top of page

PRIVACY POLICY

​

​

This Privacy Policy provides users of this site (the “Site”) with the fullest and clearest information on the processing of their personal information through the Site under the General Data Protection Regulation (GDPR) and the Personal Data Protection Code.

Pursuant to statutory requirements, this Privacy Policy also indicates:

  • The nature of the personal information processed;

  • The purposes and means of the processing of personal information;

  • The identity and contact details of the Data Controller(s);

  • The contact details of the Data Protection Officer (DPO);

  • Any third parties involved in the processing activities;

  • The retention period of personal information;

  • The security measures adopted to protect personal information;

  • The privacy rights of users.


 

This Privacy Policy applies to the Site only and does not concern any website or platform to which the Site may link.

Users with fewer than 16 (sixteen) years old are not allowed to consent to the processing of Personal information without parental authorization.



 

DATA PROCESSOR AND CONTROLLER


 

Under the GDPR, the controller is the subject that, alone or jointly with others, determines the purposes and means of the processing of personal information.

The joint controllers for the data processing related to the activities of the Site are:

  • Michela Gaiofatto, with registered offices in Sant’Urbano, via Papa Luciani 10 - 35040 PD, Italy

  • (the "Controllers")


 

There is a designated Data Protection Officer to ensure that the Site processes personal information in compliance with the GDPR. The DPO can be contacted for any enquiries at the following email address: info@gaiofatto.com.

With respect to personal information of non-registered users who have opted to receive newsletters and marketing communications, Michela Gaiofatto acts as Controller and processor of these activities.



 

PERSONAL INFORMATION. PURPOSES OF PROCESSING.


 

“Personal information” means any information relating to users and that identifies them personally, either alone or in combination with other information.

Personal information is collected automatically by the Site or received via multiple sources: forms, chat, e-mail, apps, devices, social media and other means.

The Site processes personal information in various shapes for the following purposes:


 

• BROWSING DATA


 

The Site collects non-sensitive browsing data by automatic means in order to enable and improve user navigation (e.g., IP address, date/time of the visit and its length, any referring URL, the pages visited on the Site, the device used and other information).

The processing of such information allows users to access the Site and fully enjoy its features and services. Furthermore, browsing data may be used to verify that the Site is functioning properly.

From time to time, browsing data are processed anonymously for statistical purposes.

Browsing data are unlikely to allow identification of the relevant data subject. However, by their very nature, browsing data may allow identification of the users if associated with other information.

The browsing data described above are stored only temporarily in compliance with the applicable law.


 

• ORDERS


 

At checkout, the Site asks users to provide personal information for the essential purpose of fulfilling their purchase orders and comply with contractual obligations (e.g., name and surname, e-mail address, delivery address, etc.).

Such personal information is also essential for the Customer Service to assist customers on enquiries and for any related necessity, before or after the sale (for instance, with respect to the order delivery status or on product returns).

Personal information related to orders will be stored as long as required to comply with contractual obligations and with the applicable tax and financial reporting obligations.

The Site may also verify the payment instruments used by customers to purchase on the Site (e.g. credit or debit card, etc.) for the main purpose of preventing fraudulent activities or pursuant to the applicable anti-money-laundering laws. As full reliance for payment verification is given to third party payment processors, the Controllers do not process or store any financial information belonging to customers.

Failure to provide the personal information required at checkout will prevent users from completing an order on the Site.

Based on its legitimate interest to improve its relationship with customers, the Site will send to the latter email, communications with product suggestions, discounts, feedback requests or other updates. Customers are always free to unsubscribe from such email communications (for instance, by clicking on the “unsubscribe link” at the bottom of each email).


 

• SITE REGISTRATION


 

When users opt to register a personal Site account, they are asked to submit personal information (e.g., date of birth, gender, etc.). The Site clearly indicates which personal information is mandatory (or not) to set up a Site account.

Users must submit personal information that is true and accurate at the moment of registration and are invited to maintain their personal information up-to-date (if any modification occurs) by logging into the personal account to make all relevant changes.

Users who choose to enable or log in to their Site account via social media, should be aware that when they connect their Site account to a social media account, the Site collects certain personal information the User has already provided to that social media (for example, the email address and public profile on Facebook).

The Controllers do not oversee or control such social media services or the user’s profiles on these services, and do not establish privacy settings or rules for how personal information on those services will be used. Users are highly encouraged to read all policies and information regarding the applicable social media services to learn more about how they process personal information.


 

• NEWSLETTER AND MARKETING COMMUNICATIONS


 

On the Site, users can opt to receive newsletters and commercial communications.

The Site always collects the explicit, free and unambiguous consent of users prior to submitting newsletters and marketing communications to these users or, more in general, before undertaking electronic marketing initiatives dedicated to them.

In such cases, users may be invited to submit personal information in addition to their e-mail address (e.g., gender, country of residence, etc.) for the purpose of having newsletter and marketing communications tailored to the user profile.

Users can always easily withdraw their consent from receiving newsletters and commercial communications in the following ways:

  • Through their account settings;

  • By clicking on the ‘unsubscribe’ link in any of such email;

  • By contacting our Customer service at info@gaiofatto.com.


 

With respect to personal information of non-registered users who have opted to receive newsletters and marketing communications, Michela Gaiofatto acts as the sole Controller and processor of these activities.


 

• PROFILING


 

Under the explicit user’s consent, newsletter and marketing communications may be tailored to the user “profile”, based on the personal information the Site collects or receives about the concerned user.

With respect to the customers of the Site, it is in the Site’s legitimate interest to process personal information to offer more interesting products, to improve the Site and to personalize the products offered on the Site.

The main purpose of profiling is to propose products, services and initiatives more responsive to the tastes, shopping habits and interests of users and customers.

Personal information may be also used for remarketing, retargeting or profiling purposes, including via third parties (e.g., social networks, etc.).

Neither the Site nor the Controllers will ever carry out any profiling activities relating to children.


​

​

Last update: July 2019

bottom of page