Privacy Policy

https://paololettieri.com.

Last updated: 2026 February 12

This Privacy Policy describes how personal data is collected and processed when users visit and interact with the website www.paololettieri.com, in accordance with Regulation (EU) 2016/679 (“GDPR”) and applicable data protection laws.

This notice applies exclusively to this website and not to any third-party websites accessed through external links.

1. Data Controller

The Data Controller is:

Paolo Lettieri – Architect
Email: lettieri.paolo@gmail.com

2. Categories of data processed

Browsing data

The website’s technical systems automatically collect certain information during normal operation, including:

• IP address
• browser and device type
• operating system
• pages visited
• date and time of access
• server log information

These data are used solely for technical, security, and aggregated statistical purposes.

Data voluntarily provided by the user

When contacting the Data Controller through the contact form or email, the following data may be collected:

• name and surname
• email address
• message content

3. Purpose and legal basis of processing

Personal data are processed for the following purposes:

Purpose	Legal basis
Responding to information or professional contact requests	Pre-contractual measures (Art. 6.1.b GDPR)
Website operation, security and maintenance	Legitimate interest (Art. 6.1.f GDPR)
Anonymous statistical analysis of website usage	Legitimate interest
Compliance with legal obligations	Legal obligation

Providing data via the contact form is voluntary but necessary to receive a response.

4. Methods of processing

Data are processed using electronic and digital tools in accordance with principles of lawfulness, fairness, transparency, and data minimization. Appropriate technical and organizational security measures are implemented to prevent unauthorized access, loss, or misuse.

5. Third-party service providers (Data Processors)

To operate the website, the Data Controller relies on external service providers that may process personal data on its behalf:

Hosting services

Bluehost Inc. – website hosting and server infrastructure.

Contact form and email management

Brevo (Sendinblue SAS) – management of contact form submissions and email communications.

Website analytics

Google Analytics (Google LLC) – aggregated and anonymous website traffic statistics.

These providers act as Data Processors or independent Controllers in accordance with their respective terms and agreements.

 

6. Data transfers outside the European Union

Some service providers (including Bluehost and Google) may transfer data outside the European Economic Area (EEA).

Such transfers are carried out in compliance with GDPR safeguards, including:

• Standard Contractual Clauses (SCCs)
• additional technical and organizational protections where required

7. Data retention

Personal data are retained only for the time necessary to fulfill the purposes described above:

• contact requests: up to 24 months
• analytics data: according to Google’s retention settings
• technical/server logs: according to hosting provider policies
• legal obligations: as required by law

8. Cookies and tracking technologies

The website uses:

• essential technical cookies required for proper functioning
• analytical cookies (Google Analytics) for statistical purposes

For detailed information, please refer to the dedicated Cookie Policy.

Where required by law, analytical cookies are activated only after user consent.

9. Data subject rights

Users may exercise their rights under Articles 15–22 GDPR at any time, including:

• access to personal data
• rectification
• erasure
• restriction of processing
• objection to processing
• data portability
• withdrawal of consent

Requests may be sent to: lettieri.paolo@gmail.com

Users also have the right to lodge a complaint with their local Data Protection Authority.

10. Changes to this policy

This Privacy Policy may be updated from time to time. Any changes will be published on this page.