top of page

Privacy Policy

 

Notice on Personal Data Processing pursuant to Regulation (EU) 2016/679 of the European Parliament and Council (GDPR). Effective as of May 24, 2023.

 

PREFACE

 

This notice complies with the GDPR and Italy’s Privacy Code (Legislative Decree June 30, 2003, No. 196). It’s based on the Italian Data Protection Authority (Garante)’s guidelines, especially the anti-spam guidelines issued on July 4, 2013.

 

Data Controller:

GIANLUCA DI MOLFETTA – VAT No. 04134051202 – Via de’ Marchi 19 b, Bologna – Email: info@20zero3.com

 

Applicable to: https://www.20zero3.shop/ (“the Site”).

 

The Data Controller has not appointed a DPO (Data Protection Officer). You can direct any information requests to the Controller.

 

 

GENERAL INFORMATION

 

This document explains how the Controller processes your personal data collected on the Site. It includes legal bases, mandatory fields, and consequences of not providing data. It also clarifies when data processing does not occur. If you provide data about third parties, you confirm you have obtained their consent and you indemnify the Controller accordingly.

 

Registration on the Site

 

Data provided on registration are used to grant access to reserved areas and online services. The legal basis is the necessity of pre-contractual measures. Providing data is optional, but refusal prevents registration.

 

Purchases on the Site

 

Data are processed to enable purchases, fulfill the sales contract, and comply with fiscal obligations. The legal basis is contract performance or legal requirement.

Additionally, under Article 130 of the Privacy Code, your email may be used for “soft-spam” (marketing similar products) unless you object. The legal basis is the Controller’s legitimate interest, which aligns with your interest in receiving such communications. You may also receive reminder emails to complete purchases, based on the same legal basis.

 

Responding to Your Inquiries

 

Your data will be used to respond to your queries. Provision is optional, but refusal impedes response. Legal basis: legitimate interest to assist users.

 

General Marketing

 

With your consent, data may be used for advertising and/or newsletters regarding products or third-party offers. This is optional, and refusal means you won’t receive such communications.

 

Profiling

 

With your consent, profiles may be created based on your purchase habits to send targeted communications. Optional; refusal means no profiling or targeted ads.

 

Data Transfer

 

Personal data will not be sold to third parties.

 

Geolocation

 

The site does not geolocate users by IP.

 

Curriculum Vitae

 

The Site does not accept CV submissions. Your data won’t be used for this purpose.

 

Appointment Booking

 

No online appointment systems exist. Appointments can be arranged via the contact details provided.

 

Data Sharing

 

Data may be communicated (not sold) to public authorities and professional service providers (legal, fiscal, logistic, CRM platforms, etc.) only as needed. No third-party customer‑care services are used. Carriers may receive data for delivery. This list may be updated; check this notice periodically.

 

Legal and Regulatory Compliance

 

Data may also be used to fulfill legal obligations.

 

 

SPECIFIC PRIVACY INFORMATION

 

Article 1 – Processing Methods

    1.    Processing is primarily electronic/automated, with appropriate security measures under the GDPR.

    2.    Data collected are relevant, limited to services offered, and stored securely.

    3.    No special categories of data (racial, health, etc.) are collected.

    4.    No judicial data are processed.

 

Article 2 – Data Recipients

 

The Controller may share data with:

    •    Public authorities under legal obligation;

    •    Public or private entities when necessary for legal compliance (law firms, tax offices, courts, etc.);

    •    Employees or collaborators for Site operation;

    •    IT service providers for site maintenance;

    •    External platforms for email communications (CRM);

    •    Postal/courier services.

The list may be updated — please consult regularly.

 

Article 3 – Data Retention

 

Processing retention periods:

    •    Only as long as necessary for service delivery.

    •    For sales contract fulfillment: 10 years from order date (for defense of legal rights).

    •    Customer-care data: deleted after support ends.

    •    Invoices and accounting records: 10 years, per Civil Code article 2220.

    •    On request, account deletion will remove all personal data.

    •    Marketing data: retained until consent withdrawal; inactive user emails deleted after 1 year.

Specific legal retention obligations may require longer storage.

 

Article 4 – Data Transfer

 

4.1 The Controller is based in the EU; transfers within the EU comply with GDPR. Data may be transferred to countries with EU adequacy decisions.

4.2 Data may also go to countries without adequacy decisions (e.g., USA); in such cases, the Controller will adopt Standard Contractual Clauses per June 4, 2021, EC approval.

4.3 Specific data transfers may trigger the application of the destination country’s laws, in addition to GDPR.

On request, more favorable user-country legislation will apply.

 

Article 5 – Data Subject Rights

 

Under Article 13 of the GDPR, you have the right to:

    •    Access, rectification, erasure, restriction, objection, and portability of your data;

    •    Withdraw consent at any time (without affecting prior processing);

    •    Lodge a complaint with a supervisory authority.

Requests may be made informally using the contact info provided.

 

Article 6 – Changes & Miscellaneous

 

The Controller reserves the right to update this notice at any time, always ensuring equivalent protection of your data. Significant changes may be communicated via email. Please review it regularly.

revoca

proporre reclamo a un’autorità di controllo (es.: il Garante per la protezione dei dati personali).

I diritti di cui sopra potranno essere esercitati con richiesta rivolta senza formalità ai contatti indicati in Premessa.

 

Art. 6. Modifiche e Miscellanea

 

Il Titolare del Trattamento si riserva il diritto di apportare modifiche alla presente informativa in qualsiasi momento, dandone idonea pubblicità agli utenti del Sito e garantendo in ogni caso una adeguata ed analoga protezione dei dati personali. Al fine di visionare eventuali modifiche, Lei è invitato a consultare con regolarità la presente informativa. In caso di modifiche sostanziali alla presente informativa privacy, il Titolare del Trattamento ne potrà dare comunicazione anche tramite email

bottom of page