Legal

Privacy Policy

This privacy policy explains how I process personal data of users who visit my website and choose to contact me by email, in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) and applicable Italian data protection law.

1. Data controller

The data controller is:

Giuseppe Di Lecce
VAT no. 01442160774
General contact email: hello@giuseppedilecce.com
Email for privacy requests: giuseppedileccebusiness@gmail.com

2. Categories of personal data processed

2.1 Browsing data

The IT systems and software procedures that allow this website to operate may acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This may include, for example, IP addresses, device and browser identifiers, the time of the request, the address of the requested resource and other technical parameters related to the user's operating system and IT environment.

Such data is used strictly to enable the use of the website, monitor its correct functioning and, where necessary, to detect and prevent abuse or security incidents.

2.2 Data voluntarily provided by the user

The website does not include contact forms or user registration areas. You can contact me by clicking on the email link shown on the site, which will open your email client.

In that case I will process the personal data you freely decide to share, such as:

  • your email address as sender
  • the content of the message and any attachments
  • your name, surname, role or any other information written in the message

2.3 Special categories of data

I do not intend to process special categories of personal data under article 9 GDPR (such as data concerning health, religious beliefs or sexual orientation). I kindly ask you not to include this type of information in your emails. If you nevertheless decide to share such data, it will be processed only if strictly necessary to handle your request and within the limits allowed by law.

3. Purposes and legal bases of processing

Personal data collected through the website and through emails sent by you are processed for the following purposes:

  • Managing contact and project requests
    To respond to your requests for information, quotes or collaboration, and, where applicable, to start and manage a professional relationship relating to color grading services.
    Legal basis: performance of pre-contractual or contractual measures requested by you (article 6, paragraph 1, letter b of the GDPR) and my legitimate interest in managing my freelance activity (article 6, paragraph 1, letter f).
  • Website security and abuse prevention
    To ensure the security of the website, detect and prevent misuse, fraud or cyber attacks, and defend my rights in court if needed.
    Legal basis: legitimate interest in ensuring the security of systems and protecting my rights (article 6, paragraph 1, letter f).
  • Compliance with legal obligations
    To comply with legal, regulatory or EU obligations, including tax and accounting duties where a professional engagement leads to invoicing and record keeping.
    Legal basis: compliance with a legal obligation to which I am subject (article 6, paragraph 1, letter c).

If in the future I decide to use personal data for additional purposes, for example to send direct marketing communications or to carry out detailed analytics of advertising campaigns, I will do so only where there is a suitable legal basis (such as your consent or a compatible legitimate interest) and I will update this privacy policy before starting those new processing activities.

4. Methods of processing and security measures

Personal data is processed mainly with electronic tools and only to the extent necessary to pursue the purposes described above. I apply the principles of lawfulness, fairness, transparency, data minimisation and storage limitation required by the GDPR.

Appropriate technical and organisational measures are adopted to protect personal data against loss, misuse, unauthorised access, disclosure, alteration or destruction. These measures are proportionate to the nature of the data and the risks involved.

5. Data retention periods

  • Browsing data
    Browsing data is kept for the time strictly necessary to ensure the proper functioning of the website and the security of communications, usually for a period of a few months, unless a longer retention is required due to security incidents or requests from public authorities.
  • Emails and communications
    Emails and the data contained in communications are retained for as long as needed to handle your request and, if this gives rise to a professional engagement, for the duration of the relationship and for the additional period required by tax and accounting laws (typically up to 10 years).

Once the relevant retention periods have expired, the data will be deleted, anonymised or otherwise made non identifiable, unless a further retention is required by law.

6. Recipients of personal data

In addition to the data controller, personal data may be processed by third parties that provide technical or organisational services, for example:

  • the hosting provider and infrastructure used to run the website
  • the email service provider
  • accounting, tax or legal advisors, where strictly necessary
  • public authorities and supervisory bodies, where required by law or on their request

These parties act, depending on the case, as data processors on the basis of written agreements that define their obligations, or as independent controllers when they determine their own purposes and means of processing. Personal data is not publicly disclosed.

7. Transfers of data outside the European Economic Area

Some IT service providers used in connection with the website or with email communications may be located outside the European Economic Area or may rely on infrastructure hosted in third countries.

In such cases any transfer of personal data will take place in compliance with the conditions set out in the GDPR, for example based on adequacy decisions of the European Commission or by adopting standard contractual clauses or other appropriate safeguards. Further information on the specific safeguards used for individual services can be requested by contacting me at the addresses indicated above.

8. Cookies and tracking tools

This site is built as a static portfolio site. To the best of my knowledge and control, I do not use profiling cookies, analytics services or third party tracking tools such as Google Analytics or Meta Pixel on this website.

Any technical cookies that may be set by the hosting infrastructure are limited to what is strictly necessary for the secure and efficient operation of the site. Such cookies are not used by me for profiling or marketing purposes.

If in the future I decide to implement analytics services, advertising pixels or other non essential cookies, I will deploy a suitable cookie banner or consent mechanism where required by law and I will update this privacy policy to include detailed information about the tools used, their purposes and how you can manage your preferences.

9. Nature of data provision

Providing personal data by email is voluntary. However, if you do not provide the data needed to identify you and understand your request, it may be impossible for me to respond correctly or to start a collaboration.

10. Data subject rights

As a data subject you have the following rights under articles 15 to 22 of the GDPR:

  • to obtain confirmation as to whether or not personal data concerning you is being processed
  • to access your personal data and receive a copy of it
  • to request the rectification of inaccurate data or the completion of incomplete data
  • to request the erasure of personal data in the cases provided for by law
  • to request restriction of processing in the cases provided for by the GDPR
  • to object, in whole or in part, to processing based on legitimate interest
  • to receive the personal data you have provided in a structured, commonly used and machine readable format and, where technically feasible, to transmit it to another controller (right to data portability)
  • where processing is based on consent, to withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal

11. How to exercise your rights and lodge a complaint

You can exercise your rights at any time by sending a written request to the contacts indicated in section 1, preferably with the subject line "GDPR request". I will respond as soon as reasonably possible and in any case within the time limits set by the GDPR.

If you believe that the processing of your personal data through this website infringes data protection law, you also have the right to lodge a complaint with the competent supervisory authority. In Italy this is the Garante per la protezione dei dati personali. You can find contact details and procedures on the authority's official website.

12. Future use of advertising and analytics services

I may use external advertising platforms such as Google Ads or Meta Ads to promote my services. In such cases those platforms process user data in their capacity as independent controllers, according to their own privacy policies and settings. This website, at the time of writing, does not include their tracking pixels or tags.

Before integrating any new third party tool that involves tracking visitors on this site, I will assess the related data protection impact, implement any required consent mechanism and update this privacy policy to reflect the new processing activities.

13. Updates to this privacy policy

I may update this privacy policy from time to time, for example in case of changes in the services offered on the website, in the technologies used or in applicable law. The updated version will be published on this page and will indicate the date of the latest revision.

Last updated: 5 December 2025.

This document is intended to provide clear information about how personal data is processed on this site. It does not replace individual legal advice. If you need a full legal assessment of your situation, you should consult a qualified professional.