Bressan Law Firm, pursuant to Art. 13 of the General Data Protection Regulation .2016/679/EU (hereafter referred to as “GDPR”) hereby informs the user about the management modes of this website with regard to personal information processing. This policy applies exclusively to the information that can be collected on the www.studio-bressan.com website (hereafter referred to as “Website”) and not from other websites potentially visited by accessing the links on this Website.
The Data Controller is Lucia Bressan, with the Law Firm in Via Giovanni Pozzobon, n.5 – 31100 Treviso (Italy).
Ph +39 0422 591494; Fax: +39 0422 557517;
External Data Processor
Pursuant to Art. no.28 of the GDPR, the Data Controller has appointed the company Sartoretto S.a.s., company owned by Luca Sartoretto & C., as the External Data Processor, due to their activities, which are auxiliary to the purposes of the services rendered through this Website. Specifically, Sartoretto S.a.s. is in charge of the technological maintenance of the Website.
Sartoretto S.a.s, owned by Luca Sartoretto & C. – Via Sant’Antonino, n.211, 31100 Treviso (Italy). Ph.: +39 0422 321610; Fax: +39 0422 325036; E-Mail: email@example.com.
The user shall be able to request the updated list of the External Data Processors directly from the Data Controller.
Modalities for processing personal data
The process of the users’ personal information shall be based on the principles of lawfulness, fairness and transparency, of protection of the confidentiality and of the user’s rights, and carried out through the operations or set of operations indicated in art. 4 of the GDPR (collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction).
The users’ personal data that can be collected through the Website shall be processed at the Law Firm in Treviso and at the offices of the External Data Processor.
Said data shall be processed by the employees and the internal collaborators of the Law Firm, appointed as Data Processors, as per art. 29 of the GDPR, and to whom the Data Controller has given detailed operative instructions particularly with regard to the minimum security measures. The users’ personal data shall also be processed by the appointees of the External Responsible for data processing in charge of the maintenance operations.
The processing shall be carried out by manual and automated means, involving logics that are strictly linked to the purposes and for the period of time strictly necessary to achieve the goals for which the data was collected. Bressan Law Firm has adopted all the specific necessary and adequate security measures required by law, in order to prevent the loss of data, unlawful or unfair use and unauthorised access.
In order to guarantee that the personal data is always exact, updated, complete and pertinent, we invite the users to inform us of any modification by writing an e-mail to: firstname.lastname@example.org
Categories of processed data
The IT systems and software procedures necessary for the functioning of this Website collect, during their normal functioning, certain personal data which is implicitly transmitted through the use of the Internet Communication Protocols. It is the case of information collected not to be associated with identified users, but could – for their very nature, through elaboration and association with data held by third parties – lead to identification.
This data shall be used for the sole purpose of obtaining anonymous statistic information on the use of the Website, to check the correct functioning and are immediately cancelled after elaboration. The data could be used to ascertain responsibility in case of alleged cybercrimes to the detriment of the Bressan Law Firm.
Data communicated by users
The optional, explicit and voluntary sending of e-mails and/or CVs to the e-mail addresses indicated on this Website entails the acquisition of the sender’s contact information, necessary to provide a reply as well as of any and all the personal data communicated in the e-mail and/or attached CV.
Particularly, the users who intend to submit an application and send their CVs, are kindly invited to pay due attention to the contents. The data contained in the CVs and applications shall be processed for the sole purpose of management of the selection procedures and of analysis of the candidate’s profile, as well as for any subsequent contact aimed at scheduling a job interview.
Pursuant with art. 9 of the GDPR, in the event the CV shall contain special categories of personal data (namely personal data regarding race or ethnicity, political or religious beliefs, biometric data univocally identifying a natural person), the process of said data shall necessarily be preceded and accompanied by the user’s written consent for said processing.
The processing of data shall be limited to the period of time strictly necessary for the evaluation of the application. Once the evaluation is done, in case of negative response, the Law Firm shall destroy the application and thus cancel the data.
Discretionarily of conveying personal data
Without prejudice to what concerns browsing data and cookies, the users are free to transmit their personal data to request the sending of informative materials or other communications, or to submit applications though the online form on the “Career” page of the Website. Nonetheless, the failure to provide said data determines the impossibility for the Law Firm to send the requested information to the users or to take into consideration the application.
Data sharing, communication and disclosure
The personal data of users who send requests to receive informative materials (brochures, law firm news, etc.) are used for the sole purpose of rendering the requested services and shall not be disclosed to third parties. The users’ personal data shall not be disclosed to anyone, except when: the users explicitly give their consent to share their data with third parties; it is necessary to share the information with third parties in order to render the requested services; it is necessary in order to respect the requests of Public Security or Judiciary Authority.
The users’ rights
Articles 15 to 21 of the GDPR confer the users, as data subjects, a series of rights and capacities. Namely, the users have the right to obtain confirmation of the existence of their personal data at any time, their content, origin, purpose and processing modalities.
The users have the right to request the communication of their data in intelligible form, their update, rectification or integration, or cancellation (‘the right to be forgotten’), block or transformation on anonymous form in the event the data was processed in violation of the Law, including the information not necessary for the purposes for which it had been collected or successively processed. Morever, the users have the right to oppose, in any case, for legitimate reasons the processing of their data.
The above-mentioned rights shall be exercised with the Data Controller, by contacting her at the above-mentioned contact details.
The Bressan Law Firm periodically checks their Privacy and Security Policies and, if necessary, updates them in relation to the regulatory or organisational modifications, or requested by technological evolution. In case of modification of the policy, the new version shall be published on this page of the Website.
Bressan Law Firm – Via Giovanni Pozzobon 5 , 31100 Treviso (Italy).
Ph.: +39 0422 591494; Fax: +39 0422 557517;
In compliance with the provision of the Data Protection Supervisor, 8th May 2014, ‘Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies’, we inform the users that the Bressan Law Firm Website uses ‘technical cookies’ with the sole purpose of guaranteeing the correct functioning of the Website and of its functions.
The use of ‘session cookies’, which are not persistently memorised on the computer of the user and disappear when closing the browser, is strictly limited to the transmission of session IDs (random numbers generated by the server), necessary to consent safe and effective exploration of the Website.
The Website also uses delocalisation data, for the correct functioning of the map localisation system. Said session cookies end their validity at the end of the surfing session or after a period of inactivity of the user fixed by the server and avoid the recourse to other information techniques which could violate the users’ surfing confidentiality.
Cookies are not used to transmit personal information, nor are any type of persistent cookies used.
The Website also uses analytic cookies, created and made available by a third party (namely Google Analytics) to collect information, in aggregate form, about the number of users and how they visit the Website for the purposes of internal statistical analysis and to improve the Website and its use, as well as to monitor its correct functioning.
The users can selectively disable Google Analitcs, by installing on their browser an opt-out plug in provided by Google. To disable Google Analytics click here
For mobile devices, please consult the preference system settings for each operative system.