No products in the basket. (0)

X

Privacy Policy

Last updated: [Date]

1. Data Controller

Cantine Goretti [Complete Address] Email: [email] Phone: [phone number]

2. Types of Data Collected

We collect and process the following personal data:

2.1 Data provided directly by you:

  • Identification data: name, surname, date of birth
  • Contact details: email address, telephone number, postal address
  • Billing information: billing address, VAT number, tax code
  • Payment data: payment method information (processed securely by our payment providers like stripe and paypal)
  • Account data: username, password (encrypted)

2.2 Data collected automatically:

  • Navigation data: IP address, browser type, device information, pages visited, time spent on site
  • Cookies: see our Cookie Policy for details

3. Purposes of Processing and Legal Basis

We process your personal data for the following purposes:

3.1 Contract execution (Art. 6(1)(b) GDPR):

  • Processing and fulfilling wine orders and experience bookings
  • Managing customer accounts
  • Customer service and communication regarding your orders
  • Delivery and logistics management

3.2 Legal obligation (Art. 6(1)(c) GDPR):

  • Issuing invoices and tax documentation
  • Accounting obligations
  • Compliance with legal and regulatory requirements

3.3 Legitimate interest (Art. 6(1)(f) GDPR):

  • Fraud prevention and security
  • Website improvement and analytics
  • Internal administrative purposes

3.4 Consent (Art. 6(1)(a) GDPR):

  • Marketing communications (newsletter, promotional offers)
  • Profiling for personalized recommendations
  • Use of non-essential cookies

You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

4. Data Retention

We retain your personal data for the following periods:

  • Order and billing data: 10 years (tax and accounting obligations)
  • Account data: until account deletion is requested
  • Marketing data: until consent is withdrawn
  • Navigation data: 24 months
  • CCTV footage (if applicable during winery visits): 30 days

5. Data Sharing

We may share your data with:

5.1 Service providers:

  • Payment processors
  • Shipping and logistics companies
  • IT service providers and hosting
  • Marketing and analytics providers
  • Booking management platforms

5.2 Legal obligations:

  • Tax authorities
  • Law enforcement when legally required
  • Legal and professional advisors

All third parties are contractually bound to protect your data in compliance with GDPR.

6. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). In such cases, we ensure adequate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions
  • Privacy Shield certification (where applicable)

7. Your Rights

Under GDPR, you have the following rights:

  • Right of access (Art. 15): obtain confirmation of data processing and a copy of your data
  • Right to rectification (Art. 16): correct inaccurate or incomplete data
  • Right to erasure (Art. 17): request deletion of your data (“right to be forgotten”)
  • Right to restriction (Art. 18): limit how we use your data
  • Right to data portability (Art. 20): receive your data in a structured, machine-readable format
  • Right to object (Art. 21): object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent (Art. 7(3)): withdraw consent at any time
  • Right not to be subject to automated decision-making (Art. 22): including profiling

To exercise your rights, contact us at: [email]

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali): www.garanteprivacy.it

8. Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

  • SSL/TLS encryption for data transmission
  • Secure servers and databases
  • Access controls and authentication
  • Regular security assessments
  • Staff training on data protection

9. Cookies

Our website uses cookies. For detailed information, please see our Cookie Policy.

10. Marketing Communications

With your consent, we may send you:

  • Newsletters about our wines and products
  • Promotional offers and discounts
  • Information about events and experiences
  • Wine recommendations based on your preferences

You can unsubscribe at any time by:

  • Clicking the unsubscribe link in our emails
  • Contacting us at [email]
  • Managing preferences in your account settings

11. Minors

Our services are not intended for persons under 18 years of age. We do not knowingly collect data from minors. In accordance with Italian law, wine purchases and alcohol-related experiences are restricted to adults.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated revision date. Significant changes will be communicated via email or prominent notice on our website.

13. Contact Us

For questions about this Privacy Policy or to exercise your rights, contact:

Data Protection Officer (if applicable) Cantine Goretti [Address] Email: [email] Phone: [phone number]

By using our website and services, you acknowledge that you have read and understood this Privacy Policy.

payment methods