This notice is provided pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (the "GDPR") and Italian Legislative Decree 196/2003 as amended by Legislative Decree 101/2018 (the "Italian Privacy Code"), to visitors of the website of Milano Tecnologia 80 S.r.l. (the "Website") and to anyone interacting with the services available through it.
1. Data controller
The data controller is Milano Tecnologia 80 S.r.l., with registered office at Via Vincenzo Monti 92, 20145 Milan (MI), Italy, VAT no. and Milan Monza Brianza Lodi Companies Register no. IT14630020965, REA MI - 2797088, share capital € 10,000.00 (the "Controller").
For any matter relating to the processing of personal data, or to exercise the rights described in section 8, you can contact the Controller at: milanotech80@proton.me.
The Controller has not appointed a data protection officer (DPO), as the conditions set out in Article 37 GDPR do not apply.
2. Categories of data processed
a) Data you provide voluntarily. Name, email address, company (if provided) and the content of your message when you fill in the contact form; name, email address, any notes and time preferences when you book a call through the booking module (Cal.com service, see section 5); data contained in emails you send to the Controller's addresses.
b) Browsing data. The systems operating the Website acquire, in the course of their normal operation, certain data whose transmission is implicit in the use of Internet communication protocols (e.g. IP addresses, request time, HTTP response codes). This is technical data required to provide the service and ensure its security, retained by the hosting provider for the time strictly necessary.
c) Aggregate statistics. The Website uses Plausible Analytics, a statistics tool that operates without cookies and without persistent identifiers and does not store personal data: IP address and user agent are used transiently, in pseudonymised form through a hash with a key regenerated daily, for the sole purpose of distinguishing visits, and are not retained. The resulting statistics (pages visited, referrer, device type, country) are exclusively aggregate and anonymous.
3. Purposes and legal bases of processing
| Purpose | Legal basis | | --- | --- | | Responding to contact, information or quote requests | Art. 6(1)(b) GDPR: pre-contractual measures taken at the data subject's request | | Managing the booking and holding of introductory calls | Art. 6(1)(b) GDPR | | Ensuring the technical operation and security of the Website | Art. 6(1)(f) GDPR: legitimate interest of the Controller | | Producing aggregate, anonymous statistics on Website usage | Art. 6(1)(f) GDPR: legitimate interest of the Controller in improving the Website, without profiling | | Establishing, exercising or defending legal claims; complying with legal obligations | Art. 6(1)(c) and (f) GDPR |
Providing the data referred to in section 2(a) is optional, but failure to provide it makes it impossible to respond to your request. Personal data is not used for marketing purposes, is not subject to profiling or automated decision-making within the meaning of Article 22 GDPR, and is not sold or transferred to third parties for commercial purposes.
4. Processing methods
Processing is carried out using IT and telematic tools, with logic strictly related to the purposes indicated and with appropriate technical and organisational measures pursuant to Article 32 GDPR (encryption in transit, access control, data minimisation).
5. Recipients of the data
Data may be processed on behalf of the Controller, as processors pursuant to Article 28 GDPR where applicable, by the following providers:
- Vercel Inc., based in the USA: hosting and delivery of the Website;
- Resend (Plus Five Five, Inc.), based in the USA: sending email notifications relating to contact requests;
- Cal.com, Inc., based in the USA: managing call bookings; the booking module is provided directly by Cal.com and the processing is also described in its privacy policy;
- Plausible Insights OÜ, based in Estonia (EU): aggregate statistics, with data hosted on servers within the European Union;
- the Controller's contact management system (CRM), hosted on servers located within the European Union.
Data may also be accessed by persons authorised to process it pursuant to Article 29 GDPR and, where necessary, by consultants and professionals bound by confidentiality, or by competent authorities in compliance with legal obligations.
6. Transfers outside the EU
Some of the providers listed in section 5 are based in the United States. The related transfers take place on the basis of the European Commission's adequacy decision concerning the EU-U.S. Data Privacy Framework for certified providers and/or the Standard Contractual Clauses (SCC) pursuant to Article 46(2)(c) GDPR, with supplementary measures where necessary.
7. Retention period
- Contact requests and CRM data: up to 24 months from the last contact, unless a contractual relationship is established or retention is necessary to protect legal claims;
- Booking data: for the time needed to organise the call and per the provider's own retention terms;
- Browsing data: for the hosting provider's standard technical retention periods;
- Aggregate statistics: being anonymous, they are not subject to retention limits.
8. Your rights
Pursuant to Articles 15-22 GDPR, you have the right to obtain from the Controller access to your personal data, rectification, erasure, restriction of processing, data portability, and to object to processing based on legitimate interest. Requests may be addressed to the email indicated in section 1; a response will be provided within one month, extendable in the cases provided for by Article 12(3) GDPR.
You also have the right to lodge a complaint with the Italian supervisory authority (Garante per la protezione dei dati personali, www.garanteprivacy.it) pursuant to Article 77 GDPR, or to bring proceedings before a court.
9. Cookies and tracking tools
The Website does not use profiling, marketing or third-party tracking cookies and therefore does not require a consent banner, in accordance with the Italian Data Protection Authority's Guidelines of 10 June 2021 on cookies and other tracking tools.
Only the following are used:
| Tool | Type | Purpose | Duration |
| --- | --- | --- | --- |
| Locale cookie (e.g. NEXT_LOCALE) | Technical, first party | Remembering the language chosen by the user | Up to 1 year |
| Cal.com booking module cookies | Technical/functional, third party | Operation of the booking module, loaded only on the dedicated screen | Session / per the provider's policy |
| Plausible Analytics | No cookies, no persistent identifiers | Aggregate, anonymous statistics | None |
Technical cookies are installed as strictly necessary to provide the service requested by the user and do not require consent pursuant to Article 122 of the Italian Privacy Code. You can manage or delete cookies through your browser settings; disabling technical cookies may impair some features of the Website.
10. Minors
The Website and the Controller's services are aimed at a professional audience and are not intended for anyone under 18 years of age. The Controller does not knowingly collect personal data from minors.
11. Changes to this notice
The Controller reserves the right to amend or update this notice, including as a result of regulatory changes or changes to the services used. The version published on this page, with its update date, is the one in force.
Last updated: 12 June 2026