top of page

PRIVACY POLICY

Virgili Studio Consulting

​​

​

​

This Privacy Policy describes how Virgili Studio Consulting collects, uses and protects personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and applicable Italian data protection laws.

​

Virgili Studio Consulting operates as a professional, profit-driven executive consulting studio. The processing of personal data is strictly limited to what is necessary to carry out its professional, contractual and institutional activities.

​​

​

​

 

1. Data Controller

The Data Controller is:

Virgili Studio Consulting
Email: info@virgilistudio.com
Operating location: Milan, Italy

For any request regarding the processing of personal data, users may contact the Data Controller at the above email address.

​​

​

2. Categories of Personal Data Collected

Virgili Studio Consulting may collect and process the following categories of personal data:

  • Identification data (name, surname)

  • Contact data (email address, telephone number, company name, professional role)

  • Professional information voluntarily provided through contact forms or email communications

  • Technical data (IP address, browser type, device type, operating system)

  • Usage data related to navigation on the website (pages visited, access times, interactions)

Personal data is collected exclusively when voluntarily provided by the user or through standard technical mechanisms necessary for the correct functioning and security of the website.

Virgili Studio Consulting does not collect special categories of personal data (such as health, biometric, or sensitive personal data).

​​

​

​

3. Purposes of Processing

Personal data is processed for the following purposes:

  • To respond to enquiries, requests for information and contact submissions

  • To manage professional, commercial and contractual relationships related to the consulting activities of Virgili Studio Consulting

  • To carry out pre-contractual evaluations and negotiations

  • To provide professional advisory and executive consulting services

  • To manage communications with clients, partners and institutional stakeholders

  • To comply with legal, regulatory and fiscal obligations

  • To ensure the technical operation, security and performance of the website

  • To improve user experience and website functionality

No personal data is used for automated decision-making or profiling.

​​

​

 

4. Legal Basis for Processing

Personal data is processed on the basis of one or more of the following legal grounds:

  • Consent of the data subject (Art. 6(1)(a) GDPR), when the user voluntarily submits data

  • Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)

  • Compliance with legal obligations (Art. 6(1)(c) GDPR)

  • Legitimate interest of the Data Controller (Art. 6(1)(f) GDPR), including:

    • Conducting professional consulting activities

    • Managing business relationships

    • Protecting the security and integrity of digital systems

The legitimate interest is always balanced against the fundamental rights and freedoms of the data subject.

​​

​

​

5. Data Retention

Personal data is retained only for the period strictly necessary to achieve the purposes for which it was collected, and in any case:

  • For the duration of professional or contractual relationships

  • For the time required by applicable legal and accounting obligations

  • For as long as necessary to protect the legitimate interests of the Data Controller

Once retention periods expire, personal data is securely deleted or anonymised.

​

​​

​

6. Data Sharing and Disclosure

Personal data is not sold, rented or commercially transferred to third parties.

Data may be shared only with:

  • Technical service providers (e.g. website hosting, IT infrastructure)

  • Professional advisors (legal, accounting, compliance)

  • Authorities where required by law

All third parties operate under appropriate data processing agreements and GDPR-compliant safeguards.

 

​

 

7. International Transfers

Personal data is processed within the European Union.
If any technical service provider operates outside the EU, appropriate safeguards such as Standard Contractual Clauses (SCCs) will be applied.

​​

​

​

8. Data Subject Rights

Under the GDPR, users have the right to:

  • Access their personal data

  • Request rectification or updating of inaccurate data

  • Request deletion of their data (“right to be forgotten”)

  • Request restriction of processing

  • Object to processing based on legitimate interest

  • Request data portability

  • Withdraw consent at any time

Requests may be submitted to:
info@virgilistudio.com

The Data Controller will respond within the timeframes required by law.

​​

​

​

9. Security Measures

Virgili Studio Consulting adopts appropriate technical and organisational measures to ensure:

  • Confidentiality

  • Integrity

  • Availability

  • Protection against unauthorised access, loss or alteration of data

These measures are periodically reviewed and updated.

​​

​

​

10. Cookies and Tracking Technologies

This website may use technical cookies necessary for its correct operation.
Any additional cookies or tracking technologies are regulated by a separate Cookie Policy and subject to user consent where required.

​​

​

​

11. Changes to This Privacy Policy

This Privacy Policy may be updated to reflect regulatory changes or operational developments.
Users are encouraged to review this page periodically.

The latest version is always available on the website.

​

​

​

Last updated: January 2026
By continuing to use this website, you acknowledge that you have read and understood this Privacy Policy.

bottom of page