General Data Protection Regulation (GDPR) Compliance Policy
Effective Date: [Insert Date]
At https://www.alessiascidurlo.com, we are committed to protecting the privacy and personal data of our users in compliance with the General Data Protection Regulation (GDPR). This policy outlines how we collect, process, store, and protect personal data while respecting your rights.
1. Data Controller Information
The data controller responsible for your personal data is:
Alessia Scidurlo
Website: https://www.alessiascidurlo.com
Email: [Insert Email Address]
2. Personal Data We Collect
We collect the following types of personal data:
- Identifiable Information: Name, email address, phone number (provided through contact forms or subscriptions).
- Technical Data: IP address, browser type, operating system, and cookies (used for analytics and website functionality).
- Interaction Data: Comments, messages, and preferences shared through the website.
- Subscription Data: Email address for newsletter subscriptions.
3. Legal Basis for Processing Personal Data
We process your data based on:
- Consent: When you opt-in to receive our newsletter or fill out a contact form.
- Contractual Necessity: To fulfill requests or agreements made between us.
- Legal Obligation: To comply with applicable laws and regulations.
- Legitimate Interests: To improve website functionality and user experience.
4. How We Use Your Data
We use your personal data to:
- Provide services and respond to inquiries.
- Send newsletters and updates (with your consent).
- Analyze website traffic and user behavior.
- Ensure website security and functionality.
- Comply with legal obligations.
5. Data Sharing and Third Parties
We do not sell or rent your personal data. However, your data may be shared with:
- Service Providers: For hosting, analytics (e.g., Google Analytics), and email services.
- Legal Authorities: If required by law or to protect our legal rights.
6. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy or to comply with legal obligations. For example:
- Contact form submissions: Retained for 1 year.
- Newsletter subscriptions: Retained until you unsubscribe.
- Analytics data: Retained for up to 26 months.
7. Your GDPR Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right to Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request corrections to any inaccurate or incomplete data.
- Right to Erasure (Right to Be Forgotten): Request the deletion of your personal data.
- Right to Restrict Processing: Request a limitation on how your data is processed.
- Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format.
- Right to Object: Object to the processing of your data for certain purposes.
- Right to Withdraw Consent: Withdraw your consent at any time for data processing activities based on your consent.
- Right to Lodge a Complaint: File a complaint with a supervisory authority if you believe your rights are being violated.
To exercise your rights, please contact us at [Insert Email Address].
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.
9. Cookies and Tracking Technologies
We use cookies to enhance your experience on our website. For more details, please refer to our Cookie Policy.
10. Updates to This GDPR Policy
We reserve the right to update this policy at any time. Changes will be posted on this page with the “Effective Date” updated accordingly.
Contact Information
For questions or concerns regarding this GDPR Compliance Policy, please contact us at:
- Email: [Insert Email Address]
- Name: [Insert Name]
- Surname: [Insert Surname]
- Message: [Insert Message]
This policy is designed to ensure transparency and compliance with GDPR requirements. Customize it further based on your specific data collection and processing practices.