Privacy Policy

This Policy has been provided in line with Art. 13 of the Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter the “GDPR”) and it is aimed to illustrate the means and purposes of the processing of personal data performed by Panetta & Associati Law Firm, with registered office at Via Arenula 83, Rome, in its quality of data controller (hereinafter the “Data Controller”), through the website (the “Website”).

Please note that the processing of users’ personal data will take place in Italy only, in full compliance with all applicable data protection laws and regulations.

In any case, the Data Controller reserves itself the right to amend or modify, where and if necessary, the present Policy, provided that it will duly inform users of such changes, as the case may be.

For any further information and/or clarifications, it is possible to contact the Data Controller at the following address:



This Website is designed in order to minimize the collection and the use of users’ personal data, as well as to exclude the processing of such data in all cases the purposes described in the following can be realized with different means.

For the avoidance of doubt, please note that this Policy only refers to the Website and that is shall not cover other web pages or third parties’ websites accessible via external links.

To this extent, we invite all users to read the relevant privacy policies in order to collect all the information about the data processing activities performed by any third parties’ websites.



Your personal data will be processed by the Data Controller within the limits and for the sole purposes of the provision of the services accessible through the Website, in particular:

  • answering to users’ request sent via the Contacts section;
  • sending of newsletter for information purposes, only upon users’ previous consent.



Personal data provided directly from users

The provision of personal data from any users (e.g. name, surname, email address), will involve the inevitable acquisition of such data from the Data Controller and their subsequent processing aimed at the sole purpose of answering the received queries.

To this extent, in case the user prefer that the Data Controller does not collect his or her personal data, he or she is invited not to send any request or, at least, to provide the fewest amount of personal data possible.

Data related the Users’ navigation

The Website uses a monitoring tool in order to collect information related the Users’ visits on the Website. The data are collected in an aggregate mode and they are not able to identify any data subject. The sole purpose of the data collection is a statistical and analitical study of the visits by the Users (e.g. geolocalization, type of devices used to visit the Website, timing of visits page by page, etc.). In any case the data as described above will not be merged with other information in order to identify single Users.



All personal data will only be processed electronically, however the processing via paper means may not be excluded as such.

The processing will be performed only by those subjects who have been duly authorized to do so by the Data Controller, in compliance with the provisions set forth by applicable data protection laws and regulations.

The same personal data, will be kept in a format that allows user identification only for the time strictly necessary to fulfill the purposes for which the data have been originally collected and, in any case, within the limits set forth by applicable laws and regulations.



The personal data collected by the Data Controller will not be shared or communicated to third parties, unless upon specific consent of the data subject.

It shall remain intended that the personal data of the users may be communicated to third parties, such as police authorities, only where this is necessary with respect to a law or an order issued from a competent authority.



The Data Controller will adopt all the necessary security measures aimed at reducing the risk of destruction, loss, even accidental, unauthorized access, forbidden or illicit processing in contrast with the purposes specified herein.



The Data Controller will provide confirmation of the existence of the personal data of the user, even where not registered yet, and will also provide them to the data subject in an intelligible format, upon request.

In addition to the above, the data subject, in compliance with applicable law, has the right to:

  • access, update, ask for rectification or, as the case may be, integration of his or her personal data;
  • cancellation, anonymization, blocking or limitation of the processing;
  • Objection to the processing of his or her personal data.

The rights above can be exercised freely, at any time and without hindrance, also by means of a written request to the Data Controller sent at