Credits: The cover page image is by Markus Winkler from Pixabay

Privacy Policy

Matomo opt-in or opt-out

If you have chosen “Allow tracking” we remind you that data will be collected anonymously and in aggregate form as stated in this policy.
You can change your choices at any time.

Privacy Policy

This privacy policy is provided pursuant to Regulation (EU) 2016/679 (“GDPR”), for those who consult the website https://nicfab.eu. This privacy policy applies only to this website and not to other web addresses that may be consulted by the user via links.

Data Controller

The data controller for the processing of data relating to identified or identifiable persons who access and browse this website is Nicola Fabiano (privacy [at] nicfab.eu).

Aspect1. Navigation data (web server logs)2. Web analytics statistics (Matomo cookie-less)3. Comment system (Comentario)4. Voluntary communications via email
PurposeIT security and monitoring of correct website functioningCollection of aggregate statistics to improve contentAllow users to post comments (anonymous or pseudonymous) and provide internal technical statistics server-sideRespond to requests voluntarily submitted by the user
Legal basisArt. 6, para. 1, lett. f) (GDPR)Art. 6, para. 1, lett. f) (GDPR)Anonymous comments: outside GDPR scope; pseudonymous/nominative comments and internal technical statistics: art. 6, para. 1, lett. f) (GDPR)Art. 6, para. 1, lett. b) (GDPR)
RetentionMax 7 days (automatic deletion)12 months (in aggregate and anonymous form)Session cookie: 14 days · Published comments: indefinite (publicly visible) · Any anti-spam IPs: 90 days · Internal technical statistics: only in aggregate formTime strictly necessary, max 30 days from response

Data processed

Access to this website and browsing within it occurs through the use of a web browser. The IT systems responsible for the operation of this website acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. Some data necessary for Internet browsing, by their very nature, could allow users to be identified through processing and associations with data held by third parties. This refers in particular to IP addresses (anonymized) or domain names of computers used by users who connect to this website, addresses in URI notation of requested resources, request time, browser type and operating system used, etc.

Such data are used solely for the purpose of obtaining anonymous statistical information on the use of the website, to check its correct functioning, and to ensure system security. Web server log data are kept for a maximum of 7 days, after which they are automatically deleted. The data could be used to ascertain responsibility in the event of computer crimes against the website, upon request of the Judicial Authority.

Data voluntarily provided by the user

Comments

Users can leave comments using the Comentario system, an open-source self-hosted software on servers located in the European Union.

Anonymous comments
It is possible to comment completely anonymously, without providing any personal data. In this case:

  • no name or email address is required;
  • the comment appears as “Anonymous” or with a freely chosen pseudonym;
  • no personal data is collected or stored in relation to the comment.
    Therefore, for this mode the GDPR does not apply.

Pseudonymous or nominative comments (optional)
The user can choose to indicate an optional name or nickname/pseudonym. In this case, the name (nickname or pseudonym) is publicly visible together with the comment.

The legal basis for these processing operations is the legitimate interest of the controller (art. 6, para. 1, lett. f) GDPR) in allowing and moderating discussion, in compliance with the principles of minimization and proportionality.

Technical session cookie
The comentario_commenter_session cookie (duration 14 days) is necessary for managing the comment session and is a technical cookie exempt from consent.

Internal technical statistics of Comentario (privacy by design)
Comentario does not add tracking scripts or pixels and shows no advertising. However, the software may generate high-level statistics (e.g., visitor’s country, browser, language), calculated server-side and used in aggregate form for technical purposes (service quality/anti-abuse). These statistics do not identify the user; any technical processing of the IP for security/anti-spam purposes only is limited and subject to maximum retention of 90 days. Legal basis: legitimate interest of the controller (art. 6, para. 1, lett. f) GDPR).

Email

The optional, explicit, and voluntary sending of email to the addresses indicated on this website entails the acquisition of the sender’s address, necessary to respond, as well as any other personal data contained in the message. Such data are processed exclusively to respond to messages sent and to fulfill any related requests. Failure to provide personal data for communications or to send any requests prevents their fulfillment. Data are kept for the period strictly necessary for the purposes for which they are processed, no more than 30 days from the response.

Cookies

This website uses exclusively technical cookies strictly necessary for the functioning of the website and to record the user’s privacy choices. No analytical, profiling, or advertising cookies are used.

Technical cookies used

Cookie NamePurposeDurationTypeConsent Required
mtm_consent_removedMatomo Analytics: remember the user’s choice to disable statistical tracking1 yearTechnical preference cookie❌ No
comentario_commenter_sessionComentario: manage the user’s comment session14 daysTechnical session cookie❌ No

These cookies are exempt from the obligation to obtain prior consent pursuant to Art. 122 of the Italian Privacy Code (Legislative Decree 196/2003, as amended by Legislative Decree 101/2018) because:

  • mtm_consent_removed: necessary to respect the user’s privacy choices (opt-out from tracking);
  • comentario_commenter_session: necessary for the functioning of the comment service requested by the user.

Important

  • The mtm_consent_removed cookie is created only if the user interacts with the opt-out widget present on the website pages.
  • The comentario_commenter_session cookie is created only when the user publishes a comment (either anonymous or identified).

If the user does not use these features, no cookies are installed.

Cookies from external platforms

In case of sharing the contents of this website on social platforms, the collection and use of information are governed by their respective privacy policies:

Matomo Web Analytics

This website uses Matomo to collect aggregate and anonymous browsing statistics (as specified in the purpose table).

Privacy-first configuration implemented

  • No cookies installed on the user’s device
  • IP address anonymization (last 2 bytes masked)
  • Respect for the “Do Not Track” (DNT) browser signal
  • Aggregate data not attributable to individual users
  • No sharing with third parties
  • Matomo server hosted in the European Union

How to opt-out

Users can completely disable Matomo tracking at any time:

  • through the banner on the website’s home page;
  • through the control at the top of this page;
  • by enabling the “Do Not Track” option in their browser settings.

Once tracking is disabled, Matomo will no longer collect any data relating to the user’s browsing on this website.

Comentario comment system

This website uses Comentario, an open-source self-hosted comment system, configured in privacy-friendly mode:

  • No tracking scripts/pixels and no advertising
  • EU-based server (full data control)
  • Anonymous comments allowed (identifying data optional)
  • No sharing with third parties
  • Technical session cookie (exempt from consent)
  • High-level technical statistics (country, browser, language) in aggregate server-side form

Comment modes

  • Anonymous: users can comment without providing any identifying data. The comment appears as “Anonymous”.
  • Pseudonymous or nominative (optional): the name/pseudonym is public.

Comment management

  • Comments are moderated; the Controller reserves the right not to publish or to remove inappropriate, offensive, or spam content.
  • Users can request deletion of their comments by contacting the Controller.

Privacy by Design: essential technical cookies

This website has adopted a privacy-first approach using exclusively technical cookies created only upon user request, ensuring:

✓ Maximum respect for privacy (only necessary cookies)
✓ No consent required (Art. 122 Italian Privacy Code)
✓ Cookies created only when the user uses the features (opt-out or comments)
✓ No invasive banners; no profiling/advertising
✓ Compliance with GDPR, ePrivacy Directive, and Italian Privacy Code
✓ Minimization principle
Self-hosting of Matomo and Comentario on EU servers

Browsing statistics are collected through Matomo in cookie-less configuration with strong anonymization, in full compliance with the principle of personal data minimization (art. 5, para. 1, lett. c) GDPR).

Recipients

Personal data collected from this website as a result of consultation are not disclosed to recipients or categories of recipients.

Personal data retention period

  • Web server logs: maximum 7 days, then automatic deletion
  • Matomo analytics data: 12 months in aggregate and anonymous form
  • Technical cookies: durations indicated in the cookie table (14 days for comment session, 1 year for opt-out)
  • Published comments: indefinite (publicly visible until possible deletion request)
  • IP addresses (Comentario anti-spam): maximum 90 days
  • Email requests: time strictly necessary, no more than 30 days from response

Retention periods comply with the principle of storage limitation (art. 5, para. 1, lett. e) GDPR).

Transfer of data to non-EU countries

This website does not share data with services located outside the European Economic Area (EEA).
All servers and services used (hosting, Matomo, Comentario) are located in the European Union.

Security measures

Visitors’/users’ data are processed lawfully and correctly, adopting appropriate measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of data, including:

  • Communication encryption (SSL/TLS)
  • Anonymization (IP address masking at source)
  • Access limitation (access to logs and data only by authorized personnel)
  • Regular backups
  • Monitoring (detection of unauthorized access/attack attempts)
  • Comment moderation (abuse prevention)

In addition to the Controller, in some cases, external parties (e.g., hosting providers) may have access to data, designated as data processors pursuant to Art. 28 GDPR.

Data subject rights

Data subjects can exercise the rights provided by Arts. 15–22 GDPR:

  • Access (art. 15)
  • Rectification (art. 16)
  • Erasure (art. 17) – including published comments
  • Restriction (art. 18)
  • Portability (art. 20)
  • Objection (art. 21) to processing based on legitimate interest

To exercise your rights: privacy [at] nicfab.eu.
The Controller will respond without undue delay and, in any case, within one month.

Right to lodge a complaint

Data subjects who believe that the processing of their personal data carried out through this website violates the GDPR have the right, pursuant to Art. 77, to lodge a complaint with the Italian Data Protection Authority:

Piazza Venezia, 11 — 00187 Rome, Italy
Tel. +39 06.696771 — Fax +39 06.69677.3785
Email: garante@gpdp.it — PEC: protocollo@pec.gpdp.it
Website: https://www.garanteprivacy.it

Last updated: October 2025