TopLegal International and Data Protection


Dear User,

Thank you for visiting our site.

TopLegal is subject to specific legislation (Italian Legislative Decree no. 196/2003 – The Personal Data Protection Code) and we believe in the importance of protecting personal data and respecting our users’ privacy.


Reason for this notice
The rest of this page describes how this site is managed to handle and process personal data. This is an official notification  required by Article 13 of Italian Legislative Decree no. 196 (the Personal Data Protection Code) for users of web services provided directly by TopLegal and electronically accessible via the address which is the homepage of TopLegal’s official website. This notification is provided for all TopLegal sites (including TopLegal International) and not for any other websites accessed by users via links.

The notification is based on Recommendation 2/2001, which European personal data protection authorities, grouped under the Working Party established by Article 29 of Directive 95/46/EC, adopted on 17 May 2001 to identify minimum requirements for collecting online personal data and, in particular, the procedures, timing, and nature of the information that personal data processing controllers must provide to users when users access web pages, regardless of the purposes of such access. We therefore ask that you read our Privacy Policy, illustrated below.

The Privacy Policy and standards applied by TopLegal for personal data production are based on the following principles:

  1. Responsibility: personal data is handled and processed on an ongoing basis by persons with specific responsibilities to do so.
  2. Transparency: personal data is collected and processed according to the principles established by the Privacy Policy adopted by TopLegal.
  3. Relevance: personal data is registered for specific, explicit and legitimate purposes. It is relevant to, and does not exceed the purposes of, handling and processing and is stored for the time necessary for the purposes of collection.
  4. Purpose of use: personal data is not given to third parties or disclosed without the prior consent of persons concerned, except in cases expressly indicated by Article 24 of Italian Legislative Decree no. 196/2003.
  5. Verification: personal data is updated over time. It is also organised and stored in such a way as to give users the possibility of knowing, if they so desire, what data has been collected and recorded, as well as of checking the quality of the registered data, requesting corrections, additions, and deletions due to legal infringements or opposition to processing, and  exercising all other rights, pursuant to and within the limits of Article 7 of Italian Legislative Decree no. 196/2003, at the addresses indicated in this notification as required by Article 13 of Italian Legislative Decree no. 196/2003.
  6. Security: personal data is protected by security measures against the risk of destruction or accidental loss, and against unauthorised access or use. These security measures are regularly updated and monitored on an ongoing basis.

Third parties performing support activities for any type of service provided by TopLegal are designated as Data Processors and are under contractual obligation to comply with security and confidentiality measures for handling and processing personal data. If processing operations take place under the direct authority of TopLegal, employees of third-party companies that work with TopLegal may be appointed to perform processing.

Personal data may be shared with third parties, who will process the data in the capacity of independent data controllers, as defined by the Italian Legislative Decree no. 196/2003, subject to the consent of interested parties, if so required by law, and in any case after provision of appropriate notification specifying the purposes of the data processing. TopLegal is in no way responsible for handling and processing of personal data performed by these third-party data controllers.

In addition, TopLegal takes no responsibility for:

  1.  The management of personal data buy other websites accessible from links on our web pages
  2.  The contents of any e-mail services, web spaces, and chat forums provided to users.

Following the consultation of this site, data relating to identified and identifiable persons may be handled and processed. The Data Controller or proprietor of such handling and processing is:

Penta Group Srl
Viale Abruzzi, 37

20133 Milan (MI), Italy

Scope of data communication
Personal data submitted may be communicated to third parties to meet legal obligations, to comply with legitimate public authorities, or to enforce or defend a right in the courts.

The data you submit may be shared with third parties by TopLegal for the purposes of providing TopLegal services and products, or to receive marketing information from TopLegal.

If necessary for specific services or products requested, personal data may be shared with third parties who, in the capacity of independent data controllers, perform functions strictly connected with the provision of the services and products in question. Without this data, such services and products cannot be supplied.

Personal data will not be disclosed, unless the service requested so requires.

Types of data collected and ways in which it is processed
Please be aware that your professional and personal interests may be monitored by browsing TopLegal sites. This type of information, however, is collected solely and exclusively for the purposes of providing the services requested and to check the quality of services offered. It does not serve in any way to profile users.

Data provided by the user 

The types of personal data collected and processed by TopLegal sites are necessary to provide the various services offered. Data collected is processed using paper-based, automated and remote electronic systems and for ends strictly related to the purposes of processing.

Your e-mail address (and other data requested) may also be used to provide you with services. If this information is not submitted, you cannot be provided with the services that require such information. If you do not provide your consent to the use of e-mail (or landline or cellular telephones) for the purposes of promotional information or direct marketing or interactive commercial communication, these methods of communication will not be used for those purposes.

Your intentional use of electronic mail to addresses indicated on the website will lead to the automatic  registration of the sender’s address, as well as of any other information contained in the message. This personal data will be used solely for the purpose of executing the service or action requested.

Data relating to browsing
During their normal operations, the site’s software procedures acquire personal data that is automatically transmitted through the use of Internet communication protocols. Even though such data is not designed to be associated with identified users, if it is associated with other data held by third parties (your Internet service provider, for example) it may permit the identification of users.

This category of data includes the IP addresses or domain names of  computers accessing the site, the URL (Uniform Resource Locator) addresses of the resources requested, the time when the request is made, the method used to submit the request to the server, the size of the response file, the numerical code indicating server response status (successful, error, and so on), and other information concerning  the user’s operating system and computer environment.

This data is used solely for anonymous statistics on site usage and to check its proper working.

The Data Controller and, according to the service requested, designated Data Processors keep – for a limited period as per legal regulations – the log of accesses/browsing performed to respond to any requests coming from the authorities or from other public bodies authorised to ask for logs to ascertain any liabilities in the case of computer crimes.

Apart from data from browsing (as specified above), users are free to submit or not to submit any personal data requested in the various services’ registration forms. On these forms some data may be marked as obligatory: this means that the data in question is essential for the provision of the service requested. If this data is not submitted, the service requested cannot be provided and users will be unable to benefit from the service.

Security measures to protect collected data
TopLegal uses secure architectures and technologies to protect personal data against abusive disclosure, alteration or improper use.

The steps taken to protect personal data specifically aim to minimise the risks of destruction or loss of data, unauthorised access, or processing that is prohibited or not consistent with the purposes of its collection. These security measures meet the minimum requirements indicated by the Italian legislator (Technical Protocol for minimum security measures as per Articles 33 and 36 of Italian Legislative Decree no. 196/2003).

Regular risk analyses are performed to check compliance with the standards set and also to adopt any new security measures necessary following organisational changes and technological innovations, or changes in the type of data collected.

Our security measures are constantly monitored and checked.  

Rights of persons submitting personal data
You have the right at all times to obtain confirmation of the existence or otherwise of your personal data, to know its content and origin, to check its accuracy, and to ask for additions, updates or corrections  (Article 7 of Italian Legislative Decree no. 196/2003).

Pursuant to the same article, you have the right to request deletion, transformation into anonymous form or blocking of data illegally processed, and, in any case, to oppose – for legitimate reasons – handling and treatment of your data.

Such requests should be sent to the e-mail address:

Use of cookies
A cookie is a small text file (just a few bytes) exchanged between a website and your browser used to memorise the information necessary to improve browsing within the site.

The leading and most widely-used browsers accept all cookies on a default basis. You can change this option by modifying the settings in your browser, disabling cookies or by customising the settings to ensure that each incoming cookie requires your explicit consent.

In the TopLegal sites cookies are associated with your computer and do not identify the end-user. If you are a registered user of our websites, some cookies – temporarily stored until you finish browsing – may be associated with your user registration. Use of cookies aims to (a.) facilitate, customise and speed up your browsing experience at our site; (b.) control access to services for which you have registered; and (c.) create anonymous site-access statistics. If you decide to disable these cookies, you will lose a large part of customisation functionalities and some services may not be usable.

Some companies supply advertisements on TopLegal sites. These companies may use cookies to ensure that you are not shown the same advertisements too often or for statistical purposes to calculate traffic data to improve advertising content. Cookies are read by companies in anonymous form, i.e. without actually identifying you. They are managed directly by the companies concerned, who are autonomous data controllers. TopLegal has no access to such data, nor can it control the way in which it is  subsequently used.

Use of IP addresses
An IP address is a number automatically assigned to your computer whenever you connect with Internet via your Internet provider or from a corporate LAN/WAN that uses the same Internet protocols.

The IP address is used by the website to send you its pages. IP addresses are anonymous data for us, as they cannot be directly associated with a specific user. They are used solely for TopLegal’s statistical purposes to monitor accesses to services provided.