Privacy and Cookies
Last update: April 26, 2026
1. Data controller
Pursuant to Regulation (EU) 2016/679 ("GDPR") and all applicable national data protection provisions, the controller of personal data processed through this institutional website is A.I.B.L.U.D. APS (hereinafter, the "Controller"), reachable at segreteria@aiblud.it.
2. Categories of personal data processed
In connection with website usage, the Controller may process, in compliance with lawfulness, fairness, transparency and data minimisation principles, technical browsing and security log data; personal and contact data voluntarily submitted through contact forms (including, by way of example, name, e-mail and message content); cookie preference records; and technical information related to anti-abuse controls.
3. Processing purposes and legal bases
Personal data is processed for purposes strictly connected with website operation, service continuity and technical security, management of user requests transmitted through contact channels, fulfilment of legal and regulatory obligations, and, where applicable, activation of non-essential tools subject to prior consent. Depending on the specific context, processing is grounded on the Controller's legitimate interest, pre-contractual measures requested by the data subject, compliance with legal obligations, and freely given consent.
4. Nature of data provision
Provision of data marked as mandatory within online forms is necessary to correctly receive and process the relevant request; failure to provide such data, whether in whole or in part, may prevent the Controller from handling the request.
5. Recipients, disclosure framework and retention period
Personal data may be processed by third parties providing instrumental services for website operation (including, without limitation, hosting, infrastructure, e-mail delivery and security services), duly appointed as processors where required. Data is retained for no longer than necessary to achieve the purposes for which it was collected, without prejudice to longer retention periods required by law or for the defence of rights. Any transfer to countries outside the European Economic Area shall be carried out in compliance with Articles 44 et seq. GDPR and with appropriate safeguards.
6. Data subject rights and supervisory remedy
Data subjects may exercise, within the limits established by Articles 15-22 GDPR, the rights of access, rectification, erasure, restriction of processing, objection, and data portability, and may withdraw any consent at any time, without affecting the lawfulness of processing carried out before withdrawal. Data subjects are also entitled to lodge a complaint with the competent supervisory authority.
7. Cookies and similar technologies
The website uses strictly necessary technical cookies that do not require consent, as well as (subject to prior consent) cookies and identifiers belonging to the "Google security" category, used to protect contact forms against automated abuse through reCAPTCHA v3. Cookie preferences can be updated at any time by using the "Cookie preferences" control available in the website footer.
8. Cookie banner and consent recording
At first access, the user is presented with a cookie banner allowing an informed choice between necessary-only operation and activation of optional categories. The expressed choice is stored locally with a technical consent identifier, policy version and timestamp in order to ensure consistency of applied settings and traceability of the preference state.
9. Google reCAPTCHA notice
In order to mitigate automated, abusive or fraudulent submissions, the website may use Google reCAPTCHA v3, which is enabled only if the relevant optional security category is accepted. Use of the service may involve technical data processing under the third-party provider's terms; further details are available in Google's Privacy Policy and Terms of Service.