Privacy policy
Dear User, Thank you for choosing to visit the Bottega Da Ponte website. Your privacy is an absolute priority for us, and we are committed to constantly protecting your personal information.
This Privacy Policy transparently explains how we collect, use, store, disclose, and protect your data when you use our Website and our services. We invite you to read this policy carefully to fully understand our practices regarding the management of your personal data.
1. DATA CONTROLLER
Bottega Da Ponte di Laura Zorzan, with registered office in Via Ciro Menotti 16, 36061 Bassano del Grappa (VI), P.IVA 04350510246, REA VI-398076 (hereinafter "Bottega Da Ponte" or "Controller"), manages the website https://bottegadaponte.it (hereinafter the "Website") in full compliance with Italian and European data protection regulations, in particular European Regulation no. 2016/679 (GDPR). Controller's contact email: info@bottegadaponte.it
2. TYPE OF DATA COLLECTED AND PURPOSES OF PROCESSING
We collect personal information voluntarily provided by the user during website navigation, account creation, contact form completion, or during the execution of a purchase order.
Collected data include:
-
Identification and contact data such as name, surname, email address, and phone number.
-
Shipping and billing data such as delivery address, billing address, and tax code if strictly necessary or requested by the user.
-
Payment data, i.e., financial information necessary to finalize the purchase, managed in an encrypted and secure manner directly through the Shopify Payments platform and authorized payment circuits.
-
Data related to returns and withdrawals, i.e., information entered by the user in the dedicated returns portal accessible in the Website footer (order number, email address, reason for return), necessary for processing the request for both registered and guest users.
Personal data is processed for the following purposes:
-
Execution of the contract or pre-contractual measures for the management and processing of purchase orders, product shipment, customer assistance, and management of return and withdrawal requests through the dedicated portal.
-
Fulfillment of legal obligations in compliance with tax, accounting, and current regulations concerning e-commerce and consumer protection.
-
Direct marketing, with explicit consent, for sending newsletters, commercial communications, offers, and promotions via email or automated systems provided by the marketing functionalities of the Shopify platform.
-
Legitimate interest for Website security, fraud prevention, and optimization of the browsing experience.
3. DATA RETENTION PERIOD
Personal data is retained only for the time strictly necessary to achieve the purposes for which it was collected and to fulfill legal obligations.
In particular, the following periods apply:
-
Data related to orders and invoicing are kept for 10 years from the date of the transaction, in accordance with Italian tax and civil law obligations.
-
User account data is maintained until an explicit deletion request by the user.
-
Data collected for marketing purposes are kept until consent is revoked or the user unsubscribes.
4. COOKIES AND TRACKING TECHNOLOGIES
The Website uses cookies and similar technologies, both first-party and third-party, to optimize the e-commerce platform's functionality, analyze traffic in aggregate form, and personalize marketing campaigns. Profiling and third-party cookies are not activated without explicit consent provided by the user through the specific information banner.
The types of cookies used include:
-
Technical and functional cookies that are essential for navigation and for using the basic e-commerce functions, such as storing the shopping cart or accessing the reserved area. These do not require user consent.
-
Analytical and statistical cookies, such as Google Analytics, Google Tag Manager, and Microsoft Clarity, used to understand how users interact with the Website in order to improve its performance.
-
Marketing and profiling cookies, such as Meta Pixel or Google Ads, used to display relevant and personalized advertisements on external platforms.
The user can manage, modify, or revoke their cookie preferences at any time directly through the privacy control center accessible in the Website footer.
5. THIRD-PARTY SERVICES AND E-COMMERCE PLATFORM
The Website is developed and hosted on the Shopify e-commerce platform, provided by Shopify International Limited. User data is therefore stored on Shopify's secure servers, which operates in compliance with the GDPR.
For operational activities, personal data may be communicated to qualified third parties who operate as data processors or independent data controllers:
-
Shopify Payments for the native and protected management of online payment transactions.
-
Shopify Email or Shopify Marketing for sending and managing commercial communications and newsletters on the Website.
-
Couriers and shippers such as InPost or UPS for logistics, product delivery, and communication of tracking numbers.
-
Google, Meta, and Microsoft (via the Clarity tool) for statistical traffic analysis services and for managing online advertising campaigns.
-
WhatsApp, if activated by the user, for providing instant messaging and direct support services.
Where suppliers or partners are based outside the European Economic Area, data transfer occurs only in the presence of adequate safeguards, such as Standard Contractual Clauses approved by the European Commission.
6. DATA SECURITY
Bottega Da Ponte adopts appropriate technical and organizational security measures to protect users' personal data from unauthorized access, alteration, destruction, accidental loss, or unlawful disclosure. Payment transactions and data transmission within the Website occur via secure SSL or HTTPS encryption protocols.
7. USER RIGHTS
In accordance with articles 15-22 of the GDPR, the user can exercise the following rights at any time:
-
Right to access their personal data and receive a copy thereof.
-
Right to rectification, update, or integration of inaccurate data.
-
Right to erasure of data or right to be forgotten, if there are no longer legal retention obligations.
-
Right to restriction of processing or opposition to it for legitimate reasons.
-
Right to data portability in a structured, commonly used, and machine-readable format.
-
Right to withdraw consent given for marketing purposes at any time.
-
Right to lodge a complaint with the Garante per la Protezione dei Dati Personali (Italian Data Protection Authority).
To exercise their rights, the user can send a written request to the email address info@bottegadaponte.it. The Controller will respond to the request within the legal timeframe of 30 days.
8. DATA MANAGEMENT THROUGH THE CUSTOMER ACCOUNT AND RETURNS PORTAL
Users who have registered can view, modify, or request the deletion of their personal data by directly accessing their reserved area on the Website.
Furthermore, both registered and guest users can manage data strictly related to withdrawal procedures by submitting requests through the simplified returns portal available in the Website footer, which will process the data for the time strictly necessary to define the return process.
9. CHANGES TO THIS PRIVACY POLICY
The Controller reserves the right to modify or update this Privacy Policy at any time, also in consideration of legislative changes or the implementation of new functionalities on the Website. The changes will be binding from the moment of their publication. Users are invited to consult this page regularly to check for any updates.
10. CONTACTS
For any questions, clarifications, or requests for information regarding this Privacy Policy and the processing of personal data, you can contact the Controller directly at the email address info@bottegadaponte.it.
Last updated: June 19, 2026