Privacy Policy

1. Data Controller
The data controller is [Your Name/Company Name], contactable at [Your Email Address].

2. Legal Basis for Processing
We process your personal data based on:
- Contractual Necessity: To deliver the digital content you requested.
- Legitimate Interest: To ensure the security of our website and prevent fraud or spam (Rate Limiting).
- Consent: For sending you periodic newsletters and marketing updates.

3. Data Collected
- Contact Information: Your email address.
- Technical Data: IP address (used for security monitoring) and timestamps.
- Consent Logs: Version of the policy accepted and date of opt-in.

4. Data Retention
We retain your personal data only as long as necessary:
- Security Logs (IP): Stored for a maximum of 30 days to prevent abuse and then automatically deleted.
- Contact Data: Retained until you withdraw your consent or request deletion. In case of unsubscription, we may keep a record of your request to ensure you are not contacted again.

5. Third-Party Processors & Data Location
Your data is processed through Brevo (Sendinblue SAS), a Data Processor based in France (EU). A Data Processing Agreement (DPA) is in place to ensure compliance with GDPR standards. You can view their Privacy Policy here: https://www.brevo.com/legal/privacypolicy/

6. Your Rights (under GDPR)
You have the right to access, correct, delete, or limit the processing of your data. You also have the right to data portability and to withdraw your consent at any time. To exercise these rights, click the "unsubscribe" link in our emails or contact us at [Your Email Address].

7. Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority (e.g., the Garante Privacy in Italy) if you believe your data is not being handled correctly.

8. PROOF OF INTEGRITY
This document is protected by a digital SHA-256 Hash. Every subscription is linked to the specific fingerprint of the text accepted at that moment.