Consent to data processing (GDPR)

This site uses technical cookies and, subject to consent, also profiling cookies. For more information, click here: Read.

Privacy Policy (GDPR)

In accordance with Regulation (EU) 2016/679 (GDPR), this policy describes how and for what purposes we process personal data collected through the website dallalidia.com.

 

1. Data Controller

 

The data controller is:

  • dalla lidia srl

  • Registered office: Via Baldassarre Galuppi, 215, 30142 Burano (VE)

  • VAT No.: 04373780271

  • Email: [insert contact email]

 

2. Data Collected

 

We collect the following personal data:

  • Data provided directly by the user: name, surname, address, email, phone number, billing, and shipping details provided during the purchase or registration process.

  • Navigation data: technical data such as IP address, browser type, pages visited, collected automatically for the proper functioning of the site.

  • Payment data: financial transactions are managed through the XPay payment gateway. Payment data (e.g., credit card number) is not stored on our servers but is handled directly by the service provider.

 

3. Purpose and Legal Basis of Processing

 

Your personal data is processed for the following purposes:

  • Contract execution: to manage and complete purchase orders and product shipping. Processing is necessary for the performance of a contract to which you are a party (Art. 6.1, lett. b GDPR).

  • Fulfillment of legal obligations: to comply with fiscal and administrative regulations. Processing is necessary to comply with a legal obligation (Art. 6.1, lett. c GDPR).

  • Marketing (with your consent): to send commercial communications or promotions. This processing occurs only if you have given explicit consent (Art. 6.1, lett. a GDPR).

  • Website security and management: to monitor the proper functioning of the website and prevent fraudulent activity.

 

4. Processing Methods

 

Data is processed electronically, with adequate security measures to prevent loss, unlawful use, or unauthorized access. Processing is carried out by authorized internal staff and, if necessary, by service providers (e.g., couriers, payment processors) acting as Data Processors.

 

5. Data Retention Period

 

Data collected for contractual purposes are retained for the time necessary to manage the commercial relationship and, subsequently, for the period required by law for fiscal and administrative purposes. Data processed for marketing purposes are retained until consent is revoked.

 

6. Rights of the Data Subject

 

You have the right to:

  • Access your personal data.

  • Request the rectification of inaccurate data.

  • Obtain the erasure (right to be forgotten).

  • Object to processing or request its restriction.

  • Obtain data portability.

  • Withdraw consent to processing at any time.

To exercise these rights, you can contact the Data Controller at the email provided above. You also have the right to lodge a complaint with a supervisory authority (e.g., the Italian Data Protection Authority).