Privacy policy

Last Updated: 07-Feb-2025

This Website collects some Personal Data from its Users.

Data Controller

Following consultation of this website, data relating to identified or identifiable persons may be processed. The Data Controller is HtoO Architetti Associati, which can be contacted via written communication using the contact details provided on the “Contact” page of this Website.

Types of Data Collected

Among the types of Personal Data collected by this Website, either independently or through third parties, there are: email; password; cookies; usage data; data communicated while using the service; device information; various types of data; first name; last name; universal unique identifier (UUID); geographic location.

Complete details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific explanatory texts displayed prior to data collection.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this Website.

Unless otherwise specified, all Data requested by this Website is mandatory. If the User refuses to provide it, this Website may be unable to provide the Service. Where this Website specifically states that some Data is optional, Users are free not to provide it without any consequences on the availability or functionality of the Service.

Users who are uncertain about which Personal Data is mandatory are encouraged to contact the Data Controller.

The possible use of Cookies – or other tracking tools – by this Website or by the owners of third-party services used by this Website, unless stated otherwise, serves the purpose of providing the Service requested by the User, as well as the additional purposes described in this document and in the Cookie Policy, if available.

The User is responsible for any third-party Personal Data obtained, published, or shared through this Website and guarantees that they have the right to communicate or disclose it, releasing the Data Controller from any liability towards third parties.

Methods and Place of Data Processing

Processing Methods

The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.

Processing is carried out using computers and/or IT-enabled tools, following organizational procedures and modes strictly related to the stated purposes. In addition to the Data Controller, in some cases, the Data may be accessible to certain types of responsible parties involved in the operation of this Website (administrative, sales, legal, system administration personnel) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller. The updated list of these parties may be requested from the Data Controller at any time.

Legal Basis for Processing

The Data Controller processes Personal Data relating to the User if one of the following conditions applies:

  • The User has given their consent for one or more specific purposes; Note: In some jurisdictions, the Data Controller may be allowed to process Personal Data without requiring the User’s consent or any of the following legal bases, as long as the User does not object (“opt-out”) to such processing. However, this does not apply where the processing of Personal Data is subject to European data protection law.

  • Processing is necessary for the performance of a contract with the User and/or for any pre-contractual obligations;

  • Processing is necessary for compliance with a legal obligation to which the Data Controller is subject;

  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;

  • Processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party.

It is always possible to request the Data Controller to clarify the specific legal basis that applies to each processing and to specify whether the processing is required by law, contract, or necessary to enter into a contract.

Place

The Data is processed at the operational offices of the Data Controller and at any other locations where the parties involved in the processing are located. For further information, contact the Data Controller.

Users are entitled to receive information regarding the legal basis for transferring Data outside the European Union or to an international organization governed by public international law or set up by two or more countries, as well as the security measures adopted by the Data Controller to safeguard their Data.

If such a transfer takes place, Users can find out more by checking the relevant sections of this document or by inquiring with the Data Controller using the contact information provided at the beginning.

Retention Time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User shall be retained until such contract has been fully performed.

  • Personal Data collected for the purposes of the Data Controller’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may obtain specific information regarding the legitimate interests pursued by the Data Controller within the relevant sections of this document or by contacting the Data Controller.

When processing is based on the User’s consent, the Data Controller may retain Personal Data longer until such consent is withdrawn. Furthermore, the Data Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, deletion, rectification, and data portability cannot be exercised after expiration of the retention period.

Purposes of Processing the Collected Data

The User’s Data is collected to allow the Data Controller to provide the Service, comply with legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activities, as well as for the following purposes: contacting the User, displaying content from external platforms, managing contacts and sending messages, handling support and contact requests, statistics, infrastructure monitoring, interaction with social networks and external platforms, collecting privacy preferences, registration and authentication, data collection, and interaction with support platforms.

For specific details about the purposes of processing and the Personal Data used for each purpose, Users may refer to the section “Details on the Processing of Personal Data.”

User Rights

Users may exercise certain rights regarding their Data processed by the Data Controller, including:

  • Withdrawing consent at any time;

  • Objecting to processing;

  • Accessing their Data;

  • Verifying and requesting rectification;

  • Requesting restriction of processing;

  • Obtaining erasure or removal of their Personal Data;

  • Receiving their Data and having it transferred to another controller;

  • Filing a complaint with the competent data protection authority.

For more details on how to exercise these rights, Users may refer to the full privacy policy document or contact the Data Controller.

Cookie Policy

This Website uses Tracking Tools. To learn more, Users may refer to the Cookie Policy.

Changes to this Privacy Policy

The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page. Where required by law, the Data Controller will seek renewed consent from the User, if necessary. It is recommended to check this page frequently, referring to the date of the last modification.