Get in touch

Privacy Policy

Last updated: June 1, 2025

This Privacy Policy describes how Andrea Battaglia (hereinafter “the Company,” “we,” “us,” or “our”), located in Italy, collects, uses, discloses, and safeguards personal data when you visit our website (https://andreabattaglia.info) or otherwise engage with our business‐and‐technology advisory services. We are committed to protecting your privacy and complying with (i) the EU Regulation 2016/679 (General Data Protection Regulation, “GDPR”) and (ii) Italy’s Legislative Decree no. 196/2003 (as amended by Legislative Decree no. 101/2018). By using our website or providing us with your personal data, you agree to the terms of this Privacy Policy.

1. Data Controller

Name:
Andrea Battaglia (sole proprietor)

Registered Address:
Viale John Fitzgerald Kennedy 2/D – 89900 – Vibo Valentia – Italy

Contact Email:
andrea@andreabattaglia.info

Contact Telephone:
+39 328 109 3652

The Company is the Data Controller, responsible for deciding the purposes and means of processing your personal data.

2. Categories of Personal Data Collected

We collect only the personal data necessary to provide our advisory services, manage business relationships, and operate our website effectively. The categories include:

  1. Contact Information
    • Name, email address, telephone number, company/organization name.

  2. Professional Information
    • Job title, industry sector, company size, role or responsibilities.

  3. Technical/Usage Data (automatically collected)
    • IP address, device type, browser type and version, operating system, referring website, pages visited, time and date of access, duration of visit, and other analytics data for website performance and security.

  4. Communications Data
    • Any information you provide when contacting us via email, phone, or through web-based forms (e.g., questions, comments, and project details).

  5. Cookies and Similar Technologies
    • Cookies, web beacons, and comparable technologies as detailed in Section 5 below.

3. Purposes of Processing & Legal Bases

We process your personal data for the following purposes, under the legal bases set forth in Articles 6(1) and 9 of the GDPR:

  1. To Provide Advisory Services (Contract Performance, Art. 6(1)(b))
    • Managing inquiries, proposals, contracts, deliverables, and billing.
    • Coordinating project timelines, meetings, and consulting engagements.

  2. To Fulfill Legal and Regulatory Obligations (Legal Compliance, Art. 6(1)(c))
    • Keeping accounting records and issuing invoices in compliance with Italian tax laws.
    • Complying with anti-money-laundering and anti-fraud regulations, where applicable.

  3. To Improve Our Website and Service Quality (Legitimate Interest, Art. 6(1)(f))
    • Monitoring traffic patterns and usage analytics to optimize performance and user experience.
    • Detecting security incidents, preventing malicious activity, and ensuring the integrity of our systems.

  4. To Communicate with You (Legitimate Interest / Consent, Art. 6(1)(f) and Art. 6(1)(a))
    • Sending administrative information (e.g., confirmations, billing notices, updates to policies).
    • Responding to your questions, feedback, or requests.
    • Marketing communications regarding new services, upcoming events, or newsletters—only if you have opted in.

  5. To Manage Cookies and Similar Technologies (Consent, Art. 6(1)(a))
    • Storing or accessing cookies on your device, provided you have given consent.
    • Tracking preferences to remember your settings on subsequent visits.

4. Cookies and Tracking Technologies

When you visit our website, we use cookies and similar tracking technologies to recognize your device, remember preferences, analyze site usage, and improve performance. You may manage or revoke your cookie consent at any time via our cookie banner or your browser settings.

  1. Essential/Strictly Necessary Cookies
    • Required for basic website functionality (e.g., navigating between pages, security).
    • These cookies do not collect information for marketing or analytics.

  2. Performance & Analytics Cookies
    • Collect anonymous information about how visitors use the site (e.g., pages visited, time spent).
    • Help us enhance user experience and troubleshoot technical issues.
    • We rely on Google Analytics (anonymized) for traffic analysis. You can opt out by following the instructions at https://tools.google.com/dlpage/gaoptout.

  3. Functional Cookies
    • Remember choices you make (e.g., language), to provide enhanced, personalized features.

  4. Marketing/Advertising Cookies
    • May be set through our site by partners for personalized ads.
    • We do not use third-party marketing cookies without explicit consent.

5. Recipients and Disclosure of Personal Data

We will not sell or rent your personal data. We disclose personal data only to the following categories of recipients:

  1. Service Providers & Data Processors
    • IT infrastructure providers (web hosting, email services)
    • Accounting and invoicing platforms
    • Marketing automation and newsletter services (only if you subscribe)
    • Professional advisors (e.g., legal, tax, or audit consultants), when necessary to comply with legal obligations.

All third-party processors act under our instructions and have committed to GDPR-compliant processing. We implement technical and organizational measures (e.g., data-processing agreements) to ensure your data remains secure.

  1. Legal Authorities
    • We may disclose personal data if required by law, to respond to a subpoena, or to protect our legal rights (e.g., in case of investigations or litigation).

  2. Business Transfers
    • In the unlikely event of a corporate reorganization, sale, or merger, your data may be shared with prospective or actual acquirers and their advisors. We will notify you of any change in ownership or control of your personal data.

6. International Data Transfers

Your personal data will be processed and stored on servers located within the European Economic Area (EEA). If we need to transfer data outside the EEA, we will ensure appropriate safeguards—such as Standard Contractual Clauses approved by the European Commission—are in place to protect your data in compliance with Chapter V of the GDPR.

7. Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, and to comply with statutory retention periods under Italian law:

  • Client Records and Contractual Data: Retained for a minimum of ten (10) years from the end of the fiscal year in which the contract was performed, as required by Italian tax and commercial regulations.

  • Marketing & Newsletter Subscriptions: Retained until you withdraw consent or unsubscribe.

  • Website Analytics and Log Files: Aggregated analytics are retained for up to twenty-four (24) months, after which data is anonymized or deleted.

8. Data Security

We implement appropriate technical and organizational measures to safeguard your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, including:

  • Encryption (HTTPS/TLS) for data in transit.

  • Firewalls, anti-malware, and intrusion-detection systems on our servers.

  • Access controls and role-based restrictions for employees and contractors.

  • Regular security assessments and software updates.

However, no method of data transmission over the Internet can be guaranteed as 100% secure. We encourage you to use strong, unique passwords and keep your own systems updated.

9. Your Rights as a Data Subject

Under the GDPR and Italian data protection law, you have the following rights with respect to your personal data. To exercise any of these rights, please send a written request to andrea@andreabattaglia.info or by postal mail to our registered address.

  1. Right of Access (Art. 15 GDPR)
    • Obtain confirmation of whether personal data concerning you is being processed, and request a copy of that data.

  2. Right to Rectification (Art. 16 GDPR)
    • Request correction of inaccurate or incomplete data without undue delay.

  3. Right to Erasure (“Right to Be Forgotten,” Art. 17 GDPR)
    • Request deletion of your data when it is no longer necessary for the purposes for which it was collected or if you withdraw consent and no other legal basis applies.
    • Note: We may retain certain data if required by law (e.g., tax or accounting obligations).

  4. Right to Restriction of Processing (Art. 18 GDPR)
    • Request that processing be restricted in certain circumstances (e.g., if you contest the accuracy of data).

  5. Right to Data Portability (Art. 20 GDPR)
    • Receive your personal data in a structured, commonly used, and machine-readable format, or request transmission to another controller, where technically feasible.

  6. Right to Object (Art. 21 GDPR)
    • Object to processing based on legitimate interests or direct marketing.
    • If you object to marketing communications, we will cease such processing immediately.

  7. Right Not to Be Subject to Automated Decision-Making (Art. 22 GDPR)
    • You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you.

  8. Right to Withdraw Consent (Art. 7(3) GDPR)
    • When processing is based on consent (e.g., cookies or newsletters), you may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal.

  9. Right to Lodge a Complaint (Art. 77 GDPR)
    • With a supervisory authority. In Italy, the competent authority is the “Garante per la protezione dei dati personali” (www.garanteprivacy.it).

10. Minors

Our services and website are intended for persons aged 18 or older. We do not knowingly collect personal data from minors. If you become aware that we have inadvertently collected data from someone under 18, please contact us; we will promptly delete that information.

11. Children’s Privacy

We do not target or sell services to children under 18. If you believe we have collected data from a child, please notify us at privacy@andreabattaglia.info so we can remove it immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy at any time to reflect changes in legal requirements or our business practices. When we post modifications, we will revise the “Last updated” date at the top. If changes are significant, we will provide more prominent notice (e.g., email notification or banner on our website). Your continued use of our website or services after publication of changes constitutes acceptance of the revised policy.

13. Contact Information

If you have any questions, requests, or concerns regarding this Privacy Policy or how we process your personal data, please contact us:

  • Data Controller & Contact:
    Andrea Battaglia
    privacy@andreabattaglia.info
    +39 328 109 3652
    Viale John Fitzgerald Kennedy 2/D – 89900 – Vibo Valentia – Italy

  • Data Protection Officer (if appointed):
    Not appointed. The Data Controller can be reached at the contact details above.

By using our website and/or engaging our advisory services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.