Privacy Policy
Last updated: May 17, 2026
This Privacy Policy describes how FISÒ Gioielli (hereinafter "we", "the Data Controller") collects, uses, and protects the personal data of users who visit the website fisogioielli.com and make purchases. The document is drafted in accordance with EU Regulation 2016/679 (GDPR) and Legislative Decree 196/2003 as amended by Legislative Decree 101/2018.
1. Data Controller
FISÒ Gioielli
Email: info@fisogioielli.com
Email for privacy requests: privacy@fisogioielli.com
Full details (company name, VAT number, registered office) will be updated upon VAT registration.
2. What data we collect
Data voluntarily provided by the user
- Contact data: name, surname, email, phone number
- Shipping data: full postal address
- Payment data: managed directly by payment providers (Stripe, PayPal, Klarna). FISÒ Gioielli does not store credit card details or bank account information on its servers
- Communications: content of emails or messages sent via contact forms, social media, WhatsApp
Automatically collected data
- Navigation data: IP address, browser type, operating system, pages visited, duration of visit, referring site
- Cookies and similar technologies: details in our Cookie Policy
3. Purpose and legal basis for processing
| Purpose | Legal basis | Retention |
|---|---|---|
| Order fulfillment, shipping, invoicing | Performance of contract (Art. 6.1.b GDPR) | 10 years (tax obligations) |
| Service communications (tracking, confirmations) | Performance of contract | 10 years |
| Customer support | Legitimate interest / performance of contract | 2 years from last contact |
| Newsletter and marketing | Explicit consent (Art. 6.1.a GDPR) | Until consent is withdrawn |
| Aggregated statistical analysis | Legitimate interest | 14 months (Google Analytics) |
| Fulfillment of legal obligations | Legal obligation | As per law |
4. Disclosure of data to third parties
Your data may be communicated to the following parties exclusively for the purposes indicated above:
- Shopify Inc. (e-commerce platform management and hosting) — servers in EU/USA with standard contractual clauses
- Spocket / third-party suppliers (order fulfillment) — limited to strictly necessary shipping data
- Couriers (BRT, GLS, Poste Italiane, DHL, etc.) for delivery
- Stripe, PayPal, Klarna for payment processing
- Brevo (formerly Sendinblue) for sending marketing and transactional emails
- Google LLC for anonymous statistical analysis (Google Analytics 4)
- Meta Platforms / TikTok for advertising conversion tracking purposes (only with prior cookie consent)
- Competent authorities in case of legal obligations or justified requests
Your data is not sold or transferred to third parties for commercial purposes.
5. Data transfers outside the EU
Some of our providers (e.g., Shopify, Google, Meta) also have servers outside the European Union. In such cases, the transfer occurs based on standard contractual clauses approved by the European Commission, adequacy decisions where they exist, or other safeguards provided for in Articles 44-49 of the GDPR.
6. Your rights
At any time, you can exercise the following rights (Art. 15-22 GDPR):
- Access to the data we process about you
- Rectification of inaccurate or incomplete data
- Erasure ("right to be forgotten")
- Restriction of processing
- Data portability (receive your data in a readable format)
- Objection to processing for marketing or legitimate interest
- Withdrawal of consent at any time
- Complaint to the Data Protection Authority (www.garanteprivacy.it)
To exercise these rights, please write to: privacy@fisogioielli.com. We will respond within 30 days of the request.
7. Data security
We adopt appropriate technical and organizational security measures to protect your data from unauthorized access, loss, alteration, or disclosure. The website uses encrypted HTTPS connection on all pages.
8. Changes to the policy
We may update this policy over time. The date of the last update is indicated at the top of the document.
For any questions or requests: privacy@fisogioielli.com