Privacy Policy

Dear User,

We would like to inform you that the Data Protection Regulation (UE) 678/2016 - "European Regulation on the protection of personal data" - (hereafter "GDPR") sets forth the applicable rules with regard to individuals and other persons data protection and privacy.

According to its provisions, this regulation is based on the principles of lawfulness, fairness and transparency and protection of your privacy and rights.

In accordance with article 13 of the GDPR and art. 13 of Legislative Decree n.196/2003 and with respect to personal data that we will hold, we invite you to take notice of the information that follows.

1. Data Collector

The Data Collector is Avv. Andrea Bosisio, Piazza Santo Stefano n. 6, 20122 - Milano, email address:

2. Purposes of the processing

a) Navigation Data: in the normal course of operations collect some personal data the transmission of which is implied when using internet communication protocols. These are information that are not collected to be associated with identified subjects, but due to their intrinsic nature may, through processing and in conjunction with data held by third parties, allow the identification of users (e.g. IP addresses or users' computers domain names, Uniform Resource Identifieridentifier, etc.). These data are only used to collect anonymous statistical information about visits to the site and control its proper functioning;

b) The processing of personal data could be used, upon the User's request, to send Legal newsletters or information related to the activities of our Law Firm (such as conferences, publications...);

c) The processing of personal data could be used in order to reply to requests received by email address, telephone, fax, etc. (from website, section "contact us");

d) The personal data will be processed in order to comply with the professional's obligations laid down in existing legislation;

e) If the data controller intends to further process the personal data for a different purpose, he shall inform the person involved of such different purpose and give all the relevant information before processing the data;

f) The site does not intentionally collect any of the users' personal data. No cookies or tracing systems of any sort are used in the transmission of personal information. The use of session cookies - that are not permanently saved on user's computer and are deleted once the browser is closed - is strictly limited to identification of session's information (which are necessary to move easily and securely around the site). In any event, if the User chooses to decline the download to his computer of any type of cookies, the User may increase the privacy protection level by modifying the browser's settings.

Apart from what has been specified by letters a), d) and f), the user is free to provide personal data contained in the request forms or in any case indicated to request informative material or other communications. Please notice that, in absence of supply personal data (and related release of consent), in cases b), c) and e), it will be impossible to fulfill your request.

3. Performance of the processing

The processing of your personal data will carried out, in compliance with the provisions of the GDPR, by paper, computer and electronic means, for reasons strictly related to the abovementioned purposes and, in each case, in such manner as to guarantee the security and protection of the data in accordance with the provisions art. 32 of the GDPR.

Data shall be carried out by the data controller, data processors and persons appointed to perform such task.

The data controller and the data processors shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

The data processing referred to in point 2., will carried out for the duration of the period necessary to accomplish the purposes for which the data was collected and, in any case, up to the moment in which the interested party will revoke the consent or request the cancellation of the data.

4. Data Communication

Personal data may be communicated, in compliance with purposes referred to in point 2., to external consultants, professionals operating within the justice system, public authorities, consultants or other persons for discharging obligations, and, generally, all the recipients with whom the communication is necessary for the proper performance of purposes referred to in point 2.

5. Data Dissemination

Personal data shall not be disseminated.

6. Data Subject's Rights

GDPR Articles 15 to 27 give the Data Subject specific rights vis-à-vis the Data controller.

Specifically, in relation to the processing described in this notice the Data Subject shall exercise these rights subject to the conditions laid down therein.

Right of access;

Right to rectification: the right to obtain rectification of incorrect personal data and/or integration of the data;

Right to erasure. The right to erasure could not be applied if the processing is necessary for the compliance with a legal obligation or for the performance of a task carried out in the public interests or for the establishment, exercise or defense of legal claims;

Right to restriction of processing;

• Right to data portability;

Right to object;

• Lodge a complain with the Personal Data Protection Authority, located in Piazza di Montecitorio n. 121, 00186, Roma (RM).

In addition, the GDPR gives the data subject the right to revoke the consent at any time and with the same ease as during the collection phase. All the rights provided here may be exercised vis-à-vis the data controller.

The exercise of these rights as data subject are free of charge as referred to in art. 12 of GDPR.