Riccardo.Bozzato
GDPR

Privacy Policy

Last updated: July 18, 2026

This Privacy Policy explains how Riccardo Bozzato (“I”, “me”, “my”) collects, uses, and protects your personal data when you visit my website, download resources, or engage my consulting services. I take your privacy seriously — I follow the GDPR (Reg. EU 2016/679) and the Italian Data Protection Code (D.Lgs. 196/2003, as amended by D.Lgs. 101/2018), and keep data collection to the minimum necessary.

1. Data Controller

Riccardo Bozzato

Legnaro, PD, Italy

Email: [email protected]

Phone: +39 389 213 9542

2. Data I Collect

<strong>Contact form:</strong> name, email address, and message you submit voluntarily.

<strong>Freebie downloads (playbook):</strong> name and email address — used to deliver the PDF and send the email sequence (max 6 emails over 30 days).

<strong>Consulting inquiries:</strong> name, email, company, and project details you share — used to prepare proposals and deliver services.

<strong>Technical data:</strong> IP address, browser user-agent, and referral headers are automatically collected by the server for security and operational purposes. These are not used for tracking or profiling.

<strong>Analytics:</strong> anonymous, aggregated page views using privacy-friendly analytics. No personal tracking, no fingerprinting.

3. How I Use Your Data

To respond to your inquiries and prepare proposals.

To deliver free resources (playbook PDF) and the associated email sequence.

To communicate about active consulting engagements.

To improve my website based on anonymous usage patterns.

I do <strong>not</strong> sell, rent, trade, or share your personal data with any third party for their marketing purposes.

4. Email Marketing (Consent, Double Opt-In & Unsubscribe)

When you download the free playbook, you consent by checking the dedicated consent box on the form to receive a 6-email educational sequence over approximately 30 days. After submitting the form, you will receive a confirmation email asking you to verify your address (double opt-in). You will start receiving the sequence only after confirming.

Each email includes an unsubscribe link. You can withdraw consent at any time — your request is processed immediately and you will receive no further emails. Unsubscribing does not affect communications related to active consulting engagements.

5. Legal Basis (GDPR) & Your Right to Object

I process your data based on:

<strong>Consent:</strong> when you check the consent box on a form (contact, freebie download). You can withdraw at any time.

<strong>Contractual necessity:</strong> when you engage my consulting services — data processing is required to deliver the agreed work.

<strong>Legitimate interest:</strong> responding to pre-sales inquiries and improving my services.

<strong>Right to object (Art. 21 GDPR):</strong> Where I process your data based on legitimate interest, you have the right to object at any time by contacting me. I will cease processing unless I have compelling legitimate grounds that override your interests.

6. Data Retention

Contact form inquiries: deleted after 12 months of inactivity.

Freebie subscribers: retained until you unsubscribe (plus 30 days grace for re-engagement).

Consulting client data: retained for the duration of the engagement plus 24 months for tax/legal compliance (as required by Italian law).

You can request deletion of your data at any time by emailing [email protected].

7. Your Rights (GDPR)

You have the right to:

Access your data — request a copy of everything I hold about you.

Rectify inaccurate data — ask me to correct or complete your information.

Delete your data — request erasure (subject to legal retention requirements).

Restrict processing — limit how I use your data.

Object to processing — object to processing based on legitimate interest (Art. 21 GDPR).

Data portability — receive your data in a structured, machine-readable format.

Withdraw consent — at any time, for any processing based on consent.

To exercise any of these rights, email [email protected]. I will respond within 30 days.

8. Third-Party Processors

I use the following third-party services to operate this site and deliver services. Each has been vetted for GDPR compliance:

<strong>Resend</strong> (resend.com) — transactional email delivery and email sequence automation. Privacy: resend.com/privacy

<strong>Netlify</strong> (netlify.com) — website hosting and CDN. Privacy: netlify.com/privacy

<strong>GitHub</strong> (github.com) — source code hosting and project management. Privacy: github.com/privacy

<strong>Stripe</strong> (stripe.com) — payment processing for ShipKit purchases. Privacy: stripe.com/privacy

Data is processed within the EU and US (under SCC agreements).

9. Data Security

I implement appropriate technical and organizational measures to protect your data: encrypted connections (HTTPS), access controls on databases, minimal data collection principle, and regular security reviews. No data transmission over the internet is 100% secure, but I follow industry best practices to minimize risk.

10. Changes to This Policy

I may update this privacy policy from time to time. Material changes will be communicated via email (if I have your contact for active services) or via a notice on this website. The &ldquo;Last updated&rdquo; date at the top of this page reflects the most recent revision.

11. Contact

For any questions, requests, or concerns about this privacy policy or how I handle your data:

Riccardo Bozzato

Legnaro, PD, Italy

Email: [email protected]

Phone: +39 389 213 9542

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) at garanteprivacy.it.

Questions?

Email: [email protected]