Cat Wedding Privacy Policy
pursuant to articles 13 and, where applicable, 14 of EU Regulation 2016/679 (GDPR) and Legislative Decree 196/2003 as amended by Legislative Decree 101/2018
This privacy policy supersedes any previous versions published on the website. Earlier versions may be retained internally by the Data Controller for documentary traceability and compliance purposes.
1.Who we are (Data Controller)
The Data Controller of personal data is:Impronta Creativa S.n.c. di Selvaggini Fabio & Filippo Cerqueglini
Via Catanelli 34 — 06135 Perugia (PG), Italy
VAT and Tax Code: IT03191060544
Operational email:
Cat Wedding is the trade name under which Impronta Creativa S.n.c. operates in the wedding video production sector. Any reference to "Cat Wedding", "we" or "the Data Controller" in this policy refers to Impronta Creativa S.n.c.
privacy@cat.wedding2.How to contact us regarding privacy matters
To exercise the rights granted by the GDPR or for any matter relating to the processing of personal data, you can contact us using the following details:- Dedicated privacy email:
privacy@cat.wedding - Postal mail: Impronta Creativa S.n.c. — Via Catanelli 34, 06135 Perugia (PG), Italy
3.What personal data we process
Depending on the type of interaction with us, we may process the following categories of personal data:3.1 Identification and contact data
First name, last name, telephone number, email address, residential or domicile address, tax code and VAT number, where necessary.3.2 Event-related data
Date and place of the wedding, schedule of the day, names and contact details of organisational referents, suppliers, witnesses, locations and other logistical information provided by the spouses or by parties indicated by them.3.3 Tax, administrative and payment data
Data necessary for quoting, invoicing, administrative management and accounting obligations.3.4 Images, audio and video
Photographs, video recordings and audio recordings made within the scope of performing the service requested by the spouses, in which the spouses, guests and other parties present at the event may be visible or audible.3.5 Browsing data
IP address, technical data of the device and browser, access logs, information relating to website use and cookie preferences.3.6 Data provided through forms, emails or other contact channels
Data transmitted through quote request forms, emails, messages, organisational questionnaires and other communication tools.3.7 Any special categories of data
In the context of organising and producing the audiovisual documentation of the event, processing may incidentally involve data capable of revealing religious beliefs, health-related data or other special data pursuant to art. 9 GDPR, where strictly relevant to the event or communicated by the data subject. Such data is processed only where a suitable lawfulness condition under art. 9 GDPR exists.4.Why we process your data
For each purpose we indicate the relevant legal basis pursuant to the GDPR.AHandling contact requests, information and quotes
- Legal basis
- Art. 6.1.b GDPR — pre-contractual measures taken at the data subject's request
- Data processed
- § 3.1, 3.2, 3.6
- Provision
- Optional, but necessary to receive a reply
BConclusion and execution of the video service contract
- Legal basis
- Art. 6.1.b GDPR — performance of the contract
- Data processed
- § 3.1, 3.2, 3.3, 3.4
- Provision
- Necessary for entering into and performing the contract
CTax, accounting and administrative obligations
- Legal basis
- Art. 6.1.c GDPR — compliance with legal obligations
- Data processed
- § 3.1, 3.3
- Provision
- Mandatory within the limits required by applicable legislation
DProduction of the audiovisual service during the event
- Legal basis
- Art. 6.1.b GDPR for processing necessary to perform the contract with the spouses; where applicable, art. 6.1.f GDPR for organisational, documentary and service-security needs
- Data processed
- § 3.2, 3.4
- Provision
- Necessary to deliver the requested service
EProcessing of any special categories of data inherent to the event
- Legal basis
- Art. 9.2.a GDPR or another applicable lawfulness condition under art. 9 GDPR, where necessary
- Data processed
- § 3.7
- Provision
- Limited to cases where such data is actually relevant and necessary
FPublication of images or video extracts for promotional, portfolio or social media purposes
- Legal basis
- Art. 6.1.a GDPR — specific, free, informed and revocable consent, where required
- Data processed
- § 3.4
- Provision
- Optional; lack of consent does not affect the main service
GRetention of master and production archive
- Legal basis
- Art. 6.1.f GDPR — legitimate interest of the Data Controller in the technical and documentary retention of the work performed, within the limits of proportionality and with the right to object in the cases provided for; where necessary, art. 6.1.a GDPR
- Data processed
- § 3.4
- Provision
- Limited to what is necessary in relation to the purpose pursued
HNewsletter, commercial communications and promotional offers
- Legal basis
- Art. 6.1.a GDPR — consent, except for cases of soft spam permitted by law
- Data processed
- § 3.1
- Provision
- Optional
IManagement of the relationship with collaborators, freelance videomakers and suppliers
- Legal basis
- Art. 6.1.b GDPR — performance of the contractual or pre-contractual relationship
- Data processed
- Identification, contact, administrative and professional data of the collaborator or supplier
- Provision
- Necessary to start and manage the relationship
JWebsite security, abuse prevention and infrastructure protection
- Legal basis
- Art. 6.1.f GDPR — legitimate interest of the Data Controller in system security
- Data processed
- § 3.5
- Provision
- Automatic, within the limits of technically necessary data
KEstablishment, exercise or defence of a right
- Legal basis
- Art. 6.1.f GDPR and, where applicable, further legal provisions
- Data processed
- Only data relevant to the specific case
- Provision
- Necessary within the limits of the purpose pursued
5.Photographs, video recordings and image rights
Since Cat Wedding's main activity consists of producing audiovisual works, the processing of images, videos and audio is an essential part of the service requested by the spouses.5.1 Recording during the event
During the event, recordings may be made that include the spouses, guests, witnesses, suppliers and other parties present. Recordings are made within the scope of organising and performing the service requested by the spouses, in a manner proportionate to the nature of the event.5.2 Information to data subjects present at the event
The spouses are invited to inform their guests in advance of the presence of the videomaker and photographer. Where appropriate, the Data Controller may also use additional information tools, such as signs, notices or summary notices on location.5.3 Promotional use of images
Any use of images or videos for promotional, portfolio, website, social media, trade fair or commercial purposes takes place only on the basis of a suitable legal ground pursuant to the GDPR and, where required, the specific consent of the data subject or another valid lawfulness condition applicable to the specific case.5.4 Image rights
Articles 96 and 97 of Law no. 633 of 22 April 1941 on portraits and image rights remain unaffected. These provisions operate in coordination with privacy legislation and do not replace the need to identify a proper legal basis pursuant to the GDPR for the processing of personal data.5.5 Minors
Images of identifiable minors are not published for promotional purposes without the consent of the holder of parental responsibility, where required by applicable legislation.6.Special categories of personal data
Within the scope of the service, data capable of revealing religious beliefs, health-related data or other special data may incidentally and to a limited extent emerge. The processing of such data takes place only if and to the extent that it is actually necessary and one of the lawfulness conditions provided for by art. 9 GDPR exists.7.How long we keep the data
We apply the storage limitation principle set out in art. 5.1.e GDPR. Data is kept for the time strictly necessary for the purposes for which it was collected, except for legal obligations or needs to protect the Data Controller's rights.Quote requests not followed by a contract
- Retention
- 24 months from collection or from the last useful interaction
- Reason
- Commercial and organisational management
Contractual and administrative data of clients
- Retention
- For the duration of the relationship and thereafter within the limits of the applicable statute of limitations
- Reason
- Management of the relationship and protection of rights
Invoices and accounting documentation
- Retention
- 10 years or other term provided for by law
- Reason
- Tax and accounting obligations
Master video and final delivered materials
- Retention
- For the time reasonably necessary for technical management, possible re-delivery and protection of the work performed; for further uses not necessary, specific consent may be required
- Reason
- Technical and documentary archiving and post-delivery management
Unselected raw material
- Retention
- 12 months from delivery of the final product, unless technical needs or disputes arise
- Reason
- Minimisation and technical management of the project
Emails and operational communications
- Retention
- 36 months from the closure of the relationship, unless further justified needs arise
- Reason
- After-sales management and communication history
Technical logs and browsing data
- Retention
- 12 months, except for different terms necessary for security or defence purposes
- Reason
- IT security
Preference cookies and consent record
- Retention
- As indicated in the cookie policy and banner settings
- Reason
- Management of the user's privacy preferences
8.Data transfers outside the European Economic Area
Some providers used by the Data Controller may involve transfers of personal data to countries outside the European Economic Area. In particular:- Dropbox: used for file storage, backup and transfer;
- Meta Platforms Ireland Ltd. (Facebook and Instagram): used exclusively for managing social channels and publishing promotional content.
privacy@cat.wedding.
9.To whom we communicate your data
Data may be processed or communicated, within the limits of the purposes indicated above, to:9.1 Internal staff and authorised parties
Partners, employees and collaborators authorised by the Data Controller, suitably instructed pursuant to applicable legislation.9.2 Data Processors
For the performance of certain activities, the Data Controller may rely on external suppliers who process personal data on its behalf, appointed as data processors where required by art. 28 GDPR. These may include, by way of example:- Dropbox for file storage, backup and transfer services;
- technical providers, hosting and IT services;
- administrative, tax and legal consultants.
9.3 Independent recipients
Some entities may process personal data as independent data controllers. These may include:- Meta Platforms Ireland Ltd. (Facebook and Instagram), limited to the use of the relevant social platforms;
- public authorities and parties to whom communication is due by law.
10.Your rights
In the cases provided for by articles 15-22 GDPR, you have the right to obtain access, rectification, erasure, restriction of processing, objection, data portability and revocation of any consent given. To exercise your rights you can write toprivacy@cat.wedding or to the certified email (PEC) indicated in this policy. The Data Controller may request further information necessary to verify the identity of the requester in the cases permitted by art. 12 GDPR.
Competent supervisory authority
Italian Data Protection Authority (Garante per la protezione dei dati personali)
Piazza Venezia, 11 — 00187 Rome
Email:
protocollo@gpdp.it
PEC: protocollo@pec.gpdp.it
Website: https://www.garanteprivacy.it11.Minors
Cat Wedding's services are not directed at minors. However, in the context of the events recorded, minors may appear as guests. The processing of such images takes place with particular caution and in compliance with applicable legislation.12.Cookies and similar technologies
The websitecat.wedding uses cookies and other tracking tools as provided for by applicable legislation, including the provisions of the GDPR, art. 122 of Legislative Decree 196/2003 and the Italian Data Protection Authority Guidelines of 10 June 2021.
For details on categories, purposes, duration, third parties involved and how to manage preferences, please refer to the Cookie Policy.
13.Data security
The Data Controller adopts appropriate technical and organisational measures pursuant to art. 32 GDPR, taking into account the state of the art, the costs of implementation, the nature of the data processed and the risks to the rights and freedoms of natural persons.- Secure HTTPS/TLS connections;
- Controlled access management;
- Backups and business continuity measures;
- System monitoring and security measures;
- Internal procedures for handling any personal data breaches.
14.Changes to this privacy policy
This privacy policy may be updated over time to comply with regulatory, organisational or technological changes. The updated version is published on this page with an indication of the date of the last update. Versioning:catwedding_privacy_v2_2026-04-10
15.Applicable law and disputes
The processing of personal data is governed by EU Regulation 2016/679, by Legislative Decree 196/2003 as amended by Legislative Decree 101/2018 and by further applicable Italian and European provisions. For any disputes, the jurisdiction provided for by law shall apply. Where the data subject qualifies as a consumer, the protections and jurisdiction criteria provided for by applicable consumer legislation shall apply.Document prepared taking into account the GDPR, the Italian Privacy Code and the main guidelines applicable as of the date of the last update.