GDPR

1. Legal Basis

This data protection policy is drawn up in accordance with Regulation (EU) 2016/679 (GDPR) and the current legislation on data protection in Italy.

It regulates how personal data processed through the website is collected, processed, stored, and protected.

Data processing is carried out in compliance with the principles of lawfulness, fairness, transparency, purpose limitation, and data minimization.

2. Data Controller

The data controller of personal data is the store management unit, responsible for the technical and organizational administration of the information provided by users in the context of using the digital services offered through the website.

Data processing is carried out exclusively for purposes related to order management, communication with users, and the proper functioning of services.

3. Types of Data Collected

During the use of the website, the following categories of personal data may be collected:

Contact data: email address, phone number (optional), shipping or billing address
Order and transaction data: products purchased, amounts, payment method used
Technical and usage data: IP address, browser type, date and time of access, preferences, cookies

Data can be provided directly by the user or collected through technical tools necessary for the proper functioning of the website.

4. Purposes and Legal Bases of Processing

Personal data is processed for the following purposes:

execution of purchase contracts and order management
fulfillment of legal and administrative obligations
protection of the legitimate interests of store management, including service improvement and prevention of misuse
ensuring the security and proper technical functioning of the website

Processing is based on contract performance, legal obligations, legitimate interests, or the express consent of the user.

The user can withdraw any consent given at any time, without affecting the lawfulness of processing carried out before the withdrawal.

5. Data Retention and Security

Personal data is kept only for the time necessary to achieve the purposes indicated above.

For administrative and legal reasons, order data can be stored for up to 10 years.
Data processed on the basis of consent is kept until its withdrawal.

Adequate technical and organizational measures are adopted to prevent unauthorized access, loss, disclosure, or alteration of data.

Information is stored on secure servers using security protocols and SSL encryption systems.

6. User Rights

Pursuant to articles 15 to 22 of the GDPR, the user has the right to:

· obtain information about the personal data processed

· request the rectification or update of data

· request the deletion of data

· obtain the restriction of processing

· request data portability

· object to processing for legitimate reasons

· withdraw consent at any time

· lodge a complaint with the competent supervisory authority in Italy

Requests related to the exercise of these rights can be sent via email to customer service.

7. Policy Update

This data protection policy may be updated periodically to reflect regulatory changes or technical adjustments.

Changes take effect upon their publication on the website. Users are advised to consult this policy regularly.

8. Contacts

For any questions regarding this data protection policy, you can contact us via:

Email: info@la-credenza.com
Phone: +39 347 506 7899
Address: Via Cigno, 1 66100 Chieti (CH) Italy
Service hours: Monday to Friday, 9:00 to 18:00

Service area: Italy