PRIVACY POLICY
This privacy policy deals with the methods of collection, use, disclosure, transfer and storage of your personal data, in compliance with the general data protection regulation (GDPR, General Data Protection Regulation), pursuant to art. 13 of the EU Regulation n. 2016/679.

Holder of the treatment
Stefano Castelli (owner and legal representative)
via Irma Bandiera, 20 – 40134 Bologna (BO)

contact info
Email: privacy@stefanocastelli.info
PEC: stefano.castelli.1972@pec.it
Tel. +390510036956
Address: via Irma Bandiera, 20 – 40134 Bologna (BO) – Italy
Website: www.stefanocastelli.info
VAT number: IT03555631203
Tax number: CSTSFN72A17A944X
Personal information: definition, collection and use
Personal information is all information attributable, directly or indirectly, to a single person, company, association or other body. This site collects personal information about you in only two situations:

When you visit our website, we store and process information on the use of the site. The purpose is to improve the user experience.
When you send us a message via our contact forms, we store and process your name, surname, e-mail address and any additional information you choose to provide us. The aim is to adapt and improve the way we treat our customers and our service.
What procedures we have in place to prevent data breaches
We have foreseen extensive and continuously updated “hardening” procedures (securing the code):
at the application level of the open source platform WordPress we manage setups, modifications and integrations with plugins in order to improve and secure all the procedures for the execution of the source code from hacker or malicious attacks;
we have redundant (double) daily differential data backup policies, both at the domain and site management level (file system and database), and disaster recovery procedures that allow us in a maximum of 2 working days (but in operational normality so far matured within 1 day ) to go back online with the backup data;
we have firewalls and advanced hardware and software protection systems on our servers;
constant (but reasoned) update policy of both WordPress and server software: sites never have a version “seniority” of more than 3 months at the application level (WordPress and related plugins and themes), while at the server level we are always updated within 6 months from the release of stable versions of Linux operating system components and associated services (Apache and Nginx web servers, PHP, MySQL / MariaDB).
What rights do you have on your data
If you have an account on this site, or have left comments, you can request to receive a file exported from the site with the personal data we hold about you, including any data you have provided to us. You can also request that we delete all personal data concerning you. This does not include any data we are required to keep for administrative, legal or security purposes.

How we use your personal information
The personal information we collect is used to develop, provide and improve our products, services, content, advertising and customer communications through internal audits, data analysis and research of the personal data and preferences you have provided to us.

Third Party Disclosure
Your personal information will NEVER be shared with third parties for their commercial purposes.

Protection of personal information
We take all reasonable organizational, technical and administrative measures to protect your personal information from loss, theft and misuse, as well as against unauthorized access, disclosure, alteration and destruction.
However, remember that if you post content or other information in a chat or social network, the personal information you share is visible to other users and can be read, collected or used by them. You are responsible for the information you choose to enter in these cases. For example, if you post your name and email address in a review, that information will become public. Please take this into consideration before using these features and providing information about yourself.

Retention period
Personal data will be kept for a maximum period of 10 years to which the additional period required to comply with administrative, fiscal and tax obligations will be added.
The navigation data deriving from Google Analytics will be kept according to the best guidelines and for a standard time of 26 months.
For users who register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit or delete their personal information at any time (except their username which they cannot change).
Website administrators can also see and edit this information.
Third party websites and services
This site obviously contains links to third-party websites, products and services, for which it cannot be held responsible for the contents of said third-party websites and invites you to obtain information regarding the privacy policies of the latter.

Transfer to third countries
Personal data may be transferred or viewed in other countries for the sole purposes and as described in this Privacy Policy.
The main server is physically located in a server farm near Amsterdam, the Netherlands, while other secondary support servers are in Italy (Arezzo and Milan) and Germany (Frankfurt), therefore all within the borders of the EU.
The backup data also resides in Italy and Germany.
Transfers to third countries are carried out in accordance with the provisions of Chapter V of the GDPR.
Where necessary, we use the standard data protection clauses adopted by the European Commission in order to ensure secure transfers to third countries.
Rights of access, rectification, cancellation, limitation and portability
We inform you that the rights referred to in articles are recognized. from 15 to 20 of the GDPR.

By way of example, by sending a specific request to the email address privacy@stefanocastelli.info you can:

obtain confirmation as to whether or not personal data concerning you is being processed;
if a processing is in progress, obtain access to the data and information relating to the processing, as well as request a copy of the data;
obtain the correction of inaccurate data and the integration of incomplete personal data;
obtain, according to the conditions set out in art. 17 of the GDPR, the deletion of data concerning you;
obtain, in the cases provided for by art. 18 of the GDPR, the limitation of the processing of data concerning you;
receive the data concerning you in a structured format, commonly used and readable by an automatic device.
Right to object
Pursuant to art. 21 of the GDPR, you have the right to object to the processing of your personal data at any time by writing to the email address privacy@stefanocastelli.info
In case of opposition, your personal data will no longer be processed, provided that there are no legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subjects, or for the assessment, exercise or defense of a right in court.
Right to lodge a complaint with the Guarantor
In the event that you believe that your rights under the GDPR or any other applicable legislation have been violated, you can lodge a complaint with the Guarantor for the Protection of Personal Data, in the manner indicated on the website of the Guarantor for the Protection. of Personal Data accessible at the address: www.garanteprivacy.it.