Utilizziamo i cookies per personalizzare il sito web e offrire all’utente un servizio di maggior valore. Tra le diverse finalità, i cookies ci permettono di analizzare il percorso di navigazione dell’utente per migliorarne l’esperienza sul sito web. Continuando a navigare su questo sito accetta la politica sui cookie. Ulteriori informazioni sono contenute nostra informativa privacy.

Privacy notice for the processing of personal data

(Last updated on 12 march 2021)

Rödl & Partner Associazione Professionale, with legal offices in Milan, Largo Donegani 2, 20121, Milano (MI)-Italy, VAT no. IT12609300152, represented by the pro-tempore Managing Partner, as controller of personal data processing (hereinafter, “Data Controller”),  pursuant to European Regulation EU 2016/679 (“GDPR”) and to the national and international laws on personal data protection applicable from time to time (“Privacy laws”), informs you that your data shall be processed with and within the following modalities and purposes.  
1. Categories of Personal data  
The Data Controller processes your personal data, identifying and not particular/sensible data (hereinafter, “Personal Data” or “Data”) communicated by you while navigating on the website of the Data Controller www.roedl.it (hereinafter, “Website”), in particular:
  • e-mail address, name, surname and any other data provided e.g. when requesting contact also via web form, quotes, newsletter request, participation in training activities, signing the contract with the Data Controller and/or request for professional services; 
  • navigation data such as IP addresses or domain names of the computers used by users who connect to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. This information is collected through the cookies described in the Cookie Policy of the Website, to which you are referred.

2. Purposes and legal bases of Personal Data processing   
Your personal data are processed, without your prior consent, for the following Service Purposes and for the following Legal bases:   
the execution of the agreement and/or the fulfillment of pre-contractual requirements, in particular:  
  • the use of the Website and any technical assistance;
  • the management of a contact request from you regarding our professional services, events or courses;
  • the management of submitted applications.

Data Controller’s fulfillment of law provisions, such as:  
  • the fulfillment to the obligations set forth by laws, regulations and national or European laws, or imposed by the competent Authorities; 
  • completing and elaborating the tax certificates and of related fulfilments;
  • book-keeping and related fulfilments. 

the pursuit of a legitimate interest of the Data Controller, specifically: 
  • the management and maintenance of the Website: the interest of the Data Controller corresponds to the need to ensure the correct operation of the Website;
  • the prevention and repression of unlawful acts: the interest of the Data Controller is the right of court action guaranteed by Italian Constitutional Chart (article no. 24) and, as such, is socially acknowledged as prevailing over the interests of the single data subject;
  • sending updates by email and newsletters related to the main regulatory and jurisprudential news, educational and professional activities of the firm, only if you are our client: each e-mail will allow to refuse further sendings or to select the subjects of greater interest: the interest of the Data Controller is bound to the general interest of a professional association to promote the above-mentioned updates and is considered as legitimate pursuant to the national data protection laws. 

Your Data are processed, only with your prior consent, for further purposes such as:
  • Communication Purposes, such as sending – if you are not our client – email updates and newsletters about new legislation, case law, educational opportunities and our professional activities;
  • statistical activity carried out using the analytical cookies described in the Site Cookie Policy, to which reference should be made. In this case the consent is given by acceptance of the cookie banner.  

3. Modalities of Personal Data processing  

The processing of your Personal Data is performed, in electronic and paper form, through collecting, registering, organizing, storing, consulting, processing, modifying, selecting, extracting, comparing databases, using, interconnecting, blocking, communicating, deleting and through data destruction activities.  

4. Personal Data retention 
The Data Controller shall process the Personal Data for the time necessary to fulfill the purposes mentioned at paragraph 2 and for no more than:
  • 5 years, and in any case for the limitation period, from the collection of the Data for Service Purposes;
  • 2 years, and in any case for the limitation period, from the collection of the Data for Communication Purposes;
  • the retention time described in the Website Cookie Policy, to which you are referred, for statistical activity aimed at optimizing and improving navigation on the Website without identifying the navigator.

5. Access to Data 
For the above-mentioned purposes, your Data shall be accessible to: 
  • employees and/or co-workers of the Data Controller, in their capacity of authorized subjects to data processing and/or processors and/or system administrators; 
  • firms belonging to Rödl & Partner’s network and/or to third parties (i.e.: credit institutions, professional firms, etc.) performing outsourcing activities on behalf of the Data Controller, in their capacity of external data processors.  
6. Communication of Data 
Your Data may be communicated, even without your consent, to:
  • control bodies, law enforcements or judicial bodies, to the Italian Finance Ministry, to the Italian I.R.S., regional and local bodies, regional and local Tax Commissions, upon their explicit request. Such entities shall process your Data in their capacity of independent controllers, for institutional and/or law purposes in the event of controls or investigations.
  • Firms belonging to Rödl & Partner’s network and to group auditors (e.g. Rödl & Partner Audit S.r.l.) and/or third subjects (e.g.: partners, freelance professionals, etc.), as independent controllers, and in order to perform the above-mentioned instrumental activities.  

7. Transfer of Personal Data 
The Data shall not be disclosed, but they may be transferred to non-EU Countries for the above-mentioned purposes such as, for example, to studies belonging to the Rödl & Partner network for Service Purposes. In order to ensure an adequate level of Personal Data protection, the transfer shall be performed in compliance with Adequacy Decisions approved by European Commission or with the adoption - by the Data Controller - of Standard Contractual Clauses provided for by the European Commission. The list of the extra EU countries where the Data are transferred is available at the legal offices of the Data Controller. 

8. Conferral of Data 
The conferral of your Data for Service Purposes (except for those which may not be marked with an asterisk) is mandatory and any refusal to provide such Data may lead to the inability of the engagement or prosecution of the professional assistance mandate with the Data Controller. 

The provision of Data for the further purposes is optional: failure to provide them does not prevent the use of the services of the Data Controller. Should you decide not to provide the Data, however, you will not be able to receive communications relating to the initiatives and offers of the Data Controller or to carry out statistical activities on the use of the Site.
9. Rights of the Data processing subject  
The Data Controller informs you that you, as Data Subject, where the limitations provided by law are not applicable, has the right to: 
  • obtain confirmation over the existence or inexistence of Personal Data relating you, even if not yet registered, and their communication in a comprehensible way; 
  • obtain the indication and, if necessary, the copy of the: a) source and category of the Personal Data; b) logic applied in case the processing is performed by means of electronic instruments; c) purposes and modalities of the processing; d) identification references of the Data Controller and the Data Processors; e) subjects or categories of subjects to whom Personal Data may be communicated or who may come to know, in particular if recipients are extra-EU countries or international organizations; f) period for which the Personal Data will be stored, or if that is not possible, the criteria used to determine that period; g) existence of an automated decision-making process and, in this case, information about the logic involved, the significance and consequences for the data subject; h) existence of adequate safeguards in case of transfer of Personal Data to an extra-EU country or international organization; 
  • obtain, without undue delay, the update, the rectification or, whether you are interested, the integration of incomplete Data; 
  • withdraw the conferred consents at any time, easily, without hindrances, using, when possible, the same channels used to provide them; 
  • obtain the cancellation, the transformation into anonymous form or blocking of the Data: a) processed in breach of the law; b) no longer necessary in relation to the purposes for which the Data have been collected or subsequently processed; c) if you withdraw consent on which the processing is based and  there is no other legal basis for the processing; d) if you object to the processing and there are no overriding legitimate basis for the processing; e) in compliance with a legal obligation; f) in case of data referred to children. The Data Controller may refuse to erase them when the processing is necessary: a) to exercise the right of freedom of expression and information; b) in compliance with a legal obligation, for the performance of a task carried out in the public interest or in the exercise of public authority; c) for reasons of public health interest; d) to achieve purposes in the public interest, scientific or historical research purposes or statistical purposes; e) to exercise a right in a court; 
  • obtain the restriction of processing in case of: a) the accuracy of the Personal Data is contested; b) unlawful processing by the Data Controller in order to prevent the erasure of the Personal Data; c) exercise of  your right in court; d) verification on the possible existence of overriding legitimate interests of the Data Controller with respect to those of the data subject; 
  • receive the Personal Data related to you in a structured, commonly used and machine-readable format and transmit those data to another Data Controller, without hindrance, from the Data Controller to which the personal data have been provided, where the processing is carried out by automated means; 
  • object, in whole or in part for lawful causes, to the processing of Personal Data related to you, regarding your particular situation; 
  • lodge a complaint to the competent supervisory authority. 
For all cases mentioned above and in case you have exercised your rights, the  Data Controller will inform – if necessary- third parties to whom your personal data were disclosed, except for specific cases (e.g.: where impossible or involve a manifestly disproportionate use of resources compared to the right protected by the law). 

10. Modalities to exercise your rights  
You can at any time exercise your rights:  
  • sending a request to the mail address of the Data Controller; 
  • sending an email to the following address dpo@roedl.com
  • calling the number +39 02 6328841. 
11. Data Controller and Data Processor 

The Data Controller is Rödl & Partner Associazione Professionale, in Milano Largo G. Donegani 2. The Controller appointed a Data Protection Officer who can be reached by sending an email to dpo@roedl.com or calling the number: +39 02 6328841. 
The updated list of the Processors and System Administrators is retained at the premises of the Data Controller. 
Deutschland Weltweit Search Menu