Information on the processing of personal data made in accordance with Art.13 EU Regulation 2016/679
and the European and national laws that amend and/or supplement it (Privacy Regulations) with regard to the processing of personal data, as well as the free movement of such data.

Dear Users/Visitors,

“EU Regulation 2016/679” ( hereinafter “EU Regulation” or “GDPR”) in Article 13, imposes the obligation to inform the data subject about the basic elements of the processing.
Since LIGHTING DESIGN S.r.l. (P.IVA/tax code 11684011007) with registered office in Via Dipignano 22, 00173 Rome, Italy (hereinafter referred to as the “Data Controller”), in its capacity as the Data Controller, fulfills in full compliance with the provisions of the GDPR, hereby intends to provide you with the due information regarding: the nature of the data in our possession, the purposes and methods of the processing of personal data, as well as the scope of any communication and/or dissemination of the same.

According to the indicated law LIGHTING DESIGN guarantees that the processing of personal data is carried out in compliance with the fundamental rights and freedoms of the data subject.

This policy, applies to all data collected by the Owner through its website .

“Processing” of personal data means any kind of operation of collecting, recording, storing, modifying, communicating, deleting, making available and disseminating personal data.

The computer systems and software procedures used to operate this WEB site acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. Consequently, mere access to the site implies the acquisition by the Owner of information and data about the user.

1.Identity and contact details of the data controller

The Data Controller is LIGHTING DESIGN S.r.l. (P.IVA/tax code 11684011007) with registered office in Via Antonino di Giorgio, 11, 00135 Roma RM, in the person of the legal representative Daniele Cruciani ( CRCDNL77M19H501P).

The full list of officers is available at the above-mentioned office and can be found by contacting the addresses below.


regular mail: Lighting Design srl, Via Antonino di Giorgio, 11, 00135 Rome RM

2.Type of data processed

Navigation data

The computer systems and software procedures responsible for the operation of the website acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes the IP addresses or domain names of the processors or electronic devices used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment.

Data voluntarily provided by the user

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.

3. Purpose and legal basis for processing

Personal data will be processed in hard copy or by automated means for the following purposes:

3.1 for all users of the site, personal data may be used for the following purposes:

3.1.1. Allow navigation through the public web pages of our site and check the proper functioning of the site, in this case the data being processed will only be anonymized IP addresses;

3.1.2 the data of navigation and proper functioning of the public web pages of our site will be used for the investigation of liability in case of computer crimes: except for this eventuality, the data will not be stored;

3.1.3 comply with the provisions of laws and regulations (national or EU), or execute an order of judicial authorities or supervisory bodies to which the Owner is subject;

3.1.4 Exercise the rights of the Holder, in particular, that of establishing, exercising or defending a right in court;

The legal basis for the aforementioned treatments is, pursuant to Art. 6 par. 1(f) of the GDPR, the pursuit of the legitimate interest of the data controller aimed at ensuring the proper functioning of its website.

3.2. The personal data of users who fill out the form and/or send e-mails to the addresses published on the site will be processed not only for the purposes described above, but also for purposes related to the services requested; in particular for:

3.2.1 contact you to provide the information you have requested through the contact form or send e-mail to the addresses posted on the website.

For the treatment in Section 3.2.1. The legal basis for processing is, pursuant to Art. 6 par. 1(f) of the GDPR, the legitimate interest of the Controller to respond to spontaneous contact/information requests sent by users.

By using or consulting this site, users and/or visitors acknowledge that they have carefully reviewed this privacy policy.

The data subject may object in whole or in part to the indicated treatments easily and free of charge, by writing an e-mail at any time to or by mail to the holder’s address above.

4. Recipients or possible categories of recipients of personal data

Personal data of registered users may be disclosed to specially designated parties authorized or responsible by the data controller belonging to the following categories: site hosting ( ), consultants and professionals, including in associated form.

However, all communication and dissemination will take place in accordance with the purposes of processing described above.

It is possible to request the list of controllers from the data controller at the contact details given in 1.

Personal data may be disclosed to third parties in order to fulfill legal obligations, or to comply with orders from public authorities legitimized to do so, or to assert or defend a right in court.

5. Period of storage of personal data and processing methods

Personal data collected for the purposes stated in Section 3.1 of this policy will not be retained.

Personal data collected for the purposes indicated in Section 3.2 of this policy will be retained for a maximum period of two years or until consent is revoked and, in any case, no later than three months after such revocation; at the end of this period, the data will be retained for an additional 10 years solely for administrative/accounting purposes and legal defense.

The processing will be carried out in an automated form, using methods and tools designed to ensure maximum security and confidentiality, by the data controller and entities responsible for and in charge of the processing in accordance with the EU Regulation.

The servers where the data of the data subjects are stored are owned by the Data Controller and located at its registered office and servers of Aruba S.p.a. The hardware infrastructure used by Aruba to deliver its services is located within the data center residing in Italy ISO 27001 certified.

6. Rights of the data subject

You have the right to access your data at any time and to exercise your other rights under the GDPR by contacting the contacts listed in section 1. In particular You are entitled to:

Data subject’s right of access (Art. 15, GDPR)

The data subject shall have the right to obtain from the data controller confirmation as to whether or not personal data concerning him or her are being processed and, if so, to obtain access to the personal data and to certain information specifically mentioned in Art. 15 of the GDPR.

Right of Rectification (Art. 16, GDPR)

The data subject has the right to obtain from the data controller the rectification of inaccurate personal data concerning him or her without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, including by providing a supplementary statement.

Right to Cancellation (Art. 17, GDPR)

The data subject shall have the right to obtain from the data controller the erasure of personal data concerning him or her without undue delay, and the data controller shall be obliged to erase the personal data without undue delay, unless there are grounds for preventing the exercise of this right.

Right to restriction of processing (Art. 18, GDPR)

The data subject has the right to obtain, where possible, the restriction of the processing of his or her personal data.

Right to data portability (Art. 20, GDPR)

The data subject, if the processing is based on consent or on a contract and is carried out by automated means, has the right to receive in a structured, commonly used and machine-readable format the personal data he or she has provided to the data controller and has the right to transmit them to another data controller or have them transferred directly by the controller, if technically feasible.

Right to Oppose (Art. 21, GDPR)

The data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data based on the legitimate interest of the data controller or on the data subject’s consent, including profiling, unless he or she proves the existence of compelling legitimate grounds for processing that override the data subject’s rights.

Automated decision-making related to natural persons including profiling (Art. 22, GDPR)

The data subject has the right not to be subjected to a decision based solely on automated processing that produces legal effects concerning him or her or that significantly affects him or her in a similar way., in any case, does not use automated decision-making processes.

Right to lodge a complaint with the supervisory authority (Art. 77, GDPR)

Without prejudice to any other administrative or jurisdictional recourse, a data subject who believes that the processing concerning him or her violates these regulations has the right to lodge a complaint with the Data Protection Authority.

Cookie policy

What are cookies and how we use them

A “cookie” is a text file that is stored on computers, tablets, cell phones, and any device used to browse the Internet, where it is stored to be retransmitted to the same sites the next time the same user visits.

This website uses cookies to improve navigation and to provide services and functionality to its users and visitors. The use of cookies can be restricted or disabled through your web browser; however, without cookies some or all site functionality may be unusable.


our site uses strictly necessary Technical Cookies that are essential to complete the activities requested by the user, for example, to store information provided by the user while browsing the site.

By linking to any page on, the user will seè appear a brief information about the use of cookies. By closing this notice using the appropriate button or clicking outside the banner that contains it and continuing to browse, you consent to our use of cookies as̀ described in this Cookie Policy.

The site remembers the choice made by the user, so the brief information will not bè repeated in subsequent links from the same device. However, the

user always has the possibilitỳ to revoke all or part of the consent alreadỳ expressed.

If you encounter technical problems related to the provision of consent, please contact us for assistance.

Types of cookies

The Personal Data Protection Supervisor’s Provision no. 229 of May 8, 2014, published in OJ no. 126 of June 3, 2014, categorized cookies into two macro-categories: “technical” cookies and “profiling” cookies.

Technical cookies.

Technical cookies are those used for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide such service.

They are not used for any further purposes and are normally installed directly by the owner or operator of the website. They can be divided into navigation or session cookies, which ensure the normal navigation and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas); functionality cookies, which allow the user to navigate according to a set of selected criteria (e.g., language, products selected for purchase) in order to improve the service rendered to the same.

Users’ prior consent is not required for the installation of such cookies.

Profiling cookies.

Profiling cookies are aimed at creating profiles related to the user and are used in order to send advertising messages in line with the preferences expressed by the user when browsing the web. Due to the particular invasiveness that such devices can have within the private sphere of users, European and Italian regulations require that the user must be adequately informed about their use and thus express valid consent.

In the same Provision, the Garante also categorized cookies according to the entity acting as the controller of the personal data collected by the cookie, distinguishing between first-party and third-party cookies.

First-party cookies.

These are the cookies managed by the site owner. For these cookies, the duty of disclosure lies with the site owner. It is also incumbent on the latter to indicate how the cookie may be blocked.

Third-party cookies.

These are the cookies managed by a third party other than the site owner. For these cookies, the obligation for the third party to provide the information and details on how to block the cookie, if any, is the responsibility of the third party, while the site owner is obliged to include on the site the link to the third party’s site where these elements are available.

In both types of cookies (first-party or third-party), the collection of consent, which is necessary if the cookie is a profiling cookie, is done through a special banner on the home page of the site.

We use the following categories of first-party cookies for our website:

1. Technical cookies

Technical cookies are related to the functionality and aesthetics of the website, and also, they are essential to navigate the website.

2. Statistical cookies

Matomo is statistical software used by this Web Site to analyze data directly and without the help of a third party.

We do not send Matomo any kind of data

about visits, neither in aggregate nor in personalized form.

The security features in Matomo that enable it to be in compliance with privacy protection laws are:

  • AnonymizeIP plugin, which resets the last two blocks of numbers in visitors’ IP addresses to zero

  • System that allows visitors to disable Web Analytics cookie tracking and analysis (Opt Out feature) on the site with one click. It is possible to exercise the opt out function with the following option check box.

  • Deletion of logs generated by Matomo (Piwik) after a limited period of time (180 days).

For more information:

Cookies management

At any time, you may refuse to accept all or some of the cookies used by this website by simply selecting, on your browser, the settings that allow you to reject them.

To be able to perform this deactivation, you need to download and install a correct extension for the browser you are using


To receive more information you can visit the

Google’s combined privacy policy

. In addition, each browser has specific configuration instructions so more information regarding the procedures to be followed to disable cookies can be found on the browser provider’s website.

Internet Explorer




Iphone and ipad

By disabling cookies, you can still use some parts of the website, but some services may not be usable.

Interaction with social networks and external platforms

The website

may allow interactions with social networks (Facebook, Google+, Instagram, Pinterest, LinkedIn) or other external platforms. The interactions and information captured depend on the User’s privacy settings on the specific social networks. In the event that a social network interaction service is installed, it is possible that, even if Users do not use the service, it will collect traffic data related to the pages where it is installed. The buttons present are simply linking links and do not transmit any data.

Facebook button

The Facebook button is an interaction service with the social network Facebook, is provided by Facebook, Inc.

Google+ button

The Google+ button is an interaction service with the Google+ social network, provided by Google Inc.

Linkedin button

The Linkedin button and Linkedin social widgets are social network interaction services provided by Linkedin.

Instagram button

The Instagram button is an interaction service with the social network Instagram, provided by Instagram Inc.

Pinterest button

The Pinterest button is an interaction service with the social network Pinterest, provided by Pinterest Inc.

YouTube button

The YouTube button is an interaction service with the YouTube website, provided by Google Inc.

Twitter button

The Twitter button is an interaction service with the social network Twitter, provided by Twitter Inc.

This policy may be subject to change. If substantial changes are made to the Owner’s use of data about you, the Owner will notify you by prominently posting them on its pages or through alternative or similar means.

Updated October 16, 2018.

Table of cookies used by this site