Privacy Policy for Assaggia Roma
1. Introduction
At Assaggia Roma, accessible via assaggiaroma.com, we are committed to protecting your privacy and safeguarding your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Your trust is important to us, and we are dedicated to maintaining your privacy in all our operations.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of assaggiaroma.com, including visitors, account holders, and customers who engage with our services. The data controller responsible for your personal data is Assaggia Roma, contactable at [email protected].
This policy governs all personal data collected through our website and associated services. By using assaggiaroma.com, you consent to the practices described herein.
3. Categories of Data Processed
We collect and process various categories of personal data depending on how you interact with our website and services:
3.1 Usage Data
Includes information about your visits and navigation paths, IP address, browser type and version, referring sources, and session duration. This data helps us understand and improve our digital infrastructure and user experience.
3.2 Account Data
Provided when you create an account or place an order; includes your name, billing and shipping addresses, email address, phone number, and login credentials.
3.3 Profile Data
Includes information related to your preferences, past purchases, saved items, and usage behavior while engaging with our website.
3.4 Communication Data
Encompasses records of correspondence via email or contact forms, including customer service requests, feedback, and inquiries.
3.5 Technical Data
Includes details about the device you use to access assaggiaroma.com, such as operating system, device type, browser plug-ins, and system configuration.
3.6 Transaction Data
Covers information related to payments and purchases, including order details, payment method, billing history, and shipping tracking information. We do not store full payment card details; these are processed securely through compliant payment gateways.
3.7 Preference Data
Includes your marketing and communication preferences, opt-in and opt-out records, and interests expressed in our product offerings.
4. Legal Bases for Processing
We process your personal data based on one or more of the following legal grounds, depending on the nature of your interaction:
– Contractual Necessity: To perform a contract with you or take steps at your request prior to entering into one (e.g., processing orders).
– Consent: Where you have given explicit permission (e.g., for marketing emails).
– Legitimate Interests: For purposes such as improving our website, fraud prevention, and business operations, where such interests are not overridden by your rights and interests.
– Legal Obligation: When required to comply with a legal obligation (e.g., accounting, tax compliance).
5. Your Rights
Under applicable data protection laws, you have the following rights in regard to your personal data:
– Right of Access: To obtain confirmation as to whether we process your data and access to that data.
– Right to Rectification: To correct any inaccurate or incomplete data.
– Right to Erasure: To request deletion of your personal data, subject to legal exceptions.
– Right to Restrict Processing: To limit how we use your data under certain circumstances.
– Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust security measures to ensure data integrity, confidentiality, and availability, including:
– Data encryption (in-transit and at-rest where appropriate)
– Access controls and authentication protocols
– Secure backups and disaster recovery planning
– Internal staff training on data protection policies
Despite these safeguards, no online system is entirely immune from threats, and we encourage users to take appropriate precautions.
7. International Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure adequate protections are in place, such as Standard Contractual Clauses approved by the European Commission or other legally approved mechanisms. We also ensure our third-party service providers adhere to appropriate privacy and data handling standards.
8. Data Retention
We retain your personal data only as long as necessary for the stated purposes or to meet legal, regulatory or operational requirements:
– Usage Data: retained for 24 months for analytics purposes.
– Account Data: retained for the duration of your active engagement with us, and up to 6 years thereafter for legal compliance.
– Transaction Data: held for 6 years for accounting and tax requirements.
– Communication and Profile Data: retained for 24 months after the last interaction unless consent is withdrawn earlier.
– Marketing Preference Data: retained until opt-out or consent is withdrawn.
Upon expiry of retention periods, data is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies to provide functionality, enhance performance, analyze traffic, and deliver tailored content. Cookies fall into the following categories:
– Essential Cookies: Necessary for the website’s core functions, such as shopping cart and user login.
– Functional Cookies: Remember your preferences and settings to enhance usability.
– Analytics Cookies: Help us understand user behavior through anonymized data collection.
– Performance Cookies: Monitor and improve website performance and load times.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, users are presented with a cookie banner on their first visit to assaggiaroma.com. You can manage your preferences at any time through our Cookie Settings interface, allowing you to opt in or out of specific categories. Additionally, most browsers enable you to control cookie behavior at the device level.
11. Children’s Privacy
Assaggia Roma does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have collected information from a child without verifiable parental consent, we will promptly delete such data. Parents or guardians who believe we may have collected personal information from a child may contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy from time to time to reflect changes in technology, legal requirements, or our data processing practices. Material updates will be communicated via notices on assaggiaroma.com or other appropriate channels.
13. Contact
If you have questions regarding this Privacy Policy or how your personal information is handled, or if you wish to exercise your privacy rights, you may contact us by email at:
We are fully committed to ensuring your information is processed securely and in compliance with all relevant privacy regulations. Please feel free to contact us with any concerns or requests related to your privacy.