Privacy Policy

PRIVACY AND COOKIE POLICY OF THE SITE WWW.NONNASILIVI.COM

Dear Interested Party,

Below is all the information relating to the data processing carried out on the e-commerce site www.nonnasilvi.com (hereinafter the Website) or that originate from orders, contact requests and other operations carried out by you using the same features.

This document (hereinafter the "Information") has been drawn up to allow you to understand how your personal data will be processed when using the Site and to provide you with all the information so that you can also express explicit and informed consent to the processing carried out, where necessary.

As a preliminary matter, the collection and processing of your personal data that you provide or that is collected through the Site will take place in accordance with the principles and rules established by EU Regulation 679/2016 and the relevant Italian legislation, and therefore compliant with criteria of lawfulness, fairness, transparency, purpose and retention limitation, data minimization, accuracy, integrity, and confidentiality.

Information Index

1. Processing and data collected, purposes and legal bases
2. The Data Controller
3. The Data Protection Officer
4. Data Recipients
5. The data retention period
6. The rights of the interested party
7. Cookie policy of the Site
8. Changes to this Policy

1. Processing and data collected, purposes and legal bases

1.a Conclusion of the contract and execution of sales contracts through the functions of the Site

On the Site, in application of the general contract conditions (https://nonnasilvi.com/pages/termini-e-condizioni), the following personal data is collected: the Buyer's first and last name, billing information and information for issuing related tax documents, shipping information, such as the recipient's name, residential or home addresses, and contact information such as telephone number and email address. Please note that online payments are handled by external platforms (Paypal/Shopify) and not by the Site owner; these merchants are therefore the sole and exclusive Data Controllers of the data processed in connection with the payment, and the Data Subject is encouraged to read the privacy policies of those platforms and the banking services used.

The purpose of this data collection is to enable the conclusion of the sales contract between the Data Controller and the Interested Party/Buyer, as well as the performance of the contract thus formed, including the preparation and execution of the shipment of the purchased goods, as well as after-sales support. The collection is also aimed at maintaining contact with the customer throughout all of the aforementioned phases, according to any specific needs indicated by the Interested Party.

Furthermore, the collection and processing of personal details and other data required for billing are necessary for proper accounting. Failure to provide this information in full may prevent or significantly delay the execution of the sales contract for the ordered goods.

The legal bases for the collection and processing in question are: the establishment and full and exact execution of the contract with the interested party (see art. 6, § 1, letter b) of the Regulation.EU 2016/679); fulfillment of legal obligations incumbent on the Data Controller, for example by virtue of the statute, Italian tax and fiscal legislation, public procurement and anti-mafia legislation (Article 6, paragraph 1, letter c) of EU Regulation 2016/679).

1.b General newsletter of the products on sale on the Site

On the Site, the interested party can decide to subscribe to the general newsletter service relating to the products present or promoted on the Site. Only the following personal data is collected: name, email address, using CAPTCHA protection.

The purpose of this data collection is to send a newsletter containing general promotional information, which is therefore in no way personalized to the purchases and interests of the Data Subject. Subscribing to the newsletter does not entail the creation of a personal profile on the Site, which can be requested separately by the Data Subject.

The legal basis for this data collection and processing is the express consent of the Data Subject (Article 6, paragraph 1, letter a) of EU Regulation 2016/679). If consent is not provided, the Data Subject may still order products on the Site.

1.c Browsing data, Statistical surveys and analyses with aggregated data on the interaction and use of the Site

For detailed information on this collection and processing, please refer to the Site's Cookie Policy(https://nonnasilvi.com/pages/politica-sulla-privacy). The data in question may include cookies, Site usage data, and anonymized data such as numeric identifiers (ISP) that do not allow the Data Subject's identity to be traced in any way.

The purpose of the processing is to allow the Site manager to optimize its operation and the offering of products to the public, including for the planning of marketing and remarketing campaigns for the Site and the products offered for sale therein.

The legal bases for the collection and processing provided here are: the express consent of the interested party for all browsing data other than technical cookies and those necessary for the functioning of the site (Article 6, § 1, letter a) of EU Regulation 2016/679); The Data Controller's legitimate interest for all other cookies, as they are necessary for the correct and optimal display and navigation of the Site, for its operation, and to improve both the user experience and the selection of goods offered for sale, also taking into account the Data Subject's chosen device. This does not preclude the overriding interests, rights, or fundamental freedoms of the Data Subject, who, as a user of the Site, by browsing the Site also gives explicit consent to such automated and/or anonymous processing and may delete or disable cookies at any time, as indicated in the Cookie Policy (Article 6, Section 1, letters a) and f) of EU Regulation 2016/679). Failure to provide consent, or disabling or deleting cookies or other browsing data, may prevent the Data Subject from browsing the Site or its proper functioning.

Beyond the collection and processing operations indicated above and the related limitations, no other personal data is collected or processed on the Site, and the Data Subject will always be updated promptly and in advance of any changes to the collection or processing to which his or her personal data is subjected on the Site.

2. The Data Controller

The Data Controller is solely and exclusively the company Nonna Silvi S.r.l.Benefit Company, in the person of its legal representative pro tempore, with registered office in Via delle Cascine, 1/a – 50051 Castelfiorentino (FI), P.IVA And C.F. 07347870482, registration at R.E.A. from the C.C.I.A.AFlorence n. FI-697257, PEC nonnasilvisrl@pec.itFor communications regarding the personal data of the interested parties, the following email address is active: [nonnasilvicommerciale@gmail.com].

The Data Protection Officer (DPO)

The processing carried out on the Site does not require the appointment of a Data Protection Officer (DPO) because the Data Controller and its Data Processors do not conduct regular or systematic monitoring or large-scale processing of data necessary to perform the services provided, even if simply connected to or ancillary to the Data Controller's core activities. For any information, you can always contact the Data Controller at the following email address: [insert email for privacy].

4. Data Recipients

Your Personal Data may be shared with the parties listed below (the "Recipients"): parties who typically act as data processors (internal and external), namely: i) individuals, companies, or professional firms that provide assistance and advice to the Data Controllers in accounting, administrative, legal, tax, and financial matters; owners of websites linked to the Site via cookies and other features; parties with whom it is necessary to interact for the provision of the Services (e.g., the Newsletter); parties delegated to perform technical maintenance activities (including maintenance of network equipment and electronic communications networks); persons authorized by the Data Controllers to process Personal Data necessary to carry out activities strictly related to the provision of the Services, who have committed to confidentiality or are under an appropriate legal obligation of confidentiality (e.g., employees of the Data Controllers); parties, entities, or authorities to whom it is mandatory to disclose your Personal Data for compliance purposes, or to prevent abuse or fraud, or by order of the authorities.

Your data is generally processed and stored within the EU. In the event that a data controller needs to transfer your data, even partially, outside the EU, such transfer will only occur to countries expressly recognized as offering a level of protection equivalent to that of the EU, or such transfer will be based on appropriate safeguards, in particular the standard contractual clauses approved by the EU Commission.

For any information you can always contact the owner at the following email address: [nonnasilvicommerciale@gmail.com].

5. Data retention period

All personal data collected is retained for the period of time necessary and sufficient to correctly perform the service requested by the interested party and in any case no longer than thirty days from receipt of your legitimate request for deletion.

Without prejudice to the foregoing, the data relating to the execution of the sales contract will be retained for the correct delivery of the goods to the interested party and, in particular, the data used for issuing invoices or other transport or tax documentation will be retained until the applicable statute of limitations and forfeitures have expired, also to allow the Data Controller to provide after-sales and warranty services, or to defend its legitimate rights and interests in out-of-court and judicial proceedings (e.g., litigation).debt collection or other disputes relating to the products).

Newsletter data and browsing data (cookies) will be retained until the data subject withdraws consent. The data subject may suspend processing at any time and resume it in the future by providing their personal data again. In the event of withdrawal of consent, a specific log will be kept to demonstrate the granting and withdrawal of consent, should the data subject or the competent supervisory authority request it.

6. Rights of the interested party

The interested party may exercise all of the following rights:

1. Access your personal data pursuant to art. 15 of EU Regulation 2016/679. This right also includes the right to obtain a copy of the personal data collected and processed by the Data Controller. After verifying the legitimacy of the request, the Data Controller will provide the requested information and a copy of the data. In the event of manifestly unfounded or excessive requests, including repetitive requests, the Data Subject must pay the Data Controller an appropriate fee, based on the administrative costs incurred by the Data Controller in processing the request.
2. Request the rectification of your personal data pursuant to Art. 16 of EU Regulation 2016/679. The Data Controller will communicate such rectification to any recipients of the personal data pursuant to Art. 19 of EU Regulation 2016/679, unless this is impossible or involves disproportionate effort, while the Data Subject retains the right to know the identity of the recipients.
3. Request the deletion of your personal data (so-called right to be forgotten) pursuant to and within the limits established by Art. 17 of EU Regulation 2016/679. The Data Controller will communicate this request for deletion to any recipients of the personal data pursuant to Art. 19 of EU Regulation 2016/679, unless this is impossible or involves disproportionate effort, while the Data Subject retains the right to know the identity of the recipients.
4. Request restriction of processing of your personal data pursuant to and within the limits established by Art. 18 of EU Regulation 2016/679. The Data Controller will communicate this restriction request to any recipients of your personal data pursuant to Art. 19 of EU Regulation 2016/679, unless this is impossible or involves disproportionate effort. The Data Subject reserves the right to know the identity of these recipients.
5. Object to the processing of your personal data pursuant to and within the limits of art. 21 of EU Regulation 2016/679.
6. Request the portability of your personal data, pursuant to and within the limits established by Art. 20 of EU Regulation 2016/679. The Data Controller reserves the right to verify the technical feasibility of transferring the data to another data controller indicated by the Data Subject on a case-by-case basis.
7. Without prejudice to any processing that has already taken place, you may revoke any consent you have already given at any time for processing based on this legal basis.
8. Lodge a complaint with a supervisory authority pursuant to art. 77 of EU Regulation 2016/679.

The interested party may address their requests to the Data Controller using the contact details provided above.

7. Cookie policy of the Site

A cookie is a small file that a website asks the browser used by the user to store on the device, so as to remember certain information, such as the preferred language or login data.These cookies are called first-party cookies. The Data Controller also uses third-party cookies—i.e., cookies created and made available by a party other than the Data Controller—for example, to enable effective online promotional and marketing initiatives for our products.

Below is information relating to the various cookies used by the Site and which may be installed on your devices while browsing the Site.

Strictly Necessary Cookies

These cookies are necessary for the Site to function and cannot be switched off. They are usually set in response to actions made by you on the Site that amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the Site may not work if you block them.

These cookies do not store your personal information and therefore do not require your express consent.

Performance cookies

These cookies allow us to count visits to the Site and their origin: this data allows us to measure and improve the Site's performance, to identify which pages are most and least popular, and to see how visitors interact with the Site. All this information collected by cookies is automatically aggregated and analyzed anonymously.

You have the option to refuse consent to the use of these cookies.

Social media cookies

These cookies are created by a range of social media services that we have added to the site to allow you to share our content with your friends and networks. These cookies allow us to track your browser activity on other sites and thus build a profile of your interests. These cookies affect the content and advertising you see on other websites you visit.

You have the option to refuse consent to the use of these cookies.

Functional Cookies

These cookies enable the Site to provide enhanced functionality and personalization. They allow us to offer you additional services, either independently or with the help of third parties who make their services available on our Site.

If you do not consent to these cookies, some or all of these services may not function.

Targeting Cookies

These cookies are set by our advertising partners.

They can be used by these companies to build a profile of your interests and show you relevant ads on other sites. They do not directly store personal information and are based only on identifying your browser and device.

If you reject these cookies, you will experience less targeted advertising on sites other than the Site.

To disable cookies, except those strictly necessary, you can refuse them when you first access the Site using the refuse function on the appropriate banner or by clicking on the "x” of the banner itself. Alternatively, after prior acceptance, you can disable the Site's cookies through the functions of the internet browser you choose for browsing.For further information, please refer to the support information for the most popular internet browsers. Please note that this information is not verified by us as it relates to third-party services:

The list of cookies:

Cookie Domain Description Duration Type keep_alive nonnasilvi.com The keep_alive cookie is used to maintain a user's session active on a website, preventing automatic logout during periods of inactivity. 1 hour Necessary secure_customer_sig nonnasilvi.com Shopify sets this cookie to be used in connection with customer login. 1 year Necessary localization nonnasilvi.com The localization cookie stores user preferences for language and region to provide a personalized browsing experience. 1 year Necessary cart_currency nonnasilvi.com Shopify sets this cookie to remember the user's country of origin and populate the correct transaction currency. 14 days Necessary _tracking_consent .nonnasilvi.com Shopify sets this cookie to store a user's preferences if a merchant has set up privacy rules in the visitor's region. 1 year Necessary _cmp_a .nonnasilvi.com The _cmp_a cookie is typically used for consent management, helping websites comply with legal requirements by storing user consent preferences. 1 day Necessary _shopify_y .nonnasilvi.com This cookie is associated with Shopify's analytics suite. 1 year Analytics _shopify_s .nonnasilvi.com This cookie is associated with Shopify's analytics suite. 1 hour Analytics _orig_referrer .nonnasilvi.com Shopify sets this cookie to be used in connection with shopping cart. 14 days Analytics _landing_page .nonnasilvi.com Shopify installs this cookie to track landing pages. 14 days Analytics CLID www.clarity.ms Microsoft Clarity sets this cookie to store information about how visitors interact with the website. The cookie helps to provide an analysis report. The data collection includes the number of visitors, where they visit the website, and the pages visited. 1 year Analytics _shopify_sa_t .nonnasilvi.com Shopify sets this cookie for marketing & referrals. 1 hour Analytics _shopify_sa_p .nonnasilvi.com Shopify sets this cookie for marketing & referrals. 1 hour Analytics shopify_pay_redirect nonnasilvi.com Shopify sets this cookie to enable secure online payment and checkout. 1 hour Necessary __kla_id nonnasilvi.com Klaviyo sets this cookie to collect information on the visitor's behavior.This information is used for internal analytics and to optimize the website. It also registers if the visitor has subscribed to a news letter. 1 year 1 month 4 days Analytics _clck .nonnasilvi.com Microsoft Clarity sets this cookie to retain the browser's Clarity User ID and settings exclusive to that website. This guarantees that actions taken during subsequent visits to the same website will be linked to the same user ID. 1 year Analytics _clsk .nonnasilvi.com Microsoft Clarity sets this cookie to store and consolidate a user's pageviews into a single session recording. 1 day Analytics _fbp .nonnasilvi.com Facebook sets this cookie to store and track interactions. 3 months Analytics MUID .bing.com Microsoft Bing sets this cookie to identify unique web browsers visiting Microsoft sites. These cookies are used for advertising, site analytics, and other operational purposes. 1 year 24 days Advertisement MR .c.bing.com This cookie, set by Bing, is used to collect user information for analytics purposes. 7 days Analytics SRM_B .c.bing.com Used by Microsoft Advertising as a unique ID for visitors. 1 year 24 days Performance SM .c.clarity.ms Microsoft Clarity cookie set this cookie for synchronizing the MUID across Microsoft domains. session Analytics MUID .clarity.ms Microsoft Bing sets this cookie to identify unique web browsers visiting Microsoft sites. These cookies are used for advertising, site analytics, and other operational purposes. 1 year 24 days Advertisement MR .c.clarity.ms This cookie, set by Bing, is used to collect user information for analytics purposes. 7 days Analytics ANONCHK .c.clarity.ms The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well. 10 minutes Advertisement lastExternalReferrerTime nonnasilvi.com never Other klaviyoOnsite nonnasilvi.com never Other lastExternalReferrer nonnasilvi.com never Other getItem nonnasilvi.com never Other setItem nonnasilvi.com never Other removeItem nonnasilvi.com never Other clear nonnasilvi.com never Other length nonnasilvi.com never Other key nonnasilvi.com never Other user-location-data nonnasilvi.com session Other _cltk nonnasilvi.com session Other klaviyoPagesVisitCount nonnasilvi.com session Other _pay_session shop.app Shopify sets this cookie to enable secure checkout and payment function on the website. session Necessary

8. Changes to this Policy

This policy will be reviewed regularly by the Data Controller and updated if changes are made, to be communicated to the Data Subjects. Any changes will be appropriately reported on the Website and through other means, where appropriate. In any case, the Data Controller will not initiate any new or different processing without first informing the Data Subjects.