Privacy Policy
Effective date: June 1, 2026
Studio Marketing Italia S.r.l.s. ("we", "us", "our", the "Company"), with registered office at Via di Selva Candida 20A, 00166 Roma (RM), Italy, VAT (Partita IVA) No. 18254111000, is the data controller responsible for personal data processed through this website and in the course of providing our services. This Privacy Policy explains what personal data we collect, the purposes and legal bases for processing, with whom we share it, how long we keep it, and the rights you have under the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and Italian Legislative Decree No. 196/2003 (the Privacy Code) as amended.
1.1 Who We Are (Data Controller)
Data controller: Studio Marketing Italia S.r.l.s., Via di Selva Candida 20A, 00166 Roma (RM), Italy. Contact for all privacy matters: info@studiomarketingitalia.it.
1.2 Categories of Personal Data We Collect
Data you provide directly:
- Identity and contact data: name, email address, telephone number, company/organisation name, job role.
- Communication content: messages, enquiries, demo requests, and any information you submit through forms, email, WhatsApp, or our website AI assistant.
- Commercial data: services purchased, proposals, orders, project information, and correspondence.
Payment data:
- When you purchase services, payments are handled by third-party payment processors (Stripe, PayPal, Revolut). We do not collect or store your full card number. We receive limited transaction data such as confirmation of payment, the last digits or token reference, billing name, amount, currency, date, and payment status.
Data collected automatically:
- Technical and usage data: IP address, browser type and version, device and operating system information, language settings, the pages you visit, time and duration of visits, referring/exit URLs, and similar diagnostics.
- Cookies and similar technologies: see Section 1.9.
Data from third parties:
- We may receive limited data from advertising or analytics platforms, payment processors, and publicly available business sources, where lawful.
We do not intentionally collect special categories of personal data (e.g. health, religion, political opinions). Please do not submit such data to us.
1.3 Purposes and Legal Bases for Processing
We process personal data for the following purposes, each with its legal basis under Article 6 GDPR:
| Purpose | Legal basis |
|---|---|
| Responding to enquiries, demo requests, and the AI assistant | Legitimate interests (Art. 6(1)(f)); steps prior to contract (Art. 6(1)(b)) |
| Providing, delivering, and managing our services and projects | Performance of a contract (Art. 6(1)(b)) |
| Processing payments and managing invoicing | Performance of a contract (Art. 6(1)(b)); legal obligation (Art. 6(1)(c)) |
| Tax, accounting, and statutory record-keeping | Legal obligation (Art. 6(1)(c)) |
| Securing our website, preventing fraud and abuse | Legitimate interests (Art. 6(1)(f)) |
| Direct B2B marketing and follow-up | Legitimate interests (Art. 6(1)(f)) or consent (Art. 6(1)(a)) where required |
| Analytics and non-essential cookies | Consent (Art. 6(1)(a)) |
| Establishing, exercising, or defending legal claims | Legitimate interests (Art. 6(1)(f)); legal obligation |
Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
1.4 The AI Website Assistant
Our website may offer an AI-powered chat assistant. Messages you enter are processed to understand your query and generate a response, and may be transmitted to our AI service provider for that purpose. Do not enter sensitive personal data or confidential information into the assistant. Conversations may be retained to operate, secure, and improve the service. The assistant's responses are automated and provided for general information only.
1.5 Recipients and Sharing
We share personal data only as necessary, with:
- Payment processors: Stripe, PayPal, and Revolut, which act as independent data controllers for the payment transaction under their own privacy policies.
- IT and infrastructure providers: hosting, cloud, content delivery, and security vendors (data processors).
- Communication and productivity tools: email, messaging (including WhatsApp), and CRM providers.
- Analytics and marketing providers: where you have consented.
- AI service providers: to operate the website assistant.
- Professional advisors: accountants, lawyers, and auditors, bound by confidentiality.
- Public authorities: where required by law or to protect our rights.
We do not sell your personal data.
1.6 International Data Transfers
Some of our providers may process personal data outside the European Economic Area, including in the United States and India. Where we transfer personal data outside the EEA, we rely on an adequacy decision of the European Commission or appropriate safeguards such as the EU Standard Contractual Clauses, together with supplementary measures where necessary. You may request a copy of the relevant safeguards by contacting us.
1.7 Retention Periods
We keep personal data only for as long as necessary for the purposes set out above:
- Enquiry/contact data that does not result in a contract: retained for up to 24 months, then deleted or anonymised.
- Client and contract data: retained for the duration of the relationship and thereafter as required to defend legal claims.
- Accounting and tax records: retained for 10 years, as required by Italian law.
- Cookies/analytics data: retained for the periods stated in our cookie information, then deleted.
1.8 Your Rights
Under the GDPR you have the right to:
- Access your personal data and obtain a copy;
- Rectify inaccurate or incomplete data;
- Erase your data ("right to be forgotten") where applicable;
- Restrict processing in certain circumstances;
- Object to processing based on legitimate interests and to direct marketing at any time;
- Data portability — receive your data in a structured, machine-readable format;
- Withdraw consent at any time where processing is based on consent;
- Not be subject to decisions based solely on automated processing producing legal or similarly significant effects.
To exercise any right, email info@studiomarketingitalia.it. We will respond within one month, extendable by two further months for complex requests. You also have the right to lodge a complaint with the Italian Data Protection Authority — Garante per la protezione dei dati personali (www.garanteprivacy.it) — or your local supervisory authority.
1.9 Cookies and Similar Technologies
We use:
- Strictly necessary cookies required for the website to function (no consent required);
- Analytics cookies to understand site usage (consent required);
- Functional and marketing cookies to improve and personalise your experience and measure campaigns (consent required).
Where required, non-essential cookies are only set after you give consent through our cookie banner, and you may change or withdraw your choices at any time. You can also control cookies through your browser settings. For details of the specific cookies used, see our cookie banner/notice.
1.10 Data Security
We implement appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, or alteration, including encryption in transit, access controls, and use of reputable processors. However, no transmission or storage method is completely secure, and we cannot guarantee absolute security.
1.11 Children
Our services are directed at businesses and are not intended for individuals under 18. We do not knowingly collect personal data from children.
1.12 Changes to This Policy
We may update this Privacy Policy from time to time. The "Effective date" above indicates the latest version. Material changes will be notified by appropriate means, such as a notice on this website.
1.13 Contact
Studio Marketing Italia S.r.l.s., Via di Selva Candida 20A, 00166 Roma (RM), Italy — info@studiomarketingitalia.it