Privacy Policy

Last updated: 28th May 2026

This Privacy Policy explains how personal data is collected, used and protected when you visit or interact with the website matteotrivelli.com.

This website is operated by:

Data controller: Matteo Trivelli
Website: https://www.matteotrivelli.com
Contact email: mt@matteotrivelli.com
Professional / business address: Carrer Santiago Rusiñol 3,3 07012 Palma de Mallorca, Islas Baleares, Spain.
Tax / VAT identification number: X9086081T

This Privacy Policy applies to the use of this website, including its pages, contact forms, professional inquiry forms, portfolio pages, blog or insight pages, embedded content, analytics tools and any other interactive features available on the website.

 

1. Personal data collected

This website may collect the following categories of personal data:

1.1 Data provided directly by users

When you contact Matteo Trivelli through the website, by email or through a contact form, the following data may be collected: name; email address; company or organization, if provided; website, if provided; message content; information related to a professional inquiry, project request, collaboration, consulting need or service request; any other information voluntarily included by the user in the message. Please do not send sensitive personal data unless it is strictly necessary for your request.

1.2 Technical and browsing data

When you visit the website, certain technical information may be processed automatically, including: IP address; browser type and version; device type; operating system; pages visited; date and time of access; approximate location derived from technical data; cookie preferences; interaction with website content. Some of this information may be processed through technical cookies, analytics cookies or third-party tools, depending on your cookie preferences.

1.3 Cookie-related data

The website uses cookies and similar technologies. Some cookies are necessary for the website to function correctly, while others may be used for analytics or marketing purposes only if you give consent. More information is available in the separate Cookie Policy.

1.4 Comments

If comments are enabled on the website, the data shown in the comment form, the visitor’s IP address and browser user agent string may be collected to help detect spam. At present, this website is primarily a professional portfolio and service website. If comments are not active, this section does not apply in practice.

1.5 Newsletter data If a newsletter subscription form is active, the website may collect your email address and any other information required to manage the subscription. Newsletter provider: This website does not currently operate a newsletter subscription system.

 

2. Purposes of processing

Personal data may be processed for the following purposes:

  • to respond to contact requests and professional inquiries;
  • to manage consulting, collaboration or project-related communications;
  • to provide information about services, portfolio work, research, events or professional activities;
  • to improve the structure, content and usability of the website; to analyse website traffic and understand how visitors use the site, subject to cookie consent where required;
  • to maintain website security and prevent abuse, spam or unauthorized access; to comply with legal obligations;
  • to manage newsletter subscriptions, if active;
  • to manage cookie consent preferences.

 

 

3. Legal basis for processing

The legal basis depends on the type of processing:

3.1 Contact and professional inquiries

The legal basis is the user’s consent when submitting a form or sending a message, and/or the legitimate interest of the controller in responding to professional inquiries. Where the inquiry may lead to a contract or professional service, the legal basis may also be the application of pre-contractual measures requested by the user.

3.2 Website security and technical operation

The legal basis is the legitimate interest of the controller in keeping the website secure, functional and protected against misuse.

3.3 Analytics cookies

Analytics cookies are used only with the user’s consent, where consent is legally required.

3.4 Marketing cookies

Marketing cookies, if used, are processed only with the user’s consent.

3.5 Newsletter

If a newsletter is active, the legal basis is the user’s consent to receive communications.

3.6 Legal obligations

Where data must be retained or processed to comply with legal, tax, administrative or regulatory obligations, the legal basis is compliance with a legal obligation.

 

4. Contact forms

This website may use contact forms to allow users to send professional inquiries, collaboration requests, service requests or other messages.

The data submitted through contact forms is used only to respond to the request and manage the related communication.

Contact form plugin or provider: at the moment the website does not uses contact forms. ]

Form submissions may be stored in the website database, sent by email, or processed by third-party anti-spam, security or hosting services.

Retention period for contact form submissions: for the time necessary to respond to the inquiry and, where relevant, for up to 24 months for professional follow-up, unless a longer retention period is required by law.

 

5. Newsletter

If the website offers a newsletter, users may subscribe voluntarily by providing their email address. Newsletter data is used only to send the requested communications and manage the subscription.

Users may unsubscribe at any time using the unsubscribe link included in each email or by contacting mt@matteotrivelli.com.

Newsletter service provider: This website does not currently operate a newsletter subscription system. If a newsletter is introduced in the future, this Privacy Policy will be updated before or at the time of activation.

International data transfer: none.

 

 

6. Google Analytics and website analytics

This website may use Google Analytics or similar analytics tools to understand how visitors use the website and to improve its content, structure and performance.

Analytics may include information such as pages visited, session duration, approximate geographic area, device type, browser and interactions with the website.

Analytics cookies are used only if the user gives consent through the cookie banner, where consent is legally required.

If Google Analytics 4 is used, Google may process data as an independent controller or processor depending on the configuration and services activated.

Analytics provider: Google Analytics / Google LLC Current implementation: direct GA4 tag

Consent Mode v2: enabled 

 

 

7. Google Search Console

This website may use Google Search Console to monitor search visibility, indexing, technical performance and SEO-related information.

Google Search Console generally provides aggregated information about search queries, impressions, clicks and indexing status. It is not used to identify individual visitors directly.

 

 

8. Google Ads and advertising tools

This website may use Google Ads or related advertising tools in the future.

If Google Ads, remarketing, conversion tracking or advertising cookies are activated, this Privacy Policy and the Cookie Policy will be updated to explain:

  • which advertising tools are used;
  • whether remarketing is active;
  • whether conversion tracking is active;
  • which cookies or tags are used;
  • how consent is collected; how Consent Mode v2 is implemented;
  • how users can reject or configure advertising cookies.

 

 

9. Cookies

This website uses cookies and similar technologies.

Cookies may be:

  • necessary cookies, required for the website to function;
  • preference cookies, used to remember settings such as language or cookie choices;
  • analytics cookies, used to understand website usage;
  • marketing cookies, used for advertising or tracking, if activated.

Users can accept, reject or configure non-essential cookies through the cookie banner or cookie settings panel. More information is available in the Cookie Policy.

 

 

10. Embedded content from other websites

Pages on this website may include embedded content such as videos, images, maps, social media posts, external articles, forms or other third-party materials. Embedded content from other websites behaves as if the visitor had visited the external website directly.

These third-party websites may collect data, use cookies, embed additional tracking and monitor interaction with the embedded content, especially if the visitor has an account and is logged into that third-party service.

Possible third-party embedded services may include:

  • YouTube or Vimeo videos;
  • Google Maps;
  • social media platforms;
  • external forms or scheduling tools;
  • embedded documents or PDFs;
  • other external websites.

Currently active embedded services: 

  • YouTube or Vimeo videos;
  • social media platforms;
  • embedded documents or PDFs;

 

 

11. Multilingual website and WPML

This website may use WPML or similar multilingual tools to manage content in different languages.

WPML may use cookies to identify the visitor’s current language, the last visited language and the language of logged-in users.

If WPML Advanced Translation Editor or external translation services are used, website content and relevant user/administrator information may be processed by WPML or its service providers.

WPML / translation services currently active: translation in English, Spanish, Italian.

 

 

12. AI-assisted content and images

Some content, images, diagrams or visual materials on this website may have been created or edited with the support of artificial intelligence tools and then selected, edited or curated by Matteo Trivelli.

This does not normally involve the processing of visitor personal data.

If, in the future, the website uses AI tools to process user-submitted personal data, this Privacy Policy will be updated to explain the tool used, the purpose, the legal basis, the data processed, the provider and any relevant data transfer.

 

 

13. Who personal data is shared with

Personal data may be shared with third-party service providers only when necessary for the operation, security, analytics, communication or legal management of the website.

These providers may include:

  • website hosting provider: https://www.godaddy.com/
  • domain and email provider: https://www.godaddy.com/
  • WordPress plugins and technical service providers;
  • analytics provider, such as Google Analytics;
  • cookie consent management plugin/provider;
  • newsletter provider, if active;
  • anti-spam or security service providers;
  • professional advisors, if required for legal, tax or administrative reasons;
  • public authorities, where legally required.

This website does not sell personal data.

 

 

14. International data transfers

Some third-party providers may process data outside the European Economic Area, including in countries that may not offer the same level of data protection.

Where applicable, such transfers should be based on appropriate safeguards, such as adequacy decisions, Standard Contractual Clauses or other mechanisms recognized by applicable data protection law.

Providers involving possible international transfers: Google, GoDaddy.

 

 

15. Data retention

Personal data is retained only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required by law.

Indicative retention periods:

  • contact form messages: up to 24 months unless a longer period is needed;
  • professional correspondence: for the duration of the professional relationship and the applicable legal limitation periods;
  • newsletter data: until the user unsubscribes or requests deletion;
  • analytics data: according to the analytics provider’s retention settings;
  • cookie consent records: according to the cookie consent tool’s retention settings;
  • security logs: for the period necessary to maintain website security;
  • legal/tax documents: according to applicable legal obligations.

 

 

16. User rights

Under applicable data protection law, users may have the right to:

  • access their personal data;
  • request correction of inaccurate data;
  • request deletion of their data;
  • request restriction of processing;
  • object to processing;
  • request data portability;
  • withdraw consent at any time, where processing is based on consent;
  • lodge a complaint with a supervisory authority.

To exercise these rights, users may contact: mt@matteotrivelli.com

Users also have the right to lodge a complaint with the Spanish Data Protection Agency, the Agencia Española de Protección de Datos — AEPD.

 

 

17. Security measures

The website applies reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration or disclosure.

These measures may include:

  • secure hosting configuration;
  • HTTPS encryption;
  • WordPress security updates;
  • restricted administrator access;
  • plugin and theme maintenance;
  • spam protection;
  • backup systems; access controls.

No website or online system can guarantee absolute security.

 

 

18. Data breaches

If a personal data breach occurs and it is likely to result in a risk to the rights and freedoms of individuals, the controller will assess the incident and, where required, notify the competent supervisory authority and/or affected individuals in accordance with applicable law.

 

 

19. Automated decision-making and profiling

This website does not use automated decision-making that produces legal effects or similarly significant effects on users.

Analytics and advertising tools, if activated, may involve limited profiling or audience measurement depending on the configuration and the user’s cookie consent.

If advanced profiling, remarketing or automated decision-making tools are introduced, this Privacy Policy will be updated accordingly.

 

 

20. Changes to this Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in the website, services, plugins, legal requirements or data processing practices.

The latest version will always be available on this page.