> cat privacy_policy.txt
Privacy Policy
Pursuant to Art. 13 EU Regulation 2016/679 (GDPR) — Last updated: 4 May 2026
// 01. Data Controller
The Data Controller for personal data collected through this website is:
- Name: Marco Serritella
- Email: [email protected]
- Website: serritella.cloud
// 02. Data Collected & Purpose
This website collects only the data that users voluntarily provide through the contact form:
| Data | Purpose | Legal Basis |
|---|---|---|
| Email address | Replying to the contact request | Art. 6(1)(b) GDPR — pre-contractual measures |
| Free-text message | Understanding the request and providing an appropriate response | Art. 6(1)(b) GDPR — pre-contractual measures |
| Navigation data (IP, user agent) | Infrastructure security, abuse prevention | Art. 6(1)(f) GDPR — legitimate interest |
No special categories of data (Art. 9 GDPR), data relating to minors, or automated profiling are processed.
// 03. Data Processors (Sub-processors)
Data transits through the following technical providers, appointed as Data Processors pursuant to Art. 28 GDPR:
- Cloudflare, Inc. (US — Standard Contractual Clauses)
Website hosting (Cloudflare Pages), DDoS protection, CDN, anti-spam (Turnstile). [Privacy Policy ↗] - W.E.S.T. Ubermail (own infrastructure)
Internal transactional email system for handling contact requests. The server is located within the EU.
No data is shared with third parties for marketing or profiling purposes.
// 04. Data Retention
- Contact messages: retained for the time strictly necessary to handle the request, and in any case no longer than 12 months.
- System logs (Cloudflare): typically 30 days, according to Cloudflare's own policies.
- Contractual data (where a professional relationship is established): retained to fulfil fiscal and legal obligations under Italian law (ordinarily 10 years).
// 05. Cookies & Tracking Technologies
This website does not use profiling cookies or third-party analytics systems.
Cloudflare Turnstile (contact form anti-spam) uses client-side technical mechanisms to distinguish humans from bots, without collecting personally identifiable data. Details: Cloudflare Turnstile Privacy ↗.
// 06. Your Rights
Under Arts. 15–22 GDPR, you have the right to:
- Access Obtain confirmation of processing and a copy of your data (Art. 15)
- Rectification Correct inaccurate data (Art. 16)
- Erasure Request deletion of your data (Art. 17)
- Restriction Restrict processing in certain cases (Art. 18)
- Portability Receive your data in a structured format (Art. 20)
- Objection Object to processing based on legitimate interest (Art. 21)
To exercise your rights, write to: [email protected]. Response guaranteed within 30 days.
// 07. Right to Lodge a Complaint
You have the right to lodge a complaint with the Italian Data Protection Authority (Garante Privacy), the supervisory authority:
- Website: garanteprivacy.it ↗
- Email: [email protected]
// 08. Changes to This Policy
The Data Controller reserves the right to update this policy. The latest version will always be available at this address. Changes take effect from the date of publication.