Privacy Policy

Last updated:

This privacy policy explains how your personal data is handled when you subscribe to the email newsletter on this blog. It is written to comply with the EU General Data Protection Regulation (GDPR).

Data Controller

The data controller responsible for your personal data is:

Riccardo Parola Email: riccardo.parol@gmail.com

If you have any questions about this policy or about how your data is handled, you can contact me at the address above.

What Personal Data I Collect

When you subscribe to the newsletter, I collect:

I do not collect any other personal data through the newsletter form.

Purpose of Processing

Your email address is used for one purpose only: to send you notifications about new blog posts and related updates. I do not use it for any other purpose.

Lawful Basis for Processing

The lawful basis for processing your data is your consent, under Article 6(1)(a) GDPR.

Consent is obtained through an explicit opt-in checkbox on the subscription form (it is never pre-ticked), and is confirmed using a double opt-in process: after subscribing, you receive a confirmation email and must click the link inside it before any newsletter is sent to you. If you do not confirm, your address is not added to the active mailing list.

You can withdraw your consent at any time, with no justification needed. Every email I send includes an unsubscribe link; clicking it removes you from the list immediately. Withdrawing consent does not affect the lawfulness of any processing carried out before withdrawal.

Data Retention

Your email address and consent records are kept only for as long as you remain subscribed. Once you unsubscribe, your data is removed from the active mailing list and deleted (or retained only as strictly necessary to honor your unsubscribe request and to demonstrate prior compliance).

Data Processors and International Transfers

The newsletter is delivered through a third-party email service provider, which acts as a data processor on my behalf under a data processing agreement. I intend to use an EU-based, GDPR-compliant provider (for example, MailerLite).

If a provider established outside the EU/EEA (for example, a US-based service such as AWeber) is ever used, any resulting international transfer of your data will be protected by appropriate safeguards under GDPR, such as the European Commission’s Standard Contractual Clauses (SCCs).

No Sale or Advertising Use

I do not sell your personal data, and I do not share it with third parties for advertising or marketing purposes. Your data is shared only with the email service provider strictly to deliver the newsletter you subscribed to.

Analytics

This blog uses GoatCounter for basic, privacy-friendly visitor statistics (such as how many people view each article and roughly how long they stay). GoatCounter is cookieless and does not track you across sites or build a personal profile. It does not store personal data such as your IP address; visitors are counted using a temporary, daily-rotating hash that cannot be traced back to you. Because no personal data is collected and no cookies are used, no consent banner is required. You can read GoatCounter’s own privacy policy on their website.

Your Rights Under GDPR

As a data subject, you have the right to:

To exercise any of these rights, contact me at the email address listed under “Data Controller.”


Disclaimer: This privacy policy is a template provided for general guidance. Before publishing, please review and adapt it to reflect your final email service provider, your actual data handling practices, and any specific legal advice you obtain. It does not constitute legal advice.

Suggest a post

Got an idea you'd like me to write about? Send it over.

Only if you'd like a reply. See the privacy policy.