Privacy
Data Controller
The data controller responsible for the processing of personal data under the General Data Protection Regulation (GDPR) is:
Company Name: ISS360 di Norman Jennewein
Business Type: Information Security Consulting
VAT Number: IT03324390214
Legal form: Ditta Individuale
Address: St. Martin 21, I-39057 Appiano sulla Strada del Vino
Email: info@iss360.it
Phone: +39 351 739 0300
Scope of This Privacy Policy
This Privacy Policy explains how personal data is collected, processed, and protected when you visit the website www.iss360.it or contact us by email.
Personal Data We Process
Data You Provide Voluntarily
When you contact us by email, we may process:
- Name
- Email address
- Company name
- Any information you include in your message
Automatically Collected Data
When visiting our website, technical data may be collected automatically, including:
- IP address
- Date and time of access
- Browser type and version
- Operating system
- Referrer URL
- Pages visited and interaction data
Purposes and Legal Bases of Processing
Personal data is processed for the following purposes and legal bases:
| Purpose | Legal Basis (Art. 6 GDPR) |
|---|---|
| Responding to inquiries | Art. 6(1)(b) – performance of a contract or pre-contractual measures |
| Website operation and security | Art. 6(1)(f) – legitimate interest |
| Compliance with legal obligations | Art. 6(1)(c) |
Our legitimate interests include ensuring website security, stability, and improving our services.
Cloudflare
This website uses Cloudflare, a content delivery network (CDN) and security service provided by Cloudflare, Inc.
Cloudflare processes technical connection data (e.g. IP addresses) to:
- protect against attacks
- ensure website availability
- optimize loading times
Data may be transferred to third countries. Cloudflare relies on Standard Contractual Clauses (SCCs) approved by the European Commission.
Legal basis:
Art. 6(1)(f) GDPR – legitimate interest in website security and performance
Web Hosting (Hostinger)
This website is hosted by Hostinger, which processes personal data on our behalf as a data processor.
Processing may include:
- IP addresses
- access logs
- technical system data
A data processing agreement (DPA) is in place.
Legal basis:
Art. 6(1)(f) GDPR – legitimate interest in secure and reliable hosting
Cookies
This website uses only technically necessary cookies and cookies required for the operation and security of the website..
No marketing or profiling cookies are used.
Data Recipients
Personal data may be shared with:
- Hosting and infrastructure providers (Hostinger)
- Security and CDN providers (Cloudflare)
Data is not sold or used for advertising purposes.
Data Retention
Personal data is stored only as long as necessary:
- Email inquiries: until the request is resolved and statutory retention periods expire
- Technical logs: for security and operational purposes, then deleted automatically
Your Rights as a Data Subject
You have the right to:
- Access your personal data (Art. 15 GDPR)
- Rectification of inaccurate data (Art. 16 GDPR)
- Erasure (“right to be forgotten”) (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Object to processing (Art. 21 GDPR)
- Withdraw consent at any time (Art. 7 GDPR)
To exercise your rights, contact: info@iss360.it
Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority.
The competent authority in Italy is:
Garante per la Protezione dei Dati Personali
www.garanteprivacy.it
Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse.
Changes to This Privacy Policy
We reserve the right to update this Privacy Policy to reflect legal or technical changes. The current version is always available on this website.