Privacy Policy

By consulting the website (“Site”) and the RP Legal & Tax’s social pages (Facebook, LinkedIn, Twitter, etc. – hereinafter, “Social Pages”), as well as by sending an e-mail to one of the e-mail addresses indicated on the Site, the personal data referred to identified or identifiable persons might be processed.

This document describes the manner by which the Site is managed with reference to the processing of their personal data belonging to users consulting it and the Social Pages.

It is an information notice issued in accordance with section 13 of the EU Regulation 679/2016 (“GDPR”).


The data controller in respect of the aforementioned data processing is RP Legal & Tax Associazione Professionale, a law firm with registered office in 10121 Torino, Via Amedeo Avogadro no. 26 (“RP Legal & Tax” or “Data Controller”).


2.1 Browsing data

The electronic systems and the software procedures enabling this Site to operate acquire, during its normal use, certain personal data; the transmission of the same is implicit in the use of internet communication protocols.

This information is not being collected in order to be associated to well-identified data subjects, but its nature, by means of processing and associations with data held by third parties, could make the users identification possible.

The category of data could be listed as follow: (i) IP addresses or domain names of computers used by users connecting to the Site, (ii) addresses in URI (Uniform Resource Identifier) notation for resources requested, (iii) the time of request, (iv) the method used to submit the request to the server, (v) the dimension of the file obtained in response, (vi) the numerical code indicating the status of the response given by the server (success, error etc) and (vii) other parameters regarding the user’s operating system and the IT environment.

This data is used only to glean anonymous statistical information on the use of the Site and to check that it operates correctly and this data is deleted immediately after processing.

2.2 Cookie

For the data processing through the cookies, please see the cookie policy, available at the following link.

2.3 Data provided by users of their own free will

In addition to the data indicated at precedent section 2.1 and 2.2, the Data Controller will also process the personal information that users might spontaneously provide by sending an e-mail to the Data Controller addresses indicated on the Site – such as the user e-mail address and any other personal data – in order to reply to the latter requests.

Data being processed on a voluntary basis comprises data identifying the user such as the user’s e-mail address, the user’s name and surname, the user’s profile image and the user’s country of origin.

2.4 Data published on social media

For example, we process personal data posted on third party social media that we access through the social media features enabled by you at the time of the registration on those platforms. We may use and republish the data published by the users, through the social media sharing tools, in accordance with the GDPR and the social media terms and conditions accepted by you.

2.5 Data provided by data subjects on previous contact occasions

RP Legal & Tax, moreover, will process personal data provided by data subjects on previous contact occasions as, for example, exchange of business cards during events/meetings/conferences, and/or contact requests spontaneously sent from data subjects.


Except as provided for the browsing data which are necessary to allow the Users to correctly use the Site and for the cookie, the users are free to provide their personal data in order to ask for a Data Controller legal or commercial reply or to file its own application to cover specific roles within the sphere of the RP Legal & Tax firm.

However, the refusal to allow their data to be processed would make impossible for users to obtain any reply from RP Legal & Tax.


The personal data is processed using computerised, automated manual systems.

The Data Controller adopts specific security measures in order to ensure that data is processed in compliance with the applicable law, paying particular attention to the prevention of loss of data, unlawful or incorrect use or unauthorised access to databases.


5.1 To respond to requests received through the communication channels available through the Site (email, telephone, fax)

The legal basis for this processing is the RP Legal & Tax’s legitimate interest in communicating with the public and responding to the requests made by potential customers, suppliers and other interested parties. The data retention period shall be equal to the time necessary to process the requests. This data retention period may be longer if the data subject data’s are processed for other purposes (e.g. as a client).

5.2 RP Legal & Tax newsletters

RP Legal & Tax will send a periodic newsletter relating to our practice areas, if it is requested by the data subject at the time of the registration. The legal basis for this processing is the consent of the data subject. The data retention period begins from the data subject’s subscription of the newsletter until the data subject’s request of cancellation from the mailing list.

5.3 To prevent or control unlawful conduct or to protect and enforce rights

For example, RP Legal & Tax could use the data subject’s data to prevent or prosecute offences or violations of intellectual/industrial property rights (including of third parties) or computer crimes or crimes committed through telematic networks. The legal basis for such processing is the legitimate interest of RP Legal & Tax as the data controller. The data retention period is equal to the time reasonably necessary to enforce RP Legal & Tax’s rights from the time that RP Legal & Tax becomes aware of the unlawful act or its potential commission.

In relation to the purposes indicated above, the processing of personal data is made through computerise, automated manual systems with logic strictly related to the purposes and, in any case, to ensure the security and confidentiality of the data in accordance with the law.

5.4 To evaluate new business opportunities

Concerning the data described at the precedent paragraph 2.5, the legal basis of this processing is the legitimate interest of RP Legal & Tax to generate and maintain contacts with data subjects in order to evaluate new business opportunities. The processing of these data will have a duration equal than the period of time necessary for the purpose for which they have been collected and further processed.

5.5 To manage the interaction with users on Social Pages

With reference to the data referred to in paragraph 2.4 of this policy, the legal basis of the processing is the legitimate interest of RP Legal & Tax to manage the interaction with users (comments, posts) on the Social Pages, including the activity of moderation. With regard to the processing of personal data carried out by the providers of social media platforms used by RP Legal & Tax for its Social Pages, please refer to the information provided by them through their respective privacy policies.


As per Articles 15 et seq. of GDPR, each data subject has the right to receive from the other party information on the existence of the processing of his/her personal data, as well as to access his/her own data, to obtain the rectification, integration, updating, erasure or blocking of the data; each data subject will also has the right to obtain a copy of his/her data, the limitation of the processing and/or, moreover, to oppose against processing, as well as the right to data portability and to bring a complaint with the competent supervisory authorities under the conditions and within the limits given in the art. 13 of the GDPR.

The data subject has the right to withdraw his consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal

In order to exercise the aforementioned rights, it is necessary to write to the Data Controller, at the following e-mail address , indicating “Privacy – Data Subject’s Rights” as object. Such e-mail address is protected from spam bots. If you want to see the Site, you have to necessary enable Java Script.


The personal data processed are stored at RP Legal & Tax and its suppliers in Italy and in the European Union.

User’s personal data may be subject to transfer to third countries that do not guarantee a level of security adequate to European standards and for which no adequacy decision has been issued by the European Commission pursuant to Article 45 GDPR. For this reason, the Controller has signed with third parties, intending to transfer data to such Countries, standard contractual clauses or other appropriate measure pursuant to Article 46 GDPR, as well as any additional security measures.

The updated list of third-party suppliers, acting as data processors pursuant to art. 28 GDPR, is available on request by sending a message to


We may share your personal data:

  • with other users of the Site and Social Pages. If you use the RP Legal & Tax Social Pages available through the Site, you may interact with other users, who will be notified of your comments, your location and other information you wish to share, in accordance with the policies and the terms and conditions of the social media on which you have an account;
  • with service providers. RP Legal & Tax uses third party services (cloud, content management system, analysis, hosting, navigation functions) acting as data processors on the basis of agreements, signed in accordance with art. 28 of the GDPR, which include standard contract clauses, as well as possible supplementary security measures, in accordance with the European Commission’s decision 2021/914  on standard contractual clauses or on the basis of the European Commission’s adequacy decision on the level of data protection.These providers shall process only the personal data necessary for the performance of their duties and may use them only for the purpose of performing their services on our behalf or to comply with legal requirements;
  • with judicial authorities and public bodies. Where permitted or required by law, we may share data requested by a judicial authority, a public body or a government agency in order to protect or exercise our rights or those of third parties, or to comply with legal obligations.

This document constitutes the Site privacy policy that over time may be amended and/or updated.

[03 15 2022– V 3.0]