Legal
Privacy & Cookie Policy
Last updated: February 2026
Table of Contents
- Introduction
- Data Controller
- Types of Data Collected
- Methods of Processing
- Purposes of Processing
- Legal Basis for Processing
- Data Retention
- Data Sharing and Recipients
- International Data Transfers
- User Rights
- Cookie Policy
- Managing Cookie Preferences
- Protection of Minors
- Changes to This Policy
- Contact Information
1. Introduction
This Privacy and Cookie Policy ("Policy") describes how Astral Prism Srls Unipersonale ("Astral Prism", "we", "us", or "our") collects, uses, stores, and protects personal data when you visit our website at astralprism.tech ("Website") or use our services.
We are committed to protecting your privacy and ensuring that your personal data is handled in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, "GDPR"), the Italian Legislative Decree 196/2003 as amended by Legislative Decree 101/2018 ("Privacy Code"), and the guidelines issued by the Italian Data Protection Authority ("Garante per la protezione dei dati personali").
By accessing or using our Website, you acknowledge that you have read and understood this Policy. We encourage you to read this document carefully and to check this page periodically for any updates.
2. Data Controller
The Data Controller responsible for processing your personal data is:
Astral Prism Srls Unipersonale
Registered Office: Piazza Roma 5, 00015 Monterotondo (RM), Italy
VAT Number (P.IVA): 18380411001
Tax Code (CF): 18380411001
REA: RM-1781416
Share Capital: €2,500
Email: info@astralprism.tech
3. Types of Data Collected
3.1 Data Provided Voluntarily by the User
When you use our contact form or communicate with us, you may voluntarily provide us with the following personal data:
- Full name
- Email address
- Phone number
- Company name
- Message content and any other information you choose to provide
3.2 Data Collected Automatically (Navigation Data)
During normal operation, the computer systems and software procedures used to operate this Website acquire certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects but, by its very nature, could allow users to be identified through processing and association with data held by third parties.
This category of data includes:
- IP addresses or domain names of the computers used by users connecting to the Website
- URI (Uniform Resource Identifier) addresses of requested resources
- Time of request
- Method used to submit the request to the server
- Size of the file obtained in response
- Numerical code indicating the status of the response from the server (successful, error, etc.)
- Browser type and operating system
- Other parameters relating to the user's operating system and computer environment
3.3 Cookies and Similar Technologies
Our Website uses cookies and similar tracking technologies. For detailed information about the cookies we use and how to manage your preferences, please refer to Section 11 (Cookie Policy) of this document.
4. Methods of Processing
Personal data is processed using automated tools for the time strictly necessary to achieve the purposes for which it was collected. Specific security measures are observed to prevent data loss, illicit or incorrect use, and unauthorized access.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
- Encryption of data in transit using SSL/TLS protocols
- Regular security assessments and updates
- Access controls and authentication procedures
- Regular backups and disaster recovery procedures
- Staff training on data protection practices
5. Purposes of Processing
Your personal data may be processed for the following purposes:
5.1 Service Provision and Communication
- To respond to your inquiries and requests submitted through our contact form
- To provide information about our services
- To manage and execute contractual relationships
- To provide customer support
5.2 Website Operation and Security
- To ensure the proper functioning and security of our Website
- To analyze Website usage and improve our services
- To prevent fraud and protect against malicious activities
- To diagnose technical problems
5.3 Legal Compliance
- To comply with legal obligations and regulations
- To respond to requests from public authorities
- To establish, exercise, or defend legal claims
6. Legal Basis for Processing
In accordance with Article 6 of the GDPR, we process your personal data based on the following legal grounds:
- Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent to the processing of your personal data for one or more specific purposes, such as receiving marketing communications or for the use of non-essential cookies.
- Contract Performance (Art. 6(1)(b) GDPR): Where processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract.
- Legal Obligation (Art. 6(1)(c) GDPR): Where processing is necessary for compliance with a legal obligation to which we are subject.
- Legitimate Interests (Art. 6(1)(f) GDPR): Where processing is necessary for the purposes of our legitimate interests, such as ensuring the security of our Website, provided that such interests are not overridden by your fundamental rights and freedoms. Note: Legitimate interest is never used as a legal basis for profiling or marketing cookies.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Policy. The specific retention periods are as follows:
- Contact form submissions: Retained for up to 3 years from the date of submission, unless required for ongoing business relationships or legal purposes.
- Navigation data: Retained for the period strictly necessary for the purposes for which it was collected, generally no longer than 7 days, unless required for security investigations or legal obligations.
- Cookie consent records: Retained for 5 years to document valid consent as required by the Italian Data Protection Authority (Garante).
- Contractual data: Retained for the duration of the contractual relationship and for 10 years thereafter for legal and fiscal compliance purposes.
After the applicable retention period, personal data will be securely deleted or anonymized.
8. Data Sharing and Recipients
We do not sell, rent, or trade your personal data to third parties. Your personal data may be shared with the following categories of recipients only when necessary:
- Service providers: Third-party companies that assist us in operating our Website and providing our services (e.g., hosting providers, email service providers). These providers are bound by contractual obligations to process data only on our instructions and in compliance with applicable data protection laws.
- Professional advisors: Lawyers, accountants, and other professional advisors where necessary for legal, tax, or business purposes.
- Public authorities: When required by law or in response to valid legal requests from public authorities.
All third parties with whom we share data are required to maintain the confidentiality and security of your personal data and to use it only for the purposes for which it was disclosed.
9. International Data Transfers
Your personal data is primarily processed within the European Economic Area (EEA). If we transfer personal data outside the EEA, we ensure that appropriate safeguards are in place in accordance with the GDPR, including:
- Transfers to countries that have been deemed to provide an adequate level of data protection by the European Commission
- Use of Standard Contractual Clauses (SCCs) approved by the European Commission
- Other legally recognized transfer mechanisms
You may request information about the specific safeguards applied to international transfers by contacting us at the details provided in Section 15.
10. User Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access (Art. 15 GDPR): You have the right to obtain confirmation as to whether your personal data is being processed, and if so, to access that data and receive information about the processing.
- Right to Rectification (Art. 16 GDPR): You have the right to have inaccurate personal data corrected and incomplete personal data completed.
- Right to Erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data in certain circumstances ("right to be forgotten").
- Right to Restriction (Art. 18 GDPR): You have the right to request the restriction of processing of your personal data in certain circumstances.
- Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
- Right to Object (Art. 21 GDPR): You have the right to object to the processing of your personal data in certain circumstances, including processing based on legitimate interests or for direct marketing purposes.
- Right to Withdraw Consent (Art. 7(3) GDPR): Where processing is based on your consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
- Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement. In Italy, the competent authority is the Garante per la protezione dei dati personali (www.garanteprivacy.it).
To exercise any of these rights, please contact us using the information provided in Section 15. We will respond to your request within 30 days, or within the extended period permitted by law if necessary, and will inform you of any such extension.
11. Cookie Policy
11.1 What Are Cookies?
Cookies are small text files that are placed on your device (computer, tablet, smartphone) when you visit a website. Cookies are widely used to make websites work more efficiently, as well as to provide information to the owners of the site. Cookies can be "persistent" (remaining on your device for a set period) or "session" cookies (deleted when you close your browser).
11.2 Types of Cookies We Use
In accordance with the guidelines issued by the Italian Data Protection Authority (Garante) on June 10, 2021, we classify cookies into the following categories:
a) Technical Cookies (Essential)
These cookies are strictly necessary for the operation of the Website and to provide the services you have requested. They include cookies that enable core functionality such as security, network management, and accessibility. These cookies do not require your consent as they are essential for the Website to function properly.
| Cookie Name | Purpose | Duration |
|---|---|---|
| theme | Stores your preferred color theme (light/dark mode) | 1 year |
| cookie_consent | Records your cookie consent preferences | 6 months |
b) Analytics/Performance Cookies
These cookies allow us to recognize and count the number of visitors and to see how visitors move around our Website. This helps us improve the way our Website works, for example, by ensuring that users can find what they are looking for easily.
Currently, this Website does not use analytics or performance cookies.
c) Profiling/Marketing Cookies
These cookies are used to make advertising messages more relevant to you and your interests. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed, and in some cases selecting advertisements based on your interests.
Currently, this Website does not use profiling or marketing cookies.
11.3 Third-Party Cookies
When you visit our Website, you may receive cookies from third-party websites or domains. We do not control the use of these third-party cookies and recommend that you review the privacy policies of these third parties for more information about their cookies.
Currently, this Website does not use third-party cookies.
11.4 Consent for Cookies
In accordance with Italian law and the guidelines of the Garante, we will only set non-essential cookies (such as analytics or profiling cookies) after obtaining your informed consent. Technical cookies, which are essential for the functioning of the Website, do not require consent.
When you first visit our Website, you will be presented with a cookie banner that allows you to accept or reject non-essential cookies. You can also manage your cookie preferences at any time as described in Section 12.
In accordance with the Garante's guidelines, we will not ask for your consent again within 6 months of your initial choice, unless the conditions of data collection have materially changed.
12. Managing Cookie Preferences
You can control and manage cookies in various ways. Please note that removing or blocking cookies may impact your user experience and parts of our Website may no longer be fully accessible.
12.1 Browser Settings
Most browsers allow you to control cookies through their settings. You can usually find these settings in the "Options" or "Preferences" menu of your browser. The following links provide information on how to manage cookies in popular browsers:
12.2 Opt-Out Tools
You can also use the following services to manage advertising and tracking preferences:
- Your Online Choices - A service that allows you to manage your preferences for online behavioral advertising.
- Network Advertising Initiative
- Digital Advertising Alliance
13. Protection of Minors
Our Website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us immediately. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to delete that information from our servers.
14. Changes to This Policy
We may update this Privacy and Cookie Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the "Last updated" date at the top of this Policy and, where appropriate, by other means such as posting a notice on our Website.
We encourage you to review this Policy periodically to stay informed about how we are protecting your personal data.
15. Contact Information
If you have any questions, concerns, or requests regarding this Privacy and Cookie Policy or our data processing practices, please contact us:
Astral Prism Srls Unipersonale
Address: Piazza Roma 5, 00015 Monterotondo (RM), Italy
Email: info@astralprism.tech
We will endeavor to respond to all legitimate requests within 30 days. Occasionally, it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Astral Prism Srls Unipersonale - P.IVA e CF 18380411001 - REA RM-1781416 - Sede Legale: Piazza Roma 5, 00015 Monterotondo (RM)