The Data Controller is:
Carbone Photographer
Registered office: Via Dragonetti Bonifacio 24, 72024 Oria (BR), Italy
Email: carbonephotographer@gmail.com
The website may collect the following types of personal data:
Data voluntarily provided by the user: name, surname, email, phone number, and other personal details entered in contact forms, service request forms, or newsletter subscriptions.
Browsing data: IP addresses, browser types, operating system, access time, source URLs, and technical/analytical information collected through cookies or analytics tools (see Cookie Policy for full details).
Images: in the case of galleries or portfolios, published images may include personal or biometric data. In such cases, the Controller ensures that informed consent has been obtained from the subjects prior to publication.
Personal data are processed for the following purposes:
to respond to contact or service requests;
to provide requested photographic services;
to send organizational or informational messages;
to send newsletters, offers, or promotional updates (with prior consent);
to ensure the proper functioning of the website and improve user experience (through technical and analytics cookies, as described in the Cookie Policy).
Processing is based on the following legal grounds:
Performance of a contract or pre-contractual measures (Art. 6, para. 1, letter b GDPR): in relation to the services requested by the user.
User consent (Art. 6, para. 1, letter a GDPR): for promotional communications, newsletters, or image publication.
Legal obligation (Art. 6, para. 1, letter c GDPR): where necessary to comply with laws or authority orders.
Providing data is optional, but necessary to:
receive responses to contact requests;
access photographic services;
be contacted for service-related purposes.
Failure to provide data may prevent the delivery of certain services. Consent for marketing purposes is always optional.
Data is processed using manual and digital tools, in accordance with the principles of fairness, lawfulness, transparency, minimization, and integrity. The Controller adopts appropriate technical and organizational measures to protect personal data from unauthorized access, loss, or disclosure.
Personal data may be shared with:
technical service providers and hosting providers;
collaborators or consultants assisting in site management or service delivery;
public authorities, upon request and within legal limits;
individuals authorized by the Controller, who are trained and bound by confidentiality obligations (e.g., employees, freelancers).
No data is transferred outside the European Union.
Data collected for contact or booking purposes will be retained for the time necessary to provide the requested services.
Data processed for marketing purposes will be stored for up to 24 months, unless consent is withdrawn sooner.
Browsing data is retained for short periods unless needed for security or legal purposes.
As a data subject, you have the following rights (under Articles 15–22 of the GDPR):
right of access;
right to rectification;
right to erasure (“right to be forgotten”);
right to restriction of processing;
right to data portability;
right to object to processing;
right to withdraw consent at any time;
right to lodge a complaint with the data protection authority (www.garanteprivacy.it).
To exercise your rights, please contact:
carbonephotographer@gmail.com
