Statement on processing of personal data – pursuant to and for purposes of articles 13-14 of the general data protection regulation (GDPR) 2016/679

This statement provides information concerning the processing of the personal data you provide, as necessary under EU Regulation 2016/679. The statement does not refer to other websites that may be consulted through links on the websites in the Data Controller’s domain; the Data Controller is not responsible in any way for the websites of third parties.

1) Data controller, processor and place of processing


The Data Controller is OASI architects - Studio Associato, with registered and administrative office in Via Sant'Ambrogio, 4 - 21052 Busto Arsizio (VA) - Italy, Italy, in the person of the company’s legal representative.


Data processing is carried out at the offices of the Data Controller and at those of identified external parties.

2) Types of data processed

Personal and navigation data 

“Personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity.

Navigation data

During normal operation, the computer systems and software procedures used in the operation of this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected for purposes of association with identified parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of computers used by users connecting to the site, the URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters involving the operating system and computer environment.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site and/or the filling in of data collection forms results in the acquisition of the sender’s address, which is necessary to respond to requests, as well as any other personal data entered.


Please see the Cookie Policy on the following page: Cookie Policy.

3) Purposes of processing based on consent, where requested (Article 6, GDPR)

A) The personal data voluntarily provided will be processed for the following purposes:

  • navigation on this website;
  • compilation of data collection forms in the case of requests for estimates and/or contacts and/or to send applications;
  • compilation of data collection forms in the case of online bookings;
  • general administrative-accounting activities.

For purposes of conformity with the provisions on protection of personal data, the processing operations carried out for administrative-accounting purposes are those necessary for activities of an organisational, administrative, financial and accounting nature, regardless of the nature of the data processed; such activities include internal organisational activities, activities for fulfilment of contractual and pre-contractual obligations, and information activities.

B) The personal data provided when filling in the data collection forms on websites or any other data collection forms (such as name, last name, e-mail address) will be processed, with prior consent, by the Data Controller and Data Processors for purposes of promotional activities, commercial activities and e-mail newsletters.

4) Processing methods, data storage

The processing will be carried out through automated and manual methods, using means and tools to ensure maximum security and confidentiality, by subjects specifically appointed in accordance with the provisions of Articles 13-14 of the GDPR. The data will be kept for a period not exceeding the purposes for which the data were collected and subsequently processed.

5) Scope of distribution and disclosure

The data you provide will not be disclosed; they may be communicated to companies contractually associated with OASI architects - Studio Associato, for compliance with contracts or related purposes. The data may be communicated to third parties belonging to the following categories:
subjects that provide services for management of the telecommunication systems and the information system used by OASI architects - Studio Associato;

  • researchers and companies involved in assistance and consultancy relationships;
  • authorities competent for fulfilling legal obligations and/or the provisions of public bodies, upon request.

The subjects belonging to the above categories serve as Data Processors, or operate in total autonomy as separate Data Controllers. The list of Data Processors is constantly updated and available at OASI architects - Studio Associato‘s registered and administrative office: Via Sant'Ambrogio, 4 - 21052 Busto Arsizio (VA) - Italy, Italy. Any further communication or disclosure will take place only with your explicit consent.

6) Nature of providing or refusing to provide data

Apart from what is specified for navigation data, the user is free to provide their personal data. The provision of data for the purposes referred to in point A) is necessary; any refusal to provide such data will make it impossible to obtain what is requested or to use the services offered by the Data Controller. The user has the option of providing consent for the processing of data for the purposes referred to in paragraph B; the refusal to consent to such data processing will not produce any negative results for the purposes described in point A).

7) Rights of data subjects

You can exercise your rights as expressed in Articles 12-23 of the GDPR by contacting the Data Controller, or the Data Processor: by telephone to  OASI architects - Studio Associato headquarters at +390331072655, or e-mail to the address .

As a data subject, you have the rights pursuant to Article 15 of the GDPR, including:

to obtain confirmation of the existence or inexistence of personal data concerning you, even if not yet recorded, and to have them communicated in intelligible form;

to obtain indication of:

a) the origin of the personal data;

b) the purposes and methods of the processing;

c) the logic involved in the case of processing carried out using electronic instruments;

d) the identity of the Data Controller, Data Processor, and any representative designated pursuant to Article 5, paragraph 2 of the Italian Privacy Code and Article 3, paragraph 1, GDPR;

e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them in the role of designated representatives, managers or agents within a particular Nation;

to obtain:

a) the updating, rectification or supplement of the data;

b) the erasure, transformation in anonymous form, or blocking of any data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;

c) certification that the operations in letters a) and b), including their specific contents, have been reported to those to whom the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate use of means with respect to the protected right;

to oppose, in whole or in part:

a) the processing of your personal data, for legitimate reasons, even if pertinent to the original purpose of collection;

b) the processing of your personal data for purposes of sending advertising materials, direct marketing, or for carrying out market research or commercial communication, through utilisation of automated calling systems without operator intervention, and/or e-mail and/or traditional marketing methods using telephone and/or mail.

Where applicable, you also have the rights set out in Articles 16-21 of the GDPR (Right of rectification, Right to erasure, Right to restriction of processing, Right to data portability, Right to object), as well as the right to complain to the relevant Privacy Authority. At any time, you can obtain confirmation of the existence or inexistence of personal data concerning you, the communication of such data, and of the purposes underlying the data processing. You can also obtain the updating, rectification or the supplement of the data, if you so wish, as well as the erasure, transformation in anonymous form or blocking of unlawfully processed data. You may also, on legitimate grounds, oppose the data processing itself.

8) Changes to the Privacy Policy

The Data Controller reserves the right to modify, update, add or remove portions of this Statement at its sole discretion and at any time. The data subject is required to check periodically for any changes; for this purpose, the Statement will include an indication of the date of last updating. The use of the website, after the publication of the modifications, constitutes acceptance of the Privacy Policy.

9) Social plug-in

Our web pages may contain social networking plug-ins (e.g., operated by Facebook Inc., 1601 South California Ave., Palo Alto, CA 94304, USA (“Facebook”). If you access one of our web pages with such a plug-in, your internet browser connects directly to the social network and the plug-in is displayed on your screen by connecting to your browser. Before using these plug-ins, please consult the privacy policy on the official pages of the social network concerned.