Privacy Policy
Language:
Close

Privacy Policy

Last updated: 23/01/2026

1. Data Controller

The Data Controller is AndRed.it di Savarin Andrea.
Email: info@andred.it
PEC (certified email): andrea.savarin@pec.it

2. Categories of personal data

Depending on how you use the website, we may process:

  • Technical and usage data: IP address, user-agent, device/browser identifiers, system logs, security events, website usage data.
  • Data you provide: name, email, phone (if provided), shipping/billing address (if applicable), the content of messages sent via forms or email.
  • Orders/payments data (if applicable): order and delivery information, payment status. Payments are handled by providers; we typically do not process full card details.
  • Privacy preferences and consents: cookie/tracking choices.

3. Purposes and legal bases

We process personal data for:

  1. Website operation and security (necessary cookies, security, debugging, abuse prevention).
    Legal basis: legitimate interests and/or technical necessity to provide the service.
  2. Handling contact requests and support.
    Legal basis: contract/pre-contract measures or legitimate interests.
  3. Order fulfilment, delivery, returns (if applicable), including fulfilment by third-party suppliers/logistics.
    Legal basis: performance of a contract.
  4. Legal/accounting/tax compliance (if applicable).
    Legal basis: legal obligation.
  5. Analytics and experience improvement.
    Legal basis: consent, where non-necessary cookies/tracking are used.
  6. Newsletter, marketing, remarketing and personalised advertising (including third parties).
    Legal basis: consent (withdrawable at any time).

4. How we process data and security

We process data using IT and telematic tools and adopt appropriate technical and organisational measures to protect data (access controls, backups, logging, anti-abuse measures).

5. Recipients (categories)

Data may be shared with processors or independent controllers, including:

  • Hosting/Infrastructure: ARUBA.
  • Payment providers: PayPal, Scalapay, Satispay.
  • Shipping and logistics: various couriers/logistics operators, including those selected by the supplier fulfilling the order.
  • IT vendors, maintenance, consultants: as needed.
  • Analytics/marketing/advertising tools: when enabled with consent (see Cookie Policy and cookie settings).

6. International transfers

Some providers (especially analytics/advertising) may process data outside the EEA. Where applicable, transfers rely on appropriate safeguards (e.g., Standard Contractual Clauses or adequacy decisions).

7. Retention

  • Support/contact: as needed to manage the request.
  • Orders/legal compliance (if applicable): for the time required by applicable laws.
  • Marketing/newsletter/remarketing: until consent is withdrawn or deletion is requested.
  • Technical/security logs: for a limited and proportionate period.

8. Your rights

You may exercise GDPR rights under Articles 15–22 (access, rectification, erasure, restriction, portability, objection) and withdraw consent at any time. Withdrawal does not affect lawfulness before withdrawal. You may also lodge a complaint with the competent supervisory authority.

Contact: info@andred.it or andrea.savarin@pec.it.

9. Cookies and tracking

We use necessary cookies and—subject to consent—preference, analytics and marketing tracking tools. You can change/withdraw choices at any time via the “Cookie settings” panel and by reading the Cookie Policy.

Cookie Policy: Read the Cookie Policy
Manage preferences: Open cookie settings

10. Changes to this notice

We may update this notice; the latest version will be published on this page with the “Last updated” date.