The purpose of this document is to inform the natural person (hereinafter “Data Subject”) about the processing of his/her personal data
(hereinafter “Personal Data”) collected by the data controller, Glass MaDe di Perera Denis e Maya Lapp, with registered oce in via
Montalban 4, 32100 Belluno, Tax Code/VAT No. 01123840256, e-mail address info@ecoaperolspritz.com, (hereinafter “Data Controller”),
via the website www.ecoaperolspritz.com (hereinafter “Application”).
Changes and updates will be eective as soon as they are published on the Application. In case of non-acceptance of the changes made
to the Privacy Policy, the Data Subject shall stop using this Application and may ask the Data Controller to delete his/her Personal Data.
1. Categories of Personal Data processed
The Data Controller processes the following types of Personal Data voluntarily provided by the Data Subject:
Contact Data: rst name, last name, address, e-mail address, phone number, pictures, authentication credentials, any further
information sent by the Data Subject, etc.
Fiscal and payment Data: tax code, VAT number, credit card data, bank account details, etc.
If the Data Subject decides not to provide Personal Data for which there is a legal or contractual obligation, or if such data is a
necessary requirement for the conclusion of the contract with the Data Controller, it will be impossible for the Data Controller to
establish or continue any relationship with the Data Subject.
The Data Subject who communicates Personal Data of third parties to the Data Controller is directly and exclusively liable for their
origin, collection, processing, communication or divulgation.
2. Cookies and similar technologies
The Application uses cookies, web beacons, univocal identiers and other similar technologies to collect the Data Subject's
Personal Data on visited pages and links and other actions performed during the use of the Application. This data is stored and
then used the next time the interested party browses the Application. The full Cookie Policy can be viewed at the following
address: www.ecoaperolspritz.com/cookie-policy
3. Legal basis and purpose of data processing
The processing of Personal Data is necessary:
a. for the performance of the contract with the Data Subject and especially:
1. fulfillment of any obligation arising from the pre-contractual or contractual relationship with the Data Subject
2. registration and authentication of the Data Subject: to allow the Data Subject to register in the Application, to access it
and to be identified in it, also via external platforms
3. support and contact with the Data Subject: to answer the Data Subject's requests
4. management of payment: to manage payments by credit card, bank transfer or other methods
b. for legal obligations and especially:
1. the fullment of any obligation provided for by the applicable norms, laws and regulations, in particular, on tax and
fiscal matters
c. for the legitimate interest of the Data Controller, for:
1. security and anti-fraud: to guarantee the security of the Data Controller’s assets, infrastructures and networks
The Data Subject's Personal Data may also be used by the Data Controller to protect itself in judicial proceedings before the
competent courts.
4. Data processing methods and receivers of Personal Data
The processing of Personal Data is performed via paper-based and computer tools with methods of organization and logics strictly
related to the specified purposes and through the adoption of appropriate security measures.
Personal Data are processed exclusively by:
persons authorized by the Data Controller to process Personal Data who have committed themselves to condentiality or have
an appropriate legal obligation of confidentiality;
subjects that operate independently as separate data controllers or by subjects designated as data processors by the Data
Controller in order to carry out all the processing activities necessary to pursue the purposes set out in this policy (for example,
business partners, consultants, IT companies, service providers, hosting providers);
subjects or bodies to whom it is mandatory to communicate Personal Data by law or by order of the authorities.
The subjects listed above are required to use appropriate measures and guarantees to protect Personal Data and may only access
data necessary to perform their duties.
Personal Data will not be indiscriminately shared in any way.
5. Place
Personal Data will not be transferred outside the territory of the European Economic Area (EEA).
6. Personal Data storage period
Personal Data will be stored for the period of time that is required to fulfill the purposes for which it was collected. In particular:
for purposes related to the execution of the contract between the Data Controller and the Data Subject, will be stored for the
entire duration of the contractual relationship and, after termination, for the ordinary prescription period of 10 years. In the
event of legal disputes, for the entire duration of such disputes, until the time limit for appeals has expired
for purposes related to legitimate interests of the Data Controller, they will be stored until the fulfilment of such interest
in compliance with legal obligations, by order of an authority and for legal protection, they shall be stored according to the
relevant timeframes provided for by such obligations, regulations and, in any case, until the expiry of the prescriptive term
provided for by the rules in force
for purposes based on the consent of the Data Subject, they will be stored until the consent is revoked
At the end of the conservation period, all Personal Data will be deleted or stored in a form that does not allow the identication of
the Data Subject.
7. Rights of the Data Subject
Data Subjects may exercise specic rights regarding the Personal Data processed by the Data Controller. In particular, the Data
Subject has the right to:
be informed about the processing of their Personal Data
withdraw consent at any time
restrict the processing of his or her Personal Data
object to the processing of their Personal Data
access their Personal Data
verify and request the rectification of their Personal Data
restrict the processing of their Personal Data
obtain the erasure of their Personal Data
transfer their Personal Data to another data controller
file a complaint with the Personal Data protection supervisory authority and/or take legal action.
In order to use their rights, Data Subjects may send a request to the following e-mail address info@ecoaperolspritz.com. Requests
will be immediately treated by the Data Controller and processed as soon as possible, in any case within 30 days.
Last update: 06/06/2022
(hereinafter “Personal Data”) collected by the data controller, Glass MaDe di Perera Denis e Maya Lapp, with registered oce in via
Montalban 4, 32100 Belluno, Tax Code/VAT No. 01123840256, e-mail address info@ecoaperolspritz.com, (hereinafter “Data Controller”),
via the website www.ecoaperolspritz.com (hereinafter “Application”).
Changes and updates will be eective as soon as they are published on the Application. In case of non-acceptance of the changes made
to the Privacy Policy, the Data Subject shall stop using this Application and may ask the Data Controller to delete his/her Personal Data.
1. Categories of Personal Data processed
The Data Controller processes the following types of Personal Data voluntarily provided by the Data Subject:
Contact Data: rst name, last name, address, e-mail address, phone number, pictures, authentication credentials, any further
information sent by the Data Subject, etc.
Fiscal and payment Data: tax code, VAT number, credit card data, bank account details, etc.
If the Data Subject decides not to provide Personal Data for which there is a legal or contractual obligation, or if such data is a
necessary requirement for the conclusion of the contract with the Data Controller, it will be impossible for the Data Controller to
establish or continue any relationship with the Data Subject.
The Data Subject who communicates Personal Data of third parties to the Data Controller is directly and exclusively liable for their
origin, collection, processing, communication or divulgation.
2. Cookies and similar technologies
The Application uses cookies, web beacons, univocal identiers and other similar technologies to collect the Data Subject's
Personal Data on visited pages and links and other actions performed during the use of the Application. This data is stored and
then used the next time the interested party browses the Application. The full Cookie Policy can be viewed at the following
address: www.ecoaperolspritz.com/cookie-policy
3. Legal basis and purpose of data processing
The processing of Personal Data is necessary:
a. for the performance of the contract with the Data Subject and especially:
1. fulfillment of any obligation arising from the pre-contractual or contractual relationship with the Data Subject
2. registration and authentication of the Data Subject: to allow the Data Subject to register in the Application, to access it
and to be identified in it, also via external platforms
3. support and contact with the Data Subject: to answer the Data Subject's requests
4. management of payment: to manage payments by credit card, bank transfer or other methods
b. for legal obligations and especially:
1. the fullment of any obligation provided for by the applicable norms, laws and regulations, in particular, on tax and
fiscal matters
c. for the legitimate interest of the Data Controller, for:
1. security and anti-fraud: to guarantee the security of the Data Controller’s assets, infrastructures and networks
The Data Subject's Personal Data may also be used by the Data Controller to protect itself in judicial proceedings before the
competent courts.
4. Data processing methods and receivers of Personal Data
The processing of Personal Data is performed via paper-based and computer tools with methods of organization and logics strictly
related to the specified purposes and through the adoption of appropriate security measures.
Personal Data are processed exclusively by:
persons authorized by the Data Controller to process Personal Data who have committed themselves to condentiality or have
an appropriate legal obligation of confidentiality;
subjects that operate independently as separate data controllers or by subjects designated as data processors by the Data
Controller in order to carry out all the processing activities necessary to pursue the purposes set out in this policy (for example,
business partners, consultants, IT companies, service providers, hosting providers);
subjects or bodies to whom it is mandatory to communicate Personal Data by law or by order of the authorities.
The subjects listed above are required to use appropriate measures and guarantees to protect Personal Data and may only access
data necessary to perform their duties.
Personal Data will not be indiscriminately shared in any way.
5. Place
Personal Data will not be transferred outside the territory of the European Economic Area (EEA).
6. Personal Data storage period
Personal Data will be stored for the period of time that is required to fulfill the purposes for which it was collected. In particular:
for purposes related to the execution of the contract between the Data Controller and the Data Subject, will be stored for the
entire duration of the contractual relationship and, after termination, for the ordinary prescription period of 10 years. In the
event of legal disputes, for the entire duration of such disputes, until the time limit for appeals has expired
for purposes related to legitimate interests of the Data Controller, they will be stored until the fulfilment of such interest
in compliance with legal obligations, by order of an authority and for legal protection, they shall be stored according to the
relevant timeframes provided for by such obligations, regulations and, in any case, until the expiry of the prescriptive term
provided for by the rules in force
for purposes based on the consent of the Data Subject, they will be stored until the consent is revoked
At the end of the conservation period, all Personal Data will be deleted or stored in a form that does not allow the identication of
the Data Subject.
7. Rights of the Data Subject
Data Subjects may exercise specic rights regarding the Personal Data processed by the Data Controller. In particular, the Data
Subject has the right to:
be informed about the processing of their Personal Data
withdraw consent at any time
restrict the processing of his or her Personal Data
object to the processing of their Personal Data
access their Personal Data
verify and request the rectification of their Personal Data
restrict the processing of their Personal Data
obtain the erasure of their Personal Data
transfer their Personal Data to another data controller
file a complaint with the Personal Data protection supervisory authority and/or take legal action.
In order to use their rights, Data Subjects may send a request to the following e-mail address info@ecoaperolspritz.com. Requests
will be immediately treated by the Data Controller and processed as soon as possible, in any case within 30 days.
Last update: 06/06/2022