HomeIco

Home

 InternalIco

Internal

 GlobalIco

Global

 ContattoIco

Contatto
it

Utilizziamo cookie tecnici per personalizzare il sito web e offrire all’utente un servizio di maggior valore. Chiudendo il banner e continuando con la navigazione verranno installati nel Suo dispositivo i cookie tecnici necessari ai fini della navigazione nel Sito. L’installazione dei cookie tecnici non richiede alcun consenso da parte Sua. Ulteriori informazioni sono contenute nella nostra Cookie Policy.
Privacy Policy

Privacy notice for the processing of personal data

PrintMailRate-it
(Last updated July 2024)

Rödl & Partner Professional Association, with its registered office at Largo G. Donegani 2, 20121 Milan (MI), VAT number IT12609300152, represented by the Managing Partner pro tempore, in its capacity as data controller (hereinafter referred to as the “Controller”), informs you, pursuant to EU Regulation 679/2016 (“GDPR”) and the applicable national data protection legislation (“Privacy Legislation”), that your data will be processed in the following ways and for the following purposes: 

1. Subject of the Processing​

The Controller processes personal data, identifying and non-sensitive (hereinafter, “Personal Data” or simply “Data”) that you have communicated while browsing the Controller’s website www.roedl.it​ (hereinafter, “Website”) and, in particular:
  • Email address, first name, last name, and any other data provided, e.g., during contact requests via web form, quotes, newsletter requests, participation in events, training activities, subscription to the contract with the Controller and/or request for professional services;
  • Browsing data such as IP addresses or domain names of the computers used by users who connect to the Website, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and IT environment. This information is collected through the cookies described in the Website’s Cookie Policy, to which reference is made.

2. Purposes and Legal Bases of Processing

Your Personal Data is processed, without your prior express consent, for the following Service Purposes and on the basis of the following legal bases:
  • Execution of the contract and/or fulfillment of pre-contractual commitments, in particular:
  • Use of the website and any technical assistance;
  • Management of a contact request from you regarding our professional services, our events, or our courses;
  • Management of submitted applications.
  • Compliance by the Data Controller with legal obligations, such as:​​
  • Compliance with obligations provided by laws, regulations, or national and community legislation or imposed by competent Authorities;
  • Compilation and processing of tax returns and related obligations;
  • Keeping of accounts and related obligations.

  • Pursuit of a legitimate interest of the Data Controller, in particular:
  • Management and maintenance of the website: the Data Controller’s interest corresponds to the need to ensure the correct operation of the website;
  • Prevention and repression of illegal acts: the Data Controller’s interest corresponds to the constitutionally guaranteed right of action (art. 24 Const.) and, as such, is socially recognized as prevailing over the interests of the individual data subject.

Your Personal Data is also processed, only with your consent, for additional purposes such as:
  • Communication purposes, i.e., sending updates via email and newsletters, related to regulatory, jurisprudential, training news, and the professional activities of the Controller, if you are not our client;
  • Only if the event is organized in collaboration with a commercial partner, communication of Data to third parties for Promotional purposes, i.e., the communication, by the Data Controller, of your Data to partners with whom the Data Controller organizes events and/or training activities for the sending, by such third parties, of promotional emails and newsletters related to their activities. The product categories to which the third parties to whom your Data may be communicated belong, concern the categories of publishing, professional training, and consulting services.

The specific partners to whom you may decide to communicate your Data are specified from time to time under the event you decide to register for. Finally, it is specified that such third parties operate as independent data controllers and will be required to provide you with their privacy notice within 30 days of receiving your data.

3. Methods of Processing

The processing of your Personal Data is carried out, both electronically and on paper, through the operations of collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion, and destruction of data.

​4. Data Retention

The Data Controller will process Personal Data for the time necessary to fulfill the purposes referred to in the previous § 2 and in any case for no longer than:
  • 5 years, and in any case for the time prescribed by law, from the collection of Data for Service Purposes;
  • 5 years for Communication Purposes, unless you revoke your consent for the same Communication Purposes;
  • with reference to the sending of Promotional communications by third parties, the retention times provided in the information notice sent to you by the specific partner to whom the Data. 

3. Access to Data

Your Data may be made accessible for the purposes mentioned above to:
  • employees and/or collaborators of the Data Controller, in their capacity as data processors and/or internal data controllers and/or system administrators;
  • firms belonging to the Rödl & Partner network and/or third parties (e.g., credit institutions, professional firms, IT providers, etc.) that carry out outsourcing activities on behalf of the Data Controller, in their capacity as external data processors.

4. Data Communication​​

Your Data may be communicated, even without your consent, to supervisory bodies, law enforcement agencies, or the judiciary, the Ministry of Finance, the Revenue Agency, ministerial bodies and competent Authorities, local authorities (regions, provinces, municipalities), regional and provincial tax commissions, upon their express request, who will process them as independent data controllers for institutional purposes and/or by law during investigations and controls. Your Data may also be communicated to third parties (e.g., partners, freelancers, etc.), as independent data controllers, for the performance of activities instrumental to the purposes mentioned above. Only if the event is organized in collaboration with a commercial partner, with your express consent, as indicated in the previous § 2, your Data may be communicated to third parties (event partners), as independent data controllers, for the sending of promotional communications related to their activities.

5. Data Transfer​

The Data will not be disseminated but may be transferred for the purposes mentioned above to non-EU countries, such as to firms belonging to the Rödl & Partner network for Service Purposes. To ensure an adequate level of protection of Personal Data, the transfer will take place based on adequacy decisions approved by the European Commission or the adoption by the Data Controller of the Standard Contractual Clauses prepared by the European Commission. The list of non-European countries to which the data is transferred is available at the Data Controller’s headquarters.

6. Provision​

The provision of Data for Service Purposes (except for those not marked with an asterisk) is mandatory, and failure to provide it will make it impossible to respond to your requests and allow you to use the services of the Data Controller. The provision of Data for additional purposes is optional: failure to provide it does not prevent the use of the Data Controller’s services. However, if you decide not to provide the Data, you will not be able to receive communications regarding the initiatives and offers of the Data Controller, we will not be able to perform statistics on the use of the Site, and your Data cannot be communicated to event partners for sending Promotional communications as mentioned in § 2 above.

7. Rights of the Data Subject​

We inform you that, as a data subject, you have the right, unless there are legal limitations, to:
  • obtain confirmation of the existence or non-existence of your personal data, even if not yet recorded, and to have such data made available to you in an intelligible form;
  • obtain indication and, if applicable, a copy of:a) the origin and category of personal data; b) the logic applied in case of processing carried out with the aid of electronic instruments; c) the purposes and methods of processing; d) the identification details of the data controller and processors; e) the subjects or categories of subjects to whom personal data may be communicated or who may become aware of it, particularly if recipients are third countries or international organizations; f) where possible, the period of data retention or the criteria used to determine such period; g) the existence of automated decision-making processes and, in such cases, the logic used, the importance and the expected consequences for the data subject; h) the existence of adequate safeguards in case of data transfer to a non-EU country or an international organization;
  • obtain, without undue delay, the updating and rectification of inaccurate data or, when interested, the integration of incomplete data;
  • revoke at any time, easily and without impediments, the consents given, using, if possible, the same channels used to provide them;
  • obtain the deletion, anonymization, or blocking of data, where possible: a) processed unlawfully; b) no longer necessary in relation to the purposes for which they were collected or subsequently processed; c) in case of withdrawal of consent on which the processing is based and if there is no other legal basis; d) if you have objected to the processing and there is no overriding legitimate reason to continue the processing; e) in case of compliance with a legal obligation; f) in the case of data relating to minors. The Controller may refuse deletion only in the case of: a) exercising the right to freedom of expression and information; b) compliance with a legal obligation, performance of a task carried out in the public interest or exercise of public authority; c) reasons of public health interest; d) archiving in the public interest, scientific or historical research, or statistical purposes; e) exercise of a right in judicial proceedings;
  • obtain the restriction of processing in the case of: a) contestation of the accuracy of personal data; b) unlawful processing by the Controller to prevent deletion; c) exercise of your right in judicial proceedings; d) verification of the possible prevalence of the Controller’s legitimate reasons over those of the data subject;
  • receive, if the processing is carried out by automated means, without impediments and in a structured, commonly used, and readable format, the personal data concerning you to transmit them to another controller or – if technically feasible – to obtain the direct transmission from the Controller to another controller;
  • object, in whole or in part, for legitimate reasons related to your particular situation, to the processing of personal data concerning you;
  • lodge a complaint with the Data Protection Authority.

In the above cases, where necessary, the Data Controller will inform third parties to whom your personal data are communicated of the exercise of your rights, except in specific cases (e.g., when such compliance proves impossible or involves a manifestly disproportionate use of means compared to the protected right).

8. Methods of Exercising Rights​

You may exercise these rights at any time by: 
  • sending a registered letter with return receipt to the address of the Data Controller; 
  • sending an email to dpo@roedl.com;
  • calling the number +39 02 6328 841.

9. Data Controller and Data Processor​

The Data Controller is the Professional Association Rödl & Partner in Milan, Largo G. Donegani 2. The Data Controller has also appointed a Data Protection Officer who can be contacted by writing to dpo@roedl.com or by calling +39 02 6328 841.

The updated list of internal and external data processors and system administrators is kept at the Data Controller’s headquarters in Milan, Largo G. Donegani 2.

contact

Contact Person Picture

Daniele Gennaro

+39 02 6328 841

Invia richiesta
Skip Ribbon Commands
Skip to main content
Deutschland Weltweit Search Menu