Last Updated: May 15, 2025

Your privacy is important to us. This section of our policy explains what personal data we collect, how we use it, and how we protect it when you visit and interact with our site (hereinafter "Site").

1. Data Controller

The Data Controller for the personal data collected on this Site is: Vera Cavallin
Contact Email: cavallin.vera@gmail.com

2. Types of Data Collected, Purposes, and Legal Bases

We collect different types of data for specific purposes, always in accordance with applicable law:

Browse Data (IP Addresses)

• Data Collected: The IP address of the device you use to browse the site.
• Purposes: To ensure the security of the Site, prevent fraudulent activities and misuse (e.g., comment spam), and diagnose technical issues.
• Legal Basis: The Data Controller's legitimate interest (Art. 6.1.f GDPR) in protecting its digital assets and ensuring the Site functions correctly and securely, while respecting users' rights and freedoms. IP addresses are not used for profiling or marketing purposes.
• Retention Period: A maximum of 30 days, after which they are either deleted or permanently anonymized, unless required for the investigation of crimes by judicial authorities.

Data Collected Through Cookies

This Site doesn't use cookies.

Data Collected by Map Services

This Site uses the Leaflet JavaScript library to display interactive maps. To function, Leaflet loads map tiles from an external provider.

• Map Tile Provider: We use ArcGIS Online and OpenStreetMap to provide the map tiles.
• Data Collected by the Provider: When you view a map on our Site, your browser sends data directly to ArcGIS Online and OpenStreetMap. This may include your IP address, browser type, operating system, and the specific map tiles requested. This data is processed by ArcGIS Online and OpenStreetMap to deliver the map content and for their own service analytics and security.
• Legal Basis: The processing of this data by ArcGIS Online and OpenStreetMap is based on their legitimate interest in providing map services.
• Retention Period: Please refer to the privacy policy of ArcGIS Online and OpenStreetMap for details on their data retention practices.
• Further Information: For complete details on how ArcGIS Online and OpenStreetMap collects, uses, and processes data, please refer to their privacy policy: ArcGIS Online and OpenStreetMap Privacy Policy.

3. Nature of Data Provision

Providing Browse data (IP address) is necessary to ensure the security and operation of the site.

4. Data Sharing and Recipients

The personal data we collect will not be disseminated. It may be disclosed to:

• Third-party service providers who assist us in achieving the purposes outlined above (e.g., technical service providers, hosting providers). These parties will be appointed as Data Processors where necessary, in accordance with Art. 28 GDPR. You can request an updated list of Data Processors from the Data Controller at any time.
• Competent authorities, to comply with legal obligations or respond to lawful requests.
• Legal counsel or other professionals to protect the Data Controller's rights.

We do not intentionally share your data with third parties for their marketing purposes.

5. Data Transfer Outside the EU

Currently, your personal data is processed and stored on servers located within the European Union. Should it become necessary to transfer data to countries outside the EU in the future, this will only happen if adequate safeguards are in place, as required by applicable law (Art. 44 et seq. GDPR).

6. How We Protect Your Data

We take appropriate technical and organizational security measures to protect your data from unauthorized access, loss, destruction, or unlawful disclosure. These measures include, for example, the use of secure connections (HTTPS), firewalls, backup systems, and internal data handling procedures.

7. Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to the rights and freedoms of individuals, we will inform affected users without undue delay, as required by Art. 34 of the GDPR. We will also notify the competent supervisory authority (Garante per la protezione dei dati personali) within 72 hours of becoming aware of the breach, as mandated by Art. 33 of the GDPR, unless the breach is unlikely to pose a risk to the rights and freedoms of natural persons.

8. Your Rights

As a data subject, regarding the processing of your personal data described in this policy, you have the right to:

• Access your personal data (Art. 15 GDPR).
• Request the correction of inaccurate data or the completion of incomplete data (Art. 16 GDPR).
• Request the erasure of your data (right to be forgotten), under the circumstances provided for in Art. 17 GDPR.
• Request the restriction of processing, under the circumstances provided for in Art. 18 GDPR.
• Receive your data in a structured, commonly used, and machine-readable format (right to data portability), under the circumstances provided for in Art. 20 GDPR.
• Object to the processing of your data for reasons related to your particular situation, especially when the processing is based on the Data Controller's legitimate interest (Art. 21 GDPR).
• Lodge a complaint with the competent supervisory authority.

You can exercise these rights by sending a written request to the Data Controller's email address: cavallin.vera@gmail.com. We are committed to responding to your request within 30 days.

9. Changes to this Privacy Policy

This privacy policy may be updated from time to time, for example, to reflect changes in legislation or our services. We encourage you to review this page periodically for the latest version. The date of the most recent update is indicated at the beginning of this document.

10. Contact Us

If you have any questions, require clarification, or wish to exercise your privacy rights, please contact the Data Controller at the email address: cavallin.vera@gmail.com.