Website Privacy and Cookie Notice
Information on the processing of personal data collected through this website
This policy explains how personal data collected through the website operated under the GovernData trade name (the “Website”) is processed. It concerns the Website only. It does not govern the processing of personal data within a client engagement, which is addressed in the Expert’s engagement terms.
Last updated: July 2, 2026
1. Data Controller
- The controller of the personal data processed through the Website is the entity identified by Italian VAT No. [IT VAT NUMBER], operating under the trade name “GovernData” (the “Controller”, “we”, “us”, or “our”).
2. What This Policy Covers
- This Notice covers personal data we collect when you visit the Website, contact us through it, or otherwise interact with it. GovernData is a trade name for a network of independent professionals and is not itself a legal entity; the Controller named above is responsible for the Website.
3. Categories of Personal Data We Process
- Contact data: name, email address, company, role, and the content of any message you send via a contact form or email.
- Technical data: IP address, browser type and version, device information, and pages visited, collected through server logs and cookies.
- Usage data: information about how you use the Website, where analytics are enabled.
4. Purposes and Legal Bases
- Responding to enquiries — to handle requests you submit. Legal basis: our legitimate interest in responding, and steps taken at your request prior to a possible engagement (Article 6(1)(f) and 6(1)(b) GDPR).
- Operating and securing the Website — Legal basis: legitimate interest in a functioning, secure site (Article 6(1)(f) GDPR).
- Analytics and non-essential cookies — only where you consent (Article 6(1)(a) GDPR and applicable ePrivacy rules).
- Compliance with legal obligations — Legal basis: Article 6(1)(c) GDPR.
5. Cookies and Similar Technologies
- The Website uses cookies and similar technologies. Strictly necessary cookies are used to operate the Website and do not require consent. Analytics, functional, and marketing cookies are used only with your consent, which you may give or refuse through the cookie banner and withdraw at any time.
- The cookies used are: [LIST COOKIES — name, provider, purpose, duration]. A cookie management tool is available on the Website to review and change your preferences.
6. Recipients and Processors
- We may share personal data with service providers acting as our processors (for example website hosting, email, and analytics providers), bound by data processing agreements under Article 28 GDPR. Current providers include: [LIST PROCESSORS / HOSTING / ANALYTICS].
- We do not sell personal data. We may disclose data where required by law or to defend legal claims.
7. International Transfers
- Where personal data is transferred outside the European Economic Area, we rely on an adequacy decision where applicable, or otherwise on appropriate safeguards under Chapter V of the GDPR, including Standard Contractual Clauses adopted by the European Commission. Details: transfers are carried out subject to such Standard Contractual Clauses and, where required, supplementary technical and organisational measures.
8. Retention
- We keep personal data only as long as necessary for the purposes described, after which it is deleted or anonymised. Enquiry data is generally kept for twenty-four (24) months unless a longer period is required by law or to defend a claim.
9. Your Rights
- Subject to the conditions in the GDPR, you have the right to access, rectification, erasure, restriction, data portability, and to object to processing, and to withdraw consent at any time without affecting prior processing.
- To exercise these rights, contact us at [PRIVACY CONTACT EMAIL]. We respond within the time limits set by the GDPR.
10. Security
- We implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including protection against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
11. Children
- The Website is intended for business users and is not directed at children. We do not knowingly collect data from children.
12. Changes to This Notice
- We may update this Notice from time to time. The current version is always available on the Website, with the date of last update shown above.