Privacy Policy for osteriallantica.com

1. Introduction

At Osteria L’Antica (“we,” “us,” or “our”), accessible via osteriallantica.com, we are fully committed to protecting your privacy and ensuring the security of your personal data. We recognize the trust you place in us when you provide your personal information and are dedicated to safeguarding it in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your information while you interact with our website and services.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data collected through your use of osteriallantica.com and any related channels of communication. Osteria L’Antica acts as the data controller for the personal data collected through the website, meaning we determine the purposes and means of processing such data. For any inquiries regarding our data practices, you may contact us at [email protected].

3. Categories of Data Processed

We collect and process various categories of personal data to provide and improve our services:

– Usage Data: Includes information about how you use our website, such as IP address, browser type and version, geographical location, referral source, length of visit, pages visited, and navigation behavior.

– Account Data: Pertains to information you provide when you create an account or place an order, such as your name, billing and shipping address, email address, and phone number.

– Profile Data: Encompasses preferences, interests, purchase history, and behavior relevant to personalizing your experience on osteriallantica.com.

– Communication Data: Involves correspondence sent to or received from us, including customer support requests, feedback, and interaction history.

– Technical Data: Includes device information, operating system, network identifiers, browser plug-ins, screen resolution, and system configurations.

– Transaction Data: Covers information related to financial transactions, such as order history, payment details (processed securely by third-party providers), and delivery particulars.

– Preference Data: Contains information regarding your marketing and cookie preferences, subscription status, and product interest indicators.

4. Legal Bases for Processing

We process your personal data lawfully on the following bases:

– Contractual Necessity: To fulfill our obligations when you make purchases or place orders.

– Legitimate Interest: For improving services, preventing fraud, securing our systems, and conducting direct marketing (where permissible).

– Consent: For marketing communication, non-essential cookie use, and other purposes requiring your express approval.

– Legal Obligation: Where necessary to comply with applicable laws or regulatory requirements.

5. Your Rights

In accordance with GDPR and CCPA, you have the following rights regarding your personal data:

– Right of Access: To request a copy of the personal data we hold about you.

– Right to Rectification: To request correction of inaccurate or incomplete data.

– Right to Erasure (“Right to be Forgotten”): To request deletion of your data, subject to legal exceptions.

– Right to Restriction: To limit the processing of your data in certain circumstances.

– Right to Data Portability: To receive your data in a structured, commonly used format and transmit it to another controller.

– Right to Object: To object to processing based on our legitimate interests or for direct marketing purposes.

– Right Not to Be Discriminated Against: Under the CCPA, you are entitled to equal service and pricing even if you exercise your privacy rights.

To exercise your rights, please contact us at [email protected].

6. Security Measures

We implement appropriate technical and organizational security measures to ensure a level of security appropriate to the risk, including:

– Data encryption during transmission and storage
– Role-based access control and authentication mechanisms
– Encrypted backups and disaster recovery protocols
– Regular staff training on data protection and privacy obligations

7. International Transfers

Your personal data may be transferred and stored outside your jurisdiction, including to countries that may not provide the same level of data protection. When we transfer data internationally, we rely on approved standard contractual clauses or other legally recognized mechanisms to ensure your data receives equivalent protection.

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, and as required to comply with legal, tax, or regulatory obligations.

– Account and Transaction Data: Retained for up to seven years for accounting and compliance purposes.
– Communication and Support Data: Retained for up to three years to resolve disputes and improve services.
– Marketing and Preference Data: Retained for two years unless you withdraw consent earlier.

Upon expiration of the retention period, data is securely deleted or anonymized.

9. Cookie Policy

Our website uses cookies and similar technologies to improve functionality, personalize content, provide social media features, and analyze web traffic. Cookies fall into the following categories:

– Essential Cookies: Necessary for the core functionality of the website.
– Functional Cookies: Enable enhanced features and customization.
– Performance Cookies: Collect data on how visitors use the site for optimization.
– Analytics Cookies: Help us understand user behavior through third-party tools (e.g., Google Analytics).
– Marketing Cookies: Used to deliver targeted advertisements and measure their effectiveness.

10. Cookie Management and Compliance

You can manage your cookie preferences through our cookie consent banner or adjust your browser settings to block or delete cookies. By using osteriallantica.com, you consent to the placement of cookies as described unless you opt out.

Under GDPR and CCPA, you also have the right to:

– Opt out of non-essential cookies.
– Withdraw consent at any time.
– Prevent the sale or sharing of your personal data via cookies.

11. Special Protections for Children

We do not knowingly collect personal information from children under the age of 13. If we learn that we have obtained such information inadvertently, we will promptly delete it. Parents or guardians who believe their child has submitted personal data without consent should contact us at [email protected].

12. Policy Updates and Notifications

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. We encourage users to review the policy periodically for updates. When material changes are made, we may notify you via email or a notice posted on osteriallantica.com.

13. Contact Information

If you have any questions, complaints, or concerns about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]

We are committed to full compliance with the GDPR, CCPA, and all relevant data protection frameworks. Please reach out to us if you have any privacy-related concerns or wish to exercise any of your rights.