GDPR

1. Legal Basis

This data protection statement is drawn up in accordance with Regulation (EU) 2016/679 (GDPR) and current legislation on data protection in Italy.

It governs how personal data processed through the website is collected, processed, stored, and protected.

Data processing is carried out in compliance with the principles of lawfulness, fairness, transparency, purpose limitation, and data minimization.

2. Data Controller

The data controller for personal data is the store management unit, responsible for the technical and organizational administration of information provided by users when using the digital services offered through the website.

Data processing occurs solely for purposes related to order management, communication with users, and the proper functioning of the services.

3. Types of Data Collected

During the use of the website, the following categories of personal data may be collected:

Contact data: e-mail address, telephone number (optional), shipping or billing address
Order and transaction data: products purchased, amounts, payment method used
Technical and usage data: IP address, browser type, date and time of access, preferences, cookies

Data may be provided directly by the user or collected through technical tools necessary for the proper functioning of the website.

4. Purposes and Legal Basis for Processing

Personal data is processed for the following purposes:

execution of purchase contracts and order management
fulfillment of legal and administrative obligations
protection of the legitimate interests of store management, including service improvement and prevention of misuse
ensuring the security and proper technical functioning of the website

Processing is based on contract performance, legal obligations, legitimate interests, or the explicit consent of the user.

The user may revoke any consent given at any time, without affecting the lawfulness of processing carried out before the revocation.

5. Data Retention and Security

Personal data is retained only for the time necessary to achieve the purposes indicated above.

For administrative and legal reasons, order-related data may be retained for up to 10 years.
Data processed on the basis of consent is retained until such consent is revoked.

Appropriate technical and organizational measures are adopted to prevent unauthorized access, loss, disclosure, or alteration of data.

Information is stored on secure servers using security protocols and SSL encryption systems.

6. User Rights

Pursuant to Articles 15 to 22 of the GDPR, the user has the right to:

· obtain information about processed personal data

· request the rectification or update of data

· request the erasure of data

· obtain restriction of processing

· request data portability

· object to processing for legitimate reasons

· revoke consent at any time

· lodge a complaint with the competent supervisory authority in Italy

Requests concerning the exercise of these rights can be sent via e-mail to customer service.

7. Update of the Policy

This data protection policy may be updated periodically to reflect regulatory changes or technical adjustments.

Changes come into effect upon their publication on the website. Users are advised to regularly consult this policy.

8. Contacts

For any questions regarding this data protection policy, you can contact us via:

E-mail: info@430arreda.com

Phone: +39 06 7230264

Address: Via di Tor Vergata 430, 00173 Roma Rome, Italy
Hours: Monday to Friday, 9:00–18:00 (CET)
Service Area: Italy