Skip to content
Golden Gem ADV

Last updated: June 15, 2026

Privacy Policy

This policy explains how Golden Gem ADV (also referred to as "the Controller") processes the personal data of users who visit this website and who get in touch with the agency. Processing is carried out in compliance with Regulation (EU) 2016/679 (the "GDPR") and applicable data protection legislation. As this website is also aimed at users in the European Union, we apply the safeguards provided by the GDPR to all data subjects. The Controller's full identification and contact details are set out in the dedicated box on this page.

Data Controller

Golden Gem ADV LLC
Reg. no. 99-1510905
1209 N Orange St, 19801-1120 Wilmington, DE (United States)
info@goldengemadv.com

1. Data Controller

The Data Controller is Golden Gem ADV, a company incorporated in the United States of America (Delaware). The Controller determines the purposes and means of the processing of personal data collected through this website.

For any request concerning the processing of your personal data or to exercise your rights, you can contact the Controller using the details provided in the dedicated box on this page.

2. Types of data collected

We collect two main categories of personal data, depending on how you interact with the website.

  • Browsing data: during normal use of the website, the IT systems and software procedures acquire certain data whose transmission is implicit in the use of Internet communication protocols. This includes, for example, IP addresses, browser and device type, operating system, pages visited, date and time of access and other technical parameters. This data is not collected in order to be associated with identified data subjects, but by its very nature could allow users to be identified.
  • Data provided voluntarily: this is the data you provide to us of your own accord, for example by filling in contact or information request forms, sending an email, or requesting a quote or consultation. It typically includes first name, last name, email address, telephone number, name of your business or company and any further information contained in your message.
  • Data collected through cookies and similar technologies: for details, please refer to the "Cookies" section and to the Cookie Policy.

3. Purposes and legal bases of processing

We process your personal data solely for specified, explicit and legitimate purposes, stating for each one the relevant legal basis under Article 6 of the GDPR.

  • To respond to contact, information, quote or consultation requests and to manage subsequent communications. Legal basis: performance of pre-contractual measures or of the contract at your request (Art. 6(1)(b) GDPR).
  • To provide the marketing, communication and business growth support services that may be agreed upon. Legal basis: performance of the contract (Art. 6(1)(b) GDPR).
  • To ensure the correct functioning, security and maintenance of the website, preventing abuse and fraudulent use. Legal basis: the Controller's legitimate interest in protecting its systems (Art. 6(1)(f) GDPR).
  • To comply with legal, accounting and tax obligations to which the Controller is subject. Legal basis: legal obligation (Art. 6(1)(c) GDPR).
  • To send, where applicable and only with your consent, informational or promotional communications about our services. Legal basis: the data subject's consent (Art. 6(1)(a) GDPR), which can be withdrawn at any time.

4. Methods of processing

Personal data is processed using IT and electronic tools, according to logic strictly related to the stated purposes and in line with the principles of lawfulness, fairness, transparency, data minimization and purpose limitation.

We adopt appropriate technical and organizational measures to protect data against unauthorized access, loss, destruction or unlawful disclosure. Access to data is limited to authorized staff and collaborators who operate on the basis of specific instructions given by the Controller.

5. Recipients and data processors

Your personal data is not disclosed to the public. It may be shared with third parties acting on behalf of the Controller and appointed as data processors pursuant to Article 28 of the GDPR, where this is necessary for the purposes indicated above.

  • Providers of technical, hosting, maintenance and website infrastructure management services.
  • Providers of IT, email, statistical analysis and communication management services.
  • Consultants, professionals and collaborators who assist the Controller in carrying out its activities.
  • Public authorities, supervisory bodies and parties to whom disclosure is mandatory by law or by order of the competent authority.

6. Transfer of data to the United States and third countries

The Controller is a company based in the United States of America. As a result, your personal data may be processed and transferred outside the European Economic Area, in particular to the United States, which is considered a third country under the GDPR.

Any transfer of data to third countries takes place only in the presence of appropriate safeguards provided for in Chapter V of the GDPR. In particular, unless the destination country benefits from an adequacy decision by the European Commission, transfers are based on the Standard Contractual Clauses adopted by the European Commission, supplemented where necessary by additional technical and organizational measures suitable to ensure a level of data protection substantially equivalent to that guaranteed within the European Union.

You have the right to request information about the safeguards applied and to obtain a copy of them by contacting the Controller using the details provided on this page.

7. Data retention period

We retain your personal data for the time strictly necessary to achieve the purposes for which it was collected, in compliance with the storage limitation principle.

  • Data provided through contact requests is retained for the time needed to handle the request and any subsequent developments in the relationship.
  • Data relating to contractual relationships is retained for the entire duration of the relationship and, thereafter, for the period required by applicable legal, accounting and tax obligations.
  • Data processed on the basis of consent is retained until consent is withdrawn and, in any case, no longer than necessary.
  • Browsing and technical data is retained for the time strictly necessary for the security and functioning of the website.
  • At the end of the periods indicated, data is deleted or irreversibly anonymized.

8. Data subject rights

As a data subject, you may exercise at any time the rights granted by Articles 15 and following of the GDPR, within the limits and under the conditions established by law.

  • Right of access: to obtain confirmation as to whether processing is taking place and to access your personal data.
  • Right to rectification: to obtain the correction of inaccurate data or the completion of incomplete data.
  • Right to erasure ("right to be forgotten"): to obtain the deletion of data in the cases provided for.
  • Right to restriction: to obtain the restriction of processing in the cases provided for.
  • Right to data portability: to receive the data concerning you in a structured, commonly used and machine-readable format and to transmit it to another controller.
  • Right to object: to object, on grounds relating to your particular situation, to processing based on legitimate interest.
  • Right to withdraw consent: to withdraw consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.
  • To exercise these rights, simply send a request to the Controller using the details provided on this page; we will respond within the timeframes set by law.

9. Right to lodge a complaint with a supervisory authority

If you believe that the processing of your personal data is carried out in breach of the GDPR, you have the right to lodge a complaint with the competent supervisory authority.

In Italy, the supervisory authority is the Italian Data Protection Authority (Garante per la protezione dei dati personali). Users residing in another European Union member state may contact the supervisory authority of their country of habitual residence, place of work or place of the alleged infringement. The possibility of seeking judicial remedies before the competent courts remains unaffected.

10. Cookies

This website uses cookies and similar technologies to ensure the correct functioning of the pages, improve the browsing experience and, subject to consent, for statistical and analytical purposes.

For detailed information about the cookies used, their purposes and how to manage your preferences, please refer to the website's Cookie Policy.

11. Categories of data and minors

Processing concerns ordinary personal data (for example identification, contact and browsing data). We do not intentionally request or process special categories of personal data within the meaning of Article 9 of the GDPR.

The website and services are not intended for minors. We do not knowingly collect personal data from minors without the consent of those who hold parental responsibility. Should we become aware that we have processed a minor's data without a valid legal basis, we will delete it promptly.

12. Changes to this policy

The Controller reserves the right to amend or update this policy at any time, including to align it with any regulatory changes or with the evolution of the services offered.

Changes will be published on this page and will take effect from the moment of publication. We invite you to consult this policy periodically in order to stay informed about how your personal data is processed.