Privacy Policy

The data controller is IREA, Italian Real Estate Attorneys, a professional firm with offices at Corso del Popolo 222, 45100 Rovigo (Italy) and 5225 Canyon Crest Dr., Riverside, CA 92507 (United States). You can reach us at info@italianrealestateattorneys.com or by post at either address. For GDPR queries, write to the same address marked 'Privacy'.

From the contact form: your name, email, phone, country of residence and the message you send us. From booked calls (via Calendly): your name, email and meeting time. From engagement (once you become a client): the information needed to provide the legal service, typically identity documents, address, tax numbers, asset details and family information. From our website: standard log data (IP, user-agent, pages viewed, language) and, with your consent where required, analytics.

To answer your enquiries and prepare a quote, on the basis of pre-contractual measures at your request (Art. 6(1)(b) GDPR). To deliver our legal services once engaged, on the basis of the engagement contract. To comply with legal and professional obligations, including Italian bar rules, anti-money-laundering law, and tax law, on the basis of legal obligation (Art. 6(1)(c)). To run and improve our website, on the basis of legitimate interest (Art. 6(1)(f)), with consent where required.

We share data only with: (a) trusted sub-processors that host or run parts of our infrastructure (Vercel for site hosting, Calendly for appointments, our email provider); (b) Italian or foreign professionals when their intervention is necessary for your case (notaries, accountants, partner lawyers), with your express knowledge; (c) public authorities when the law requires it (tax authority, court, anti-money-laundering reports). We sign data-processing agreements with all sub-processors handling personal data on our behalf.

Some of our sub-processors are based outside the European Economic Area (notably in the United States). Transfers are covered by Standard Contractual Clauses approved by the European Commission, and supplementary measures where appropriate under the Schrems II ruling. You can request a copy of the safeguards by writing to us.

Enquiry data is kept for up to 24 months after the last contact, then deleted unless an engagement starts. Engagement files are kept for ten years from the end of the matter, in line with Italian professional rules and statute of limitations. Anti-money-laundering records are kept for ten years from the end of the relationship, as required by law. Website logs are kept for up to 12 months.

Under GDPR you have the right to: access your data, correct inaccurate data, ask for erasure where applicable, restrict or object to processing, receive your data in a portable format, withdraw consent where processing relies on it, and lodge a complaint with the Italian supervisory authority (Garante per la Protezione dei Dati Personali, garanteprivacy.it). Exercise any of these rights by writing to info@italianrealestateattorneys.com. We reply within 30 days.

We protect personal data with reasonable technical and organisational measures: encrypted transmission (HTTPS), access controls, encrypted backups, vendor due diligence, and staff training on confidentiality and professional secrecy. No system is perfectly secure, and we cannot guarantee absolute security. We take this seriously and we notify the supervisory authority and you, where required, in the event of a breach.

We may update this policy when our practices change or when the law requires. The 'last updated' date at the top reflects the most recent revision. We do not publish silent material changes. Substantive updates are flagged to you when you next contact us.