Users section

The undersigned Company CloudFire Srl (VAT number/tax code) IT02764700353), with registered office in Reggio Emilia (RE) at Via Giambattista Vico 93, ordinary e-mail address info@cloudfire.it, certified e-mail address cloudfire@legalmail.it, owner of the website https://www.cloudfire.it/ (hereinafter, the”Site”), acting as owner of the processing of personal data of users of the Site (hereinafter, the”Users”) provides below the privacy policy pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter,”Regulation”, or the”Applicable Legislation”).

This Site and any services offered through the Site are reserved for individuals who have reached the age of eighteen. The Data Controller therefore does not collect personal data relating to individuals under 18 years of age. At the request of Users, the Data Controller will promptly delete all personal data unintentionally collected and relating to individuals under 18 years of age.

The Data Controller takes the utmost account of the right to privacy and to the protection of personal data of its Users. For any information in relation to this privacy statement, Users can contact the Data Controller at any time, using the following methods:

  • By sending a registered letter with return receipt to the registered office of the Data Controller with registered office in Reggio Emilia (RE) at Via Giambattista Vico 93;
  • By sending an e-mail message to the following addresses: email: info@cloudfire.it ; PEC: cloudfire@legalmail.it

or the Data Protection Officer, Avv. Andrea Ruffilli

  • By sending a registered letter with return receipt to the studio in Maranello (MO), Via Garibaldi n. 2
  • By sending an e-mail message to the following e-mail address: info@studiolegaleruffilli.com.


1. Category of data processed

The data subject to this treatment are the following:

  1. all personal data whose transmission is implicit in the use of Internet communication protocols, which the computer systems and software procedures used to operate the Site acquire during their normal operation: IP addresses or domain names of the computers used by Users, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the User's operating system and computer environment;
  2. personal identification data (e.g. name, surname, email address, telephone, country, company name, position, IP address, log file, etc.);
  3. all additional User data possibly and voluntarily published in the section”contact us.”


2. Purposes of the treatment

Users' personal data will be lawfully processed by the Data Controller pursuant to art. 6 of the Regulation for the following processing purposes:

  1. provision of the service, or to allow the User to navigate the Site. The User data collected by the Data Controller for this purpose includes all data that is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to allow its proper functioning. Notwithstanding what is provided elsewhere in this privacy statement, under no circumstances will the Data Controller make Users' personal data accessible to other Users and/or third parties.
  2. fulfill the User's request: Users' personal data are collected and processed by the Data Controller for the sole purpose of processing their request. The User's data collected by the Data Controller for this purpose include: name, surname, email address and all other User data that may be voluntarily published in the”contact us”. No other processing will be carried out by the Data Controller in relation to Users' personal data. Notwithstanding what is provided elsewhere in this privacy statement, under no circumstances will the Data Controller make Users' personal data accessible to other Users and/or third parties;
  3. Registration for webinar registration: Users' personal data are collected and processed for participation in webinars organized by the Data Controller;
  4. pursuit of legitimate interests, or provide the assistance service related to the service provided through the use of different platforms for help desk assistance and the access service to the reserved area for the Cortex platform;
  5. administrative and accounting purposes, or to carry out organizational, administrative, financial and accounting activities, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations.
  6. legal obligations, or to fulfill obligations established by law, by an authority, by a regulation or by legislation and to ascertain responsibility in the event of hypothetical computer crimes against the Site.
  7. execution of a contract, if the processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures.

In any case, it is always possible to request the Data Controller to clarify the concrete legal basis of each treatment and in particular to verify if the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

The provision of personal data for the processing purposes indicated above is optional but necessary, since failure to provide them will make it impossible for the User to make their request to the Data Controller.

The personal data that are necessary for the pursuit of the processing purposes described in this point 2) are indicated with an asterisk on the request form.


3. Methods of processing and data storage times

The Data Controller will process the personal data of the Users using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data themselves.

The personal data of Site Users will be kept for the time strictly necessary to carry out the primary purposes illustrated in the previous point 2) or in any case as necessary for the civil protection of the interests of both Users and the Data Controller.


4. Scope of communication and dissemination of data

The persons in charge of managing the Site and the requests of the Users may become aware of the personal data of the Users. These subjects, who have been instructed in this regard by the Data Controller pursuant to art. 29 of the Regulation, will process the User's data exclusively for the purposes indicated in this information and in compliance with the provisions of the Applicable Legislation.
Third parties who may process personal data on behalf of the Data Controller as “External Data Processors” may also become aware of Users' personal data, such as, by way of example, providers of IT and logistics services functional to the operation of the Site, service providers in outsourcing or Cloud Computing, professionals and consultants. Users have the right to obtain a list of any data processors appointed by the Data Controller, making a request to the Data Controller in the manner indicated in the following point 6).


5. Data transfer

The data collected in relation to the above-mentioned purposes are not transferred to countries outside the EU. The owner, however, reserves the right to use cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 of EU Regulation 2016/679.


6. Rights of Data Subjects

Users may exercise the rights guaranteed to them by the Applicable Legislation, by contacting the Data Controller in the following ways:

  • By sending a registered letter with return receipt to the registered office of the Data Controller with registered office in Reggio Emilia (RE) at Via Giambattista Vico 93;
  • By sending an e-mail message to the following addresses: email: info@cloudfire.it ; PEC: cloudfire@legalmail.it

or the Data Protection Officer, Avv. Andrea Ruffilli

  • By sending a registered letter with return receipt to the studio in Maranello (MO), Via Garibaldi n. 2
  • By sending an e-mail message to the following e-mail address: info@studiolegaleruffilli.com.

Users have the right to obtain:

  • access personal data to know (“reactive transparency”) the purposes of the processing, the categories of personal data collected, the recipients of the data communication, in particular if recipients of third countries or international organizations, the period of conservation of the planned data (art. 15);
  • obtain the correction (art. 16);
  • right to obtain the cancellation of personal data, if these are no longer necessary for the purposes for which they were collected and if there are no additional legal storage requirements (art. 17 GDPR);
  • request the limitation of processing (art. 18);
  • request data portability (art. 20);
  • right to object to processing for reasons related to your particular situation (art. 21 GDPR). In this case, we will refrain from further processing your data unless you demonstrate the existence of compelling legitimate reasons to proceed with the processing (e.g. for the defense of your rights in court).
  • not to be subject to automated decision-making, including profiling (art. 22);
  • to revoke consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation (art. 7).

Finally, the interested party will have the right to lodge a complaint with the Guarantor Authority pursuant to art. 13 paragraph 2 letter d) of the above-mentioned regulation as well as pursuant to art. 77 of the regulation.
The Italian Supervisory Authority is the Guarantor for the protection of personal data, with headquarters in Piazza Venezia 11, 00186 — Rome (http://www.garanteprivacy.it/).

For anything not provided for in this information, please refer to Regulation (EU) 2016/679 to Legislative Decree 196/03 as amended by Legislative Decree 101/2018 and subsequent amendments, as well as to any other measure issued by the Guarantor Authority for the Protection of Personal Data (“Guarantor”).

The Data Controller is not responsible for updating all the links that can be viewed in this Policy, so whenever a link is not working and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by that link. In case of non-acceptance of the changes made to this privacy policy, the User is required to cease using https://www.cloudfire.it/ and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to Personal Data collected up to that time.