subject to dissemination, or transfer to third parties for any reason whatsoever, either in Italy or abroad, except for the personal data that for tax reasons it will be necessary to communicate to the Association's accountant (limited to the billing of online legal advice) who has provided assurances about compliance with the Privacy Regulations and absolute confidentiality.

The owner reserves the right to analyze in aggregate form the data acquired to perform internal statistics on the use of certain services (e.g., newsletter readings and use of particular applications), complementing what is already done with third-party site traffic detection tools (Google Analytics).

Data controller

The data controller is Zero Studio - Via Trento, 90 - 20821 Meda (MB) - P.I. 05139150964.

 

User Rights

In relation to the processing of personal data and pursuant to Art. 13 of the GDPR and Art. 7 of Legislative Decree 196/2003, the user has the right:

  • Access to data(art. 15 GDPR)
    You have the right to obtain confirmation of the existence or non-existence of personal data concerning you and its communication in an intelligible form.
    The request can be made directly by email to the data controller (see email addresses ).
  • Rectification and deletion(Art. 16 and 17 GDPR)
    Users have the right to request rectification, deletion, or restriction of the processing of personal data.
    Registered users can edit personal and professional data directly from their private area through special management masks.
    For deletion, again in the private area, there is a checkbox available on the personal data page for requesting deletion of data.

Warnings

 

  • The request for account deletion is automatically forwarded to the technical staff of the site and is irrevocable, that is, once confirmed, it can no longer be canceled.
  • The user will receive confirmation after a few days that the data concerning him or her has been deleted.
  • Once the request has been submitted, the user can no longer access the restricted area.
  • The user name cannotbe reused for a new registration.
  • Limitation to treatment(Art. 18 GDPR)
    You have the right to object, in whole or in part, on legitimate grounds, to the processing of personal data concerning you, even if it is relevant to the purpose of collection.
    In the present case:
    • Sending newsletters:
      Registered users may revoke the use of their email address for sending the newsletter at any time by logging in to the restricted area; unregistered newsletter subscribers may exercise this option by clicking on the appropriate link at the bottom of the newsletter.
    • Professional card publication:
      Registered users who collaborate with the editorial staff can block the publication of their professional card directly from the restricted area.
      Revocation of publication, as well as deletion of the user account in accordance with Art. 17 GDPR, automatically results in the cards being blacked out from all articles on the site.
      It should be noted, however, that since professional records published upon user consent may have been indexed bysearch engines and/or published by third parties on other sites without any intervention by us, the user will have to exercise the "right to be forgotten" with respect to all sources at which their personal data are present.
  • Data portability(art. 20 GDPR)
    Registered users have the right to receive personal data concerning them in a structured, machine-readable format. The request should be addressed to the data controller; personal data will be provided in xml format.
  • Communication
    The user has the right to obtain the identification details, as well as those of the owner, of any collaborators to whom the data may be communicated or who may become aware of it; the site collaborators involved in providing assistance to the user restrict access to personal data exclusively for the purposes requested by the user (requesting clarification, helpdesk, resolution of anomalies, etc.).
  • Complaint
    The user has the right to lodge a complaint with the national supervisory authority (Garante) in the event that he/she detects a use of data that differs from the provisions of the aforementioned legislation;

Communications to the site can be submitted via the contact menu or by sending an email to the data controller.

Loading...