Privacy Policy
Data Controller
Denovo Srl
VAT/Tax Code: 01740180557
REA TR-371416
Via Federico Fratini, 6, 05100 Terni (Italy)
Email: info@denovo.srl
PEC: denovo@pec.it
Denovo Srl has not appointed a Data Protection Officer (DPO), as this is not mandatory under Article 37 GDPR. For any question regarding personal data processing, please write directly to the addresses above.
Privacy notice under Articles 13 and 14 GDPR
This notice describes how Denovo Srl processes personal data collected through the denovo.srl website and linked contact channels, under Regulation (EU) 2016/679 (GDPR) and Italian Legislative Decree 196/2003 as amended by Legislative Decree 101/2018.
Data processed, purposes, legal bases and retention
| Data category | Purpose | Legal basis | Retention |
|---|---|---|---|
| Identification and contact data you enter in the contact form (first name, last name, company, email, subject, message) | Replying to the request, evaluating a potential collaboration, providing the commercial context requested | Consent (Art. 6(1)(a) GDPR); performance of pre-contractual measures at your request (Art. 6(1)(b) GDPR) | 24 months from last contact, then deletion, unless tax or contractual obligations require longer retention |
| Browsing data (anonymised IP, user agent, pages viewed, referrer) | Site security, troubleshooting, aggregated statistics | Legitimate interest of Denovo Srl in keeping the site secure and functional (Art. 6(1)(f) GDPR) | Server logs 12 months, then automatic deletion. Aggregated statistics kept indefinitely in anonymous form |
| Technical cookies | Correct site functioning (session, language, preferences) | Necessary to provide the requested service (Art. 122 Italian Legislative Decree 196/2003) | Until session closes or according to the duration declared in the cookie banner |
| Third-party cookies (Cloudflare for security and traffic optimisation, Google reCAPTCHA for anti-spam on the contact form) | Protection from automated attacks, abuse mitigation, verifying visitors are not bots | Consent for non-necessary cookies; legitimate interest for components strictly necessary for security | Up to 1 year (reCAPTCHA), session or 30 days (Cloudflare) |
Consequences of refusing to provide data
Providing data in the contact form is voluntary. Refusing to enter name, email or subject prevents the request from being sent and makes it impossible for Denovo Srl to reply. Refusing non-necessary cookies does not prevent navigation of the site, but some security features (reCAPTCHA, Cloudflare) may be partially limited.
Data recipients and processors
Your data may be shared with third parties only if necessary for the purposes described. The categories of recipients are:
- Hosting and infrastructure providers: the site is hosted on physical servers located in the EU and managed by Denovo Srl personnel.
- Cloudflare, Inc. (USA): CDN delivery and site protection service. Processor under Article 28 GDPR.
- Google LLC / Google Ireland Ltd: reCAPTCHA service for anti-spam protection of the contact form. Processor under Article 28 GDPR.
- Transactional email providers: email delivery from the contact form to Denovo Srl internal mailboxes.
- Public authorities: only in case of legal obligation or request from a competent authority.
Data is not sold, transferred or communicated to parties other than those listed.
Data transfers outside the European Union
Some processors (Cloudflare and Google) are based in the United States or operate global infrastructures that may involve data transfers outside the EU. Denovo Srl uses the safeguards provided by the GDPR for such transfers:
- Standard Contractual Clauses approved by the European Commission (Art. 46 GDPR) signed with the provider;
- Provider adherence to the EU-US Data Privacy Framework (DPF), where applicable;
- Supplementary technical and organisational measures described in the respective providers’ documentation.
Cookies
The site uses technical cookies necessary for functioning and non-necessary cookies installed only with your explicit consent through the banner.
Technical cookies
They do not require consent under Article 122 of the Italian Privacy Code and the Italian Data Protection Authority’s decision of 10 June 2021:
- pll_language: stores the selected language (duration 1 year).
- wordpress_logged_in_*: admin session, only for users logged into the backend.
- cookie_consent: stores your cookie choice so the banner is not shown again (duration 1 year).
Third-party cookies
Installed only after your consent through the banner:
- Cloudflare (cookies __cf_bm and __cflb): security, bot mitigation, traffic load balancing. Duration up to 30 days. Provider: Cloudflare Inc. (USA). Cloudflare notice.
- Google reCAPTCHA (cookie _GRECAPTCHA): verifies the visitor of the contact form is not a bot. Duration 6 months. Provider: Google LLC (USA). Google notice.
You can withdraw consent to non-necessary cookies at any time by clicking “Cookie preferences” in the footer of this page.
Managing cookies from the browser
In addition to the banner, you can manage cookies from your browser settings:
Data subject rights
Under Articles 15-22 GDPR you have the right to:
- Access: obtain confirmation that Denovo Srl processes your data and receive a copy.
- Rectification: obtain the correction of inaccurate or incomplete data.
- Erasure: obtain the deletion of data (“right to be forgotten”), within the limits set by the GDPR.
- Restriction: obtain restriction of processing in the cases set out in Article 18.
- Portability: receive the data in a structured, commonly used and machine-readable format.
- Objection: object to processing based on legitimate interest.
- Withdrawal of consent: withdraw consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.
To exercise these rights, write to info@denovo.srl or to the PEC address denovo@pec.it. Denovo Srl replies within 30 days from receipt of the request, extendable up to 60 days in case of particular complexity, with notice of the reasons for the delay.
You also have the right to lodge a complaint with the Italian Data Protection Authority or with the supervisory authority of your country of residence, if you believe the processing violates the GDPR.
Automated decisions and profiling
Denovo Srl does not carry out automated decisions or profiling under Article 22 GDPR on visitors of this site.
Source of data
All personal data processed through this site is collected directly from you, through the contact form or navigation. Denovo Srl does not acquire personal data from third-party sources for marketing or profiling purposes.
Changes to the privacy policy
Denovo Srl may update this notice to adapt it to regulatory changes or new processing activities. Substantial changes are communicated with a visible notice on the site. Please check this page periodically to see the current version.
Last updated: 17/04/2026