Via Cesare Battisti, 19 - Milano | 02 54123 208 - 586

Privacy policy

1. Data Controller and persons in charge.

The Data Controller of the data of the Data Subject is STUDIO LEGALE SIMONETTI in the person of the Members, Giorgio SIMONETTI and Antonio SIMONETTI, with registered office in 20122 Milan, via Cesare Battisti, 19. The Data Controller can be contacted:This email address is being protected from spambots. You need JavaScript enabled to view it.or - This email address is being protected from spambots. You need JavaScript enabled to view it.; - via email at This email address is being protected from spambots. You need JavaScript enabled to view it.; - by fax n. +39 0254011821 indicating in the object your name and surname and "personal data information".


2. Data processing purpose.

The Data Controller processes personal identification data (for example: name, surname, company name, address, telephone numbers, email addresses, bank and payment references) communicated by the Data Subject, as a natural person (possibly in his capacity as a representative of a legal entity), during the professional assignment, or subsequently, to one or more professionals who are part of STUDIO LEGALE SIMONETTI and accepted by them.


3. Purpose of data processing.

The processing is aimed solely at the correct and complete execution of the professional assignment received, both in and out of court, also pursuant to the anti-money laundering legislation according to Ministerial Decree no. 141 of 3 February 2006
In particular,

  • A) the data of the Data Subject are processed without his express consent (art. 24 letter A), b) c) Privacy Code and art. 6 letter b) e) GDPR) for the following purposes:
    - to execute the professional assignment - extrajudicial and/or judicial - assigned and accepted;
    - fulfil the pre-contract, contract and tax obligations arising from the relationship with you;
    - fulfil the obligations provided for by national, community and international regulatory sources or by an order of the Authority;
    - Exercise the rights of the Data Controller (for example, in case of defense in court).
  • B) The data of the Data Subject are processed with his express consent (articles 23 and 130 Privacy Code and art. 7 GDPR) for the following purposes:
    - to send you via email, mail and/or sms and/or telephone contacts, communications from third parties (technical consultants and/or professionals) that it is deemed necessary to use to carry out the assignment.
    - send you by email, mail and/or sms and/or telephone contacts, newsletters, invitations to conventions and/or conferences; best wishes for holidays or anniversaries;


4. Legal basis for data processing.

STUDIO LEGALE SIMONETTI processes the personal data of the Data Subject lawfully, where the processing:

  • is necessary for the execution of the mandate, of a contract the Data Subject is part of  or for the execution of pre-contract measures taken upon request;
  • is necessary to fulfill a legal obligation incumbent on the professional;
  • is based on express consent as in the cases indicated in point 3 letter B above.


5. Failure in providing data.

With regard to personal data relating to the performance of the professional assignment the Data Subject is part of or relating to, the fulfilment of a regulatory obligation (for example, tax and accounting obligations), failure to provide personal data prevents the improvement or continuation of the professional relationship.


6. Data processing methods.

  • a) The processing of your personal data will be carried out with the aid of electronic or automated instruments and/or without them (in paper form);
  • b) the processing is carried out by the data controller and/or the persons in charge of processing.

The processing of your personal data is carried out through the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and, precisely, consists of: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.

There is no automated treatment process aimed at assessing personal aspects related to the individual, in particular to analyze or predict aspects regarding professional performance, economic situation, health, personal preferences (religious, political, sexual orientation), economic condition, health, interests, reliability, behavior, location or travel in space.


7. Data storage and processing - technical measures for protection.

The data are stored, processed and protected in an appropriate manner taking into account the available technology, possibly also through suppliers who are required to provide adequate guarantees of compliance.


8. Data transfer.

The provision of common, sensitive and judicial personal data is strictly necessary for the performance of the activities described in point 3.


9. Refusal to provide data.

Any refusal by the Data Subject to provide personal data in the case referred to in point 3 letter A) will make it impossible to perform the activities described herein. Any refusal by the Data Subject to provide personal data in the case referred to in point 3 letter B) will prevent the receipt of what is indicated therein.


10. Data communication.

Personal data may disclosed to those in charge of processing and may be communicated for the purposes set out in point 3 to

  • employees and collaborators of STUDIO LEGALE SIMONETTI,
  • external partners,
  • subjects operating in the judicial and/or administrative sector,
  • counterparties and lawyers thereof,
  • colleagues of arbitrators and, in general,
  • to all those public and private entities, including banking and insurance institutions that provide functional services for the abovementioned purposes, to which the communication is necessary for the correct fulfilment of the purposes indicated in point 3.

The data will also be processed for the purposes provided for by current anti-money laundering legislation.


11. Dissemination of data.

Personal data are not subject to dissemination or to any fully automated decision-making process, including profiling.


12. Data transfer abroad.

Personal data may be transferred to countries within the European Union and to countries outside the European Union for the purposes set out in point 3.


13. Data retention period

The Data will be entered in STUDIO LEGALE SIMONETTI database for its own activities and will be kept for ten years from the last activity carried out in the scope of the assignment or assignments. Once this storage period has expired, the Data will be destroyed or made anonymous, except as provided for by the regulations in force from time to time.


14. Rights of the Data Subject.

Except as provided in the previous point and compatibly with the protection of the rights and interests of STUDIO LEGALE SIMONETTI, pursuant to art. 7 of the Privacy Code and art. 15 GDPR the Data Subject is entitled to:

  • request and obtain from the Data Controller confirmation of the existence or not of their personal data, even if not yet recorded, and their provision in intelligible form;
  • request and obtain from the Data Controller access to your personal data and information related to them;
  • have knowledge of the origin of the data, the purpose and methods of processing, the logic applied to the processing if carried out by electronic means, the identity of the Data Controller and the persons whose data may be communicated;
  • to obtain the updating, rectification and integration of data, the cancellation (on the occurrence of one of the conditions indicated in art. 17, paragraph 1 of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article), the limitation of the processing of your personal data (on the occurrence of one of the hypothesis indicated in art. 18, paragraph 1 of the GDPR); the transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
  • obtain certification that the above operations have been brought to the attention, also with regard to their content, of those to whom the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate to the protected right;
  • oppose, for legitimate reasons, in whole or in part, the processing of personal data, even relevant to the purpose of collection, except in cases of mandatory processing of data expressly provided for by law;
  • request and obtain from the data controller - in cases where the legal basis of the processing is the contract or consent and the same is carried out by automated means - personal data in a structured and readable format by automatic device, also in order to communicate such data to another data controller (so-called “right to portability” of personal data);
  • revocare il consenso, in qualsiasi momento, limitatamente alle ipotesi in cui il trattamento sia basato sul Suo consenso per una o più specifiche finalità e riguardi dati personali comuni (esemplificativamente data e luogo di nascita o luogo di residenza) oppure particolari categorie di dati (esemplificativamente dati che rivelino la Sua origine razziale, le Sue opinioni politiche, le Sue convinzioni religiose, lo stato di salute o la vita sessuale), purchè non pregiudichino il perseguimento dello scopo per cui è stato conferito il mandato. Tale revoca dovrà essere mandata a mezzo raccomandata A/R all’indirizzo dello STUDIO LEGALE SIMONETTI. In ogni caso, il trattamento basato sul consenso ed effettuato antecedentemente alla revoca dello stesso conserva la propria liceità;
  • revoke consent, at any time, limited to cases where the processing is based on consent for one or more specific purposes and concerns common personal data (for example, date and place of birth or place of residence) or particular categories of data (for example, data revealing racial origin, political opinions, religious beliefs, state of health or intercourse life), provided that they do not affect the pursuit of the purpose for which the mandate was given. This revocation must be sent by registered mail to the address of STUDIO LEGALE SIMONETTI In any case, the treatment based on consent and carried out prior to the revocation of the same retains its lawfulness;
  • lodge a complaint to the competent Authority (Guarantor Authority for the protection of personal data -

Please note that also for the purposes of anti-money laundering legislation, the data relating to the services covered by the above mentioned legislation, will be retained for ten years after the completion of the service. These rights can be exercised by writing to STUDIO LEGALE SIMONETTI via Cesare Battisti, 19 20122 MILAN or by e-mail to: This email address is being protected from spambots. You need JavaScript enabled to view it. indicating in the subject line your name and surname and "personal data information". Where the request for access is made by electronic means, the information will be provided in commonly used electronic format.


15. Data protection management model.

Within the scope of an organizational privacy model, roles and responsibilities are identified with regard to the processing of personal data. Employees with functions assigned to the pursuit of the above mentioned purposes are in charge of the processing of the data of the Data Subject. Adequate instructions are given to them.
The third parties personal data will be disclosed to, for the purposes described above will operate as autonomous Data Controllers or will be designated as Data Processors, receiving, in this case, appropriate operating instructions.
The complete and updated list of the persons in charge of the treatment is available upon request to STUDIO LEGALE SIMONETTI, via Cesare Battisti, 19, 20122 MILAN or by e-mail to the following address: This email address is being protected from spambots. You need JavaScript enabled to view it., specifying in the subject name, surname and information.