Privacy statement

1. Name and information of the Data Controller as well as of the Data Protection Officer

This data protection information applies to data processing by: 

Data Controller: Patti Avvocati & Rechtsanwälte (hereinafter, “Patti”), Via Tacito 41, 00193 Rome (Italy); e-mail:, phone: (+39) 0668192371, fax: (+39) 0668133385

The Data Protection Officer of Patti Avvocati & Rechtsanwälte is RA Britta Landahl, who can be contacted at the abovementioned address or the e-mail address:

2. Collection and storage of the personal data and the nature and purposes of their use

During the consultation of the website

When accessing the website the browser on your device sends automatically information to the server of our website. These information are temporarily stored in a so-called log-file. During this process, without any intervention from your side, the following information are collected and stored until an automatic deletion:

  • IP address of the accessing computer,
  • date and time of access,
  • name and URL of the consulted file,
  • website from which the access is undertaken (referrer-URL),
  • the browser used and, eventually, the operating system of the computer used, as well as the name of the access provider.

These pieces of information are processed by us for the following purposes:

  • guarantee of an efficient connection to the website,
  • guarantee of a smooth use of our website,
  • analysis of the safety and stability of the system, as well as for
  • other administrative purposes.

The legal base for the processing of data is Art. 6, para. 1, lett. f) GDPR. Our legitimate interest results from the data collection purposes listed above. Under no circumstances we use the collected data in order to draw conclusions on the person of the user.

Moreover, while consulting our website, we use cookies. For more information, please see no. 4 of this privacy statement.

3. Transmission of data 

The transmission of personal data to third parties does not occur for purposes different than the ones stated in the following. However, after the issuing of the mandate, your data can be transmitted internally – for the purpose of executing the mandate – among our organization in the Patti offices in Rome, Milan and Munich.

We transmit your personal data to third parties only if:

  • you gave your consent to the processing of your personal data for one or more specific purposes according to Art. 6, para. 1, lett. a) GDPR;
  • the transmission of personal data is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party according to Art. 6, para. 1, lett. f) GDPR, under the condition that the data subject’s prominent rights do not prevail;
  • the transmission is necessary according to Art. 6, para. 1, lett. c) GDPR in order to fulfil a legal obligation;
  • it is legitimate and necessary according to Art. 6, para. 1, lett. b) GDPR in order to execute a contract the data subject is a party of.

4. Cookies

We use so-called cookies on our website. Those are small files that, when consulting our website, are automatically created by the browser used and stored on the device (laptop, tablet, smartphone and similar). Cookies do not cause any damage to the device; they do not contain viruses, Trojan or other malware.

Information which results from the correlation with the device in use is deposited in the cookie. This does not mean that through this process we directly become aware of your identity.

On the one hand, the use of cookies contributes to render the use of the website more enjoyable. We employ so-called session cookies to recognize if you have previously consulted specific pages of our website. Those are automatically discarded in the moment our website is left.

Moreover, in order to optimize the ease of use, we use temporary cookies that are stored for a limited timeframe on the used device. In case our website should be consulted again, the previous access is automatically recognized, as well as the data entered eventually and with which settings, in order to avoid having to re-enter the same data again.

The data processed by the cookies are necessary for the abovementioned purposes and for the safeguard of our legitimate interests and the ones of third parties according to Art. 6, para. 1, lett. f) GDPR.

The majority of browsers accept cookies automatically. However, you can select browser settings that delete cookies from your device or that block all cookies or prompt you before a cookie is stored. The complete deactivation of cookies could imply that you are not able to use all the features of the website.

5. Rights of the data subject

As data subject you have the following rights:

  • according to Art. 15 GDPR, the right to obtain confirmation as to whether or not personal data concerning him or her are being processed; in this case you have the right to access the personal data and require information, such as the purposes of the proceeding, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed and the envisaged period for which the personal data will be stored. Moreover, you have the right to request rectification or erasure of personal data, restriction of processing personal data and you can object to such processing, as well as lodge a complaint with a supervisory authority. In case the data are not collected from the data subject, you have the right to receive any available information as to their source. In case data are transferred to a third country or to an international origination, you have the right to be informed as to the appropriate safeguards pursuant to Art. 46 GDPR;
  • according to Art. 16 GDPR, you have the right to obtain from the data controller without undue delay the rectification of inaccurate personal data concerning you or the completion of incomplete personal data;
  • according to Art. 17 GDPR, you have the right to obtain from the data controller the erasure of personal data concerning you without undue delay (right to be forgotten), unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or the defence of legal claims;
  • according to Art. 18 GDPR, you have the right to obtain from the data controller restriction of processing when you contest the accuracy of the personal data, when the processing is unlawful but you oppose the erasure or when the data controller no longer needs the personal data for the purposes of the processing but they are required by you for the establishment, exercise or defence of legal claims. You have the right to obtain the restriction of the processing also in case you have exercised your right to object pursuant to Art. 21 GDPR;
  • according to Art. 20 GDPR, you have the right to receive the personal data concerning you, which you provided to the data controller, in a structured, commonly used and machine-readable format and have the right to require the transmittal to another data controller;
  • according to Art. 7, para 3 GDPR, you have the right to withdraw your consent at any time, with the consequence that the data controller shall no longer pursue the processing of the personal data;
  • according to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

6. Right to object

In case your personal data are processed according to Art. 6, para. 1, lett. f) GDPR, Art. 21 GDPR you have the right to object to the processing of your personal data on grounds relating to your particular situation or the objection is related to direct marketing. In this case, a general right to object exists, that will be protected without the necessity to indicate a particular situation.

If you would like to exercise your right to objection, it is sufficient to send an email to

7. Data security

During the consultation of the website, we use a common type of procedure, the so-called SSL (Secure socket layer), in conjunction with the highest level of encryption supported by the used browser. Generally, it is a 256 bit crypto. In case the browser does not support a 256 bit crypto, we turn to the 128 bit v3 technology. You can recognize if a single page of our website is transmitted in encrypted form from the symbol of a key or a closed lock that will appear on the bottom status bar of your browser.

Moreover, we use appropriate technical and administrative security measures in order to protect the collected data from any accidental or intentional manipulation, from partial or complete loss, destruction or access by non-authorized persons. Our security measures are constantly being improved according to the technological development.

8. Actuality and modification of this privacy statement

This privacy statement is currently valid, in force and updated to May 2018.

Following the development of our website or modified legal or administrative directives, it could be necessary to change and actualize this privacy statement. The latest version of this privacy statement will be available at any time on the website, with the possibility to connect to the website and, if the data subject desires, print the last version of the privacy statement.