Privacy Policy of www.maghilerophotography.com

Welcome to the privacy policy of www.maghilerophotography.com. This policy will help you understand which data we collect, why we collect them, and what your rights are in relation to them.

Last updated: August 29, 2025

Table of Contents

• Summary

• Data Controller

• Types of Data Collected

• Methods and Place of Processing of the Collected Data

• Purposes of Processing the Collected Data

• Details on the Processing of Personal Data

• Cookie Policy

• Additional Information for Users in the European Union

• Additional Information for Users in Switzerland

• Additional Information for Users in Brazil

• Further Information on Processing

• Definitions and Legal References

Summary

Data We Automatically Collect

We automatically collect your data, for example when you visit www.maghilerophotography.com.

• Usage Data

• Device information

• Tracking Tools

Trusted Third Parties That Help Us Process Them

• Cloudflare, Inc.

• Google LLC

• Hostinger UK Limited

• Meta Platforms, Inc.

How We Use Them

• Platform and hosting services

• Optimizing and distributing traffic

• Contacting the User

• Displaying content from external platforms

• Interaction with social networks and external platforms

Data You Provide Us

We collect the data you provide, for example when you fill out a form.

• First name

• Last name

• Email address

Trusted Third Parties That Help Us Process Them

• Cloudflare, Inc.

How We Use Them

• Contacting the User

Data Controller

Marco Maggini
Via Sant’Agnese, 16
06012, Città di Castello (PG), Italy
Email address of the Controller: marcomaggini.photo@gmail.com

Types of Data We Collect

Among the Personal Data collected by this Application, either independently or through third parties, there are:

• Usage Data

• Device information

• Tracking Tools

• First name

• Last name

• Email address

Comprehensive details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or via specific notices that may appear before data collection.
Personal Data may be freely provided by the User, or, in the case of Usage Data, automatically collected when using this Application.

Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to disclose them, the Application may be unable to provide the Service. In cases where the Application indicates certain Data as optional, Users are free not to communicate them, without this affecting the availability or operation of the Service.
Users who are unsure of which Data are mandatory are encouraged to contact the Controller.
Any use of Cookies (or other tracking tools) by this Application or by the third‑party controllers used by this Application has the purpose of providing the requested Service, in addition to the other purposes described in this document and in the Cookie Policy.

The User assumes responsibility for third‑party Personal Data obtained, published, or shared through this Application.

Methods and Place of Processing of the Collected Data

Methods of Processing

The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.
Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Controller, in some cases, other parties may have access to the Data involved in the organization of this Application (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third‑party technical service providers, postal couriers, hosting providers, IT companies, communication agencies), possibly appointed as Data Processors by the Controller. The updated list of Processors may always be requested from the Controller.

Place

The Data is processed at the Controller’s operating offices and at any other location where the involved parties in processing are situated. For more information, contact the Controller.
Personal Data of the User may be transferred to a country other than the one in which the User is located. For further information on the place of processing, the User may refer to the section concerning details on the processing of Personal Data.

Retention Period

Unless otherwise specified in this document, Personal Data are processed and stored for the time required by the purpose for which they were collected and may be retained for a longer period as required by legal obligations or based on the User’s consent.

Purposes of Processing the Collected Data

User Data is collected to allow the Controller to provide the Service, comply with legal obligations, respond to requests or enforcement actions, protect its rights and interests (or those of Users or third parties), detect potential fraudulent or malicious activities, as well as for the following purposes:

• Platform and hosting services

• Optimization and distribution of traffic

• Contacting the User

• Displaying content from external platforms

• Interaction with social networks and external platforms

Details on the Processing of Personal Data

Contacting the User

Contact form
Personal Data processed: last name + first name + email

Interaction with social networks and external platforms

This type of service allows interactions with social networks or other external platforms directly from the pages of this Application.
The interactions and information obtained by this Application are in any case subject to the User’s privacy settings for each social network.
This type of service may still collect traffic data for pages where the service is installed, even when Users do not use it.
We recommend logging out of respective services to ensure that data processed on this Application is not associated with the User’s profile.

• Meta Platforms, Inc.
  Facebook Like Button and Social Widgets
  Company: Meta Platforms, Inc.
  Location of processing: United States
  Personal Data processed: Usage Data

Optimization and distribution of traffic

These services allow this Application to distribute its content via servers located geographically and to optimize its performance.
The Personal Data processed depend on the characteristics and implementation of such services, which by their nature filter communications between this Application and the User’s browser.
Given the distributed nature of this system, it is difficult to determine the exact locations to which content may be transferred, which may include the User’s Personal Data.

• Cloudflare, Inc.
  Cloudflare
  Company: Cloudflare, Inc.
  Processing Location: United States
  Personal Data processed: Tracking Tools

Platform and hosting services

These services aim to host and run key components of this Application, making delivery of this Application possible from a single platform. These platforms provide the Controller with a wide range of tools such as analytics tools, user registration management, comments and database management, e‑commerce, payment processing, etc. The use of such tools involves the collection and processing of Personal Data.
Some of these services operate through servers located in different geographic locations, making it difficult to determine the exact place where Personal Data is stored.

• Hostinger UK Limited
  Hostinger
  Company: Hostinger UK Limited
  Processing Location: United Kingdom
  Personal Data processed: Usage Data

Displaying content from external platforms

This type of service allows embedding and interacting with content hosted on external platforms directly from the pages of this Application. These services are often called “widgets”. They provide specific information or perform particular functions and often enable user interaction.
This type of service may collect traffic data from pages where the service is installed, even when Users do not use it.

• Google LLC
  YouTube Video Widget
  Company: Google LLC
  Processing Location: United States
  Personal Data processed: Usage Data

• Meta Platforms, Inc.
  Instagram Widget
  Processing Location: United States
  Personal Data processed: Usage Data

Cookie Policy

This Application uses Tracking Tools. To learn more, Users can consult the Cookie Policy.

Additional Information for Users in the European Union

Legal Basis for Processing

The Controller processes Users’ Personal Data only if at least one of the following applies:

• the User has given consent for one or more specific purposes

• processing is necessary for the performance of a contract with the User and/or for pre‑contractual obligations

• processing is required by a legal obligation to which the Controller is subject

• processing is necessary to protect vital interests of the User or another natural person

• processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller

• processing is necessary for the purposes of legitimate interests pursued by the Controller or a third party

It is always possible to request the Controller to clarify the specific legal basis for each processing and whether this is based on law, contract, or legitimate interest.

Further Information on Retention Time

Unless otherwise specified, Personal Data are processed and stored for the time required by the purpose for which they were collected. They may be retained longer to comply with legal obligations or as consented by Users.

Therefore:

• Personal Data collected for purposes related to a contract between the Controller and the User will be retained until the contract has been fully performed.

• Personal Data collected for purposes of a legitimate interest of the Controller will be retained until the interest is satisfied. The User may request more information about the legitimate interest pursued by the Controller in the relevant sections or by contacting the Controller.

• When processing is based on the User’s consent, the Controller may retain Personal Data longer until the consent is revoked. Additionally, the Controller may be obliged to retain Personal Data longer to comply with legal obligations or by order of an authority.

At the end of the retention period, Personal Data will be deleted. At that time, the rights of access, deletion, rectification, and data portability can no longer be exercised.

Rights of the User under the General Data Protection Regulation (GDPR)

Within the limits permitted by law, Users have the right to:

• withdraw consent at any time.

• object to processing of their Personal Data.

• access their data.

• verify and request correction or update.

• obtain limitation of processing.

• request the deletion or removal of their Personal Data.

• receive their data or have them transferred to another controller (data portability).

• lodge a complaint with a supervisory authority.

Users also have the right to know the legal basis for international data transfers, including to organizations located outside the EU (e.g. the UN), and the security measures adopted by the Controller.

Details on the Right to Object

When Personal Data are processed in the public interest, in the exercise of official authority, or to pursue a legitimate interest of the Controller, Users may object on grounds relating to their particular situation.
If the User’s data are processed for direct marketing, they can object at any time, free of charge and without providing a justification. Upon objection, Personal Data will no longer be processed for such marketing purposes.

How to Exercise These Rights

Requests to exercise Users’ rights can be addressed to the Controller using the contact details in this document. The request is free, and the Controller will respond as soon as possible and, in any case, within one month, providing all legally required information.
Any rectifications, deletions, or processing limitations will be communicated by the Controller to each recipient, if any, to whom the Personal Data have been transmitted, unless this proves impossible or involves disproportionate effort. The Controller will inform the User of such recipients upon request.

Additional Information for Users in Switzerland

This section applies to Users in Switzerland and, for such Users, replaces any other potentially conflicting disclosures in the privacy notice.

Further details regarding categories of Data processed, purposes, categories of recipients, retention, and additional information on Personal Data may be found in the section “Details on the processing of Personal Data” of this document.

User Rights under the Swiss Federal Act on Data Protection

Users may exercise certain rights concerning their data within the limits of the law, including:

• right of access to Personal Data

• right to object to processing (including limitation, deletion, prevention of disclosure to third parties)

• right to receive their data and to transfer them to another controller (data portability)

• right to request correction of incorrect Personal Data

How to Exercise These Rights

Requests may be sent to the Controller using the contact details provided. Such requests are free, and the Controller will respond as soon as possible with the legally required information.

Additional Information for Users in Brazil

This section complements and completes the information contained in the rest of the privacy policy and is provided by the entity operating this Application and, if applicable, by its parent, subsidiaries, and affiliates (“we,” “us,” or “our”). This section applies to all Users in Brazil (referred to herein as “you,” “your”), under the Lei Geral de Proteção de Dados (LGPD), and prevails over any conflicting information in this privacy policy.

Legal Bases for Processing Your Personal Information

We process your personal information only when one of the following applies:

• your consent for the processing activity

• compliance with legal obligations

• performance of laws or regulations or contracts

• studies by research entities (preferably on anonymized data)

• performance of a contract (including precontractual stages)

• exercise of rights in litigation, administrative, or arbitration proceedings

• defense of life or physical integrity of yourself or a third party

• protection of health within health‑sector procedures

• our legitimate interest (so long as your rights and freedoms do not prevail)

• credit protection

You may contact us at any time to learn more about the legal bases.

Categories of Personal Information Processed

Refer to the section “Details on the processing of Personal Data” in this document.

Why We Process Your Personal Information

Refer to the sections “Details on the processing of Personal Data” and “Purposes of Processing the Collected Data.”

Your Privacy Rights in Brazil, How to Submit a Request, and How We Will Handle It

You have the right to:

• confirm whether we process your personal information

• access your personal information

• request correction of incomplete, inaccurate, or outdated data

• request anonymization, blocking, or deletion of unnecessary or excessive personal information or those processed in violation of LGPD

• request information about your right to provide or refuse consent

• request information on third parties with whom we share your personal information

• request data portability (except anonymized) to other providers

• request deletion of data processed based on consent, unless exceptions apply under LGPD

• revoke your consent at any time

• file a complaint with the ANPD (Brazil’s Data Protection Authority) or consumer protection bodies

• object to processing operations not compliant with law

• request clear information on criteria and procedures used in automated decision‑making

• request review of decisions that affect your interests based solely on automated processing (like profiling)

You will not be discriminated against or treated adversely for exercising these rights.

How to Submit a Request

You may submit a free explicit request to exercise your rights at any time using the contact details in this document or your legal representative.

How and How Fast We Will Handle Your Request

We will respond as soon as possible.
If immediate compliance is not possible, we will inform you of factual or legal reasons. If your personal information is not processed by us, we will, to the extent possible, direct you to the appropriate person or entity responsible.
If you request access or confirmation, please specify whether you prefer an electronic or paper response.
If you request an express response, you will receive a simplified answer; otherwise, you will receive a full disclosure within 15 days, including origin, whether data exists, criteria and purposes, while safeguarding our trade secrets.
If you request rectification, deletion, anonymization, or blocking, we will promptly inform other parties with whom we shared your information, unless impossible or excessive effort.

Transfers Outside Brazil

We may transfer your personal information outside Brazil in the following permitted cases:

• for international legal cooperation

• to protect life or physical integrity

• when authorized by ANPD

• pursuant to international cooperation agreements

• for public order or public service

• for legal obligations, contract execution, or regular exercise of rights

Further Information on Processing

Legal Defense

Your Personal Data may be used by the Controller in litigation or preparatory proceedings to defend against abuse of this Application or related Services.
You acknowledge that the Controller may be compelled to disclose Data by public authorities.

Specific Notices

Upon request, in addition to this privacy policy, the Application may provide you with additional notices regarding specific Services or data collection.

System Logs and Maintenance

For operational and maintenance needs, this Application and third‑party services may collect system logs that record interactions and can include Personal Data, such as the User’s IP address.

Information Not Contained Here

You may request further information at any time from the Controller using the contact information provided.

Changes to This Privacy Policy

The Controller may make changes at any time by notifying Users on this page and, if possible, via the Application, and, if feasible, by sending notice via contact channels. Please check this page frequently, referring to the “Last updated” date.
If changes involve processing based on consent, the Controller will collect renewed consent when necessary.

Definitions and Legal References

• Personal Data (or Data): any information that directly or indirectly identifies a natural person.

• Usage Data: data collected automatically (e.g. IP address, browser type, system data, pages visited, etc.).

• User: the individual using this Application.

• Data Subject / Interested Party: the natural person to whom the Personal Data refers.

• Data Processor / Processor: the entity processing data on behalf of the Controller.

• Data Controller: the natural or legal person determining purposes and means of processing.

• This Application: the hardware or software tool collecting and processing User data.

• Service: the Service provided by this Application.

• European Union (EU): all current EU and EEA Member States, unless otherwise specified.

• Cookies: Tracking Tools stored in the User’s browser.

• Tracking Tool: any technology (cookies, unique IDs, web beacons, scripts, fingerprinting, etc.) that tracks Users.

Unless otherwise specified, this privacy policy applies only to this Application.
If you need help, here’s what you can do:

• Ask us what data we hold about you

• Ask us to correct data

• Ask us to delete data (right to be forgotten)

• Ask us to transfer your data to another service

If issues arise, contact us:

www.maghilerophotography.com
Marco Maggini
Via Sant’Agnese, 16, 06012, Città di Castello (PG), Italy
Email: marcomaggini.photo@gmail.com