Privacy Policy

pursuant to Article 13 of Regulation (EU) 2016/679 (“Privacy Policy”)

This information is provided pursuant to Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation” or “GDPR”) and describes how the personal data of users who consult and use this website, accessible at (hereinafter also “”) or use the services offered through the Site are processed.
In accordance with the current European Data Protection Regulation No. 679/2016 (“GDPR”), the collection and processing will always follow principles of lawfulness, correctness and transparency.

Following consultation of the Site, data relating to the user accessing the Site (defined as “data subject” as an identified or identifiable natural person) may be processed.


The Data Controller is Laura Casella, with registered office in Via Calvart – City (BO), e-mail (hereinafter the “Data Controller”).


1. Browsing Data
Personal Data may be collected autonomously by the Owner or through third parties.
In this case, the computer systems and software procedures in charge of the functioning of this Site acquire some Users’ Personal Data, of a technical-informatics nature (e.g. IP address, type of browser used, operating system, domain name and addresses of websites accessed or exited from, etc.), the transmission of which is inherent to the normal functioning of the Internet.

Purpose: Such Data may be processed for the sole purpose of obtaining anonymous statistical information on the use of the site and/or to check its correct operation.

Storage: such Data will be deleted immediately after processing.

Legal basis: processing is carried out on the basis of the Owner’s legitimate interest in making the Site usable and navigation on it safe (art. 6, par. 1 lett.f). Exclusively for the specific activity of profiling the express consent of the person concerned (Art. 6, par. 1 lett.a).
2. Contact the user by e-mail, filling in the form.
The optional, explicit, and voluntary sending of communications by e-mail to the addresses indicated on this site entails the subsequent acquisition of the data communicated by the user, including his/her e-mail address, and the user’s consent to receive any messages in response to his/her requests.
In this case, the provision of the e-mail address and any other data that may be indicated is optional, but indispensable in order to be able to use the service and receive a reply to your request, and, in their absence, we will not be able to proceed with processing.

Purpose: The personal data provided in this way are used solely for the purpose of fulfilling or replying to the transmitted requests and are communicated to third parties only if necessary for this purpose.

Retention: The data is retained for the period necessary for the purpose of fulfilling the request and in accordance with current legislation.

Legal Basis: The processing is carried out for the fulfillment of a contractual and pre-contractual obligation assumed by the Data Controller with the service (Art. 6(1)(b)).
5. This site makes use of technical, tracking, and profiling cookies. For details, please refer to the relevant cookie policy [insert link].


The personal data collected are processed by the data controller’s staff, acting on the basis of specific instructions on the purposes and methods of processing.
In addition, the persons designated as data processors pursuant to Article 28 of the GDPR or sub-processors, which the Data Controller uses for the provision of services and for the performance of activities falling under its competence, may be recipients of the data collected following consultation of the Site or use of the services within the limits of their respective assignments.
The relevant list can be requested from the Data Controller using the contact details in section A.
If through the services offered by the Site, a data controller within the meaning of Article 28 of the GDPR or a sub-processor is designated, the data will be communicated to the Data Controller and/or its data processor.


No transfer abroad of the personal data provided is envisaged.


Data subjects – the identified or identifiable natural persons to whom the data refer – may exercise specific data protection rights, set out in the following list:
a) right of access: the right to obtain from the Controller confirmation as to whether or not personal data are being processed and, if so, to obtain access to the personal data and detailed information regarding the origin, purposes, categories of data processed, recipients of communication and/or transfer of data, and so on
b) right of rectification: the right to obtain from the Controller the rectification of inaccurate personal data without undue delay, as well as the integration of incomplete personal data, also by providing a supplementary declaration
c) right to erasure (“oblivion”): the right to obtain from the Controller the deletion of personal data without undue delay in the event that i. the data are no longer necessary in relation to the purposes of the processing; ii. the consent on which the processing is based is withdrawn and there is no other legal basis for the processing; iii. the personal data have been processed unlawfully; iv. the personal data must be erased in order to comply with a legal obligation
d) right to object to the processing: the right to object at any time to the processing of personal data that have as their legal basis a legitimate interest of the Controller;
e) right to restriction: the right to obtain from the Controller the restriction of the processing, where the accuracy of personal data is contested (for the period necessary for the Controller to verify the accuracy of such personal data), if the processing is unlawful and/or the data subject has objected to the processing
f) right to data portability: right to receive personal data in a structured, commonly used and machine-readable format and to transmit such data to another Data Controller, if technically feasible, only for cases where the processing is based on consent or contract and only for data processed by electronic means
(g) the right to lodge a complaint with the supervisory authority: without prejudice to any other administrative or judicial remedy, a data subject who considers that the processing operations concerning him or her are in breach of the Regulation has the right to lodge a complaint with the supervisory authority of the Member State where he or she resides or habitually works, or of the State where the alleged breach has occurred.

The rights may be exercised by contacting the Controller using the contact details set out in sections A and B below:
Data Controller
This information is updated as of 02/02/2023.


Sometimes doing a seemingly very demanding task turns out to be fun. Here’s the proof – Bryson, a new portfolio we made for you.