Privacy Policy

Summary

This Policy complies with Italian Legislative Decree 196/2003 (“Codice Privacy”) and the EU Regulation 679/2016 (“GDPR”) and explains how I collect and process the data you provide me.

This Privacy covers:

  • Who’s responsible for the treatment of your data
  • Why your privacy matters
  • How I collect and use your data
  • Which data do I process and store
  • Where I store your data
  • Purpose, legal basis, and nature of processing
  • Service providers I use
  • How I link to other sites
  • Who has access to your data
  • Location and transfers of your data
  • How I keep your data confidential
  • How long I will retain your data
  • Your rights
  • Changes to the Privacy Policy

Who’s responsible for the treatment of your data

This website and its content are created, managed, and administered by Veronica Fossa (VAT ID: IT04221560248), the owner of the individual company located at Via S.G. Barbarigo 45, 36010 Zanè (Vicenza), Italy, with VAT ID 04221560248 and Registration Number in the Vicenza Chamber of Commerce REA: VI-388443. Veronica Fossa is the owner and data controller under the current regulations.

Email: veronica@veronicafossa.com

Why Your Privacy Matters

Your privacy is as important as mine. I’m uncomfortable with data stored by companies, governments, and organisations, so I only ask for essential data. I’ll use your data only to respond to your requests, and I won’t grant access to anyone unless necessary for contract execution, response to your requests, or as required by law.

How I Collect and Use Your Information

I ask for contact information, including your name, email address, and phone number, on my website to reply to your inquiry. I use privacy-focused analytics. That means my website doesn’t use cookies or scripts that track the websites you visit. I also don’t use native social media ‘like’ or ‘sharing’ buttons, which also build profiles of your internet activity.

I collect your email address when you sign up for my newsletter. I ask for your account and contact information when you hire or buy something from me. Occasionally, I might receive your contact information from one of my partners. If I do, I protect it in exactly the same way as if you give it to me directly.

How I Collect and Use Your Information

To respond to your requests, I may ask for your contact details (name, surname, email address, phone number and VAT Number for purchases) or other information necessary to address your inquiries.

You may provide data through an account creation (required for downloading material or purchasing products) or by subscribing to my newsletter (email).

For specific requests, I may require additional information/data necessary to customise consultation/responses/services to your specific needs.

Of course, I’ll treat any additional information you provide in compliance with privacy regulations.

I won’t collect, process, or store data without your consent. However, to proceed with purchases or use downloadable material, you must provide data and consent to their processing and storage, or else I cannot respond to your requests.

Data provision and consent for informational communication such as newsletters are optional and necessary only if you wish to receive informative communications by subscribing to the newsletter.

Data processing occurs exclusively electronically, using tools and IT software to ensure the security and confidentiality of provided data. I protect the stored information against unauthorised access.

I use a GDPR, CCPA, and cookie law-compliant website data analysis tool called “Plausible“, which monitors website usage without collecting personal or identifiable information.

The website uses only technical and functional cookies anonymously.

I also refrain from using native social media ‘like’ or ‘share’ buttons that create profiles of your online activity.

At times, I may receive your contact information from partners to whom you have already given consent. If this happens, your data will be treated as if you provided it directly.

Which information do I process and store

  • When you contact me via email or through the Contact and the Brief submission forms on my website, I collect your name, surname, email address, phone number, your company’s name, and/or the name of the company you work for, the sector you operate in, and your job title/role.
  • I collect your email address and name if you subscribe to my newsletter or want a free resource (which you can only receive by subscribing to my mailing list). I may also ask for the name of your company and/or the name of the company you work for, the sector in which you operate, or your job title/role.
  • If you purchase products and services through my website, I collect your name and surname, tax code (if you’re resident in Italy), your VAT number (if you intend to be invoiced with VAT as a company, sole trader, or professional), the name of your company, the address and state of residence or business headquarters. Additionally, I keep track of the invoices I send you and the payments you make. 
  • My payment provider processes all purchases. I never have access to your debit/credit card information. Additional information about your billing address may be required to comply with the European law on digital VAT.
  • Some data is mandatory and essential by law to complete the purchase and/or respond to your requests. Other additional data is used to tailor responses to your specific needs and provide a better service.

Where I store your information

If you contact me or if we work together, your data may be stored and/or processed through my:

  • Website ‘https://veronicafossa.com,’ if you submit a contact request or a project brief;
  • Email provider ‘Gmail,’ if you send me an email;
  • Email and automation provider ‘ConvertKit,’ if you subscribe to my newsletter;
  • Payment provider ‘PayPal,’ if you purchase something from my online store;
  • Cloud service ‘Google Drive,’ where weekly backups are stored.

I have chosen these systems also for their commitment to security.

Purpose, legal basis, and nature of processing

I process your data for these purposes:

  1. Purposes related to the execution of a contract to which you are a party (for a purchase you made on my website) or the execution of pre-contractual measures adopted at your request (for example, contact request through the Contact form, newsletter subscription, purchase of consultancy services via video call, booking or purchase of a course, etc.), or informational purposes about my services and products (for example, newsletter subscription request). In this case, the legal basis justifying the processing is your consent to allow me to provide a service or respond to your request.
  2. Purposes of research/statistical analysis on aggregated or anonymous data, without the possibility of identifying the user, to measure the site’s functioning, assess traffic, and evaluate usability and interest;
  3. Purposes related to fulfilling a legal obligation to which I am subject;
  4. Purposes necessary to ascertain, exercise, or defend a right in court or related to cases in which judicial authorities exercise their functions. Data processing is required to fulfil a legal obligation in these two cases.
  5. You can choose not to provide your personal data; however, I cannot respond to your request in such a case.
  6. Regarding the informational purposes of my services and products, you can always unsubscribe from these communications whenever you wish, and I will no longer send them to you. Sometimes, you may also choose the frequency you receive this information.
  7. I may also email or call you to promote my products and services. However, I’ll stop contacting you if you no longer want to. I’ll use your information to send you invoices, statements, or reminders.

Service providers I use

I may rely on third-party companies and individuals to facilitate, provide on my behalf, perform, or assist in monitoring and analysing my service. I have only granted access to your personal information to perform these tasks on my behalf. They are obligated not to disclose or use them for other purposes. Here is a complete list of the service providers I use:

  • Plausible, compliant with GDPR, ePrivacy, CCPA, and PECR for website analysis – Privacy Policy.
  • ConvertKit, to send you communication and marketing emails – Privacy Policy.
  • Gravity Forms, for the forms on this website – Privacy Policy.
  • PayPal, for online payments – Privacy Policy.
  • WooCommerce, an e-commerce plugin for creating and managing an online store – Privacy Policy.

Who has access to your information

I may share your personal data for the purposes I’ve indicated above with:

  1. The service mentioned above and collaborators of my business (legal and commercial) limited to the strict necessities of fulfilling your order and in compliance with privacy regulations.
  2. External entities (such as third-party technical service providers, hosting providers, and IT companies).
  3. Judicial authorities in the exercise of their functions.
  4. Entities performing ancillary and instrumental tasks related to my business.

Location and transfers of your data

Your data is stored at the operational headquarters of the hosting provider Guru in Hemel Hempstead, UK. For further information, you can contact me. The data may be processed by individuals and/or legal entities operating on my behalf under specific contractual constraints and based in EU member countries. Some of your personal data may be transferred to recipients outside the European Economic Area (the hosting servers are located in Great Britain). Transfers are based on an adequacy decision by the European Commission. When data is transferred outside the EEA, I’ll adopt every suitable contractual measure to ensure adequate data protection.

How I keep your data confidential

When storing your data in third-party services, I limit access only to authorised individuals through login credentials. Unauthorised persons cannot access the site, as it contains antivirus software and a firewall that blocks cyberattacks. A passcode protects the computers or mobile devices I use. These computers require authentication when they are started or after 5 minutes of inactivity. A passcode, specifically the email and password, also protects my mobile devices.

How long will I retain your data

I’ll process your data for the time strictly necessary to achieve the purposes I have indicated above and, therefore, to respond to your requests and complete the received order. Additionally, for “contact” data, I’ll be in touch and send you my newsletter until you decide to unsubscribe. Subject to this, I’ll retain your data for the time permitted by law to protect my rights and obligations (art. 2947c.c.).

Your rights

You have the right to request access to your personal data, their correction or deletion, or to object to their processing and to obtain the data concerning you in a structured, commonly used, and machine-readable format. Requests and, in any case, all the rights provided by Regulation (EU) 2016/679 should be addressed via email to veronica@veronicafossa.com

If you believe processing your data violates current regulations you can complain to the competent supervisory authority, Garante per la Protezione dei Dati Personali, the Italian supervisory authority for data protection issues (www.garanteprivacy.it).

Changes to this Privacy Policy

If I change the content of this Privacy Policy, such changes will become effective when I publish them on my website at https://veronicafossa.com.

Last updated on 26/01/2023

Translation

This Privacy Policy was originally written in Italian. Besides English, it may be translated into other languages.

NEW GUIDE! Discover the 5 secrets to designing a gathering that connects!
This is default text for notification bar