Privacy Policy
Privacy Policy for the website www.23baullari.it
The protection of our users’ personal data is a fundamental aspect for us. In this policy, you will find all the information that allows you to understand what data we collect, why we collect it, and how we use it, in compliance with current regulations (Legislative Decree 196/03, as amended by Legislative Decree 101/18 and EU Regulation 2016/679, known as the GDPR).
For any questions, please contact the Data Controller at the details listed in Table 1. We will make every effort to respond as soon as possible.
1. Data Controller
Table 1 below contains the details of the Data Controller and the channels through which you may contact them:
Table 1
| Data Controller | 23 Baullari di Alfonso Fioramonti |
| Postal address | Via dei Baullari, 23 |
| info@23baullari.it | |
| Certified email (PEC) | alfonsofioramonti@pec.cgn.it |
| Phone | 0645481134 |
Throughout this policy, 23 Baullari di Alfonso Fioramonti may also be referred to as the “Controller” or “23 Baullari.”
2. Data Processed
2.1. Data Collected through the Service
The Controller collects only the personal data that the user voluntarily provides when registering on the website and using the Service, or technical information related to the use of traffic analysis systems or necessary for the proper functioning of the website itself.
Personal data that may be collected from users through the Service includes:
- First name
- Last name
- Shipping address
- Email address
2.2. Data Collected through the Website
No personal data is required to browse the public section of the Website (i.e., the section freely accessible to all users).
However, when browsing publicly accessible pages of the Website, some navigation data may be automatically collected, including:
- IP addresses
- URIs (Uniform Resource Identifiers) of requested resources
- Time and method used to submit requests to the server
- Numeric status codes of server responses (success, error, etc.)
Navigation data relates to the user’s operating system and computing environment, the transmission of which is implicit in the use of Internet communication protocols.
To access restricted content on the Website, or for any contact with the Controller — such as sending emails to the company addresses listed in the Website footer — the user’s data shall be considered acquired and processed in full compliance with applicable regulations. Such data may include information provided during registration and use of restricted areas, such as (in addition to the personal data already mentioned) username, password, security questions and answers, any uploaded identity documents, etc.
Upon first connecting to the website, a banner is displayed with a brief notice about the use of cookies; the user may accept it and express their consent.
Users may contact the Data Controller through the communication channels listed in Table 1 of this policy.
On such occasions, users may voluntarily provide various data, including:
- Email address (inherent to submitting a request)
- Phone number (if contact is made via that channel)
- First name
- Last name
3. Purpose of Processing
23 Baullari processes personal data provided by the user through the Service or Website solely in connection with the use of the Service (e-commerce) or the Website itself.
In particular, the user’s personal data may be used for the following purposes:
- Provision of the Service (shopping cart management, checkout process management) and Website functionalities (such as registration, access to restricted areas, or communication with the Controller).
- Processing of payment and billing data. The Controller will process the user’s personal data solely to facilitate purchases related to the Service and to process payments made, including through the Website. Under no circumstances will the Controller collect the user’s banking data, as all payments are made via PayPal or bank transfer.
The purposes listed above are subject to the user’s consent.
Mr. Fioramonti and his associates will not use the data provided for purposes other than those listed above, to which the user has consented, and only within the limits indicated from time to time in any additional specific notice accompanying a different, specific service that may be requested by the user.
The user’s data will never be sold, rented, or otherwise transferred by the Controller to third parties. The user is the sole owner of their data and may request its modification or deletion at any time: see the “User Rights” section below.
4. Retention of Personal Data
The Controller will retain the user’s information as required by applicable regulations and, in any case, for the time necessary to provide the requested services.
The user retains the right to delete their data from the website, as well as to modify their access credentials.
After this period, the user’s data will be permanently deleted (subject to legal obligations).
5. Security and Transfer of Personal Data
The transfer, storage, and processing of user data collected through the Service and the Website are ensured through appropriate technical measures.
User data is collected, archived, and stored on a secure server located in Italy.
Communications take place via the HTTPS protocol, and data stored in the database is protected by access credentials.
6. Transfer of Data to Third Parties
The Controller does not transfer users’ personal data to third parties. However, data may be shared with third parties for certain processes, such as couriers, technical consultants, and IT specialists.
Only where required by law will personal data be provided to the competent Authorities.
7. International Data Transfers
Processed data will not be transferred to countries outside the European Union. Should any software or procedures require such a transfer in the future, the Controller will ensure it occurs only to countries that can guarantee an adequate level of security, as demonstrated through adequacy decisions, standard contractual clauses, or BCRs (Binding Corporate Rules).
8. User Rights (Data Subject)
At any time, the user has the full right to exercise the rights provided for under applicable regulations, including the following:
- Right of access and to obtain a copy of personal data: The data subject has the right to know whether the Controller holds data relating to them, the origin, purposes and categories of data collected, the recipients to whom such data is sent (both within and outside the EU), the existence of any automated decision-making or profiling processes, and the data retention period.
- Right to rectification and erasure of personal data: The data subject may request the Controller to modify, update, supplement, or delete the data in its possession.
- Right to restriction of processing: The data subject may request the Controller to limit access to the data in its possession, i.e., to make it no longer available for various processing operations.
- Right to withdraw consent: The data subject may withdraw consent to processing at any time without this affecting the lawfulness of the processing carried out prior to withdrawal.
- Right to data portability: The data subject may exercise this right where processing is necessary for the performance of a contract and the data subject has given consent to the processing of their data. The data subject may request that their data be sent in a clear, machine-readable format not requiring proprietary software, or, where technically feasible, that it be automatically transmitted to the new Controller.
- Right to object: The data subject may raise objections by contacting the Data Controller or the supervisory authority (Garante).
Right of opposition The data subject may oppose the processing where their interests override the legitimate interest of the Controller.
To exercise one or more of the rights listed above, please contact the Data Controller at the details provided in Table 1.
9. Cookies
For information regarding the use of cookies on the Website, please read the Cookie Policy available at the following link: https://www.23baullari.it/cookie-policy/