Privacy Policy | Percepta Studio

═══════════════════════════════════════════════════════════════════════

TITOLARE DEL TRATTAMENTO

Percepta Design Studio di Francesco Ceciliani
Via Perroncito, 2
22030 Proserpio (Como), Italy
Email: fra.ceciliani@gmail.com
P. IVA: 04091560138

INFORMATION WE COLLECT

We collect the following personal information:

A) From Contact Forms:

Name and Surname
Email address
Phone number (optional)
Service type (radio selection)
Message/project description

B) Automatically Collected Data:

IP address (anonymized via Google Analytics)
Device type and browser
Pages visited and time spent
Traffic source
Cookies and unique identifiers

C) For Newsletter (when activated):

Email address
Name (optional)
Subscription date
Content preferences

HOW WE USE YOUR INFORMATION

A) RESPONDING TO YOUR REQUESTS
Legal basis: Contract execution / GDPR consent checkbox
Purpose: Contact you about consultations, send proposals
Retention: 12 months, then automatic deletion

B) MEASURING WEBSITE PERFORMANCE (Google Analytics)
Legal basis: Cookie consent (banner)
Purpose: Understand how users interact with the site, improve UX
Retention: 14 months (then anonymized)

C) ADVERTISING & RETARGETING (Meta Pixel)
Legal basis: Cookie consent (banner)
Purpose: Track conversions, show relevant ads on Facebook/Instagram
Retention: 180 days

D) NEWSLETTER & MARKETING (when activated)
Legal basis: Explicit consent (double opt-in)
Purpose: Send updates about services and content
Retention: Until unsubscription
Right: Unsubscribe anytime via link in emails

E) SITE SECURITY
Legal basis: Legitimate interest
Purpose: Prevent attacks, spam, fraud
Retention: 7-30 days for server logs

HOW WE SHARE YOUR INFORMATION

A) GOOGLE ANALYTICS 4
Provider: Google LLC (USA)
Data transferred: IP (anonymized), session ID, URLs, device type,
referrer, session duration
Legal basis: Cookie consent
Protection: IP anonymization + Standard Contractual Clauses (SCC)
Privacy link: https://policies.google.com/privacy

B) META PIXEL (Facebook/Instagram)
Provider: Meta Platforms Inc. (USA)
Data transferred: Email (hashed), device ID, conversion event, URL
Legal basis: Cookie consent
Protection: Standard Contractual Clauses (SCC)
Privacy link: https://www.facebook.com/policies_center/

C) ARUBA (HOSTING & EMAIL)
Provider: Aruba S.p.A. (ITALY)
Data: Contact form contents, server logs, emails
Legal basis: Service contract
Protection: Data center in Italy, ISO 27001, TLS encryption
Privacy link: https://www.aruba.it/it/privacy.aspx

D) WPFORMS (CONTACT FORM)
Provider: WP Forms LLC (USA)
Data: Name, email, message (stored on your Aruba server, not on WP
Forms servers)
Legal basis: Contract execution
Protection: Standard Contractual Clauses (SCC)
Privacy link: https://wpforms.com/privacy-policy/

E) NEWSLETTER SERVICE (when activated)
[To be updated when you choose: Mailchimp/Brevo/Substack/etc.]
Data: Email, name, subscription date
Legal basis: Explicit consent (double opt-in)
Right: Unsubscribe anytime

F) OTHER DISCLOSURES
We do not sell data to third parties. We may disclose data only if:

Required by law or court order
To protect our rights, property, or security
In case of merger/acquisition (with notice)

INTERNATIONAL DATA TRANSFERS (USA)

Some providers (Google Analytics, Meta Pixel, WP Forms) have servers in
the USA. These transfers are protected by Standard Contractual Clauses
(SCC – Art. 46 GDPR), ensuring data protection equivalent to EU level.

RIGHT TO OBJECT: You can refuse Analytics and Meta cookies via the
banner, or contact us at fra.ceciliani@gmail.com for alternatives.

YOUR GDPR RIGHTS

You have the right to:
✓ Access: Request a copy of your data
✓ Rectification: Correct inaccurate data
✓ Erasure: Request deletion (“right to be forgotten”)
✓ Restriction: Limit how we process your data
✓ Portability: Receive your data in readable format
✓ Objection: Refuse processing for marketing/profiling
✓ Complaint: Report violations to the Data Protection Authority

To exercise these rights, email: fra.ceciliani@gmail.com
We will respond within 30 days (max 90 days for complex requests).

DATA RETENTION

Data Category	Retention Period
Contact form data	12 months
Google Analytics	14 months
Meta Pixel	180 days
Server logs	30 days
Newsletter	Until unsubscription

After these periods, data is deleted or anonymized automatically.
We may retain data longer if required by law (accounting = 10 years).

COOKIES & TRACKING TECHNOLOGIES

For detailed information about cookies we use, durations, and how to
manage your preferences, see our Cookie Policy:
https://www.perceptastudio.com/cookie-policy/

SECURITY

We use reasonable security measures to protect your data:

TLS/SSL encryption on the entire site
Aruba hosting with protected data center and daily backups
Limited access (only Francesco Ceciliani)
Firewall and DDoS protection

However, no system is 100% secure. You transmit data at your own risk.
If we discover a breach, we will notify you within 72 hours.

THIRD-PARTY LINKS

Our site contains links to:

LinkedIn (Percepta Studio profile)
Instagram (Percepta Studio profile)

We are not responsible for their privacy policies. Review theirs before
sharing data.

POLICY UPDATES

We may update this policy anytime. Significant changes will be notified
via email or site notice. Continued use after updates = acceptance of
the new policy.

CONTACT & COMPLAINTS

Questions about privacy?
📧 fra.ceciliani@gmail.com

Data Protection Authority complaint:
https://www.garanteprivacy.it
Email: protocollo@gpdp.it
Address: Piazza di Monte Citorio, 121 – 00186 Roma

Percepta Design Studio

di Ceciliani Francesco

info@perceptastudio.com

P. IVA 04091560138

LinkedIn

Instagram