Privacy Policy – Information on the processing of personal data of the website users

Pursuant to and for the purposes of Article 13 of Regulation (EU) No. 2016/679 – General Data Protection Regulation (hereinafter “GDPR”) and Legislative Decree No. 101/2018, which integrates and amends Legislative Decree No. 196/2003 (the so-called Privacy Code), Prof. Avv. Alberto Comelli and Avv. Augusto Vacca hereby intend to provide some information on the processing of personal data relating to the users of this website (hereinafter “Users”) acquired or communicated during browsing.

The following information is provided only for the website (hereinafter “Website”) and not for other websites that may be consulted by Users via links found on the Website.

Data Controllers

Prof. Avv. Alberto Comelli and Avv. Augusto Vacca, whose law firm is located in Rome, Via Quintino Sella n. 23 (hereinafter “Joint Controllers”), are Joint Controllers pursuant to Article 26 of the GDPR.

Purpose and legal basis of data processing

The personal data of the Users browsing the Website or registering through one of the forms on the Website shall be lawfully processed by the Joint Controllers pursuant to Article 6 of the GPDR for the following purposes:

(a) browsing the Website, in relation to the possibility of detecting User data necessary at a technical level;

  1. b) responding to User requests for information received through the Website;
  2. c) complying with legal obligations, i.e. to fulfil obligations provided for by law, by an Authority, by a regulation or by European legislation.

The provision of personal data for the above-mentioned processing purposes is optional, it being understood that failure to provide such data will make it impossible for Users to browse the Website and make use of any services offered by the Joint Controllers through the Website.

With reference to the purposes referred to in subparagraphs a) and b) above, the legal basis for data processing is the performance of the services requested by Users and provided by the Joint Controllers through the Website (pursuant to Article 6, paragraph 1, subparagraph b, of the GDPR). With specific reference to the purposes referred to in subparagraph c) above, the legal basis for data processing is the fulfilment of legal obligations to which the Joint Controllers are subject (pursuant to Article 6, paragraph 1, subparagraph c, of the GDPR).

Data retention period and data processing methods

The personal data collected through the use of the Website are processed for the time strictly necessary to provide the services requested and to carry out the related technical and security operations and, once this term has expired, for the period established by the regulations in force for administrative and possibly defensive purposes.

The Joint Controllers shall process the personal data, collected by means of manual and computerised methods, with logics strictly related to the purposes described above and, in any case, in such a way as to ensure data security and confidentiality.

Users’ personal data shall not be transferred to non-European third countries.

Data communication and categories of recipients

Only for the purposes specified above, all data collected and processed may be communicated by the Joint Controllers to persons authorised to process said data due to their respective tasks and duties, as well as to external parties to whom it may be necessary to communicate said data (e.g. computer service companies, relevant public bodies and authorities for the purposes of fulfilling regulatory obligations or ascertaining liability in the event of computer crimes against the Website).

Data recipients, where they process said data on behalf of the Joint Controllers, are designated as Data Processors pursuant to the GDPR.

User Rights

Users may at any time exercise the rights guaranteed by Articles 15 et seq. of the GDPR by contacting the Joint Controllers at the e-mail address

If Users believe that the data processing carried out by the Joint Controllers is in breach of the GDPR, they may lodge a complaint with the competent Supervisory Authority, the so-called Garante per la protezione dei dati personali.

Last update: July 2021

This Privacy Policy may be subject to changes. You are therefore advised to check this webpage regularly and to take into account the most up-to-date version of the information contained herein.

This site is registered on as a development site.