Skip to main content

Privacy Policy

The personal data provided within the website or acquired in the context of the activity of Studio Legale Ingrosso&Partners will be processed in accordance with the principles of fairness, lawfulness, transparency and protection of confidentiality in compliance with EU Regulation 679/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

Pursuant to Article 13 EU Regulation No. 2016/679 (hereinafter, “GDPR”), we inform you that the processing of the data you provide will be carried out using methods and procedures aimed at ensuring that the processing of personal data is carried out with respect for the fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality and security, personal identity and the right to protection of personal data.
This Privacy Policy applies to all data collected through the website ingrossoepartners.com.

Data Controller
The Data Controller of the data collected from this Web Site is.

Lawyer Teresa Ingrosso
Piazza di Spagna 51
00187 Rome
P. VAT 13674591006

Subject of processing and origin of data
The use of the services offered through the wholesaleepartners.com site may involve the acquisition of personal and professional information of users, in order to fulfill their requests. More specifically, the personal information acquired through the site could be as follows:

Data provided voluntarily by the user
Types of personal data processed through the website are those strictly necessary for the provision of the service offered and may consist of personal data, contact data (e.g., address, e-mail, telephone number and fax number), tax data (e.g., company name, tax code and VAT number), professional data, data spontaneously provided by the user also in relation to the type of request made and data contained in any attachments spontaneously transmitted by the user. The provision of some of these data is mandatory, since without them those services that presuppose availability (e.g., contact data) cannot be provided to the user.

The user has the right to provide additional personal data, expressly marked as non-compulsory and completely irrelevant in relation to the provision of the service, but whose inclusion – optional, explicit and voluntary – involves their acquisition and processing in order to respond to requests forwarded by the user.

Users who have any doubts about whether certain data are mandatory should contact the Data Controller.

Personal data provided by the user must be true and up-to-date; the user assumes all responsibility in connection with the provision of false or out-of-date data.

Should the user provide personal data of third parties (e.g., family members or friends), he/she will make him/herself the autonomous owner of the processing of such data, assuming all legal obligations and responsibilities and conferring on the point the widest indemnity with respect to any dispute or claim that may be addressed to Studio Legale Ingrosso e Partners by the third parties themselves.

Special categories of data
It is possible that the user will give the Data Controller special categories of personal data, such as those revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the person’s health or sexual life or sexual orientation. These categories of data will be processed only with the explicit consent of the user, manifested at the time of sending their request.

Navigation data
The architecture responsible for the operation of the website acquires some personal data of the user, the transmission of which is, however, inherent in the use of network protocols. This is information that is not collected for the purpose of being associated with the user, but which by its very nature could, through processing and association with other data, allow the user to be identified. These are data that are collected for statistical purposes, with the aim of monitoring the proper functioning of the site and are also data that could be used for advertising purposes or to ascertain responsibility in case of hypothetical computer crimes against the site or third parties.

Purpose of Processing and Legal Basisfor Processing
The Data Controller may use the data collected, including users’ personal information, in order to provide, personalize and improve the service offered through the website and to carry out related administrative, accounting, tax and legal requirements.

The processing operations put in place for these purposes are necessary for the fulfillment of contractual obligations and do not require specific consent from the data subject.

To ensure the technical functionality of the service offered and to analyze its use by users. The processing operations put in place for these purposes are based on a legitimate interest of the Data Controller and do not require specific consent from the data subject.

To provide the user with functionality, information, advertising or other similar content. The processing put in place for these purposes is carried out with the specific consent provided by the user, with the exception of commercial communications relating to products and/or services similar to those already subscribed to by the user, for which the processing is based on a legitimate interest of the Controller.

Methods of processing
Processing is limited to the following operations and in the following manner:

  • Data collection from the data subject by filling out online forms;
  • Computer-based recording and processing;
  • Organization of archives in mainly automated form, through business applications and computerized master records;
  • Possible communication of data to third parties, duly authorized by the Data Controller.

Data will be processed using appropriate means to ensure confidentiality, integrity and availability, in compliance with appropriate technical and organizational security measures required by the GDPR.

The processing shall be carried out by means of computerized and/or automated systems and shall include all the operations or set of operations provided for in Article 4 of the GDPR and necessary for the processing in question, including communication in respect of the persons in charge of the processing itself.

Retention of data
Personal data provided by the user will be processed for the time strictly necessary to achieve the purposes for which they were collected or, in any case, for the period provided for the fulfillment of legal obligations, provided that it is not necessary to retain them further in order to defend or enforce a right or to comply with orders of the Authorities.

Access to Processing
Data will be made accessible, for the purposes stated above:

  • To employees/collaborators in their capacity as authorized processors, subject to appropriate appointment;
  • To third parties, identified as Data Processors by the Data Controller.

Your data will not be disclosed to unauthorized third parties.

Data Transfer
The management and storage of personal data will take place on servers located within the European Union of the Data Controller and/or third party companies appointed and duly appointed as Data Processors. Data will not be transferred outside the European Union.

Nature of data provision and consequences of refusal to respond
The provision of data for the purposes mentioned above is mandatory. In their absence, it will not be possible to proceed with the intake and response to your contact request.

Rights of the Data Subject
According to the provisions of the GDPR, the data subject has the following rights vis-à-vis the Data Controller:

  • To obtain confirmation as to whether or not personal data concerning him or her are being processed, and if so, to obtain access to the personal data (Right of Access Art. 15);
  • To obtain the rectification of inaccurate personal data concerning him/her without undue delay (Right to Rectification Art. 16);
  • obtain the erasure of personal data concerning him or her without undue delay, and the data controller has an obligation to erase personal data without undue delay if certain conditions are met (Right to be forgotten Art. 17);
  • Obtain limitation of processing in certain cases (Right to limitation of processing Art. 18);
  • receive in a structured, commonly used and machine-readable format the personal data concerning him or her that he or she has provided and has the right to transmit such data to another Data Controller, without hindrance from the Data Controller to whom he or she has provided it, in certain cases (Right to Data Portability Art. 20);
  • object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her (Right to object art. 21);
  • Receive without undue delay notice of the personal data breach suffered by the Data Controller (Art. 34);
  • Revoke express consent at any time (Conditions for Consent Art. 7).

Ways of exercising the right
You may also exercise your right to withdraw your consent at any time, without affecting the lawfulness of the processing based on your prior consent. Should you believe that the processing of your personal data has been carried out unlawfully, you may file a complaint with the Data Protection Authority. To exercise these rights, report problems or ask for clarification of the processing of personal data, you can send an e-mail to segreteria@ingrossoepartners.com or by registered mail to the address of the Data Controller

Updating thisPrivacy Policy
This Privacy Policy is subject to updates that will be posted on the Website on a timely basis.

Last updated 24/02/2025