PRIVACY POLICY

PRIVACY POLICY

INFORMATION ON THE PROCESSING OF PERSONAL DATA

pursuant to and for the purposes of Art. 13 of the European Regulation 2016/679 regarding the protection of individuals with regard to the processing of personal data (GENERAL DATA PROTECTION REGULATION – GDPR)

As required by the General Data Protection Regulation (GDPR 2016/679, Article 13) of the European Union, before proceeding with the processing, the data subject (user of the website www.banderari.com) is informed that the personal data collected through the site are processed by the Company using IT and/or telematic tools for the purposes indicated in this notice.

For this purpose, the data subject is subject to the Privacy Policy prepared by Sartoriale Srls (hereinafter also referred to as “BANDERARI.COM,” “BANDERARI,” “the Company,” or “the Data Controller”), the creator and promoter of the activities available on the website www.banderari.com.



Data Controller

The Data Controller is Sartoriale Srls, with its registered office at Via Anastasio de Filis 3, Terni, VAT number: 01716430556.

The Company has appointed a Data Protection Officer (DPO) in accordance with Articles 37 and following of the European Regulation 2016/679, identified as Dr. Laura Pernazza.

This person can be contacted for clarifications and questions regarding the processing of personal data at the following email address: info@banderari.com.

For further information on the rights of the data subject, please refer to the paragraph titled “Rights of the Data Subject” in this notice.



Information on Processing

The personal data being processed are collected directly by Sartoriale Srls, by third parties expressly authorized by it, or communicated by the Company to these third parties to pursue the purposes described below.



Legal Basis and Purpose of Processing

The personal data provided by the user while browsing the website www.banderari.com are processed by the Data Controller in compliance with current personal data protection regulations.

The legal basis of the processing is identified in the provision of the Company’s services, the management and facilitation of the website, as well as the establishment, execution, and potential termination of the online sales contract concluded between the parties and the obligations connected to and/or directly or indirectly derived from it.

The processing of personal data by BANDERARI aims to achieve the following purposes:

  1. Subscription to the BANDERARI.COM Newsletter: With the user’s consent, personal data will be processed to send commercial or promotional communications, updates on trends, new arrivals, exclusive offers, special events, and promotions. To unsubscribe, simply click the link at the bottom of received emails or write to info@banderari.com.
  2. Registration on BANDERARI.COM: With the user’s consent, personal data will be processed for website registration to create a personal account, speed up purchase procedures, allow the user to view order statuses, update account settings, and save favorite items to the Wishlist.
  3. Online Shopping Activities: Personal data will be used to establish, manage, execute, and/or conclude the online sales contract. This includes managing payment, shipping, returns, customer support, and related administrative-accounting purposes. For payments made by credit card, relevant data (e.g., card number, expiration date) will be processed securely by third-party providers such as Banca Sella – Worldpay – Adyen.
  4. Profiling: With explicit consent, personal data may be used for profiling activities, such as analyzing preferences to create personalized content and offers.

Nature of Data Provision

  • For purpose 1, data provision and consent are optional, but refusal prevents subscription to the newsletter.
  • For purposes 2 and 3, data provision and consent are mandatory. Refusal prevents registration or order management.
  • For purpose 4, data provision and consent are optional, but refusal prevents profiling and personalized content.


Personal Data Processed

The processed data include name, surname, email address, and information necessary for online sales services (e.g., payment and shipping details).



Methods of Data Processing and Retention

The processing is conducted using IT and telematic tools with appropriate security measures to prevent unauthorized access, modification, or loss. Data is stored on servers located in the European Union for the time strictly necessary to fulfill the purposes outlined.



Recipients of Data

Data will not be disclosed but may be shared with:

  • Public or private entities in compliance with legal obligations;
  • Banks, technical service providers, couriers, and consultants for service execution.


Data Transfer Abroad

Personal data may be transferred outside the EU in compliance with GDPR provisions, ensuring adequate safeguards for non-EU countries.



Rights of the Data Subject

The user may exercise their rights under Articles 15–21 of the GDPR, including:

  • Access to data;
  • Correction of inaccurate data;
  • Deletion of data;
  • Restriction of processing;
  • Portability of data to another controller;
  • Objection to data processing.

Requests can be submitted via email to banderari@gmail.com.



Changes to This Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time and will notify users on the website. Users are encouraged to review this page regularly.

Privacy Policy last updated on 25/06/2018.