Please read the following notice carefully, prepared pursuant to Article 13 of the General Data Protection Regulation no. 2016/679 (hereinafter also the "GDPR"), in which we provide full details regarding the processing of your personal data collected through the website www.bambinoepartners.it (hereinafter also the "Website").
1. WHO PROCESSES YOUR DATA?
Data Controller
The data controller for personal data relating to the Website is Bambino & Partners, with registered office at Viale Antonio Gramsci 17/B, 80122, Naples (NA), tax code/VAT number 08042971211 (hereinafter the "Controller" or the "Firm").
Data Protection Officer
The Controller has appointed a Data Protection Officer (DPO), reachable at the following e-mail address: info@@bambinoepartners.it.
Other parties to whom your data may be disclosed
Your data may be shared with: — staff engaged by the Firm and, where applicable, its professionals who have committed to confidentiality or are subject to an appropriate legal obligation of confidentiality; — parties delegated and/or engaged by the Controller to carry out activities strictly related to the pursuit of the purposes indicated below (including technical maintenance of systems), where necessary duly appointed as data processors.
Your personal data may be transferred outside the European Economic Area in full compliance with the provisions of Articles 44 et seq. of the GDPR.
2. WHAT TYPES OF DATA DO WE COLLECT?
Data voluntarily provided by the user
Email contacts: The Website offers users the opportunity to voluntarily provide personal information by sending e-mails to request information and/or establish contact with the Firm's professionals, thereby providing the Controller with their e-mail address and any other data spontaneously submitted by the user via e-mail.
Third-party data
Should you choose to provide us with third-party data, please ensure that such individuals have been previously and adequately informed of the methods and purposes of processing described herein. In such circumstances, you act as an independent data controller, assuming all legal obligations and responsibilities accordingly.
Browsing data
We collect the following data through the services you use: — technical data: This category includes the IP addresses or domain names of computers used by users connecting to the Website, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the server's response status (success, error, etc.) and other parameters relating to the user's operating system and IT environment. These data are used solely for statistical purposes (and are therefore anonymous), to monitor the correct functioning of the website, and are deleted immediately after processing. The data may be used to ascertain liability in the event of hypothetical cybercrime against the website: save for this eventuality, web contact data are not retained for more than 7 days; — data collected using cookies or similar technologies: for further information, please visit our Cookie Policy.
3. FOR WHAT PURPOSES DO WE PROCESS YOUR DATA?
The personal data you provide through the Website will be processed for the following purposes:
a) for purposes strictly connected to and/or necessary for fulfilling requests submitted from time to time by the user through the Website by e-mail or other means of communication, including requests to attend events and conferences; b) to receive e-mail updates on the main news and developments promoted by the Firm; c) to ensure compliance with legal obligations, regulations and EU rules; d) to establish, exercise or defend a right in legal proceedings or whenever judicial authorities exercise their judicial functions; e) to carry out statistical surveys.
With regard to the purposes referred to in points a) and b), the legal basis for the processing of your personal data is Article 6(1)(b) of the GDPR — performance of a contract to which the data subject is party or implementation of pre-contractual measures taken at the data subject's request.
With regard to the purpose referred to in point c), the legal basis for the processing of your personal data is Article 6(1)(c) of the GDPR — compliance with a legal obligation to which the Controller is subject.
With regard to the purpose referred to in point d), the legal basis for the processing of your personal data is Article 6(1)(f) of the GDPR — legitimate interests pursued by the Controller.
With regard to the purpose referred to in point e), the legal basis for the processing of your personal data is Article 6(1)(f) of the GDPR — legitimate interests pursued by the Controller.
4. HOW LONG DO WE RETAIN YOUR DATA?
Personal data will be retained in paper and/or electronic form for the period strictly necessary to pursue the purposes referred to in section 3.
With regard to the processing referred to in section 3(a), your data will be retained for the period strictly necessary to fulfil your request, unless retention is required to comply with legal obligations or to protect the Controller's legitimate interests. In particular, data and documents sent to individual professionals for attendance at events and conferences, or submitted via the relevant registration form, will be retained by the Controller for a period not exceeding the achievement of the purposes set out in this Notice.
With regard to the processing referred to in section 3(b), your data will be retained for the period strictly necessary to achieve the said purpose, unless retention is required to comply with legal obligations or to protect the Controller's legitimate interests. In the event of prolonged inactivity of the access account, such data will be automatically deleted after a period of 24 months.
With regard to the processing referred to in section 3(c), your data will be retained for the period strictly necessary to enable the Controller to fulfil the legal obligations to which it is subject.
With regard to the processing carried out for the purpose referred to in section 3(d), your data will be retained for the period strictly necessary to enable the Controller to establish, exercise or defend a right in legal proceedings or whenever judicial authorities exercise their judicial functions.
With regard to the processing carried out for the purposes referred to in section 3(e), your data will be processed for the period strictly necessary to achieve the statistical purposes for which they were collected.
5. HOW CAN YOU EXERCISE YOUR RIGHTS?
Withdrawal of Consent
To withdraw your consent, you may contact the Controller at any time by writing to info@bambinoepartners.it. Your consent is entirely optional and may be withdrawn at any time without affecting the lawfulness of processing carried out prior to withdrawal on the basis of the consent previously given.
Exercise of Your Rights
In accordance with the provisions of the GDPR, you have the right to request from the Controller, at any time, access to your personal data, rectification or erasure thereof, or to object to their processing. You are also entitled to request restriction of processing in the cases provided for under Article 18 of the GDPR, and to receive the data concerning you in a structured, commonly used and machine-readable format, in the cases provided for under Article 20 of the GDPR.
Requests may be addressed to the following e-mail address: info@bambinoepartners.it.
Finally, we remind you that you always have the right to lodge a complaint with the competent supervisory authority (the Italian Data Protection Authority — Garante per la Protezione dei Dati Personali), pursuant to Article 77 of the GDPR, if you consider that the processing of your personal data is contrary to applicable law.
6. HOW DO WE ENSURE THE PROTECTION OF YOUR DATA?
Your personal data are processed by the parties referred to in section 1, in compliance with applicable law. In particular, to ensure the security of your data taking into account the state of the art and the costs of implementation, as well as the nature, scope, context and purposes of processing, and the risks of varying likelihood and severity to the rights and freedoms of our users, we have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
7. WHEN WAS THIS NOTICE LAST UPDATED?
This notice was published in March 2026 and may be subject to amendments over time, including those connected to the entry into force of new sector regulations, the update or provision of new services, or technological developments.