Privacy PolicyMatomo opt-in or opt-out
If you have chosen “Allow tracking”, please note that data will be collected anonymously and in aggregate form as stated in the privacy policy.
You can change your choices at any time.
Privacy Policy
This privacy policy is provided pursuant to EU Regulation 2016/679 (GDPR) for those who consult the website https://www.fabiano.law. Please note that this privacy policy applies only to this website and not to other websites that may be consulted by the user via links.
Data Controller
The “data controller” for the processing of data relating to identified or identifiable persons who access and browse this website is Nicola Fabiano (privacy [at] fabiano.law).
Purpose and legal basis of processing
The processing of personal data resulting from consultation of the website is based on the following purposes and related legal bases:
| Aspect | 1. Navigation data (web server logs) | 2. Web analytics statistics (Matomo cookie-less) | 3. Voluntary communications via email |
|---|---|---|---|
| Purpose | IT security, prevention of unauthorized access, detection of attack attempts, and monitoring of correct website functioning | Collection of aggregate statistics to understand website usage, improve user experience, and optimize content | Respond to requests sent spontaneously by the user via email |
| Legal basis | Art. 6, para. 1, lett. f) GDPR | Art. 6, para. 1, lett. f) GDPR | Art. 6, para. 1, lett. b) GDPR |
| Retention | Maximum 7 days (automatic deletion) | 12 months (in aggregate and anonymous form) | Time strictly necessary, no more than 30 days from the response |
Data processed
Navigation data
Access to this website and browsing within it occurs through the use of a web browser. The IT systems responsible for the operation of this website acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. Some data necessary for browsing the internet, by their very nature, could allow users to be identified through processing and associations with data held by third parties. In particular, this refers to IP addresses (anonymized) or domain names of computers used by users who connect to this website, addresses in URI (Uniform Resource Identifier) notation of requested resources, request time, browser type and operating system used, etc.
Such data are used solely for the purpose of obtaining anonymous statistical information on the use of the website, to check its correct functioning, and to ensure system security. Web server log data are kept for a maximum of 7 days, after which they are automatically deleted. The data could be used to ascertain responsibility in the event of computer crimes against the website, upon request of the Judicial Authority.
Data voluntarily provided by the user
The optional, explicit, and voluntary sending of email to the addresses indicated on this website entails the acquisition of the sender’s address, necessary to respond, as well as any other personal data contained in the message. Such data are processed exclusively to respond to sent messages and to fulfill any related requests. Failure to provide personal data for communications or to send any requests prevents their fulfillment. Data are kept for the period strictly necessary for the purposes for which they are processed, no more than 30 days from the response.
Cookies
This website uses exclusively one technical preference cookie strictly necessary to record the user’s privacy choices. No analytical, profiling, or advertising cookies are used.
Technical cookie used
| Cookie Name | Purpose | Duration | Type | Consent Required |
|---|---|---|---|---|
mtm_consent_removed | Matomo Analytics: remember the user’s choice to disable statistical tracking | 1 year | Technical preference cookie | ❌ No |
This cookie is exempt from the obligation to obtain prior consent under Art. 122 of the Italian Privacy Code (Legislative Decree 196/2003, as amended by Legislative Decree 101/2018) because it is necessary to respect the user’s privacy choices (opt-out from tracking).
Important: The cookie is created ONLY if the user interacts with the opt-out widget present on the site pages. If the user never clicks on the widget, no cookie is installed.
No analytical, profiling, or advertising cookies are installed on the user’s device.
Managing cookies in browsers
Although this website does not install cookies by default, users can still verify and manage any cookies installed by other websites through their browser settings:
Cookies from external platforms
In case of sharing the contents of this website on social platforms, the collection and use of information are governed by their respective privacy policies, which are referenced:
Matomo Web Analytics
This website uses Matomo to collect aggregate and anonymous browsing statistics (as specified in the purpose table).
Privacy-first configuration implemented
- ✓ No cookies installed on the user’s device
- ✓ IP address anonymization (last 2 bytes masked)
- ✓ Respect for the browser’s “Do Not Track” (DNT) signal
- ✓ Aggregate data not traceable to individual users
- ✓ No sharing with third parties
- ✓ Matomo server hosted in the European Union
How to opt-out
Users can completely disable Matomo tracking at any time:
- Through the banner on the website’s home page
- Through the control present at the top of this page
- By enabling the “Do Not Track” option in their browser settings
Once tracking is disabled, Matomo will no longer collect any data relating to the user’s browsing on this website.
Privacy by Design: essential technical cookie
This website has adopted a privacy-first approach using exclusively one technical preference cookie created only upon user request, thus ensuring:
✓ Maximum respect for privacy: only one cookie necessary to respect the user’s choice
✓ No consent required: technical cookie exempt under Art. 122 Italian Privacy Code
✓ Optional cookie: created ONLY if the user interacts with the opt-out widget
✓ No invasive banners: no blocking of access to content
✓ Total transparency: no profiling or advertising tracking
✓ Regulatory compliance: full adherence to GDPR, ePrivacy Directive, and Italian Privacy Code
✓ Minimization principle: only strictly necessary data is collected
Browsing statistics are collected through Matomo in cookie-less configuration with strong anonymization, in full compliance with the principle of personal data minimization (Art. 5, para. 1, lett. c) of the GDPR).
Recipients
Personal data collected by this website as a result of consultation are not communicated to recipients or categories of recipients.
Personal data retention period
Data collected by the website are kept for the following periods:
- Web server logs: maximum 7 days, then automatic deletion
- Matomo analytics data: 12 months in aggregate and anonymous form
- Email requests: time strictly necessary to fulfill the request, no more than 30 days from the response
The retention periods comply with the principle of storage limitation (Art. 5, para. 1, lett. e) of the GDPR).
Transfer of data to non-EU countries
This website does not share data with services located outside the European Economic Area (EEA).
All servers and services used (hosting, Matomo analytics) are located in the European Union, ensuring full compliance with GDPR provisions on international transfers.
Security measures
Visitors’/users’ data are processed lawfully and correctly, adopting appropriate security measures aimed at preventing unauthorized access, disclosure, modification, or unauthorized destruction of data.
The security measures implemented include:
- Communication encryption: SSL/TLS certificate for data protection in transit
- Anonymization: IP address masking at source
- Access limitation: log access limited to authorized personnel only
- Regular backups: security copies to ensure data availability
- Monitoring: systems for detecting unauthorized access and attack attempts
In addition to the Controller, in some cases, categories of persons in charge involved in the organization of the website or external subjects (such as third-party technical service providers, hosting providers) may have access to the data, appropriately designated as data processors pursuant to Art. 28 of the GDPR.
Data subject rights
Data subjects may exercise the following rights provided for in Articles 15 to 22 of EU Regulation 2016/679:
- Right of access (Art. 15): obtain confirmation of the existence of personal data and receive a copy
- Right of rectification (Art. 16): obtain correction of inaccurate data
- Right to erasure (Art. 17): obtain deletion of data (“right to be forgotten”)
- Right to restriction (Art. 18): obtain restriction of processing
- Right to data portability (Art. 20): receive data in a structured format
- Right to object (Art. 21): object to processing based on legitimate interest
To exercise their rights, the request should be addressed to: privacy [at] fabiano.law
The Controller will respond to the request without undue delay and, in any case, within one month of receiving it.
Right to lodge a complaint
Data subjects who believe that the processing of their personal data carried out through this website is in violation of EU Regulation 2016/679 have the right, pursuant to Art. 77 of the GDPR, to lodge a complaint with the Italian Data Protection Authority:
Garante per la protezione dei dati personali
Piazza Venezia, 11 - 00187 Rome, Italy
Tel. +39 06.696771
Fax +39 06.69677.3785
Email: garante@gpdp.it
PEC: protocollo@pec.gpdp.it
Website: https://www.garanteprivacy.it
Last updated: October 2025