Privacy & Cookie Policy

Last updated: 3 June 2026

This policy describes how the personal data of users visiting the website ufficiofurore.com (the “Website”) is processed, in accordance with Regulation (EU) 2016/679 (“GDPR”) and Italian Legislative Decree 196/2003 (“Privacy Code”) as amended by Legislative Decree 101/2018.

1. Data Controller

Ufficio Furore S.r.l.
Corso San Gottardo 39, 20136 Milan (MI), Italy
VAT no.: 12021460964
Email: ciao@ufficiofurore.com

For any request regarding the processing of personal data, please write to the email address above.

2. Types of data processed

2.1 Browsing data

The IT systems and software procedures used to operate the Website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols (e.g. IP addresses, browser type, operating system, date and time of the request). This data is used solely to obtain anonymous statistical information on the use of the Website and to monitor its correct operation and security.

2.2 Statistical data (analytics)

The Website uses Plausible Analytics, a self-hosted web statistics solution (hosted on infrastructure under the Controller’s control) that is cookie-free. Plausible collects only aggregate, anonymous data (pages visited, traffic source, device type) without tracking individual users, without storing IP addresses in identifiable form, and without creating profiles. No data is shared with third parties for commercial purposes.

2.3 Contact data

Should the user write to the Controller’s email address (including via the link on the Contacts page), the personal data contained in the message (e.g. name, email address, content of the message) will be processed solely to respond to the request. The Website does not use contact forms that collect data: the only channel is email correspondence.

3. Third-party components

3.1 Google Fonts

The Website uses Google Fonts, a font display service provided by Google Ireland Ltd. / Google LLC, which allows typefaces to be embedded in the pages. To deliver the service, the user’s browser sends a request to Google’s servers (fonts.googleapis.com, fonts.gstatic.com), which entails transmitting the user’s IP address to Google. Google adheres to the EU-U.S. Data Privacy Framework, which ensures an adequate level of protection for data transfers to the United States. Google’s privacy policy: policies.google.com/privacy.

3.2 Links to social platforms

The Website contains plain links to the Controller’s profiles on Instagram, LinkedIn and Substack. These are hyperlinks and not embedded components: no data is transmitted to those platforms until the user chooses to click the link, at which point the respective privacy policies apply.

4. Cookies

The Website uses technical cookies only, necessary for the correct functioning and security of the pages (e.g. WordPress session cookies, generated only upon interaction such as logging into the reserved area). No profiling, marketing or third-party analytics cookies are used.

Since the statistics system (Plausible) is cookie-free and no profiling cookies are used, no cookie consent banner is required under the Guidelines of the Italian Data Protection Authority of 10 June 2021.

The user can nonetheless manage or delete technical cookies through their browser settings; disabling them may impair some Website functionality.

5. Legal basis for processing

  • Browsing data and technical cookies: legitimate interest of the Controller in the correct functioning and security of the Website (Art. 6(1)(f) GDPR).
  • Anonymous statistics (Plausible): legitimate interest of the Controller in measuring use of the Website in aggregate, anonymous form (Art. 6(1)(f) GDPR).
  • Contact data via email: performance of pre-contractual measures or response to the data subject’s request (Art. 6(1)(b) and (f) GDPR).

6. Recipients and data processors

Data may be processed by parties providing services instrumental to the operation of the Website, appointed as data processors where applicable:

  • Hosting: the Website is hosted on the EasyWP platform by Namecheap, Inc. (based in the United States), which processes log data on behalf of the Controller.
  • Statistics infrastructure: Plausible’s aggregate data is hosted on infrastructure under the Controller’s direct control.

Data is neither disclosed nor sold to third parties for commercial purposes.

7. Transfers outside the EU

The use of hosting services (Namecheap) and Google Fonts may involve the transfer of data to the United States. Such transfers take place subject to adequate safeguards (adherence to the EU-U.S. Data Privacy Framework and/or Standard Contractual Clauses approved by the European Commission).

8. Retention period

  • Browsing data (logs) is retained for the time strictly necessary for security purposes, normally no longer than 12 months, except in case of investigation of offences.
  • Email contact data is retained for the time needed to handle the request and to comply with any legal obligations.
  • Plausible statistics are anonymous and aggregate by nature.

9. Data subject rights

Users may exercise at any time the rights set out in Articles 15 to 22 of the GDPR, including:

  • the right of access to their data;
  • the right to rectification and erasure (“right to be forgotten”);
  • the right to restriction of processing;
  • the right to object to processing based on legitimate interest;
  • the right to data portability.

Requests should be addressed to ciao@ufficiofurore.com.

Users also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali, www.garanteprivacy.it).

10. Changes to this policy

The Controller reserves the right to amend or update this policy, including as a result of regulatory changes. Changes will be published on this page with the date of the latest update.