Privacy policy

Privacy Policy

 

1. Data Controller

The data controller is VASO s.r.l., with registered office at VIA IV GIUGNO 15/17 – 20013 – MAGENTA (MI), VAT No. IT10567910962.

2. Type of data collected

a) Data provided voluntarily: name, surname, email address, shipping address, telephone number, payment information, etc., when you place orders, sign up for the newsletter, contact support, or use the WhatsApp button.

b) Technical/browsing data: IP address, browser type, operating system, data on how you navigate the site (pages visited, time, traffic source), server logs.

c) Cookies and similar technologies (see Cookie Policy) that allow the collection of data for technical, analytical, and (with consent) profiling/marketing purposes.

3. Purpose of processing

Your data may be processed to:

  • fulfill the sales contract (order, shipping, invoicing);

  • manage newsletter subscriptions and send promotional communications, if you consent;

  • provide customer support;

  • fulfill legal and accounting obligations;

  • perform statistical analyses and improve the website;

  • personalized marketing activities, if you consent (e.g., sending offers based on your purchases/interests).

4. Legal basis for processing

  • Contract / performance of the contract (for orders).

  • Express consent (for the newsletter, marketing, profiling).

  • Legal obligations.

  • Legitimate interests of the data controller (e.g., site security, fraud prevention, service improvement), to the extent that your interests and rights do not prevail.

5. Data Retention

The data will be retained for the time necessary to fulfill the purposes for which it was collected (e.g., until the order is completed, until the end of the business relationship) and for the periods required by law (e.g., tax regulations).
The data collected via newsletters/consent may be retained until you withdraw your consent.

6. Data Recipients

The data may be disclosed to:

  • service providers (shipping, payment, hosting, customer support);

  • internal collaborators who need the data to fulfill their duties;

  • competent authorities if required by law;

  • marketing/advertising partners, only if you have provided specific consent.

7. Transfer to Third Countries

If the data is transferred outside the European Union, this will only be done in accordance with applicable EU regulations (e.g., through standard contractual clauses) and ensuring an adequate level of protection.

8. Data Subject Rights

You have the right to:

  • obtain access to your data;

  • rectify inaccurate data;

  • erase data ("right to be forgotten");

  • restrict processing;

  • object to processing, including marketing/profiling activities;

  • data portability (in the cases provided for).

You can exercise these rights by contacting the data controller at the contact details indicated.

9. Withdrawal of Consent

When processing is based on your consent (newsletter, profiling, marketing), you can withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

10. Data Security

We adopt appropriate technical and organizational measures to protect data from unauthorized access, loss, destruction, or alteration.

11. Changes to the Policy

This privacy policy may be updated. The most recent version is always available on the website.
Any substantial changes will be communicated.