Privacy Policy

Effective Date: February 5, 2026

Last Updated: March 31, 2026

1. Introduction

This privacy notice is provided pursuant to Article 13 of Regulation (EU) 2016/679 ("GDPR").

Luigi Di Lena ("we," "us," or "our") operates the website luigidilena.it (the "Site"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our Site or use our services.

We are committed to protecting your privacy and complying with applicable data protection laws, in particular the European Union's General Data Protection Regulation (GDPR).

2. Data Controller

Luigi Di Lena, established in Ireland, is the data controller responsible for your personal information.

Contact Information:
Email: privacy [at] luigidilena [dot] it
Website: https://luigidilena.it

3. Information We Collect

3.1 Information You Provide

• Contact Information: Name, email address, phone number when you book a coaching session or contact us
• Professional Information: Career details, resume information, and other information you share during coaching sessions
• Communication Data: Content of messages you send to us

3.2 Information Automatically Collected

• Usage Data: IP address, browser type, device information, pages visited, time spent on pages
• Cookies and Tracking Technologies: We use cookies and similar technologies as described in Section 10
• Analytics Data: We use Google Analytics to understand how visitors use our Site

3.3 Source of Data

We collect your personal data directly from you through the site's forms, email communications, and during coaching sessions.

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds, specified per purpose:

• Managing bookings and delivering coaching sessions → legal basis: performance of a contract (Art. 6.1.b GDPR)
• Invoicing and tax compliance → legal basis: legal obligation (Art. 6.1.c GDPR)
• Improving the site and services through aggregated data → legal basis: legitimate interest (Art. 6.1.f GDPR) — our interest is to understand how the site is used in order to improve the user experience
• Analysing website usage → legal basis: legitimate interest (Art. 6.1.f GDPR) — our interest is to monitor site performance and identify technical issues
• Sending marketing communications → legal basis: consent (Art. 6.1.a GDPR)
• Protecting against fraud and security threats → legal basis: legitimate interest (Art. 6.1.f GDPR) — our interest is to ensure the security of the site and data

5. How We Use Your Information

We use your personal information for the following purposes:

• Providing coaching and mentoring services
• Scheduling and managing appointments
• Communicating with you about our services
• Responding to your inquiries and requests
• Improving our website and services
• Analyzing website usage and trends
• Complying with legal obligations
• Protecting against fraud and security threats

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party vendors who assist us (e.g., Cal.com for scheduling, Google Analytics for website analytics)
• Legal Requirements: When required by law, court order, or governmental authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize us to share your information

6.1 Third-Party Services

The following third-party providers may process personal data on our behalf. Some of these providers are based in the United States (see Section 7).

• Cal.com (Cal.eu): For appointment scheduling — Privacy Policy
• Google Analytics: For website analytics (anonymized data) — Privacy Policy
• Cookiebot (Usercentrics): For cookie consent management — Privacy Policy

7. International Data Transfers

Some of our third-party providers (Google, Cal.com) are also based in the United States. Your personal data may therefore be transferred to and processed in the USA. To ensure an adequate level of protection, we rely on the following mechanisms:

• Standard Contractual Clauses (SCCs): Approved by the European Commission under Art. 46.2.c GDPR
• EU-US Data Privacy Framework: For providers that have been certified under the EU-US Data Privacy Framework
• Adequacy decisions: By the European Commission, where applicable

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

• Client Data: Retained for the duration of our professional relationship and up to 7 years thereafter for legal and tax purposes
• Marketing Data: Until you withdraw consent or request deletion
• Website Analytics: Anonymized data retained for up to 26 months

9. Your Rights

9.1 GDPR Rights (EU Residents)

If you are located in the European Union, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with a supervisory authority. The lead authority for the controller is the Data Protection Commission (DPC) in Ireland. You may also contact your local data protection authority.

9.2 Privacy Rights in Other Jurisdictions

If you reside in a jurisdiction that provides additional privacy rights (for example, certain US states such as California, Virginia, Colorado, or Connecticut), we will respect those rights in accordance with applicable local law. Please contact us using the information in Section 13 to exercise your rights.

9.3 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in Section 13. We will respond to your request within 30 days, as required by the GDPR.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Site. Analytics and preference cookies are only activated with your prior consent, in line with the Irish Data Protection Commission guidelines. No non-essential cookies are set on first visit.

You can provide or revoke your consent at any time through the Cookiebot banner or its settings accessible from the site.

Types of Cookies We Use:

• Necessary Cookies: Essential for website functionality
• Analytics Cookies: Help us understand how visitors use our Site
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (SSL/TLS)
• Access controls and authentication
• Regular security assessments
• Employee training on data protection

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

12. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Luigi Di Lena
Email: privacy [at] luigidilena [dot] it
Website: https://luigidilena.it

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on this page
• Updating the "Last Updated" date
• Sending you an email notification (if you have provided your email address)

We encourage you to review this Privacy Policy periodically.

15. Establishment in the European Union

The data controller is established in Ireland, within the European Union. The appointment of a representative under Art. 27 GDPR is therefore not required. For any data protection matters, you can contact us using the information in Section 13.

16. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Our Site does not currently respond to DNT signals. You can manage tracking preferences through our cookie consent banner.

← Back to Home