Paola Dalmasso - Body work & Grinberg method®
Language: ITA ENG | Follow us

PRIVACY POLICY

Last update: 25/02/2026

1. DATA CONTROLLER

The Data Controller is:

Paola Dalmasso
VAT/Tax ID: IT08845790016 / DLMPLA74P62D205H
Via Curtatone 5, 10131 Turin (TO) - Italy
Email: hello@paoladalmasso.com
Phone: +39 328 427 7568

2. TYPES OF DATA COLLECTED

This website collects the following personal data:

  • First and last name
  • Email address
  • Phone number

Data is collected through:

  • Course and bodywork session booking form
  • Information request form
  • Newsletter subscription form

Browsing data

During browsing, some technical data necessary for the website's operation is automatically collected, including:

  • IP address
  • Browser type
  • Operating system
  • Pages visited
  • Access time

3. PURPOSE AND LEGAL BASIS OF PROCESSING

Personal data is processed for the following purposes:

a) Managing bookings and information requests

  • Purpose: To handle requests for course bookings, bodywork sessions, or information requests
  • Legal basis: Performance of pre-contractual or contractual measures (art. 6, par. 1, lett. b GDPR)
  • Nature of provision: Mandatory to fulfill the request
  • Retention: Data is retained for the time necessary to manage the request and subsequently for tax and accounting obligations required by law (10 years)

b) Payment processing

  • Purpose: Managing payments through PayPal for paid courses and services
  • Legal basis: Performance of the contract (art. 6, par. 1, lett. b GDPR)
  • Nature of provision: Mandatory to complete the purchase
  • Retention: Payment data is managed directly by PayPal. The Controller only retains transaction references for tax obligations (10 years)

c) Newsletter

  • Purpose: Sending promotional communications, updates on courses, events, and news related to professional activities
  • Legal basis: Explicit consent of the data subject (art. 6, par. 1, lett. a GDPR)
  • Nature of provision: Optional
  • Retention: Until consent is withdrawn

d) Technical website operation

  • Purpose: Ensuring proper website operation, security, and abuse prevention
  • Legal basis: Legitimate interest of the Controller (art. 6, par. 1, lett. f GDPR)
  • Nature of provision: Necessary for website use
  • Retention: Technical logs are retained for a maximum of 12 months

4. PROCESSING METHODS

Personal data is processed using IT and telematic tools, adopting adequate technical and organizational security measures to ensure a level of security appropriate to the risk, in compliance with art. 32 of the GDPR.

Data is accessible exclusively to the Data Controller and expressly authorized persons, adequately instructed on processing methods and confidentiality obligations.

5. DATA SHARING

Personal data may be communicated to the following third parties, who act as Data Processors pursuant to art. 28 GDPR:

Third-party services used:

Mailchimp (The Rocket Science Group LLC)
- Purpose: Newsletter management
- Location: United States
- Privacy Policy: https://www.mailchimp.com/legal/privacy/
- Extra-EU transfers: Yes, through standard contractual clauses (SCC)

PayPal (PayPal Inc.)
- Purpose: Payment processing
- Location: United States
- Privacy Policy: https://www.paypal.com/us/webapps/mpp/ua/privacy-full
- Extra-EU transfers: Yes, through standard contractual clauses (SCC)

Google LLC (services used: reCAPTCHA, Google Maps)
- Purpose: Anti-spam, maps
- Location: United States
- Privacy Policy: https://policies.google.com/privacy
- Extra-EU transfers: Yes, through standard contractual clauses (SCC)

CDN providers:
- Bootstrap CDN, jQuery CDN, Popper.js, Ionicons: loading frontend resources
- These services may collect technical browsing data

Data is not disclosed or transferred to third parties for marketing purposes without the prior consent of the data subject.

6. EXTRA-EU TRANSFERS

Some of the services used involve transfers of personal data to third countries (United States). Such transfers are based on:

  • Standard contractual clauses approved by the European Commission (SCC)
  • Adequacy decisions of the European Commission, where applicable

The Controller ensures that transfers are carried out in compliance with the provisions of Chapter V of the GDPR.

7. COOKIES AND SIMILAR TECHNOLOGIES

The website uses the following types of cookies:

Technical cookies (do not require consent)

  • Session cookies: Necessary for website operation
  • Anti-CSRF cookies: Protection against cyber attacks

Third-party cookies

  • Google reCAPTCHA: Anti-spam protection
  • Google Maps: Map display

For cookie management, the website uses Cookiebot, which allows users to express their preferences.

For more information about cookies used, please consult the Cookie Policy available on the website.

8. DATA SUBJECT RIGHTS

Pursuant to arts. 15-22 of the GDPR, the data subject has the right to:

  • Access (art. 15): obtain confirmation of the existence of personal data and receive a copy
  • Rectification (art. 16): obtain correction of inaccurate data or integration of incomplete data
  • Erasure (art. 17): obtain erasure of data (right to be forgotten)
  • Restriction (art. 18): obtain restriction of processing
  • Portability (art. 20): receive data in a structured, commonly used, and machine-readable format
  • Objection (art. 21): object to the processing of personal data
  • Withdrawal of consent: withdraw consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal)

How to exercise your rights

To exercise the above rights, the data subject can submit a request to:

  • Email: hello@paoladalmasso.com
  • Mail: Via Curtatone 5, 10131 Turin (TO) - Italy

The Controller will respond within 30 days of receiving the request.

Right to lodge a complaint

The data subject also has the right to lodge a complaint with the competent supervisory authority (Italian Data Protection Authority) if they believe that the processing violates the GDPR.

Garante per la Protezione dei Dati Personali
Piazza Venezia 11, 00187 Rome
Tel. (+39) 06.696771
Fax (+39) 06.69677.3785
Email: garante@gpdp.it
PEC: protocollo@pec.gpdp.it
Website: https://www.garanteprivacy.it

9. CHANGES TO THE PRIVACY POLICY

The Controller reserves the right to modify this policy at any time. Changes will be published on this page with indication of the last update date.

We recommend checking this page periodically to verify any updates.

10. CONTACTS

For any questions regarding this policy or the processing of personal data, you can contact the Controller:

Email: hello@paoladalmasso.com
Phone: +39 328 427 7568
Address: Via Curtatone 5, 10131 Turin (TO) - Italy

Subscribe to my newsletter

By entering your email address into the form and with a simple click, you can subscribe to the newsletter "Questa è la mia Agorà" a space for expanding the experiences I gain through my work with you. I share thoughts and reflections, as well as upcoming events and opportunities to meet.

* The fields marked with an asterisk are mandatory