Lapo
Becherini

Working with athletes
for the atlethes

NOTICE TO WEBSITE USERS
REGARDING THE PROTECTION OF PERSONAL DATA
PURSUANT TO ARTICLE 13 OF EU REGULATION 2016/679

Dear Users,


In compliance with Article 13 of EU Regulation 2016/679 (the "GDPR") and in application of its principles, we invite you, before navigating our website (the "Website"), to carefully read this privacy notice regarding the processing of personal data. This is to make you aware of the characteristics and methods of the processing (the "Processing") that we will carry out concerning any information acquired as a result of navigation by any individual (the "User") on the Website, as well as any information provided by the User through the Website itself regarding an identified or identifiable natural person (the "Data Subject").

According to Article 4.1 of the GDPR, "an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person."

1. Data Controller (the "Controller")

The Data Controller is LAPO BECHERINI, PI 06389990489, email: info@lapobecherini.com website: lapobecherini.com

Any communication related to Processing, including those under subsequent articles, must be sent by the User and/or the Data Subject via email to the above contact details.

2. Purposes of Processing (the "Purposes") and Legal Basis

The collected Personal Data, either directly from the Data Subject (Article 13 GDPR) or otherwise (Article 14 GDPR), will be used exclusively to:

  1. Enable the use of the Website;

  2. Respond to the User’s requests (including, for example, requests for quotations and spontaneous applications);

  3. Fulfill pre-contractual and contractual obligations towards you;

  4. Comply with and enforce compliance with legal and regulatory obligations;

The legal basis for Processing is:

  1. The necessity to execute a contract to which the Data Subject is a party or to take pre-contractual measures at the request of the Data Subject;

  2. The necessity to comply with a legal obligation;

  3. The legitimate interest of the Controller (Article 6, letter f) GDPR);

  4. For purposes (vi) and beyond, the explicit consent freely given by the Data Subject (Article 7 GDPR), including via email, form completion, and required checkboxes.

3. Mandatory or Optional Nature of Personal Data Provision

Providing Personal Data — also via email, form completion, and required checkboxes — is optional but necessary. Failure to provide or incorrect communication of such data will prevent the Controller from establishing a relationship or carrying out the various Purposes for which the Personal Data is collected.

For the same reasons, and to ensure proper management of the existing relationship, you are also requested to promptly communicate any changes to the collected Personal Data.

4. Communication of Personal Data

Personal Data is processed internally by persons authorized to Process (the "Authorized Personnel") under the Controller's responsibility for the above Purposes. Personal Data may also be communicated to external entities performing instrumental and/or accessory functions related to our business activities, who will process such data on our behalf. These entities will be designated as External Data Processors ("External Processors"), in accordance with Article 28 GDPR.

An updated list of External Processors is available at the Controller’s registered office and can be provided upon written request.

Outside of these cases, Personal Data may be communicated to additional recipients and/or categories of recipients ("Recipients" and "Categories of Recipients") only for pre-contractual and/or contractual relationship purposes or to comply with legal obligations and/or orders from Authorities. Personal Data will not be disclosed or shared with third parties without the specific consent of the Data Subject, except where necessary for the Purposes.

5. Processing of Special Categories of Personal Data and Criminal Convictions and Offenses Data

Should the Controller process:

  1. Special Categories of Personal Data (Article 9 GDPR) revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data uniquely identifying a person, health data, or data concerning a person’s sex life or sexual orientation, such data will only be processed for the indicated Purposes with the Data Subject’s prior consent, or where necessary to comply with legal obligations in the fields of labor law and social security protection, in compliance with the applicable laws;

  2. Criminal Convictions and Offenses Data (Article 10 GDPR), Processing will be carried out only under the control of the Public Authority or as authorized by EU or Member State law. A complete record of criminal convictions may only be maintained under the Public Authority’s control.

6. Processing Methods

Processing is carried out using electronic and/or paper-based tools, following appropriate organizational and security measures to protect confidentiality, relevance, and data minimization.

7. Territorial Scope

Personal Data will be processed within the European Union. Should it be necessary to use entities outside the EU, they will be designated as External Processors. The transfer of Personal Data will be regulated under the GDPR, ensuring full protection, and based on appropriate safeguards (e.g., adequacy decisions, binding corporate rules, etc.). The Data Subject may request further details from the Controller.

8. Retention Period

Personal Data will be retained for the period strictly necessary to achieve the Purposes, specifically until the termination of pre-contractual and contractual relationships, unless a longer retention period is required by law. For dispute management or legal defense, data may be retained for a period equal to the statute of limitations.

9. Data Subject Rights

The Data Subject has the right to:

  1. Access Personal Data (Article 15 GDPR);

  2. Rectify inaccurate Personal Data (Article 16 GDPR);

  3. Request deletion (right to be forgotten) under certain circumstances (Article 17 GDPR);

  4. Restrict Processing (Article 18 GDPR);

  5. Data portability (Article 20 GDPR);

  6. Object to Processing (Article 21 GDPR).

To exercise these rights, the Data Subject should contact the Controller at the above details. A response will be provided within one month, extendable to three months in complex cases. Complaints may also be filed with the Data Protection Authority.

10. Minors

The Controller does not process Personal Data related to minors. By accessing and using the Website, the User declares to be of legal age.

11. Withdrawal of Consent

If Processing is based on consent, the Data Subject has the right to withdraw consent at any time by sending a written request to the Controller. Withdrawal does not affect the lawfulness of Processing based on consent before withdrawal.

12. Opposition Rights

The Data Subject has the right to object to Processing at any time for reasons related to their specific situation, including profiling, by sending a written request to the Controller. They may also object to direct marketing purposes.

13. Cookies

This site does not make use of cookies or other tracking technologies.

How to reach Lapo Becherini: get in touch to know more about his work and his activities

Instagram
@lapo_b

LinkedIn
Lapo Becherini