Privacy Policy

Model IS01-18
Privacy Notice for the Processing of Personal Data(Pursuant to Articles 13 and 14 of EU Regulation No. 679/2016 – GDPR)

Introduction
This privacy notice is addressed to all users who visit and interact with the e-commerce website of VALERISPORT srl, hereinafter referred to as the “web store” or “e-shop,” where it is possible to purchase products online.
Dear Visitor, VALERISPORT srl, with registered office at Via Padova 44, 31041 Cornuda (TV), Italy, VAT and Tax Code 04143360263, as the “Data Controller”, hereby informs you, pursuant to Articles 13 and 14 of EU Regulation No. 679/2016 (hereinafter, the “GDPR”), that your personal data will be processed as described below:

1. Object of Processing
The Data Controller informs you that your personal data – such as your name, surname, company name, address, phone number, email, bank and/or payment references, etc. (hereinafter referred to as “personal data” or “data”) – collected verbally, through third parties, or directly from you in the past or future, may be processed in compliance with the GDPR.
The legal basis for processing is the execution of a contract or pre-contractual measures (e.g., preparing an offer) requested by you (Art. 6 of the GDPR).
The term “processing” includes any operation or set of operations performed on personal data, such as collection, recording, organization, storage, consultation, alteration, selection, retrieval, comparison, use, interconnection, blocking, communication, dissemination, destruction.

2. Legal Basis and Purposes of Processing
Legal Basis: EU Regulation 679/2016

A) Without your express consent (Art. 6 letters b), c), e) of the GDPR), for the following purposes:

  • To manage access to the e-shop and facilitate the purchase of products online;
  • To allow registration and conclusion of purchase contracts via the e-shop;
  • To fulfill pre-contractual, contractual, and tax obligations;
  • To allow access and navigation of the e-shop (with or without login);
  • To maintain and manage your account;
  • To store your data in your user profile (e.g., personal details, order history, preferred billing/shipping
    addresses);
  • To enable you to add products to your cart and complete purchases;
  • To fulfill contractual obligations such as product delivery and payment processing;
  • To provide general assistance and customer service;
  • To comply with legal, regulatory, or authority requirements (e.g., anti-money laundering);
  • To exercise the Data Controller’s rights, including legal defense;
  • For general administration (invoicing, document handling);
  • Credit management;
  • Statistical analysis and quality control;
  • Insurance-related activities;
  • Technical support.

Additionally, your data may be processed for:

  • Technical and functional access to the website (no data is retained after the browser is closed);
  • Advanced browsing purposes or personalized content management;
  • Navigation and user analysis/statistical purposes.

B) Only with your specific and explicit consent (Art. 7 GDPR), for the following purposes:

  • To send newsletters, promotional materials, and satisfaction surveys via email, post, SMS, or phone
    calls;
  • To send promotional messages from third parties (e.g., business partners).

3. Processing Methods
Your personal data is processed using the operations defined in Art. 4, no. 2 of the GDPR, including collection, recording, organization, storage, adaptation, consultation, use, communication, comparison, restriction, deletion, and destruction.
Processing may be carried out using paper, electronic, or automated systems, ensuring appropriate
security and confidentiality.

4. Data Retention Period
The Data Controller will retain your data for the time necessary to fulfill the purposes above and in accordance with legal obligations (e.g., until product delivery or contract resolution in case of failure).
Data for marketing purposes will be kept for up to 2 years, and profiling data for up to 1 year, unless consent is withdrawn earlier.
An annual review will be conducted to assess the necessity of retention.

5. Access to Data
Your data may be accessible for the purposes under Sections 2.A and 2.B:

  • To employees, collaborators, and system administrators of the Data Controller in Italy and abroad;
  • To external parties (data processors) performing outsourced services, such as lawyers,accountants, auditors, IT providers, insurers, financial institutions, public authorities, market
    research consultants, customs agents, etc.

A full list of such recipients is available at our registered office.

6. Data Disclosure
Without requiring consent (Art. 6, letters b) and c) GDPR), your data may be disclosed to supervisory bodies, judicial authorities, insurers, and others as required by law. These entities will act as independent data controllers.
During and after navigation, your data may be shared with third parties, including:

  • Google: for advertising, content personalization, analytics, and optimization.
    Your data will not be publicly disseminated.

7. Data Transfer
Personal data is stored on devices located at the Controller’s premises or on servers within the European Union.
If necessary, data may also be transferred to non-EU countries, in compliance with applicable laws and standard contractual clauses as provided by the European Commission.
Data may also be transferred to the United States and EU countries for navigation or cookie purposes.
You can control cookie settings through your browser to prevent unwanted tracking or storage.

8. Nature of Data Provision and Consequences of Refusal
Providing data for the purposes in Section 2.A is mandatory. Refusal will prevent us from providing the related services (e.g., concluding a purchase on the e-shop).
Providing data for Section 2.B purposes is optional. Refusal will prevent you from receiving marketing communications but will not affect access to the services in Section 2.A.

9. Data Subject Rights
As a data subject, you have the rights set out in Article 15 of the GDPR, including the right to:

  • Confirm the existence of personal data processing;
  • Access information on purposes, data categories, recipients, storage periods, and data origin;
  • Request rectification, deletion, restriction, or objection to processing;
  • File a complaint with the Data Protection Authority;
  • Be informed about data transfers outside the EU;
  • Receive a copy of your personal data (fees may apply for multiple copies).
  • You may also exercise rights under Articles 16–22, including:
  • Right to rectification, erasure, restriction, data portability, and objection;
  • Right to withdraw consent at any time without affecting the lawfulness of prior processing.

10. Exercising Your Rights
You may exercise your rights at any time by contacting us via:


11. Minors
The services offered by the Data Controller are not intended for individuals under the age of 18. If minor data is inadvertently collected, it will be deleted promptly upon request.

12. Personal Data Not Collected Directly from the Data Subject
If VALERISPORT srl has received your data from a third party (e.g., as a joint or external data processor under contract), it will take reasonable steps to ensure you have been informed and have given consent.

13. Data Controller and Processors
Data Controller: VALERISPORT srl Represented by the legal representative Tel: +39 0423 569484
Email: amministrazione@valerisport.it
A complete list of authorized personnel and external processors is available at the registered office.

14. Cookies
Cookies are text files automatically saved on the user’s device during navigation. They enhance user experience by storing preferences.

Types of cookies used:

  • Technical cookies: Required for website functionality (e.g., PHPSESSID);
  • Reserved area cookies: Remember username and password for secure areas;
  • Mobile browsing cookies: Detect and adjust for the user’s device;
  • E-shop cookies: Track shopping activity and recover past orders;
  • Third-party cookies (e.g., Google Analytics): Used to generate statistical reports and user profiles
    (e.g., age, gender, interests).