Privacy Policy

PRIVACY NOTICE

Pursuant to Article 13 of EU Regulation 679/2016 (GDPR)

Solving S.r.l. S.T.A., with registered office at Corso Venezia 10, 20121 – Milan (MI), VAT No. IT14172920960 (hereinafter “SLVG”, the “Firm” or the “Data Controller”) may collect the personal data of users of the website www.slvg.it (hereinafter, the “Website”).

Pursuant to EU Regulation 679/2016 (hereinafter, the “Regulation”), “processing” is defined as any operation, including the mere collection and/or storage, of personal data of any natural person (hereinafter, the “Data Subject”), “data controller” is defined as the one who determines the purposes and means of the processing, “personal data” is defined as any information relating to a natural person identified or identifiable, even indirectly, by reference to any other information, and “special categories of personal data” means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data unambiguously identifying a natural person, as well as personal data disclosing health or sex life or sexual orientation.

Having stated the above, the personal data processed in connection with the use of the Website consists of browsing data, including the IP address of the device used to browse the Website, and data provided directly by the Data Subject, for example when sending a contact request or subscribing to the SLVG newsletter (such as first name, surname, e-mail address and any additional personal data contained in the message) (hereinafter, collectively, the “Personal Data”).

This privacy policy is published on the Website before the Data Subject has provided any data.

1. DATA CONTROLLER

The Data Controller is Solving S.r.l. S.T.A., with registered office at Corso Venezia 10, 20121 – Milan (MI), VAT No. IT14172920960 – represented by lawyer Francesco Conti.

The Data Protection Officer appointed by the Data Controller is lawyer Claudio Rizzo, with office in Milan, Corso Venezia, 10. For information requests and to exercise your rights, you can freely contact the DPO at:

• tel: +39 02 66010054
• e-mail: claudio.rizzo@slvg.it or privacy@slvg.it.

2. TYPE OF DATA PROCESSED

(i) Browsing Data

The IT systems and software procedures supporting the operation of the Website collect, during their normal functioning, certain Personal Data whose transmission is implicit in the use of the Internet communication protocols adopted.

These are information not collected to be associated with identified Data Subjects, but which could, through processing and association with other data, allow the identification of the Data Subject.

This category of data includes IP addresses, the type of browser used to connect to the Website, the name of the Internet Service Provider (ISP), the date and time of navigation, the web page from which the Data Subject originated, and other parameters related to the operating system and the IT environment of the Data Subject.

(ii) Data Provided Voluntarily by the Data Subject

The Firm may process the Personal Data of the Data Subject voluntarily provided by them through sending emails to the e-mail address indicated on the Website, or emails sent to the Firm’s professionals, or through subscription to the SLVG newsletter.

A contact request to receive information involves the collection of the Data Subject’s Personal Data, such as first name, last name, e-mail address, and any other Personal Data included in the message.
Users who wish to submit a request via the Website are advised to pay due attention to the information provided in this document regarding the processing of their Personal Data included in the message. In particular, the Firm does not process data belonging to “special categories,” except for those necessary to comply with legal obligations. In any case, all persons submitting a request are advised not to include any data belonging to “special categories”.

3. PURPOSES OF PROCESSING
The data will be used for the following purposes:

3.1 Proper functioning of the Website
Browsing data is used solely to obtain anonymous statistical information on the use of the Website and to monitor its proper functioning. The data may be used to ascertain liability in the event of hypothetical computer crimes against the Website.

3.2 Responding to Data Subjects’ requests
The Personal Data collected through the “Contact Us” form on the Website or when sending an email to one of SLVG’s professionals will be processed for the purpose of responding to requests received from clients and Website visitors.

3.3 Subscription to the newsletter via the Website and sending of informational communications
The Data Subject’s Personal Data may also be processed in order to enable subscription to the Firm’s newsletter program and for the purpose of sending informational communications or invitations to events by email.

The Data Subject who wishes to receive the Firm’s newsletter and the informational communications referred to in the previous paragraph may provide their Personal Data through the dedicated section of the Website, after giving their consent by ticking the appropriate checkbox at the bottom of the subscription form available on the Website.

3.4 Performance of legal obligations, administrative activities, exercise of rights in court and responding to specific requests from the judicial and/or public security authorities
Personal Data will be processed in order to comply with legal obligations, regulations or EU legislation, to allow the performance of administrative activities, to exercise and defend the Data Controller’s rights in the appropriate venues, and to satisfy specific requests from the judicial and/or public security authorities.

4. NATURE OF DATA PROVISION AND LEGAL BASIS

With reference to the purposes referred to in point 3.1: proper functioning of the Website

The provision of browsing data is necessary in order to browse the Website.

The legal basis for the processing of Personal Data for the purposes referred to in point 3.1 above is the legitimate interest of the Data Controller in ensuring the proper functioning of the Website.

With reference to the purposes referred to in point 3.2: responding to Data Subjects’ requests

The Data Subject is free to decide whether to provide their Personal Data by sending an e-mail to the Firm or to SLVG professionals; in this case, the processing is necessary for the performance of pre-contractual measures taken at the request of the data subject, pursuant to Article 6(1)(b) of the GDPR.

With reference to the purposes referred to in point 3.3: subscription to the newsletter via the Website and sending of communications with informative content

With regard to newsletter subscriptions and the sending of informative communications, the legal basis for processing is the consent of the Data Subject, given through a specific and separate expression of will, only after having read the relevant privacy policy.

The data subject may object to the processing for the purposes referred to in point 3.3 above at any time, even after having given their consent, by clicking on the appropriate unsubscribe button in each newsletter or communication, or by sending an email to privacy@slvg.it.

With reference to the purposes referred to in point 3.4: fulfilment of legal obligations, performance of administrative activities, exercise of rights in court and response to specific requests from judicial and/or public security authorities.

Finally, the provision of Personal Data is necessary for the purposes referred to in point 3.4, as it is strictly functional to the performance of administrative activities, the exercise of the Firm’s rights before the appropriate authorities, the fulfillment of legal obligations, and the response to specific requests from judicial and/or public security authorities.

The legal basis for the processing of Personal Data for the purpose referred to in point 3.4 consists of the Data Controller’s legitimate interest, the performance of a contractual obligation, and compliance with legal obligations.

5. CATEGORIES OF RECIPIENTS TO WHOM DATA MAY BE DISCLOSED
The Data Subject’s Personal Data may be processed by internal collaborators and/or employees of the Firm and/or by appointees involved in the organization of the Website (administrative, commercial, marketing, legal staff, system administrators), who have been given appropriate instructions regarding the processing of such data and who need to access it in connection with their duties or hierarchical position. Such persons have been properly trained to prevent loss, destruction, unauthorized access or unlawful processing of the data.

In addition, Personal Data will be accessible to companies duly appointed as processors or sub-processors pursuant to Article 28 of the GDPR. The updated list of third parties to whom the Data Controller may disclose your Personal Data is available at SLVG’s headquarters.

Where necessary, the data will also be accessible to the judicial authority or the police upon specific request. Where necessary or required by laws, regulations, EU legislation, orders of judges, arbitrators or public authorities, as well as for the performance of contractual obligations (e.g. public bodies, supervisory authorities, banks), personal data may be transmitted to those to whom communication is provided. Personal Data may also be communicated to internet providers, web administrators, hosting providers, IT service providers, IT companies, communication agencies, companies performing data entry and mailing activities. The data will not be further disseminated.

6. COOKIES
The Website uses cookies, including some from “third parties”, for technical, analytical, statistical and marketing purposes.

Technical cookies used on the Website are browsing or session cookies, which ensure normal browsing and use of the Website. The use of “session cookies” (which are not stored permanently on the Data Subject’s device and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the Website.

The session cookies used on the Website avoid the use of other IT techniques that could potentially compromise the confidentiality of the Data Subject’s browsing and, in any case, do not allow the acquisition of the Data Subject’s identifying Personal Data.

The Website also uses cookies for analytical and statistical purposes, in order to improve the user’s interaction with the Website and customize the sending of advertising communications based on purchases made and interests expressed by the user (profiling).

Finally, the Website also installs third-party cookies to implement certain specific functionalities. These cookies are set by a third-party domain, reside on third-party servers and are not directly controlled by this Website or by the Data Controller.

For more information, please refer to the extended Cookie Policy available on the Website at the following link: [Cookie Policy].

7. METHODS OF PROCESSING
The Firm, also through processors, will collect, record, store and archive personal data using manual, IT and telematic tools with logics strictly related to the purposes themselves and, in any case, in such a way as to ensure the security and confidentiality of the data collected.

The security of the data and their transmission is ensured by adequate protection systems such as antivirus, anti-ransomware, firewall and access passwords, and by physical measures aimed at selecting and preventing access to the premises where the data are stored.

Data may be processed with the cooperation of persons expressly appointed as data processors.

8. DATA RETENTION
Browsing data for the purpose referred to in point 3.1 above is deleted immediately after processing.

The processing of Personal Data for the purpose referred to in point 3.2 above will last as long as necessary to respond to the requests received, while processing for the purpose referred to in point 3.3 above will continue until the Data Subject withdraws consent. In any case, at the end of the data processing period, the data will be deleted or made permanently anonymous.

The processing of Personal Data for the purpose referred to in point 3.4 above will last as long as necessary for the performance of administrative activities, the protection of the Firm’s rights, and to respond to requests from the judicial and/or public security authorities.

9. DATA SUBJECT’S RIGHTS
The rights granted to the Data Subject include the following:

(a) to ask the Data Controller to confirm the existence or non-existence of his or her personal data;

(b) to obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the storage period;

(c) obtain rectification and erasure of the data;

(d) obtain restriction of processing;

(e) obtain portability of the data, i.e. receive them from a data controller in a structured, commonly used and machine-readable format and transmit them to another data controller without hindrance;

(f) to object to the processing at any time, including in the case of processing for direct marketing purposes;

(g) to object to automated decision-making relating to fixed persons, including profiling;

(h) request from the data controller access to and rectification, erasure or restriction of personal data concerning him/her, object to the processing of personal data, as well as the right to data portability;

(i) withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation; j) lodge a complaint with a supervisory authority.

For any complaints or reports regarding the methods of data processing, Data Subjects may contact the Data Controller. Complaints or reports may also be submitted to the supervisory authority (the Italian Data Protection Authority – www.garanteprivacy.it).

10. UPDATES TO THIS PRIVACY NOTICE
This privacy notice is subject to occasional updates. Should any changes be made to the processing of Personal Data, the Firm will duly inform the Data Subject. Where required by applicable law, the Data Subject will have the option to provide consent to any new processing activities. In the event of refusal, the Data Subject’s data will not be processed in accordance with the changes contemplated in this privacy notice.

11. DATA TRANSFER ABROAD
Some of the recipients of Personal Data may be located outside the European Economic Area, in countries that do not have an adequate level of personal data protection as required by Italian Privacy Legislation. In such cases, the Firm may transfer Personal Data only for the purposes set out in this Policy in compliance with the guarantees provided for in Articles 44 et seq. of the GDPR.  

September 2025

Solving S.r.l. S.T.A.