Privacy Policy
Last updated:
This privacy policy explains how your personal data is handled when you subscribe to the email newsletter on this blog. It is written to comply with the EU General Data Protection Regulation (GDPR).
Data Controller
The data controller responsible for your personal data is:
Riccardo Parola Email: riccardo.parol@gmail.com
If you have any questions about this policy or about how your data is handled, you can contact me at the address above.
What Personal Data I Collect
When you subscribe to the newsletter, I collect:
- Your email address, which you provide via the subscription form.
- The date and time of your subscription and, where applicable, the IP address from which you subscribed. This is collected solely as proof that you gave consent, as required to demonstrate compliance under GDPR.
I do not collect any other personal data through the newsletter form.
Purpose of Processing
Your email address is used for one purpose only: to send you notifications about new blog posts and related updates. I do not use it for any other purpose.
Lawful Basis for Processing
The lawful basis for processing your data is your consent, under Article 6(1)(a) GDPR.
Consent is obtained through an explicit opt-in checkbox on the subscription form (it is never pre-ticked), and is confirmed using a double opt-in process: after subscribing, you receive a confirmation email and must click the link inside it before any newsletter is sent to you. If you do not confirm, your address is not added to the active mailing list.
Withdrawing Consent
You can withdraw your consent at any time, with no justification needed. Every email I send includes an unsubscribe link; clicking it removes you from the list immediately. Withdrawing consent does not affect the lawfulness of any processing carried out before withdrawal.
Data Retention
Your email address and consent records are kept only for as long as you remain subscribed. Once you unsubscribe, your data is removed from the active mailing list and deleted (or retained only as strictly necessary to honor your unsubscribe request and to demonstrate prior compliance).
Data Processors and International Transfers
The newsletter is delivered through a third-party email service provider, which acts as a data processor on my behalf under a data processing agreement. I intend to use an EU-based, GDPR-compliant provider (for example, MailerLite).
If a provider established outside the EU/EEA (for example, a US-based service such as AWeber) is ever used, any resulting international transfer of your data will be protected by appropriate safeguards under GDPR, such as the European Commission’s Standard Contractual Clauses (SCCs).
No Sale or Advertising Use
I do not sell your personal data, and I do not share it with third parties for advertising or marketing purposes. Your data is shared only with the email service provider strictly to deliver the newsletter you subscribed to.
Analytics
This blog uses GoatCounter for basic, privacy-friendly visitor statistics (such as how many people view each article and roughly how long they stay). GoatCounter is cookieless and does not track you across sites or build a personal profile. It does not store personal data such as your IP address; visitors are counted using a temporary, daily-rotating hash that cannot be traced back to you. Because no personal data is collected and no cookies are used, no consent banner is required. You can read GoatCounter’s own privacy policy on their website.
Your Rights Under GDPR
As a data subject, you have the right to:
- Access the personal data I hold about you;
- Rectify inaccurate or incomplete data;
- Erase your data (“right to be forgotten”);
- Restrict processing of your data;
- Data portability — receive your data in a structured, commonly used, machine-readable format;
- Object to processing;
- Withdraw consent at any time (see above);
- Lodge a complaint with a supervisory authority. In Italy, this is the Garante per la protezione dei dati personali (Italian Data Protection Authority).
To exercise any of these rights, contact me at the email address listed under “Data Controller.”
Disclaimer: This privacy policy is a template provided for general guidance. Before publishing, please review and adapt it to reflect your final email service provider, your actual data handling practices, and any specific legal advice you obtain. It does not constitute legal advice.