Privacy Policy

Pavesio e Associati law firm, having VAT number 09454800013 and offices in Corso Vittorio Emanuele II, no. 68 Turin and in Via Bigli, no. 2, Milan (the “Firm”) hereby provides you, via this Policy, some information concerning how the website functions in relation to the processing of your data as users.

The Policy constitutes a privacy statement pursuant to article 13 of Regulation EU 2016/679 (“GDPR”), for data subjects accessing the website, solely in relation to that website, excluding any other websites that the user may access via links contained therein.

The privacy statement may be subject to revision if and when new law provisions come into force; we therefore invite the user to periodically check this webpage.


    • Data Controller
      • In relation to this website the data controller is Pavesio e Associati law firm (the “Data Controller”).
      • Should you require clarification or wish to exercise data subject rights, the Data Controller may be reached by email at:
    • The data processing deriving from the use of the website is carried out at the Data Controller’s premises.
    • Data categories, purposes and processing methods
      •  Similarly to every website, this website uses log files that store the information that is automatically collected during users’ visits. The electronic systems and the software procedures that allow the functioning of this website collect, upon their regular use, certain data whose transmission is implicit in the use of internet communication protocols. Such information is not collected in order to be associated with identified data subjects, however, given its nature, through processing and association with data retained by third parties, it may allow for the identification of users. Some information collected may include the following:
        • internet protocol address (IP);
        • browser category and parameters of the device used to connect to the website;
        • name of the internet service provider (ISP);
        • date and time of the visit;
        • referral and exit web page of the user;
        • possibly the number of clicks.
      • The above-mentioned information is automatically processed and collected in aggregated form only, in order to verify the proper functioning of the website, and for safety reasons. Such information will be processed pursuant to legitimate interests of the Data Controller.
      • For safety purposes (anti-spam filters, firewalls, virus detection), the data automatically registered may possibly include also personal data such as the IP address, which may be used, in compliance with the relevant legislation in force, in order to halt attempts to damage the website itself or to damage other users or, in any case, harmful or criminal activities. These data are never used to identify or profile the user: they are only used to protect the website and its users.
      •  The website allows the user to upload communications or specific requests, including submitting a Curriculum Vitae with regard to potential job opportunities. In such instance, the website registers some identifying data of the user, such as name, surname and email address for the purpose of the communication initiated by the user. Such data are deemed voluntarily supplied by the user at the time of the communication. By uploading personal data, the user gives consent to the processing of those data by the Data Controller.
    • Recipients of personal data
      • Personal data shall not be made available to the public and may only be disclosed for the above-mentioned purposes, to natural persons and legal persons who collaborate with or work for the Firm and who have signed a confidentiality undertaking or have an appropriate statutory obligation of confidentiality.
      • Personal data may also be disclosed to natural and legal persons as may be needed for the fulfilment of the activities and services offered through the website (e.g. sending e-mails), also as data processors, and to public authorities according to the applicable provisions of the law.
      • The Data Subject is entitled to request the Controller for a list of names and contacts of the entities belonging to the above-mentioned categories to which the relevant personal data have been disclosed.
    • Data Retention
      • The data collected by the website during its use are used solely for the above-mentioned purposes and are retained for the time strictly necessary to carry out the specified activities and, in any case, for no longer than 1 year.
      • The data used for security purposes (to stop attempts to damage the website) are retained for the time strictly necessary to achieve said purpose.
    • Data supplied by the user
      • The optional, explicit and voluntary sending of email messages to the email addresses indicated on the website entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as other data and information set out in the relevant message.
      • The data and information that the website users communicate whilst using the website services and tools are provided knowingly and voluntarily by the user, and as a result, the Data Controller is free from any liability with regard to potential breaches of applicable laws.
      • If the user provides – or in any other way processes – third-parties’ personal data, he or she acts as an autonomous data controller and, in any case, guarantees that there is an adequate legal basis pursuant to articles 6 and 9 of the GDPR entitling him or her to that processing. The user shall also confirm that they have the necessary permission to upload contents protected by national and international law provisions.
    • Plugin Social Network
      • This website does not incorporate any plug-ins or social network buttons.
    1. The Data Subject may exercise all the rights provided for by articles 15-22 of the GDPR by contacting the Data Controller via the addresses set out section 1.
    2. In particular, the Data Subject has the right to:
      • obtain confirmation as to whether or not the data subject’s personal data is being processed, even if not recorded yet, and to obtain communication of such data in an intelligible form;
      •  obtain, inter alia, details of: (i) the source of the data; (ii) the purposes and methods of the processing; (iii) the identification data regarding the Data Controller; (iv) the recipients or categories of recipients to whom the data may be disclosed or which may acquire the data, including in their capacity as processors; (v) the categories of the relevant personal data; (vi) when possible, the retention period or the criteria determining said period; (vii) the existence of the right to request the correction, the erasure and/or the limitation of the processing of the data; (viii) the existence of the right to object to the processing; (ix) the right to lodge a complaint with the national data protection authority; (x) the existence of automated decision-making processing, including profiling;
      • obtain: (i) the correction or integration of data; (ii) the limitation of the processing, if possible; (iii) the portability of data, if applicable; (iv) the certification that the actions as per points (c)(i) and (ii) and (d)(i) have been communicated , also with regard to their content, to the entities to whom the data were communicated or sent, unless it is impossible to fulfil such obligation or entails a manifestly disproportionate means compared to the protected right;
      • obtain: (i) the erasure of data when provided by law;
      • withdraw the consent to the processing of personal data;
      • object, in whole or in part: (i) on legitimate grounds to the processing of the data, even though they are relevant to the purpose of the collection; and (ii) to the processing of personal data for the purposes of sending communications;
      • lodge a complaint before the Italian Data Protection Authority.
    1. This website may share some of the data collected with services located outside the European Union. Such data will never be transferred to countries outside the European Union that do not comply with the security conditions set forth by articles 45 et seq. of the GDPR.
      • This website shall process the users’ data in a lawful and proper manner, implementing the appropriate security measures aimed at preventing unauthorized accesses, disclosure, modification or destruction of the data. The processing shall be carried out through electronic and/or IT means, with organization modalities and rationales strictly connected with the above-mentioned purposes.
      • In addition to the Data Controller, in some cases, categories of persons involved in the organization of the Firm (lawyers, administrative staff, system administrators) or persons outside the Firm (such as third-party technical services suppliers, hosting providers, information technology companies) may have access to the data.



This document, which is available at: is the cookies policy of this website.

The document was last revised on 15.09.2022.

Privacy and Cookie Policy

The Firm uses cookies or similar technologies for exclusively technical purposes.