privacy policy
privacy policy

Privacy Policy



Information provided, pursuant to art. 13 et seq. of the EU Regulation 679/2016,
hereinafter referred to as “GDPR” and of the articles 13 and 122 of Personal Data
Protection Code (Legislative Decree 196/03) to users who connect to the site, hereinafter called “site“.

Purpose of the processing
The personal data provided through the site, or otherwise acquired in compliance with
the legislative and contractual provisions in force, will be processed in compliance with
the aforementioned legislation and confidentiality obligations exclusively for the
following purposes:
• purposes related to registration and authentication on the site as a registered
• purposes connected and / or instrumental to carrying out the requested activity
• sending the periodic newsletter with any commercial information of interest to
the registered user;
• sending personal communications in response and / or relating to requests
forwarded through the contact forms of the site (request for clarification,
reporting errors, suggestions etc.)
• publication of professional data sheets, subject to further authorization by the
user, for the collaborators of the site editing;
• management of articles sent by users and collaborators, as referred to in the
respective information.
The processing of information concerning the user is based on principles of correctness,
lawfulness, transparency and protection of confidentiality.
Therefore, any use different and / or conflicting with user’s interest is excluded.

Information subject to processing
As for the data processed, a distinction must be made based on the activities that the
user carries out on the site.

1. Navigation
It applies to the user (registered or not) who browses the site to consult texts or use
online applications.
The information entered in the masks of the site’s online applications are not stored
permanently on the server but remain available to the user exclusively for the duration
of the work session.
Likewise, all information relating to accounting documents (invoices, notulas, estimates,
etc.) that the user fills out through this site, such as the subject, number and date of the
document, are also not kept on the server.
As for the textual content, we record the number of readings of each article in
aggregate form.

2. Interaction via contact form
It applies to requests for online consultancy, domiciliation, reporting pages, sending
suggestions, etc.
In addition to the data expressly entered by the user in the form (name, email, telephone
where required, etc.), we record the following information in our databases:
• consent to the processing of data based on this information.
• the IP address from which the requests come (this information is classified by the
GDPR as “personal data”).
• the type of browser used and whether it is a mobile device.
• the anonymous user identification created by an internal proprietary algorithm. The
identifier is constructed so that it is not possible to trace the user’s IP address.
• in some cases also the page of the site visited immediately before forwarding the
• the date and time of the operation.
With regard to requests for legal advice sent through the site, additional documents
may be requested to be sent by email or certified e-mail for which the rules of the GDPR
and in any case the professional ethics on confidentiality apply.

3. Registration on the site
It applies in the phases in which the user wishes to register on the site to open his own
personal account and use his own private area.
The passwords for access to the site by registered users are stored so that their original
content can never be traced.
In addition to the data requested at the time of registration (username, email and
password), we store the information that the user, after registration, enters in his / her
reserved area in special archives.
Registered users who become collaborators of the site, by sending free articles for
publication, as indicated in the specific information, can publish their professional profile
through a special option available in the reserved area.

4. Subscription to the newsletter
It applies to users who do not intend to register on the site but wish to subscribe to the
In this case, we only register in our archives the email address entered by the user at the
time of registration, in addition to what is described in point 2).
The cancellation from the newsletter and its archives can be done directly by the user
through a special link inserted at the bottom of each newsletter.
Registered users can also unsubscribe from the newsletter from the reserved area.

5. Sending articles to the editorial staff
It applies to users who propose their articles for publication to the site editor.
The same considerations seen for point 1) apply.
Furthermore, if the user is registered as a collaborator, he can make his professional
profile public, which will be automatically linked in all published articles.

6. Webmaster Code
It applies to those who intend to use the webmaster code that allows the application
masks to be shared on third-party sites under the conditions set out in the information.
For statistical purposes, we record the use of the code for webmasters in aggregate
form, storing in our archives the following information that does not concern users who
visit the site that makes use of this code but only the use of the code itself:
domain name, shared application, number of views, last viewed date.
In compliance with the GDPR, the sending of data for the purposes referred to in points
2), 3), 4) and 5) requires explicit acceptance by affixing a “check” on a specific field
found in the various screens from which this information can be consulted directly.
In the absence of such acceptance, it is not possible to carry out the requested online
The site does not currently perform any detection of the user’s position.

Methods of processing and conservation
The data will be processed using tools suitable for guaranteeing security and
confidentiality and can also be carried out using automated tools to store, manage and
transmit the data.
The information is stored with IT tools protected by security systems (eg firewalls,
hacker attack control tools, tools for the automatic detection of malware and any
vulnerabilities, etc.).
The site is developed with a proprietary CMS with tools and techniques that implement
the best practices in the field of software security and robustness.
The contents of the web pages as well as all the data entered on the site sent to the
server are encrypted using the SSL protocol (safe navigation); the use of the protocol
for safe browsing can be identified by the presence of internet addresses starting with
https: // and by the words “Safe” that most modern browsers place in the address bar in
correspondence with the visited internet address.
However, if all the security systems put in place are not sufficient to prevent the theft of
information, as required by art. 33 of the GDPR, the owner undertakes to report and
promptly communicate to Garante Privacy any theft of information relating to the
personal data of users.
The data of registered users are kept without any pre-established deadline and the user
can request their cancellation (right to be forgotten) based on Article 17 of the GDPR at
any time by following the procedure prepared within the reserved area, adequately
To provide the pages to the user, we use the Apache web-server which, like all web
servers, records the requests of users to the resources of the site (web pages, images
and other necessary files) in special log files that are protected and not accessible from
the outside. for operation).
The purpose of these log files is to identify any users who carry out malicious actions to
the detriment of the site (hacker attacks) and at the same time counter any abuse of the
site resources to protect other users.
These files are stored on the server for a maximum of 10 days and in some cases, if
necessary, we can make copies in other archives, protected and inaccessible from the
outside, for longer storage, however not exceeding 3 months.

Nature of the provision, refusal and withdrawal of consent
The provision of personal data is not a legal obligation.
However, the lack of the same, the refusal or withdrawal of consent to the processing
according to the methods specified below, will make it impossible to maintain any
professional consultancy relationship with the user or to perfect the use of the online
services of the site listed below:
• the request for consultancy and professional collaboration.
• registration on the site.
• the request for assistance from the user, both as regards the reserved area and
the use of applications.
• sending communications and messages to the editorial staff or webmaster via the
• receiving the newsletter.
• access to confidential documents (eg: case law attached to the articles).
• the publication of the professional card for editorial staff.

Communication / dissemination
The data will not be disclosed to other subjects, nor will it be disseminated or
transferred to third parties in any capacity, both in Italy and abroad, except for personal
data that for fiscal reasons it will be necessary to communicate to the accountant of the
Association (limited to the billing of online legal advice) who has provided assurance
regarding compliance with the Privacy Regulation and absolute confidentiality.
The owner reserves the right to analyze the acquired data in aggregate form to carry
out internal statistics on the use of certain services (eg: newsletter readings and use of
particular applications), to complement what already happens with third-party tools for
the detection of traffic on the site (Google Analytics).
Holder of the treatment
The data controller is Lagente Srl, based in Milan in via Archimede, 6
User rights
In relation to the processing of personal data and pursuant to art. 13 of the GDPR and
art. 7 of Legislative Decree 196/2003, the user has the right:

Access to data (art.15 GDPR)
The user has the right to obtain confirmation of the existence or not of personal data
concerning himself and their communication in an intelligible form.
The request can be sent directly by email to the data controller (

Rectification and cancellation (articles 16 and 17 GDPR)
The user has the right to request the correction, cancellation, or limitation of the
processing of personal data.
Registered users can modify their personal and professional data directly from their
reserved area using specific management masks.
For cancellation, always in the reserved area, the checkbox for requesting data
cancellation is available on the personal data page.

The account cancellation request is automatically forwarded to the site’s technical staff
and is irrevocable, that is, once confirmed, it can no longer be waived.
After a few days, the user will receive confirmation of the cancellation of his data.
Once the request has been submitted, the user can no longer access the reserved area.
The username cannot be reused for a new registration.

Limitation of processing (Article 18 GDPR)
The user has the right to object, in whole or in part, for legitimate reasons, to the
processing of personal data concerning himself, even if pertinent to the purpose of the
In the case:

Sending newsletters
Registered users can revoke the use of the email address for sending the newsletter at
any time by accessing the reserved area; unregistered users subscribed to the
newsletter can exercise this option by clicking on the appropriate link at the bottom of
the newsletter.

Professional card publication
Registered users who collaborate with the editorial staff can block the publication of
their professional profile directly from the private area.
The revocation of the publication, as well as the cancellation of the user account
pursuant to art. 17 GDPR, automatically lead to the obscuring of the cards from all the
articles on the site.
However, it should be noted that, since the professional profiles published with the
user’s consent may have been indexed by search engines and / or published by third
parties on other sites without any intervention on our part, the user must exercise the
“right to be forgotten” towards all sources where their personal data are present.

Data portability (Article 20 GDPR)
The registered user has the right to receive personal data concerning him in a structured
format readable by an automatic device. The request must be addressed to the data
controller; personal data will be provided in xml format.

The user has the right to obtain an indication of the identification details, as well as of
the owner, of any collaborators to whom the data may be communicated or who can
learn about it; the site collaborators who are responsible for providing assistance to the
user limit access to personal data exclusively for the purposes requested by the user
(request for clarification, helpdesk, resolution of anomalies, etc.).

The user has the right to lodge a complaint with the Garante Privacy (national
supervisory authority) in the event that he deems the use of the data different from the
provisions of the aforementioned legislation;
Communications to the site can be forwarded through the appropriate contact menu or
by sending an email to the data controller.