Who we are
This website is operated by GEMA Srl, an Italian company, VAT number IT02893910980, registered office in Brescia, Italy. Experiree is the cybersecurity advisory brand of GEMA Srl. Throughout this page, "we", "us", and "Experiree" refer to GEMA Srl in its capacity as data controller for the data described below.
For any privacy-related request, write to info@experiree.com.
What data we collect on this site
We do not collect personal data when you browse this site. We do not use cookies. We do not run advertising trackers. We do not build profiles of visitors.
To understand how the site is used (which pages are read, how visitors arrive), we use Cloudflare Web Analytics. Cloudflare Web Analytics is privacy-preserving by design: it does not use cookies, does not fingerprint visitors, and does not collect personal data such as IP addresses (these are truncated and discarded). The data collected is aggregated and anonymous, and we cannot identify individual visitors from it.
If you contact us by email, we will of course process your email address and the content of your message to reply to you.
Why we process this data (legal basis)
For the aggregated and anonymous analytics: we rely on our legitimate interest (GDPR Article 6(1)(f)) in understanding how the site is used and in maintaining its quality. Because no personal data is involved, no consent is required and no cookie banner is displayed.
For email correspondence you initiate: we rely on your initiative to contact us and on our legitimate interest in replying to professional enquiries (GDPR Article 6(1)(f)).
How long we keep it
Cloudflare Web Analytics retains the aggregated data it collects for up to 6 months by default. We do not download or store this data outside the Cloudflare dashboard.
Email correspondence is retained for as long as needed to handle the conversation and any follow-up, and afterwards in line with our document retention practices for professional communications.
Who else sees this data
The aggregated analytics data is processed by Cloudflare, Inc. acting as our data processor. Cloudflare's privacy practices are documented at cloudflare.com/privacypolicy.
We do not sell, rent, or otherwise share data about visitors with any third party.
International transfers
Cloudflare operates globally, and traffic to this site may transit through Cloudflare infrastructure located outside the European Economic Area. Cloudflare relies on Standard Contractual Clauses and other safeguards approved by the European Commission for international transfers of personal data.
Your rights
Under GDPR (Articles 15 to 22), you have the right to ask us for access to your personal data, rectification, erasure, restriction of processing, data portability, and to object to processing. Because we do not collect identifying data through site browsing, these rights mostly apply to email correspondence you have initiated with us.
To exercise any of these rights, write to info@experiree.com. We will reply within one month.
You also have the right to lodge a complaint with a supervisory authority. The competent authority for Italy is the Garante per la protezione dei dati personali (garanteprivacy.it).
Changes to this policy
If we change how this site handles data, we will update this page and revise the "last updated" date at the top. Substantive changes will be reflected in the website footer.