Privacy policy | MAI Productions

1. Data Controller

MAI Italy Srl - Registered office: Via Alberico II n. 4 – 00193 ROME
C.F. and P.IVa 16239081009
Subject to coordination and management by Mascioni Associati Ltd – London, UK
Share capital €.100.000,00 fully paid up
Email: [email protected]
PEC: [email protected]

2. Types of data processed

The sole purpose of this Site is to make public the works that the production company MAI Italy Srl carries out on behalf of customers.

In order to make the Website operational on the Internet, it is necessary to use computer systems, software and communication protocols which, in the course of their normal operation, acquire some personal data of users. This information is collected automatically by the systems that guarantee the operation of the Site.

This data includes, but is not limited to:
- IP address
- Device identifiers
- Type of browser used
- Date and time of the visit
- Pages visited
- Server response codes
- Other parameters related to the user's operating system and IT environment

This data is used exclusively for:
- Ensuring the proper technical functioning of the Site
- Obtaining anonymous statistical information on the use of the Site
- Checking the correct functioning of the services offered
- Preventing illegal or malicious activities (cybersecurity)

Such data is not associated with identified users, except in cases where this is necessary to ascertain responsibility in the event of computer crimes against the Site.

2.1 Data provided voluntarily by the user

Data collected: email, name, surname, country, company (optional)
Legal basis: explicit consent (Art. 6.1.a GDPR)
Purpose: to send commercial communications on projects, services, updates
Newsletter provider: Mailchimp
Retention: until consent is withdrawn
Extra-EU transfers: yes
Right to withdraw consent: unsubscribe link in every email

2.2 Data collected automatically

IP address, browser, device, pages visited, timestamp; technical and analytics cookies (Google Analytics); video usage data via Mux player (IP, device, playback metrics).
Legal basis: legitimate technical interest + consent for analytics

2.3 Spontaneous contact via email

Data received via [email protected]: name, email, message
Purpose: response to requests for information
Legal basis: implementation of pre-contractual measures / legitimate interest
Retention: 24 months from the last communication

2.4 Images and published content

The site can publish photographs of garments, collections, prototypes, images of processes, backstage, samples and content relating to projects carried out for customers.

2.5 Who can collect your data

In order to allow access to our site and provide the opportunity to receive the newsletter, it is necessary to share personal information with some of our business partners who act as "data processors". They are required to take appropriate security measures to protect the personal data in their possession and are bound by a strict confidentiality agreement and specific contractual terms about how and when they are permitted to use personal information on our behalf.

Please note that some authorized partners may also determine why and how personal information is used. Their privacy and cookie policies will apply in this situation.

3. Purposes of processing and legal bases

- Newsletter management (consent)
- Response to contact requests (legitimate/pre-contractual interest)
- Technical operation of the site (legitimate interest)
- Analytics with Google Analytics (consent, if not anonymized)
- Content hosting and security (legitimate interest)
- Video streaming via Mux (legitimate interest + service contract)

4. Processing methods

The data is processed with IT tools and adequate security measures.

5. Data retention

- Newsletter: until you revoke your consent
- Technical data/logs: 6 months
- Cookies: according to Cookie Policy

6. Recipients of personal data / transfers of personal data

The data may be disclosed to technical providers, newsletter platforms, consultants and authorities. The data may be transferred outside the European Economic Area in compliance with applicable legislation.

SCC = Standard Contractual Clauses, DPF = Data Privacy Framework

7. Data Subject rights

Data Subjects may exercise the rights provided for by art. 15–22 GDPR:
- Right of access of the data subject (Art. 15)
- Right to rectification (Art. 16)
- Right to erasure (Art. 17)
- Right to restriction of processing (Art. 18)
- Obligation to notify in the event of rectification or erasure of personal data or restriction of processing (Art. 19)
- Right to data portability (Art. 20)
- Right to object (Art. 21)
- Right to object to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects the data subject (Art. 22)

The exercise of these rights can be done by writing to: [email protected]

The user has the right to lodge a complaint with the Data Protection Authority: www.garanteprivacy.it
Response time: 30 days from request.

8. Minors

The site is not intended for children under the age of 14.

9. Links to third-party sites

The Data Controller is not responsible for the privacy policies of third-party sites.

The data may be communicated to technical suppliers in charge of site management (hosting, maintenance, security), newsletter platforms, statistical analysis services and social networks integrated into the site. These parties act as data processors or as independent data controllers, depending on the services offered.

SCC = Standard Contractual Clauses, DPF = Data Privacy Framework

10. Cookie

Consult the Cookie Policy.

11. Updates

The Privacy Policy may be updated.

Last Update: 27/03/2026