Privacy Policy for Rivelare.pro
1. Introduction and Scope

This Privacy Policy explains how the Website Owner of rivelare.pro (hereafter “we” or “us”) collects, uses, and protects personal data from users of our website (“you”). We are committed to safeguarding your privacy in accordance with the EU General Data Protection Regulation (GDPR) and applicable data protection laws. This Policy applies to all personal information collected through the Rivelare.pro website, including data submitted via our contact form. By using this site or submitting information, you acknowledge the practices described in this Policy.

Data Controller: For purposes of GDPR, the Website Owner of Rivelare.pro is the data controller for your personal data collected via this site. As Rivelare.pro is operated by an individual owner (with no formal legal entity), we refer to that operator as “Website Owner.” If you have any questions or requests regarding your personal data, you may contact the Website Owner at [contact email address].

2. Personal Data We Collect

We only collect personal data that you voluntarily provide or that is necessary for the operation of the site:

Contact Form Data: If you fill out the contact/lead form on our site, we will collect the information you provide, such as your name, email address, and message (including any other details you choose to include in the message). These are typically the only personal identifiers we request. This data is collected directly from you, with your consent, when you submit the form.

Usage and Analytics Data: We use standard website analytics tools (described below) that may automatically collect limited information about your device and browsing actions when you visit Rivelare.pro. This can include your IP address, browser type, pages viewed, and the time and date of your visit. We do not use this information to identify you as an individual, and wherever possible, we employ anonymization (for example, truncating IP addresses) to protect your identity.

Cookies and Tracking Technologies: Our site uses cookies and similar technologies primarily for analytics and advertising effectiveness. Specifically:

Google Analytics: We utilize Google Analytics to understand how visitors use our site (e.g., which pages are viewed, how users navigate) so we can improve user experience. Google Analytics operates through cookies – small text files stored on your device – that track your interactions with our site. The information collected (such as page visits, approximate location, and device information) is transmitted to Google’s servers (which may be outside your country, including in the United States). Importantly, we have configured Google Analytics not to collect any personally identifying information (it mainly gathers aggregated statistics)
fineandcountry.co.uk
. You can opt-out of Google Analytics by refusing analytics cookies on our cookie consent banner or by installing the Google Analytics opt-out browser add-on.

Meta (Facebook) Pixel: We also use the Facebook Pixel provided by Meta Platforms, Inc. This tool helps us track conversions from Facebook/Instagram ads and understand user interactions for marketing purposes. The Pixel may set a cookie and collect information such as your Facebook User ID (if you are logged into Facebook), device info, and pages visited on our site. This allows us to measure the effectiveness of our advertisements on Facebook/Instagram and potentially show you relevant Rivelare.pro promotions on those platforms. We do not receive personally identifying information from the Pixel; rather, Meta aggregates the data. Use of the Meta Pixel is subject to your consent via our cookie banner. You can also manage your ad preferences through your Facebook account settings.

Cookie Consent: On your first visit to Rivelare.pro, you will see a cookie notice allowing you to accept or decline non-essential cookies (such as analytics and Pixel cookies). You are free to adjust your preferences at any time. Essential cookies (if any) that are needed for the site to function do not require consent. For more details on all cookies in use, please refer to our [Cookie Policy] (if available) or contact us.

Server Logs: Like most websites, our server automatically logs certain information about visits. This typically includes data such as the requesting IP address, browser type, and pages requested. These logs are primarily used for security, debugging, and ensuring the site’s proper function. We do not link server logs to any specific individual and routinely delete log entries after a limited period, unless needed for investigation of security incidents.

We do not collect any sensitive personal data (such as race, religion, health, etc.) or any financial information via our site. We ask that you refrain from including sensitive data in the free-text message field of the contact form. Rivelare.pro is not intended for use by children under 16, and we do not knowingly collect data from minors. If you are under 16, please obtain consent from a parent or guardian before using the contact form.

3. Purpose and Legal Basis for Data Processing

We process personal data only for specific, explicit purposes and in accordance with a valid legal basis under GDPR (Article 6(1)). The purposes for which we use your data, and corresponding legal bases, are:

Responding to Inquiries and Providing Information: When you submit your name, email, and message via our contact form, we use that data to respond to your request or inquiry – for example, to contact you with the information you asked for, or to follow up on a potential real estate lead. This processing is necessary to take steps at your request prior to entering into a contract or to potentially form a client relationship, and is also based on your consent (which you give by actively sending us your details and request). We may also consider it our legitimate interest to respond to prospective customer inquiries. In any case, we will only use the contact details you provided to communicate with you about your inquiry, not for unsolicited marketing.

Lead Processing and Business Communication: If your inquiry leads to ongoing communications or a business relationship, we will process your data as needed to assist you (for instance, setting up a property viewing or consultation). Such processing is typically on the basis of contractual necessity (performance of a contract or steps toward a contract). If no formal contract is in place, our continued correspondence remains under the umbrella of your initial consent/request and our legitimate interest in providing good customer service.

Website Analytics: We process usage data collected via Google Analytics to analyze and improve our website – for example, to see which pages are most visited, how users move through the site, and where improvements could be made. The legal basis for analytics cookies is your consent. We only activate Google Analytics tracking if you have consented via the cookie banner. You can withdraw consent at any time (which will stop further tracking). In jurisdictions where legitimate interest is considered a lawful basis for analytics cookies, we may also rely on our legitimate interest in understanding site performance, but we prioritize obtaining consent to respect user privacy preferences. All analytics data is aggregated and used in a way that does not personally identify you.

Advertising and Conversion Tracking: Data from the Meta/Facebook Pixel is processed to gauge the effectiveness of our marketing campaigns and possibly to retarget ads to users who have shown interest in our site. The legal basis for this is consent (we will not deploy the Pixel unless you opt-in to marketing cookies). This processing helps us ensure our advertising is relevant and measure return on advertising spend, without directly identifying you to us. You can opt out of this tracking by declining marketing cookies or adjusting your Facebook privacy settings.

Site Maintenance and Security: Information in server logs (IP addresses, etc.) is used to monitor website stability and security. We may process this data under our legitimate interests in keeping our website safe, detecting/preventing fraud or unauthorized access, and ensuring reliable performance. For example, if unusual activity (like repeated failed login attempts or form submissions) is detected, we may investigate using log data. This kind of processing is essential to protect our service and users, and we ensure it’s done in a manner proportionate to the aim (e.g., only accessing logs when necessary).

We will not use your personal data for any purpose that is incompatible with the reasons outlined above. We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on you (e.g., no credit checks or automated eligibility decisions are made via the site).

4. Disclosure of Personal Data to Third Parties

We treat your personal information with care and confidentiality. We do not sell, rent, or trade your personal data to any third parties for their own marketing or other purposes. We also do not share your information with unrelated third parties except in the limited scenarios described here:

Service Providers (Processors): We may share certain data with third-party service providers who help us operate the website or deliver our services, but only to the extent necessary for them to perform their tasks. This includes, for example: our web hosting provider (who inevitably processes data that passes through the site, such as storing our database or logs), email service provider (to send out emails if you correspond with us), and analytics/advertising partners (Google and Meta/Facebook as discussed). These parties act on our instructions and are bound by data processing agreements to keep your data secure and confidential. They cannot use your data for anything other than the agreed purpose. For instance, Google Analytics and Facebook Pixel handle data for analytics/advertising on our behalf; they do not get to use that data for their own independent purposes (aside from improving their services).

Legal Obligations: We may disclose your information if required to comply with a legal obligation or a lawful request by public authorities. For example, if a court order, subpoena, or government regulation compels us to provide data, we will obey the law. Similarly, we might share information to enforce or apply our own Terms of Use, or to protect the rights, property, or safety of the Website Owner, our users, or others (this could include exchanging info with authorities or other companies for fraud prevention or security protection). We will ensure any such disclosure is lawful and necessary.

Business Transfers: Since Rivelare.pro is currently an individually operated site (not a large company), business transfers are unlikely. However, if in the future the ownership of this website or business is transferred (for example, through a sale, merger, or acquisition), user data might be part of the assets transferred to the new owner. If that happens, the new owner would only be allowed to use your data in accordance with this same Privacy Policy (unless you’re notified of changes) and the commitments you’ve already given (or the consents you’ve provided) will remain in place. We would notify users of any change of ownership and give an opportunity to delete data if desired.

Other than the parties above, no one else receives your personal data. In particular, we do not share your contact form information with any real estate agencies, partners, or third-party marketing firms. It is used internally by the Website Owner solely to follow up with you.

International Data Transfers: Whenever we share data with our service providers, we ensure compliance with applicable data transfer rules. Notably, Google and Meta (Facebook) may process data on servers outside the European Economic Area (EEA), including in the United States. GDPR requires that appropriate safeguards be in place for such transfers. Google and Meta are participants in the EU-U.S. Data Privacy Framework (or rely on Standard Contractual Clauses and similar measures) to ensure EU personal data receives adequate protection in the US. We rely on these approved safeguards for any cross-border data transfers, and by consenting to analytics/Pixel usage, you acknowledge that your data may be processed outside your home country under these protections. If you have questions about international transfers, please contact us.

5. Data Retention

We keep your personal data only for as long as necessary to fulfill the purposes described in this Policy, or as required by law. Specifically:

Inquiry/Contact Data: If you contact us via the form or email, we will retain the personal information you provided (e.g. name, email, message content) for as long as it’s needed to respond to you and pursue any follow-ups. If you become a client or engage in business with us, we may retain your data as part of our client records (in which case you would likely receive further notice about that). If you do not engage in further services, we typically delete or anonymize your inquiry data after a reasonable period once the conversation or lead has gone cold. For example, we might retain inquiry emails for up to 6 months to 1 year in case you resume contact or in order to have context for any subsequent inquiry. We do not keep unsolicited personal data indefinitely.

Analytics Data: Data collected via Google Analytics is retained for the period we have configured in Google’s settings (commonly 14 months by default, which Google resets on new activity, or a fixed period we choose). This data is aggregated, but any user-level identifiers (like cookies or advertising IDs) are deleted or anonymized after the retention period. We may view aggregated analytics reports over time, but we don’t have access to personal identifiers from long ago.

Pixel Data: Facebook Pixel data that we use for ad tracking is immediately pseudonymized by Meta; we do not personally store any of your identifiable information from Pixel events. Facebook/Meta retains Pixel event data for a limited time to optimize ads (typically on the order of months), in line with their policies, and we cannot access personal data from those events at the individual level.

Server Logs: Server logs and security records are usually retained for a short period (a few weeks to a few months) unless we need to retain them longer for security investigations. Once log data is no longer needed, it is securely deleted.

Legal Retention: In cases where we need to retain information to comply with legal obligations (e.g., record-keeping, resolving disputes, enforcing agreements), we will hold the data as long as required by the specific law. For instance, if financial transaction data or formal communications need to be archived for a certain number of years under local law, we will do so – though, to reiterate, for simple website inquiries this is generally not applicable.

Once the retention period expires or the purpose for collecting your data is fulfilled, we will either safely delete or anonymize your personal data so it can no longer be associated with you. If deletion or anonymization is not immediately feasible (for example, the data is stored in secure backups), we will isolate it and protect it until deletion is possible.

6. Your Rights Under GDPR

As an individual in the European Union (or where GDPR-equivalent laws apply), you have robust rights regarding your personal data. We are committed to honoring these rights. You may exercise the following rights at any time by contacting us (see the Contact section below):

Right to Access: You have the right to request a copy of the personal data we hold about you
engelvoelkers.com
, and to obtain information about how we process it (the purposes, categories of data, any recipients, retention periods, etc.). This is often known as a Subject Access Request. We will provide this information free of charge within the legally required timeframes (usually within one month).

Right to Rectification: If you believe any personal information we have about you is incorrect or incomplete, you have the right to ask us to correct or update it. We encourage you to keep your details with us up-to-date to ensure we communicate effectively.

Right to Erasure: You can request that we delete your personal data, also known as the “right to be forgotten.” We will honor this request whenever there is no compelling reason for us to continue processing your data. For example, if you had an inquiry with us and you no longer want us to hold that information, we will erase it upon request
engelvoelkers.com
. Note that this right is not absolute – if we are required by law to keep certain data, or if the data is necessary for the establishment or defense of legal claims, we may not be able to delete it immediately. We will inform you of any such retention if applicable.

Right to Restrict Processing: You have the right to ask us to limit how we use your data in certain circumstances. This could apply if you contest the accuracy of the data (and we are verifying it), or if you object to our processing and we are considering that objection. When processing is restricted, we will still store your data but not use it further until resolved.

Right to Data Portability: For data you have provided to us, which we process by automated means based on your consent or a contract, you can request to receive that data in a structured, commonly used, machine-readable format, or have it transmitted to another controller where technically feasible. In plain terms, you can ask for a digital file of the personal data you gave us (e.g., your contact details) so you can reuse it elsewhere. Given the limited data we collect, this right may be less applicable, but it’s available.

Right to Object: You have the right to object to our processing of your personal data when we base it on legitimate interests. If you object, we must stop processing unless we can demonstrate compelling legitimate grounds that override your rights, or if processing is needed for legal claims. Importantly, you have an absolute right to object to processing of your personal data for direct marketing purposes at any time
engelvoelkers.com
. For example, if we were to send you marketing emails (we currently do not without consent), you could opt out and we would stop immediately. You can also object to any analytics or tracking data processing – the easiest way is withdrawing consent for those cookies, as mentioned.

Right to Withdraw Consent: In cases where we rely on your consent (e.g., for sending marketing communications, or for using analytics/Pixel cookies), you have the right to withdraw that consent at any time
engelvoelkers.com
. Withdrawal of consent will not affect the lawfulness of processing that occurred before you withdrew, but it means we will cease the activities for which consent was required. For instance, if you subscribed to a newsletter or agreed to cookies, you can later opt-out or change your mind, and we will honor that going forward.

Right to Lodge a Complaint: If you believe we have not complied with data protection laws, you have the right to file a complaint with a supervisory authority (Data Protection Authority) in your EU country. We would appreciate the chance to address your concerns first, so we encourage you to contact us with any issue. But if you’re not satisfied, you can contact (for example) the lead authority in the Website Owner’s jurisdiction or your local authority. We will provide the contact details for the relevant authority upon request (or you can find them online, e.g., a list of EU Data Protection Authorities).

We will respond to your requests and rights inquiries as soon as possible, and at least within the one-month timeframe mandated by GDPR (which can be extended by two further months for complex requests – but we’ll inform you if that’s the case). Exercising your rights is free of charge. However, if a request is manifestly unfounded or excessive (e.g., repetitive without good reason), we may either charge a reasonable fee or refuse to act on it – but we will provide our justification in such cases.

7. Data Security Measures

We take appropriate technical and organizational measures to secure your personal data and protect it against unauthorized access, alteration, disclosure, or destruction. These measures include:

Hosting our website and databases on secure servers with firewalls;

Encrypting data in transit (our site is protected via HTTPS, so information you submit through the contact form is encrypted between your browser and our server);

Limiting access to personal data to only those persons who need it for the purposes described (for instance, only the Website Owner or authorized personnel/contractors handle lead inquiries);

Employing security practices such as regular software updates, secure passwords, and, where applicable, pseudonymization or encryption of personal identifiers;

Monitoring for potential security breaches and having procedures in place to respond to incidents swiftly.

Despite our best efforts, please note that no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of information. Users are also responsible for taking precautions on their side, such as using unique and strong passwords for their email accounts (since communications will go through email) and not sharing confidential information in the message field beyond what is necessary. If we ever experience a data breach that poses a high risk to your rights and freedoms, we will inform both you and the relevant authorities as required by law.

8. Third-Party Websites and Links

Rivelare.pro may contain links to third-party websites or social media pages (for example, a link to a partner agency, a social media profile, or external resources). Please be aware that this Privacy Policy does not apply to third-party sites. We have no control over, and take no responsibility for, the content or privacy practices of any external websites. If you follow a link to another site, we advise you to read that site’s privacy policy to understand how they handle your data. We provide these links for convenience or information; it does not imply that we endorse or have vetted the privacy standards of those external sites.

9. Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time, for example to reflect changes in the law, changes in our practices, or improvements to our site. If we make significant changes, we will notify users by posting a prominent notice on our website (and/or by other means if appropriate). The “Last Updated” date at the top of this Policy indicates when the latest changes were made. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Continued use of the website after any changes signifies acceptance of the updated terms of the Policy.

10. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the personal data we hold about you, please contact us at:
Email: contact@rivelare.pro

We will gladly assist with inquiries about your privacy and strive to resolve any issues to your satisfaction. Your trust is extremely important to us, and we appreciate the opportunity to communicate with you about how we handle personal data.

Thank you for reading our Privacy Policy. We value your privacy and confidence in Rivelare.pro.