I know you are very serious about your privacy – me, too!

This GDPR Policy informs you about the steps I have taken in connection with the new General Data Protection Regulation (GDPR), which came into force across European Member States on May, 25 2018. It introduced significant changes to the existing Data Protection Directive aimed at increasing the level of data protection and assigning data subjects the rights and obligations to control the transfer and processing of their personal data.

Data Security

The GDPR provides clients and users with full visibility into how their data is being stored and transmitted as well as more transparency and control over their data. Choosing a GDPR-compliant language service provider is more important today than ever before. The translation of a single document into multiple languages may triple the number of handoffs involved. Indeed, localization is often a global endeavor which is built on the skills of several linguists and other specialists around the world, including EU citizens. As a result, language service providers fall directly under the GDPR requirements. Unfortunately, some of them still rely on poor practices for managing and transmitting clients’ data and project information. Every weak point affecting the localization supply chain will inevitably be multiplied by any language and process added to the workflow.

To comply with the new regulation, I have assessed and improved my security hygiene by undertaking a reorganization of data management aimed at a consolidated and better-structured data flow, which will guarantee accuracy and privacy to each individual whose information is stored in my database for the purpose of maintaining a professional relationship. I have implemented suitable security measures and procedures to prevent security breaches and ensure the safe processing and storage of personal data.

Please read my Data Security Policy to learn more about how I secure your personal data.


In the context of these new regulatory circumstances, I wish to ensure transparency as regards my data management. To this end, I wish to inform you about the kind of personal data I hold, how I use it and for what purposes.

Personal data, including identity, profile and contact data, is collected fairly and lawfully. Pursuant to the GDPR, I will collect and process your personal data for specific purposes only, such as to provide you with services under the terms of a contract, to develop the services on offer and improve your overall experience or to comply with a legal or regulatory requirement. I will not sell or otherwise disclose your personal data to any third party unless where required by law. Furthermore, I will not transfer your personal data outside the European Economic Area (“EEA”), where it is secured in accordance with EU-level standards of data protection, in full compliance with the requirements of the GDPR.

For all of the aforementioned, the EU General Data Protection Regulation provides a legal framework, which I observe throughout the data management lifecycle. The data retention period is determined and regulated by the GDPR, with which I am fully compliant. However, I value my relationship with any person interested in my language services and wish to stay in touch with them for as long as they deem it desirable. Therefore, every electronic communication I may send you from my contact database contains the option for you to withdraw your consent by clicking on the unsubscribe button. Alternatively, you may email me at translation@leonardolamalfa.eu at any time and ask to be unsubscribed from all or part of my contact database. This way, I am seeking to make it as easy for you to withdraw your consent as it is to initially provide it to me.

If you wish to know more about how I process your personal data and respect your rights, please read my full Privacy Policy.