Privacy Policy

1) Data controller

The Data Controller is:

Mauro Tampieri – Raion Tattoo (sole proprietorship)

Headquarters: Via Doberdò 11B, 48121 Ravenna (RA), Italy

VAT number: 02537420396

Tel.: +39 389 636 9753

E-mail: info@maurotampieri.com

PEC: maurotampieri@pec.it

2. Scope of application

This policy describes how we process personal data collected through the site

raiontattoo.com (hereinafter,

“Site”), including data sent via contact/request forms

quote and through the contact channels indicated on the Website (email, telephone, WhatsApp).

3.1 Categories of data processed

For example, through the “Contacts / Request a Quote” form we can process:

name and surname

telephone number

e-mail address

required description (e.g. tattoo description)

additional information (e.g. body part, notes)

user-uploaded attachments (e.g. reference images)

 

3.2 Categories of data processed

The computer systems used to operate the Site acquire, during normal operation,

some data whose transmission is implicit in the use of Internet protocols (e.g. IP address, log

technical, browser and device information, date/time, pages visited).

This data is used for technical and security purposes and, where applicable, for

statistics/analysis after obtaining consent via cookie banner.

3.3 Data communicated via contact channels

If you contact us via email/phone/WhatsApp, we process the data necessary to manage the

conversation (e.g. WhatsApp number, message content).

4. Purpose of processing and legal basis

We process personal data for the following purposes:

A) Management of requests, estimates and contact

Purpose: respond to the request, provide information/quotes, contact the user again.

Legal basis: execution of pre-contractual/contractual measures (Article 6.1(b) GDPR).

B) Internal organization of request management

Purpose: to receive internal notifications and manage the processing flow of requests (e.g.

forward notification to the owner).

Legal basis: execution of pre-contractual/contractual measures (art. 6.1(b) GDPR) and/or

legitimate organizational interest (art. 6.1(f) GDPR), depending on the specific activity.

Note: To speed up the handling of requests, we may use tools

automation that sends a WhatsApp notification to the Owner containing the essential data of the

request.

C) Marketing (only with consent)

Purpose: to send promotional communications, offers and updates via the channels

indicated (e.g. WhatsApp, email or other channels).

Legal basis: consent (Article 6.1(a) GDPR).

The provision is optional and failure to consent does not affect the management of the

request/quote.

D) Statistics and Site Improvement (cookies/analysis tools)

Purpose: measuring visits, analyzing interactions (e.g. clicks), improving experience

user.

Tools: Google Analytics 4 (via Google Tag Manager) and Microsoft Clarity.

Legal basis: consent via cookie banner (art. 6.1(a) GDPR), except for technical cookies

strictly necessary.

E) Legal compliance and protection of rights

Purpose: regulatory/accounting/fiscal obligations; prevention of abuse and security; management of

disputes and legal protection.

Legal basis: legal obligation (Article 6.1(c) GDPR) and/or legitimate interest (Article 6.1(f) GDPR).

5. Methods of processing

The data are processed using electronic and, if necessary, paper-based tools, adopting security measures.

adequate security to prevent unauthorized access, disclosure, modification or destruction

unauthorized access to data.

6. Recipients and suppliers (Data controllers)

The data may be communicated to subjects who act as Data Processors

or Independent Owners, as applicable:

6.1 Data controllers (suppliers)

Website Hosting: Hostinger (hosting and infrastructure services).

Corporate email management: Register (email services).

Form/CRM Management: GoHighLevel (collection and management of requests and attachments).

Automations: Make (workflow and notifications).

Analysis services (subject to consent): providers of the tools indicated in the Cookie Policy

(e.g. Google, Microsoft).

The updated list of Data Controllers can be requested by writing to

info@maurotampieri.com.

6.2 Independent owners

WhatsApp (Meta): If you use WhatsApp or if it is used as a technical channel

notification, the service is provided by entities that operate as independent owners for what concerns

competence.

7. Transfers to non-EEA countries

Some providers (e.g. analytics/monitoring services, automation tools or

messaging) may involve data transfers to countries outside the European Union.

European Economic.

In such cases, the transfer takes place on the basis of adequate guarantees provided by the GDPR (e.g.

Standard Contractual Clauses and/or further measures). You can request information on the

guarantees applied by writing to info@maurotampieri.com.

8. Retention period

We retain the data for the time necessary for the purposes for which they were collected and, in

particular:

Unconverted requests/quotes: up to 36 months from the last useful contact or from the

closing the request.

Converted customers / requests (non-accounting operational data): up to 60 months from the last

contact.

Administrative-accounting data (if present): up to 10 years (legal obligations).

Marketing (if consent is given): up to 36 months from the last significant interaction or

until consent is revoked (if earlier).

User uploaded attachments (in GHL):

if the request does not materialize: up to 36 months;

if useful for processing/managing the relationship: up to 60 months from the last contact.

Security/access logs: up to 24 months; regular technical logs: up to 12 months.

Backup: Up to 180 days (rotation).

In case of litigation or need to protect rights, some data may be retained longer

for as long as strictly necessary.

9. Data provision

The provision of data for the management of the request/quote is necessary: in the absence

we will not be able to respond or provide the requested service.

Providing your data for marketing purposes is optional.

10. Minors

The Site and its services are not intended for minors. If we become aware of data relating to minors,

We will delete them within reasonable technical limits.

11. Publication of images (work gallery)

Images of the works may only be published on the Site in a non-traceable form.

to the interested party. We adopt minimization measures (e.g., absence of faces, framing

limited, exclusion of identifying elements).

If you believe that any content makes you identifiable or you wish to have it removed, you can write to

info@maurotampieri.com: we will evaluate and proceed with the removal within the technically feasible timeframe

necessary.

12. Rights of the interested party

You can exercise the rights provided for by Articles 15–22 GDPR (access, rectification, erasure,

limitation, opposition, portability; revocation of consent when applicable) by writing to

info@maurotampieri.com

You also have the right to lodge a complaint with the Italian Data Protection Authority.

13. Changes to this policy

We may update this policy. The updated version will be posted on

this page with the update date indicated.

Last updated: February 11, 2026