This policy is made pursuant to Article 13 of the Regulation (EU) 2016/679 – GDPR for the processing of personal data and in accordance with the Italian provisions contained in the Code regarding the processing of personal data (Legislative Decree 30 June 2003, no. 196 and subsequent amendments) and it is aimed at providing users of the website [“the Site”] and the social network account pages (Facebook) – (LinkedIn) [“Social Pages”] with full information regarding how their personal data is processed.

This policy refers exclusively to the Site and Social Pages and may not be extended to internet services or sites managed by third parties that may be reached through the Site.

The Controllers

The Controllers are Avv. Michael Louis Stiefel, Avv. Andrea Stigi and Avv. Tommaso Trulli, based in Rome, Via Fasana No. 21, tel. 0664520925, e-mail

The Controllers have not appointed a Data Protection Officer (DPO).

Types of personal data processed

Navigation data

Computer systems and software procedures for the operation of websites automatically acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This includes, for example, the IP addresses or domain names of the computers used by parties connecting to the site, the uniform resource identifier (URI) notation addresses of the requested resources, the time of the request, etc. Such data are not collected by the Controllers to be associated with specific users, but by their very nature could allow for the identification of users, through processing and associations with data held by third parties. The Controllers use such data for the sole purpose of obtaining anonymous statistics on the use of the Site and to ensure its proper functioning; Information is retained for processing time. However, the data could be used to establish liability in the event of cybercrimes against the site. Such information and data are processed to satisfy the rightful interest of the Controllers both for security reasons and for protection against illegal acts, and to improve the services offered through the website and ensure the best user experience.

Data provided voluntarily by the user

Users may send requests to the Controllers on a purely voluntary basis by contacting it through the addresses obtained from the site and communicating their personal data such as first name, last name and e-mail address. The information provided with the message may contain additional data that will inevitably be acquired and processed by the Controllers: if a user prefers to limit the collection of data, he or she should communicate only such data that are strictly necessary for the purpose for which he or she is contacting the Controllers. The processing of the data takes place to respond to the messages of the concerned parties and to carry out pre-contractual steps at the request of the concerned parties.

In the event of spontaneous candidacies for employment with the Controllers, the data received will be processed for the execution of pre-contractual steps prompted by the concerned party and, should there be particular data (e.g. relating to health, political, philosophical or religious convictions), such data will be processed to comply with duties or to allow for the exercise of rights of the Controllers or of the concerned party in employment and social security matters, as required by law.

In any case, the data will be retained for as long as it takes to handle requests and deleted within 3 months of the last communication.

In the event of sending newsletters or articles on particular topics that may be of interest to the user, as well as updates regarding the Firm’s activities and services and invitations to events, processing is based on the consent given by the user, except in cases where the user is already our client, in which case processing is carried out on the basis of the Firm’s legitimate interest in informing and updating its clients on legal topics and organizing events on topics of interest. Without consent, if required, we will not be able to send the user newsletters, articles, updates and invitations to events. Users’ personal data will be retained until the User withdraws consent or objects to processing, which may occur at any time.


Cookies are small text files sent by the Site or from third-party websites to the devices of the Data Subject, where they are stored, and then transmitted again on subsequent visits. The Site does not use first-party profiling cookies to send advertisements in line with the preferences expressed by the user in the context of web browsing.

The Site uses only technical and analytical cookies to satisfy the legitimate interest of the Controllers to allow the operation of the Site and to process statistics. 

Cookies used by the Site do not require the user’s prior consent, and are used to satisfy the rightful interest of the Controllers to improve the services offered through the website and ensure the best user experience.

The user, however, using the instructions below and aware of the possibility that some features of the Site may be in all or part compromised, can freely decide to disable and/or delete them, by setting up their browser to do so.

Below is the list of the most common browsers with links to settings for managing cookies:

Safari 2 or higher:

Opera 10.5 and above:

Firefox 3.5 is superior:

Google Chrome 10 and above:

Internet Explorer: cookies

In any case, browsers provide “private” browsing mode, enabling which cookies are always deleted after the closing of each browsing session.

Third-party cookies

The validity of the information contained on this page is limited to this site only and does not extend to other websites that may be accessed through hyperlinks.

We detail the third-party cookies that may be used by the site, as well as links through which the user can receive more information and request deactivation of cookies.

Google Analytics
The cookie used by Google Analytics provides for anonymization of the user IP.

This is a web analytics service provided by Google Inc. (“Google”) that uses cookies that are deposited on the user’s computer to allow statistical analysis in aggregate form regarding the use of the website visited.
The Data generated by Google Analytics is stored by Google as indicated in the Notice available at the following link:

To consult the privacy policy of the company Google Inc., the autonomous data controller of the Google Analytics service, please refer to the website:

At the following link the browser add-on for deactivating Google Analytics is also made available by Google.

Social buttons and Social Pages

The Site, to improve the user experience, uses the Facebook and Linkedin Social button that allows the user of the Site to be directed straight to the Account pages of the Controllers present on the respective social network.

Social network providers are third parties with respect to the Controllers regarding the data of the Interested parties interacting with their respective social pages, they are to be considered themselves independent Controllers of processing. To learn the purpose, the mode and scope of the processing of personal data, as well as the possible installation of Cookies by these parties, as well as related rights and settings to protect privacy, the user will have to refer to the privacy policy provided by the relevant social network; Facebook: – LinkedIn:

Avv. Michael Louis Stiefel, Avv. Andrea Stigi and Avv. Tommaso Trulli may, however, in some cases, be considered the Controllers or co-controllers of processing of data of users interacting with the respective Social Pages.

In particular, with reference to “insights” – aggregated statistical information that helps the Controllers understand user interactions with Facebook Social Pages –Stigi Stiefel Trulli Studio Legale and the Social Network provider are accountable for the processing according to the terms available at the following link:

At the same time, when Avv. Michael Louis Stiefel, Avv. Andrea Stigi and Avv. Tommaso Trulli interface directly with users of the Social Network it is considered the Controllers of the relative data processing.

In these cases, the processing of the data is carried out to respond to the messages of the concerned parties and for the execution of pre-contractual steps taken at the request of the latter parties, as well as to satisfy a legitimate interest of the Controllers in improving the services offered and ensuring the best user experience. Under no circumstances will tools for direct profiling or marketing be used, nor will the data be used for this purpose.

Possible recipients or categories of recipients

If necessary, the data collected will be processed exclusively by persons authorized to do so and who are properly instructed, as well as by Auditors and Processors who are linked to the Controllers by specific agreements and carry out activities in support of the Controllers. The data may also be disclosed to third parties (Public Bodies, Police Forces or other Public and Private Subjects), but solely to fulfill contractual obligations or to comply with domestic laws or with EU regulations or legislation.

Transfer to Third Countries

The data are processed in countries belonging to the European Union. If transferred to countries outside the European Union, the data will only be transferred to countries deemed capable of providing an adequate level of protection of personal data, subject to the European Commission’s adequacy assessment, or in the presence of adequate guarantees and provided that the concerned parties maintain effective rights and means of redress, as required by current legislation.

Rights of the Concerned Parties

In relation to the processing described in this Notice, the concerned party, as required by European Regulation 679/2016, may exercise the rights enshrined in Articles 15 to 21 and, in particular, the right to ask the Controllers for access to personal data, the correction or deletion of the personal data, as well as the limitation of the processing that concerns her or him. The concerned party may also object to the processing for legitimate reasons, as well as exercise the right to data portability.

For the exercise any of these rights, the concerned party may make his or her requests to the Controllers by any means deemed appropriate and, in any case, by contacting the Controllers as indicated below:

telephone: 39 06 6452 0925;


Via Fasana No. 21 – 00195 – Rome, Italy

The concerned party also has the right to complain to an oversight authority, particularly in the Member State where he or she usually resides, works, or, in the place where the alleged breach occurred, which in Italy corresponds to the Guarantee Authority for the Protection of Personal Data, Piazza Venezia No. 11 – 00187, Rome (RM) – mail: – mail pec:, whose references are also found on the website:, or to bring the matter before the appropriate Court (art. 79 of the Regulation).

Last update,

Rome, 15.04.2024

Avv. Michael Louis Stiefel, Avv. Andrea Stigi and Avv. Tommaso Trulli

Utilizzando il sito, accetti l'utilizzo dei cookie da parte nostra. maggiori informazioni

Questo sito utilizza i cookie per fornire la migliore esperienza di navigazione possibile. Continuando a utilizzare questo sito senza modificare le impostazioni dei cookie o cliccando su "Accetta" permetti il loro utilizzo.