Free shipping on all orders from €95 in Italy and selected European countries.

Il Maestro      Il Team       Le Pasticcerie      I Pop-Up Store     Customer Service     Aziende e Rivenditori

Search
0 Cart
Search
0 Cart
Cerca i nostri prodotti

Privacy Policy


What is this document? Pursuant to art. 13 European Reg. n. 679/2016 (“General Data Protection Regulation” or “GDPR”) and in compliance with the principles contained therein, Iginio Massari S.r.l. intends to inform each user (the “User”) about the processing of personal data happening on its website www.iginiomassari.it


Controller and Contact details

Iginio Massari S.r.l. (hereinafter “Controller”, pursuant to art. 4(7) GDPR)

with registered offices in via Orzinuovi 117, 25125 Brescia

Contact: privacy@iginiomassari.it

Purposes of processing, Legal Basis, Personal Data and Retention period

The Controller processes Personal Data for the following purposes, as specified here in below. The table also shows the legal basis which justifies the processing and the period of data retention.

Purposes

Personal Data

Legal Basis

Data Retention

Account creation and management.

✓ Anagraphic information (Name and surname)

✓ Contact details (email)

Performance of pre contractual provisions [Art. 6, 1, lett. b) GDPR]

Until the User deletes the account and in any case not later than 24 months from the date of last contact.

Manage the purchase and the shipment of products.

✓ Anagraphic information (Name and surname)

✓ Contact details (address, email, phone number)

Performance of a contract [Art. 6, 1, lett. b) GDPR]

Until the User deletes the account and in any case not later than 24 months from the date of last contact.

Contact e customer care.

✓ Anagraphic information (Name and surname)

✓ Contact details (emai, phone numberl)

✓ Order history

Performance of pre contractual provisions [Art. 6, 1, lett. b) GDPR]

For the period of time necessary to answer the customer.

Newsletter.

✓ Anagraphic information (Name and surname)

✓ Contact details (email)

Consent [Art. 6, 1, lett. a) GDPR]

Until withdrawal of consent and in any case not later than 24 months from the date of last contact.

Send materials for marketing purposes.

✓ Anagraphic information (Name and surname)

✓ Contact details (email)

✓ Shipping address

Consent [Art. 6, 1, lett. a) GDPR]

Until withdrawal of consent and in any case not later than 24 months from the date of last contact.

Profiling to analyze your purchasing habits in order to address commercial proposals.

✓ Anagraphic information (Name and surname)

✓ Contact details (email)

✓ Shipping address

Consent [Art. 6, 1, lett. a) GDPR]

Until withdrawal of consent and in any case not later than 12 months from the date of last contact.

Recruit and select applicants.

✓ Anagraphic information (Name and surname)

✓ Contact details (email)

✓ Professional information

Performance of pre contractual provisions [Art. 6, 1, lett. b) GDPR]

2 years.

Allow the Controller to accomplish all formalities required by law.

✓ Anagraphic information (Name and surname)

✓ Contact details (email)

Legal obligation [Art. 6, 1, lett. c) GDPR]

Until the expiry of the data retention period, as provided by the applicable law.

Improve the Website by analyzing how Users navigate and/or use the Website.

✓ IP Address

Legitimate interest

[Art. 6, 1, lett. f) GDPR]

Not applicable (aggregate or anonymous data).

Detecting or preventing fraudulent activity and exercising the Controller's rights in Court

✓ Anagraphic information

✓ Contact details

Legitimate interest

[Art. 6, 1, lett. f) GDPR]

10 years.

In case the User prefers not to communicate mandatory and/or necessary data for the fulfilment of certain purposes, the Controller reserves the right to not provide the service through its Website.

Processing modalities

The processing of Personal Data will take place through automated and/or manual tools in order to ensure proper security measures to prevent access, disclosure, loss, incorrect, illegal or unauthorized use of data.

Data sharing

Your Personal Data may be shared with the following subjects, on a need-to-know basis and in accordance with applicable Privacy Laws: (i) Internet service providers and platforms used by the Controller as organisation tools, channels of communication and/or promotion (e.g. Shopify Inc. for the payment management whose privacy policy is available at the following link); ii) consultants and other third-party service providers who perform services for us or on our behalf and require access to such information to do that job, e.g. Klaviyo Inc. for CRM services; iii) couriers and shipping providers.

All of the relations with the subjects listed above are - and will be - formalized with a contract pursuant to Art. 28 GDPR (Data Protection Agreement or “DPA”). The names of all authorized personnel are available under request to the Data Controller, at privacy@iginiomassari.it .


Personal data will be processed by internal staff specifically authorized under Article 29 of the GDPR.


Data Processing Locations

Personal data are processed at the headquarters of the Controller, as well as in the servers that host the website www.iginiomassari.it. Personal data will be stored in servers located in the EEA territory and will not be transferred outside of EEA. Data Controller ensures that when using cloud providers established outside the EEA, the processing of personal data by these recipients is carried out in accordance with applicable law. Transfers shall be carried out by means of appropriate safeguards, such as adequacy decisions, standard contractual clauses approved by the European Commission or other safeguards provided for in the GDPR.

Data subject’s rights

The User may exercise all the rights provided for by Articles 15-21 of GDPR, at any time and without unjustified limitations, by contacting the Data Controller at privacy@iginiomassari.it. Requests shall be filed free of charge and processed by the Controller within 30 days.

Specifically, the User can:

  • Obtain from the controller confirmation as to whether or not personal data are being processed (Art.15);

  • Obtain from the controller the rectification of inaccurate personal data (Art. 16);

  • Obtain from the controller the erasure of personal data (Art. 17);

  • Obtain from the controller restriction of processing (Art. 18);

  • Have the right to receive the personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (Art. 20);

  • Have the right to object (Art. 21);
  • Revoke consent at any time;

Complaints

In any case, Users are always entitled to lodge a complaint with the competent supervisory authority (Garante per la Protezione dei Dati Personali), under Art. 77 of the Regulation, if they believe that the Data Controller’s processing of their Personal Data is in violation of the applicable law.

Amendments

The Controller reserves the right to amend and update the Privacy Policy as a result of any further new or revised provisions of any national and EU laws and regulations on personal data protection.

Last updated: 22/12/2021 - V.1.1




Informazioni sul tipo di consegna


Consegna a casa
Faucibus vitae molestie nec amet ultrices rhoncus vitae. Gravida nisl, semper netus orci imperdiet risus hendrerit fusce accumsan.

Nulla sem risus eu purus velit. Vel elementum orci pellentesque volutpat nulla. Ultrices praesent tortor, etiam et in aliquam porttitor.


English