Privacy Policy

Your Personal Information and How We Use It

1) INFORMATION ABOUT THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE DATA CONTROLLER

1.1 We are pleased that you have visited our website and thank you for your interest. Below you will find information about the processing of your personal data while using our site. Personal data are any data that allow you to be personally identified.

1.2 The data controller on this website, pursuant to the General Data Protection Regulation (GDPR), is [Store Name]. The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential information (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the "https://" string and the padlock symbol in the browser bar.

2) DATA COLLECTION DURING NAVIGATION ON OUR SITE

During informational use of our website, i.e., when you do not register or send us other information, we collect only the data your browser sends to our servers (so-called "server log files"). When you access our site, we collect the following data that are technically necessary to display the site:

  • Visited website

  • Date and time of the visit

  • Amount of data transferred in bytes

  • Source/reference from which you came to the page

  • Browser used

  • Operating system used

  • IP address used (possibly in anonymous form)

Processing takes place pursuant to Article 6(1)(f) of the GDPR, based on our legitimate interest in improving the stability and functionality of our site. The data is not disclosed or used for other purposes. However, we reserve the right to review the server log files later if there are concrete indications of illegal use.

3) COOKIES

To make our website more attractive and to enable certain features, we use cookies on various pages. These are small text files stored on your device. Some cookies we use are deleted at the end of the browser session (so-called session cookies). Other cookies remain on your device and allow us or our partners (third-party cookies) to recognize your browser on your next visit (persistent cookies). Cookies collect and process specific information about the user, such as browser data, location, and IP addresses. Persistent cookies are automatically deleted after a predetermined period, which varies depending on the cookie.

Some cookies simplify the purchase process, for example by storing the contents of the shopping cart for a future visit. If cookies implemented by us also process personal data, this processing is carried out pursuant to Article 6(1)(b) GDPR for contract execution or Article 6(1)(f) GDPR to protect our legitimate interests in improving site functionality and ensuring a user-friendly and efficient visit.

We may cooperate with advertising partners who help us make our website more interesting for you. To this end, cookies from advertising partners (third-party cookies) may be stored during your visit. If we cooperate with advertising partners, we will inform you separately and specifically about their use and the types of data collected.

You can configure your browser to notify you when cookies are set and decide individually whether to accept them or exclude acceptance of cookies in certain cases or generally. Each browser is different in how it manages cookie settings. Specific instructions on how to change cookie settings can be found in the help menus of each browser. Links for each browser are available here:

  • Internet Explorer: Link

  • Firefox: Link

  • Chrome: Link

  • Safari: Link

  • Opera: Link

Please note that if you do not accept cookies, the functionality of our site may be limited.

4) CONTACTS

When you contact us (e.g., via contact form or email), personal data is collected. Which data is collected via the contact form is visible in the respective form. These data are processed exclusively to respond to your inquiry or to manage contact and related technical management. The legal basis for data processing is our legitimate interest in responding to your inquiry pursuant to Article 6(1)(f) GDPR. If your contact aims to conclude a contract, the additional legal basis is Article 6(1)(b) GDPR. Your data will be deleted after completing the request, provided the case is resolved and except for legal retention obligations.

5) DATA PROCESSING FOR CREATING A CUSTOMER ACCOUNT AND CONTRACT MANAGEMENT

Pursuant to Article 6(1)(b) GDPR, personal data is also collected and processed when provided to us for the execution of a contract or for opening a customer account. The data collected is visible in the respective input forms. Deleting your customer account is possible at any time and can be done by contacting the data controller at the address above. We store and use the data you provide to execute the contract. After full execution of the contract or deletion of your customer account, your data is blocked for the duration of statutory retention periods (tax and commercial) and deleted at the end of those periods, unless you consent to further use or there is another legal basis for data processing, which we will inform you about separately.

6) USE OF YOUR DATA FOR DIRECT MARKETING

6.1 Subscription to our newsletter via email

If you subscribe to our newsletter via email, we will regularly send you information about our offers. The only mandatory data for sending the newsletter is your email address. Providing other data is optional and used to contact you personally. We use the so-called double opt-in method for sending newsletters. This means we send the newsletter only after you have expressly confirmed you want to receive it. You will receive a confirmation email asking you to click a link to confirm.

By activating the confirmation link, you consent to the use of your personal data in accordance with Article 6(1)(a) GDPR. We store the IP address recorded by your ISP and the date and time of subscription to trace any misuse of your email address. The data collected during subscription is used exclusively for advertising via newsletter. You can unsubscribe at any time via the link in the newsletter or by contacting https://elio-milano.it/.

6.2 Direct marketing by email and other commercial communications

If you are a customer and have provided your email address during purchase, we will regularly send you information about offers similar to those you have bought. This is based on our legitimate interest to send marketing communications regarding similar products pursuant to Article 6(1)(f) GDPR. You can object at any time free of charge via the unsubscribe link or by contacting https://elio-milano.it/.

6.3 Use of your data for behavioral advertising

For behavioral advertising, your data may be used to personalize ads based on your interests. This process is automatic, and we may use external marketing partners to optimize our advertising. Your data is pseudonymized. Processing is based on your consent via our cookie management system pursuant to Article 6(1)(a) GDPR. You can change or revoke consent anytime.

7) DISCLOSURE OF DATA TO THIRD PARTIES

Your personal data may be disclosed to third parties only to fulfill contractual obligations (e.g., payment processing, delivery). If we cooperate with partners for data processing (e.g., payment platforms, shipping companies), we ensure they adopt all necessary measures to protect your data and use it exclusively for contract execution purposes. Data processing is governed by agreements requiring confidentiality and security.

8) RETENTION PERIOD FOR PERSONAL DATA

Your personal data will be stored as long as necessary to fulfill the purposes for which it was collected. Afterwards, data will be kept as required by law (e.g., for tax or legal reasons). When no longer needed, data will be deleted or anonymized.

9) YOUR RIGHTS AS A DATA SUBJECT

You have the right to access your personal data and request corrections, deletions, or restrictions of processing, as well as to object to processing. In particular, you may exercise the following rights:

  • Right of access: Request a copy of your personal data processed by us.

  • Right to rectification: Request correction of inaccurate or incomplete data.

  • Right to erasure: Request deletion of your data when conditions under Article 17 GDPR apply.

  • Right to restriction: Request limiting processing while data accuracy is verified or processing is disputed.

  • Right to be informed: When rectification, erasure, or restriction is made, be informed of recipients unless impossible or disproportionate.

  • Right to data portability: Receive your data in a structured, commonly used format or request transfer to another controller.

  • Right to withdraw consent: Revoke consent at any time without affecting prior processing.

  • Right to lodge a complaint: File a complaint with a supervisory authority if you believe GDPR has been violated.

To exercise these rights, contact us via https://elio-milano.it/.

12) RETARGETING / REMARKETING / INTEREST-BASED ADVERTISING

Facebook Custom Audience via Pixel

Our website uses the Facebook Pixel from Facebook Inc. to monitor user behavior after viewing or clicking Facebook ads. This helps evaluate and optimize ad effectiveness. Data collected is anonymous to us but processed by Facebook according to their privacy policy. Consent is required before use. Users under 13 must get parental consent. You can disable cookies via your browser or third-party tools.

Google AdWords Remarketing

We use Google AdWords Remarketing to show ads on Google Search and other sites. Google places a cookie to enable interest-based advertising. Processing is based on our legitimate interest under GDPR. Additional processing occurs with your consent if you link browsing history with your Google account. You can disable ad personalization cookies via Google’s settings or other browser settings.

13) DATA SUBJECT RIGHTS

13.1 GDPR grants several rights to data subjects regarding personal data processing, including access, rectification, erasure, restriction, opposition, portability, consent withdrawal, and complaint rights. See details above.

13.2 Right to object: If processing is based on legitimate interests, you can object to processing for reasons related to your situation. We will stop processing unless we have overriding legitimate grounds or legal claims. You can also object to direct marketing processing at any time.

14) DURATION OF DATA STORAGE

Personal data storage duration depends on legal retention requirements (e.g., tax and commercial laws). After expiry, data will be deleted unless needed for contract execution or other legitimate purposes.