ZENZONE
🇮🇹 IT🇬🇧 EN
Community

Legal

Privacy Policy

Last updated: April 2026

1. Data Controller

The data controller is Paola Varutti, VAT IT02961010308, R.E.A. UD-35241, based in Italy. Email: info@zenzone.it. As a sole trader with limited-scale processing activities, the appointment of a Data Protection Officer (DPO) is not required under Art. 37 GDPR.

2. Categories of data collected

The site collects: (a) Data provided voluntarily — via the B2B contact form: first and last name, company name, role, email address, phone number, country, industry sector, message; (b) Navigation data — IP addresses, browser type, pages visited, collected automatically in anonymous or aggregated form for technical security purposes; (c) Technical cookies — strictly necessary for the functioning of the site (see Cookie Policy).

3. Purpose and legal basis of processing

Personal data is processed for the following purposes: (1) Responding to contact and commercial enquiries — legal basis: performance of pre-contractual measures at the data subject's request (Art. 6(1)(b) GDPR); (2) Compliance with legal obligations (e.g. tax and accounting records) — legal basis: legal obligation (Art. 6(1)(c) GDPR); (3) Legitimate interest of the controller in website security — legal basis: legitimate interests (Art. 6(1)(f) GDPR). No direct marketing or automated profiling is carried out without prior explicit consent.

4. Data retention

Data collected via the contact form is retained for the time strictly necessary to handle the request and, in any case, no longer than 24 months from the last contact. Data subject to tax or accounting obligations is retained for the statutory period (10 years). Navigation logs are deleted within 12 months of collection.

5. Data sharing and processors

Data is not sold or transferred to third parties for marketing purposes. It may be shared with: (a) Technical service providers (hosting, email, mailing platforms) acting as data processors under Art. 28 GDPR, bound by appropriate data processing agreements; (b) Public, judicial or supervisory authorities, solely where required by law. An up-to-date list of data processors is available on request by writing to info@zenzone.it.

6. International data transfers

Personal data is processed primarily within the European Economic Area (EEA). Where technical providers transfer data to third countries, this occurs only in the presence of: (a) a European Commission adequacy decision; (b) appropriate safeguards under Arts. 46–47 GDPR (e.g. Standard Contractual Clauses); (c) specific derogations under Art. 49 GDPR. Information on the transfer mechanisms applied is available on request.

7. Data security

The controller implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction or disclosure, in accordance with Art. 32 GDPR. These include: HTTPS encrypted connection, access to systems limited to authorised personnel, and regular security software updates.

8. Data subject rights (Arts. 15–22 GDPR)

Users have the right to: access their personal data (Art. 15); obtain rectification if inaccurate (Art. 16); obtain erasure ("right to be forgotten", Art. 17); request restriction of processing (Art. 18); receive data in a structured, machine-readable format (portability, Art. 20); object to processing based on legitimate interests (Art. 21); not be subject to solely automated decisions with significant effects (Art. 22). To exercise these rights, write to info@zenzone.it. The controller will respond within 30 days. Users also have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

9. Cookies

For detailed information on the cookies used by this site, please refer to the Cookie Policy at /en/cookie-policy.

10. Changes to this policy

The controller reserves the right to update this privacy policy at any time. Changes will be published on this page with the date of revision. Users are encouraged to review this page periodically.