Skip to content

$ cat privacy.md

Privacy Policy

Last updated: 20 June 2026

This notice describes how the personal data of users visiting paoloronco.it (the "Site") is processed, pursuant to Regulation (EU) 2016/679 ("GDPR") and applicable Italian law.

1. Data Controller

The Data Controller is Paolo Ronco, reachable at info@paoloronco.it. Further identification and contact details of the Controller are available on request.

2. Types of data processed

The Site is a personal, informational website and does not require user registration. The data processed is limited to the following:

  • Navigation and technical data. The systems and software running the Site acquire, during normal operation, certain data whose transmission is implicit in the use of Internet communication protocols (e.g. IP address, browser and device type, operating system, date and time of the request, pages visited, referrer). This data is processed by the hosting and network/security providers for technical, aggregate-statistical and security purposes.
  • Measurement and statistical data (cookies and similar technologies). Subject to consent, the Site uses traffic analysis tools. See the Cookie Policy for details.
  • Contact data. If the user chooses to write to the email address provided, the data contained in the message (e.g. email address, name, message content) will be processed.

3. Purposes and legal bases

PurposeLegal basis (Art. 6 GDPR)
Provision and operation of the Site, security and abuse preventionLegitimate interest (Art. 6.1.f)
Usage statistics and content improvement (analytics)Consent (Art. 6.1.a)
Responding to requests sent by emailResponse to the data subject's request (Art. 6.1.b/f)
Compliance with legal obligationsLegal obligation (Art. 6.1.c)

4. Tools and providers (processors and third parties)

To operate the Site, the Controller relies on providers that may process data as data processors or independent controllers. The main ones are:

  • OVHcloud (OVH SAS) — domain registration.
  • Cloudflare, Inc. — DNS management, CDN, security/WAF and attack protection.
  • Vercel Inc. — hosting and delivery of the Site. The hosting infrastructure may change in the future (including a self-hosted solution based on Linux, Docker, NGINX and Cloudflare Zero Trust); this notice will be updated accordingly.
  • Zoho Corporation (Zoho Mail) — email mailbox for communications.
  • Google Ireland Ltd / Google LLC — Google Analytics and Google Search Console.
  • Microsoft Ireland / Microsoft Corporation — Microsoft Clarity (usage analytics), where active.
  • CookieYes Limited — cookie consent management platform (CMP).

An up-to-date list of data processors is available on request by writing to the Controller.

5. Transfers outside the EU

Some providers (in particular Cloudflare, Vercel, Google and Microsoft) may process data outside the European Economic Area, including in the United States. Such transfers take place in compliance with Art. 44 et seq. of the GDPR, based on adequate safeguards such as the European Commission's Standard Contractual Clauses and/or adherence to the EU-U.S. Data Privacy Framework.

6. Retention period

Navigation data and technical logs are retained for the time strictly necessary for technical and security purposes, according to the respective providers' policies. Statistical data is retained according to the retention periods configured in the analytics tools. Email communications are kept for the time needed to handle the request and for subsequent obligations.

7. Your rights

As a data subject, you have the right to exercise, within the limits and conditions set out in Art. 15-22 GDPR:

  • access to your personal data;
  • rectification of inaccurate data or completion of incomplete data;
  • erasure ("right to be forgotten");
  • restriction of processing;
  • data portability;
  • objection to processing based on legitimate interest;
  • withdrawal of consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

To exercise your rights you can write to info@paoloronco.it. You also have the right to lodge a complaint with the Italian Data Protection Authority (garanteprivacy.it) or your local supervisory authority.

8. Cookies

The Site uses cookies and similar technologies. For full details on the types, purposes and consent management, see the Cookie Policy.

9. Security

The Controller adopts appropriate technical and organizational measures to protect data against unauthorized access, loss or disclosure, including traffic encryption (HTTPS), perimeter protection and traffic filtering through the security provider.

10. Changes to this notice

The Controller reserves the right to amend or update this notice, including following regulatory changes or changes to the providers used. The current version is always published on this page, with the date of last update.

11. Contact

For any question regarding the processing of personal data: info@paoloronco.it.