Privacy Policy

1. Data Controller

The Data Controller is Dr. Luca Zanin, Medical Doctor specialising in Neurosurgery, registered with the Order of Physicians and Dentists of the Province of Milan, registration number 44900.

2. Types of Data Collected

This website collects the following categories of data:

2.1 Browsing data

The computer systems responsible for the operation of this website acquire, during their normal functioning, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects but, by its very nature, could allow user identification through processing and association with data held by third parties. This category includes IP addresses, domain names of computers used by visitors, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server response, and other parameters relating to the user's operating system and computing environment.

2.2 Cookies

For detailed information about the cookies used by this website, please refer to the dedicated "Cookie Policy" section at point 7 of this notice.

3. Purposes of Data Processing

Personal data are processed for the following purposes:

• Website operation: ensuring the correct delivery of the service and website navigation.
• Statistical analysis: collecting aggregated and anonymous data on website usage to improve content and usability (subject to user consent).
• Legal compliance: fulfilling obligations required by applicable legislation.

4. Legal Basis for Processing

The processing of personal data is based on the following legal grounds pursuant to Article 6 of Regulation (EU) 2016/679 (GDPR):

• Consent of the data subject (Art. 6(1)(a)): for the installation of analytical cookies and for any direct communications.
• Legitimate interest of the Controller (Art. 6(1)(f)): to ensure the security and proper functioning of the website.
• Legal obligation (Art. 6(1)(c)): to comply with regulatory requirements.

5. Processing Methods and Data Retention

Personal data are processed using electronic and digital tools, with procedures strictly related to the purposes indicated above and, in any case, in a manner that ensures the security and confidentiality of the data, in compliance with the organisational, physical, and logical measures required by applicable regulations.

Browsing data are retained for the time strictly necessary for the technical management of the website and are deleted immediately after their aggregation for statistical purposes. Technical cookies have a session duration; analytical cookies have a maximum duration as indicated in the dedicated section.

6. Data Disclosure and Transfer

The personal data collected are not subject to dissemination. They may be communicated to third parties exclusively for the fulfilment of legal obligations or for purposes strictly connected to the provision of the service (for example, the hosting provider). Under no circumstances will users' personal data be transferred to third parties for marketing or commercial profiling purposes.

7. Cookie Policy

7.1 What are cookies

Cookies are small text files that websites send to the user's browser, where they are stored to be retransmitted to the same websites on subsequent visits. Cookies are used for various purposes, have different characteristics, and can be used both by the owner of the website being visited and by third parties.

7.2 Cookies used by this website

7.3 Managing cookies

Users can manage their cookie preferences through the banner displayed upon first accessing the website. It is also possible to disable cookies directly from the browser settings. Please note that disabling technical cookies may compromise the proper functioning of the website.

8. Rights of the Data Subject

Pursuant to Articles 15–22 of Regulation (EU) 2016/679 (GDPR), the data subject has the right to:

• Right of access (Art. 15): obtain confirmation of the existence of processing of personal data and access to such data.
• Right to rectification (Art. 16): obtain the rectification of inaccurate personal data or the completion of incomplete data.
• Right to erasure (Art. 17): obtain the deletion of personal data in the cases provided for by the regulations.
• Right to restriction (Art. 18): obtain the restriction of processing in the cases provided for by the regulations.
• Right to data portability (Art. 20): receive personal data in a structured, commonly used, and machine-readable format.
• Right to object (Art. 21): object to the processing of personal data.

To exercise these rights, the data subject may send a request to: [email protected].

9. Right to Lodge a Complaint

The data subject who believes that the processing of their personal data is in violation of Regulation (EU) 2016/679 has the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali – www.garanteprivacy.it), pursuant to Article 77 of the Regulation, or to seek judicial remedy pursuant to Article 79 of the Regulation.

10. Amendments to this Policy

The Data Controller reserves the right to amend this privacy policy at any time, publishing the updated version on this page. Users are therefore encouraged to consult this page regularly, using the date of last update indicated at the top as a reference. In the event of non-acceptance of the amendments made, the user is invited to discontinue use of this website.