This privacy information applies to data processing by:
Rechtsanwalt Alessandro De Maria
Corso di Porta Vittoria 5
20122 Milano, Italy
Email: adm@lexdemaria.eu
When you access our website lexdemaria.eu, your browser automatically transmits information to our web server. This information is temporarily stored in a log file. The following data is recorded: IP address of the requesting device, date and time of access, name and URL of the file retrieved, referrer URL, browser and operating system used. Processing serves to ensure smooth connections, convenient use of the website and system security. The legal basis is Art. 6(1)(f) GDPR. Log files are deleted after 30 days at the latest.
If you send us an enquiry via the contact form, your details (name, email address, telephone number, message content) will be stored for the purpose of processing your request. Data are transmitted to Formspree Inc., 415 Mission Street, San Francisco, CA 94105, USA, which provides the technical form infrastructure. A data processing agreement with Formspree is in place; transfers to the USA are made on the basis of EU Standard Contractual Clauses (Art. 46(2)(c) GDPR). The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR. Data are deleted once no longer required, at the latest upon expiry of statutory retention obligations.
We use a custom-built cookie consent tool that records your consent decision in your browser's local storage (localStorage). No analytics or advertising tools are activated without your consent. Your decision applies to this browser and can be withdrawn or changed at any time via the "Cookie Settings" link in the footer. The legal basis is Art. 6(1)(c) GDPR (documentation obligation) and Art. 6(1)(f) GDPR.
We use Google Tag Manager, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager manages code snippets (tags) on our website without itself setting cookies or collecting personal data. It is activated only after your consent has been granted and then loads the services described below. The legal basis is your consent (Art. 6(1)(a) GDPR).
With your consent, we use Google Analytics 4 (GA4), a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. GA4 records page views, dwell time and interactions through anonymised analysis. Data are transmitted to Google servers in the USA on the basis of the EU-US Data Privacy Framework adequacy decision (Decision (EU) 2023/1795) and EU Standard Contractual Clauses (Art. 46(2)(c) GDPR). We apply Google Consent Mode v2; GA4 processes personal data only with your explicit consent. Data are retained in GA4 for 14 months. The legal basis is your consent (Art. 6(1)(a) GDPR).
With your consent, we use Google Ads, provided by Google Ireland Limited, for online advertising (conversion tracking and remarketing). Cookies are set that identify whether users reached us via an advertisement. Data transfers to the USA are made on the basis of the EU-US Data Privacy Framework. The legal basis is your consent (Art. 6(1)(a) GDPR).
With your consent, we use the Universal Event Tracking (UET) tag of Microsoft Advertising, a service of Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. The UET tag records interactions following a click on a Bing Ads advertisement (conversion tracking) and enables remarketing. Data may be transferred to Microsoft servers in the USA on the basis of the EU-US Data Privacy Framework and EU Standard Contractual Clauses. We implement Microsoft UET Consent Mode; no data are collected without your explicit consent. Microsoft Privacy Statement: privacy.microsoft.com. The legal basis is your consent (Art. 6(1)(a) GDPR).
With your consent, we use Hotjar, provided by Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta. Hotjar analyses user behaviour via heatmaps and session recordings (anonymised). Data collected (e.g. anonymised IP address, device information, mouse movements) are processed on servers in the EU. Hotjar cookies are stored for up to 365 days. The legal basis is your consent (Art. 6(1)(a) GDPR). Further information: hotjar.com/legal/policies/privacy.
Our website is hosted by Hostinger International Ltd., 61 Lordou Vironos Street, 6023 Larnaca, Cyprus. Hostinger processes personal data (in particular log files) on our behalf pursuant to Art. 28 GDPR. A data processing agreement is in place. Hostinger Privacy Policy: hostinger.com/privacy-policy.
In connection with Google Analytics 4, Google Ads, Microsoft Advertising and Formspree, personal data are transferred to the USA. The USA has been subject to an adequacy decision by the European Commission since July 2023 (EU-US Data Privacy Framework, Decision (EU) 2023/1795). Where individual service providers are not certified under this framework, transfers are made on the basis of EU Standard Contractual Clauses (Art. 46(2)(c) GDPR).
Your personal data will only be transferred to other third parties where this is necessary for the stated purposes, you have given your consent, or a legal basis exists.
You have the following rights regarding your personal data:
To exercise your rights, please contact: adm@lexdemaria.eu.
You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). For users based in Germany: Landesbeauftragte für Datenschutz und Informationsfreiheit NRW (LDI NRW), Kavalleriestr. 2–4, 40213 Düsseldorf, www.ldi.nrw.de. For users based in Italy: Garante per la protezione dei dati personali, Piazza Venezia 11, 00187 Roma, www.garanteprivacy.it.
You may object at any time to the processing of your data for direct marketing purposes. You may also object to processing where there are grounds relating to your particular situation (Art. 21 GDPR).
Consent to the use of analytics and advertising cookies may be withdrawn at any time with future effect by clicking "Cookie Settings" in the footer of this website.
We use SSL/TLS encryption (HTTPS) and employ appropriate technical and organisational measures (TOMs) to protect your data against manipulation, loss, destruction and unauthorised access.
This privacy policy is currently valid (as of March 2026). We reserve the right to update this policy in response to changes in the law or our data processing practices.