Privacy Policy

Information on the processing of personal data pursuant to Art. 13 of Regulation (EU) 2016/679 (GDPR).

Dear User, AtWorkStudio S.r.l. processes personal data in compliance with Regulation (EU) 2016/679 ("GDPR") and applicable national legislation. This privacy notice applies exclusively to the website www.atworkstudio.it.

A. Categories of data

The data processed includes technical browsing data and data voluntarily provided by the user.

a. Automatically collected data

The IT systems operating the website automatically collect data whose transmission is implicit in the use of Internet protocols: IP addresses, domain names, URIs of requested resources, date and time of the request, HTTP method, response size, status code and parameters relating to the user's operating system and environment.

b. Data provided via the contact form

Completing the contact form on the website involves the collection of the name, email address and message content entered by the user. This data is processed to respond to the user's request and is also managed through a ticketing platform (Zendesk) to ensure traceability and proper handling of the request.

c. Data provided via email

Voluntarily sending emails to the addresses listed on the website involves the collection of the sender's address and any personal data contained in the communication.

d. Cookies

The website does not use profiling cookies, analytics cookies or third-party tracking tools. Only strictly necessary technical cookies may be used for the operation of the service.

e. Plug-ins and external tools

The website does not embed plug-ins, social buttons or external tracking tools.

B. Data Controller

The Data Controller is AtWorkStudio S.r.l., with registered office at Via Garibaldi 14, 29121 Piacenza (PC), Italy, VAT IT01356200335. You can contact the Controller via the contact form or by writing to info@atworkstudio.it.

C. Source of personal data

Personal data is collected directly from the data subject during browsing, via the contact form on the website or via communications sent to the published email addresses.

D. Purpose and legal basis

Browsing data

Processed to ensure the technical operation of the website and the security of the infrastructure. Legal basis: legitimate interest of the Controller (Art. 6(1)(f) GDPR).

Contact form and email data

Processed to respond to the data subject's requests. Legal basis: consent of the data subject (Art. 6(1)(a) GDPR) expressed by ticking the checkbox before submitting the form, and performance of pre-contractual measures (Art. 6(1)(b) GDPR).

E. Data recipients

Data may be processed by providers of technical services necessary for the operation of the website (hosting provider), appointed as Data Processors pursuant to Art. 28 GDPR. Data is not disclosed or transferred to third parties.

Data provided via the contact form is also processed through the ticketing platform Zendesk, Inc. (Zendesk), appointed as Data Processor pursuant to Art. 28 GDPR. Zendesk processes data exclusively on behalf of the Controller for the purpose of managing and tracking support requests.

F. Transfer to third countries

Data is processed on servers located in Italy and the European Union. With regard to the Zendesk ticketing platform, data may be transferred to the United States. The transfer is based on Zendesk's participation in the EU-U.S. Data Privacy Framework (DPF), pursuant to the European Commission's adequacy decision of 10 July 2023, and the Standard Contractual Clauses (SCCs) provided for in Art. 46 GDPR. No other transfers of personal data to non-EU countries are made.

G. Retention period

Technical browsing data is retained for the time strictly necessary to ensure the operation and security of the website.

Data provided via the contact form or email is retained for the time necessary to respond to the request and, subsequently, within the limits provided by applicable law or for legal protection purposes.

H. Data subject rights

The data subject may exercise at any time the rights provided for by Articles 15 et seq. of the GDPR:

  • Right of access to personal data
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it)

To exercise your rights, please contact the Controller by writing to info@atworkstudio.it.

I. Mandatory nature of data provision

The provision of browsing data is necessary for the operation of the website. The provision of data via the contact form is optional: failure to provide it will prevent us from responding to your request.

J. Processing methods

Personal data is processed using IT and electronic tools, adopting technical and organisational measures adequate to ensure a level of security appropriate to the risk, in compliance with Art. 32 GDPR. The Controller's management system is ISO/IEC 27001 certified.

K. Updates

This privacy notice applies exclusively to the website www.atworkstudio.it. The Controller reserves the right to update it in the event of regulatory or technical changes. The latest version is always available on this page.

Last updated: 14 March 2026 (v15)