(Completely transparent)

Privacy Policy

Updated on:

October 07, 2025

1. Data controller

The personal data controller is
Federico Girolamo Gioia, with headquarters in Via Canapè 5, 91011 Alcamo (TP), VAT NUMBER IT02697060818, e-mail: ciao@zigurat.it (hereinafter “Owner”).

The Data Controller guarantees compliance with EU Regulation 2016/679 (“GDPR”) and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018.

2. Types of data collected

The site Zigurat.it may collect different categories of personal data:

  • Browsing data: IP address, type of browser, technical data relating to the device used, date and time of the visit, pages visited, time spent.
  • Data provided voluntarily: name, surname, email address, telephone number and any other information entered by the user in contact forms or quotes.
  • Cookies and tracking tools: information collected automatically to improve the user experience (see [Cookie Policy]).

The provision of data is optional, but failure to provide it may make it impossible to provide certain services or to respond to specific requests.

3. Purposes and legal bases of the processing

Personal data is processed for the following purposes and according to the relevant legal bases:

Purposes of the treatment

Legal basis (art. 6 GDPR)

a) Respond to requests for information or quotes sent through the site

Execution of pre-contractual measures at the request of the interested party

b) Manage contractual relationships and provide the required professional services

Execution of a contract

c) Comply with legal, fiscal or accounting obligations

Legal obligation of the Data Controller

d) Improve site navigation and analyze the use of content

Legitimate interest of the Data Controller

e) Send informational or promotional communications on services similar to those already requested

Legitimate interest of the Data Controller, unless the interested party objects

f) Prevent abuse or fraudulent activities and ensure the security of the Site/Legitimate interest of the Data Controller

4. Methods of processing

The processing takes place with IT and telematic tools, according to organizational logic related to the purposes indicated and in compliance with the principles of lawfulness, fairness and transparency.

Adequate security measures are in place to protect personal data from unauthorized access, loss, destruction or disclosure.

5. Data Retention

Personal data is kept for the time strictly necessary for the purposes for which they were collected, and in any case:

  • until the request for informational contacts is processed;
  • for the entire duration of the contractual relationship and for subsequent accounting/tax obligations (up to 10 years);
  • for marketing purposes up to the revocation of the consent or opposition of the interested party.

6. Communication and dissemination of data

The data may be communicated to third parties who carry out activities necessary for the management of the site or the provision of services, including:

  • collaborators and consultants of the Data Controller (e.g. web technicians, legal or tax advisors);
  • IT and hosting service providers;
  • public bodies or authorities, where required by law.

All third parties act as Data processors pursuant to art. 28 GDPR or as Independent Owners, as appropriate.
The data will never be disclosed or transferred to third parties for unauthorized commercial purposes.

7. Transfer of data abroad

Personal data may be transferred to countries of the European Union.
If a transfer to non-EU countries is necessary, it will take place in compliance with the guarantees provided for by articles 44-49 of the GDPR.

8. Rights of the interested party

As an interested party, the user can exercise the following rights at any time (articles 15—22 GDPR):

  • Right of access: obtain confirmation that a treatment is in progress and receive a copy of it;
  • Rectification and cancellation: ask for the correction or removal of your data;
  • Restriction or opposition: object to processing for legitimate reasons or request its limitation;
  • Data portability: receive your data in a structured format readable by an automatic device;
  • Revocation of consent: without prejudice to the lawfulness of the processing based on consent before the revocation;
  • Complaint: file a complaint with Guarantor for the Protection of Personal Data (www.garanteprivacy.it).

Requests should be sent via email to ciao@zigurat.it, indicating in the subject “Privacy - exercise of GDPR rights”.

9. Cookies and tracking tools

The Site uses technical cookies and, with prior consent, analytical and profiling cookies to improve the browsing experience and analyze the use of the site.
For detailed information on the types of cookies and how to manage them, see the Cookie Policy.

10. Updates and changes

The Data Controller may modify or update this information at any time, depending on regulatory or technical developments.
The changes will be posted on this page and will take effect from the date of publication.