Privacy Policy
Last updated: January 2025
1. Data Controller
The Data Controller of the personal data collected and processed through the Italian and European stores of the website www.ciprianifood.com (“Website”) is:
Cipriani Industria S.r.l.
Registered office: Via Capo d’Argine 45,
Losson della Battaglia – Meolo (VE), Italy
Tax Code and VAT No.: 01836320273
Email: privacy@cipriani.com
This privacy notice does not apply to the USA store, for which a separate policy is available.
2. Definitions
-
Personal Data: Any information that identifies or makes a natural person identifiable, directly or indirectly.
-
Usage Data: Technical data collected automatically during browsing (IP address, browser, pages visited, time spent, etc.).
-
User / Data Subject: The natural person to whom the data refers.
-
Data Processor: Any party processing data on behalf of the Controller.
-
Service: The features and operations of the Website.
3. Types of Data Collected
Depending on how the Website is used, we may collect:
-
Personal and contact details (name, email, phone, billing/shipping address)
-
Order and transaction data (products, value, payment info)
-
Navigation and behavioral data (pages visited, items added to cart)
-
Cookie-based data (analytics, remarketing, profiling)
-
Voluntarily provided data (newsletter signup, contact forms)
Data is:
-
Mandatory for contractual and legal purposes
-
Optional for marketing and profiling purposes
4. Purpose and Legal Basis of Processing
Purpose | Legal Basis | Requirement |
---|---|---|
Order processing, shipping, customer support | Contract (Art. 6.1.b) | Mandatory |
Legal and fiscal obligations | Legal obligation (Art. 6.1.c) | Mandatory |
Site security and fraud prevention | Legitimate interest (Art. 6.1.f) | Mandatory |
Marketing communications and newsletters | Explicit consent (Art. 6.1.a) | Optional |
Statistical analysis | Consent / Legitimate interest | Optional |
Basic profiling for marketing | Consent (via cookie banner) | Optional |
5. Processing Methods and Security
Data is processed using electronic tools and appropriate technical and organizational security measures to protect confidentiality, integrity, and availability, in accordance with Article 32 of the GDPR.
6. Location of Processing and Transfers Outside the EU
Data is processed at the Controller’s locations and via cloud infrastructures (e.g., Magento, Klaviyo, GA4) that may be located outside the European Economic Area.
Transfers are carried out based on:
-
Standard Contractual Clauses (SCCs)
-
Additional safeguards as necessary
-
Participation in the Data Privacy Framework (where applicable)
7. Data Retention
Data is retained in line with the principle of minimization:
-
Order and billing data: up to 10 years
-
Marketing data: until consent is withdrawn
-
Usage data: as outlined in the Cookie Policy
After expiration, data will be deleted or anonymized.
8. Rights of the Data Subject
At any time, Users may exercise their rights under Articles 15–22 of the GDPR, including the right to:
-
Access, correct or delete personal data
-
Object to or restrict processing
-
Request data portability
-
Withdraw consent at any time
-
File a complaint with the Data Protection Authority (www.garanteprivacy.it)
Requests should be sent to: privacy@cipriani.com
9. Cookies and Tracking Technologies
The Website uses Cookiebot to manage cookie consent.
Cookies used include:
-
Technical (essential)
-
Analytical (e.g. GA4)
-
Profiling (e.g. Meta, Klaviyo)
-
Third-party cookies
Users can change their preferences at any time via the cookie banner.
For more details, see our Cookie Policy.
10. Updates to this Privacy Policy
This policy may be updated over time. In case of significant changes, appropriate notification will be provided on the Website.