C1Scope and who processes your data
This policy sets the consolidated baseline for how personal information is handled across the channels connected to Alessandro Palombo's publication and activities. The formal data controller for information you provide through a specific channel (registration, booking, payment, correspondence) is the operating entity of that channel, as identified in its own legal notices; where that channel publishes its own privacy policy, that policy prevails for that channel. In everything not regulated there, this baseline applies.
This website (legal.alepalombo.com) itself does not use tracking cookies and does not collect personal data.
C2What is collected
Collection is minimal and limited to what you provide:
- Contact information: name and email when you subscribe, register, or write.
- Booking and payment data: handled by the payment and booking platforms of the relevant channel (e.g. Substack, Stripe, scheduling or webinar software); full card details are never seen or stored by us.
- Correspondence and session content: what you write in emails, DMs, or Q&A, and what you share during calls.
No data is purchased from third parties, and no profiles are built from external sources.
C3How it is used
Personal information is used to deliver what you requested: newsletters and content you subscribed to, sessions you booked, and answers to what you asked. With your consent given at registration, you may also receive related newsletters, from which you can unsubscribe at any time.
Personal information is never sold or rented, and is not shared with third parties for their marketing.
C4Sensitive information in sessions
Conversations about mobility, residency, taxation, and personal circumstances often involve sensitive details. Anything you share in a 1:1 session, email, or DM is treated as confidential: it is used only to prepare and conduct the session or answer, stored cautiously and no longer than needed, and not shared with anyone except (a) with your consent, for example when introducing you to a professional you asked to be connected with, or (b) where disclosure is required by law.
Sensitive session content is never used for marketing, never published, and never fed into public case studies in identifiable form. Note that in group sessions, anything you choose to say is heard by other participants; share accordingly.
C5Sharing and service providers
Information is shared only with the service providers necessary to operate the channels: newsletter and publishing platforms (e.g. Substack), payment processors (e.g. Stripe), scheduling and webinar tools, video conferencing, and email providers. Each acts under its own terms and privacy policy. Beyond these processors, information is disclosed only with your consent or where required by law.
C6Storage, security & retention
Information is stored on the systems of the reputable platforms listed above, protected by their security measures and by reasonable organizational precautions (limited access, no unnecessary copies). It is retained only as long as needed for the purpose it was provided for, or as required by tax, accounting, or other legal obligations, and then deleted.
No transmission or storage is perfectly secure; in the unlikely event of a breach affecting your data, you will be informed as required by applicable law.
C7Your rights
Subject to applicable law (including the GDPR where it applies), you can request access to the personal information held about you, its correction, its deletion, a copy in portable form, or object to a specific use. Requests are honored within the timeframes required by applicable law and, in any case, as promptly as practicable. Unsubscribing from any newsletter is always available via the link in each email.
C8Changes & contact
This policy may be updated at any time; the date above reflects the latest version. For questions, requests under C7, or to know which entity operates the channel you used: ale@alepalombo.com.