Last update: 14 maggio 2025
This Privacy Policy describes how the website www.bomboklat.it handles the personal data of users who browse it.
It is provided pursuant to Art. 13 of EU Regulation 2016/679 (GDPR) to anyone who interacts with the web services of Bomboklat Surf School by Samuele Laquintana, accessible online at www.bomboklat.it.
This notice applies only to www.bomboklat.it and not to any other websites that users may visit via links.
The Data Controller is:
AMATEUR SPORTS ASSOCIATION BOMBOKLAT SURF SCHOOL
Registered office: Via E. Mattei 21/D – 20007 Cornaredo (MI) – VAT/Tax ID 07603170965
contact e‑mail: info@bomboklat.it
3.1 Browsing data
During normal operation, the IT systems and software procedures that run this site acquire certain personal data whose transmission is implicit in Internet communication protocols. These data are not collected to identify users, but could allow identification through processing and association with data held by third parties.
3.2 Data voluntarily provided by the user
The voluntary, explicit submission of messages to the contact addresses on this site and completion of contact forms entail the subsequent acquisition of the sender’s address and any other personal data provided.
3.3 Cookies and tracking technologies
The site uses technical cookies necessary for its operation and anonymous analytics tools. See the Cookie Policy for details.
Personal data are processed for the following purposes:
Allow navigation on the site;
Respond to enquiries sent via the contact form;
Comply with legal obligations;
Analyse site usage anonymously and in aggregate to improve content and services.
The legal bases are:
Navigation: legitimate interest of the controller;
Contact: execution of pre‑contractual measures;
Legal obligations: compliance with regulations;
Site analytics: consent expressed via the cookie banner.
Processing is carried out using IT and telematic tools, ensuring data security and confidentiality.
Data are processed in line with the principles of minimisation, lawfulness, fairness and transparency.
Personal data are kept only as long as necessary to achieve the purposes collected:
Browsing data: deleted after processing;
Form data: kept until answered, then max 1 year;
Anonymous analytics data: not subject to deletion.
Personal data may be disclosed to:
Processors (e.g., hosting providers);
Authorities to comply with legal obligations;
An updated list is available on request from the Controller.
The Controller does not transfer data outside the EEA except for certain technical services. Such transfers comply with Arts. 44 ff. GDPR.
Data subjects may access, correct, erase or restrict processing of their data (Arts. 15 ff. GDPR).
Requests should be sent to info@bomboklat.it.
You may lodge a complaint with the Data Protection Authority or seek judicial remedy.
The Controller reserves the right to amend this policy at any time. Users should review it periodically. The update date appears at the start of the document.