Privacy & Cookie Policy

Privacy & Cookie Policy




The purpose of this privacy notice is to ensure maximum transparency relating to personal data collected by this website and to explain how this information will be used.

In accordance with the obligations imposed by the European Regulation for the protection of personal data No. 679/2016 (GDPR), this site respects and safeguards the confidentiality of visitors and users and takes all possible and proportional steps not to prejudice the users’ rights.

This site does not carry advertisements; however, it may use third-party services for purposes of improving use of the site. 

This site is designed and adapted to safeguard users’ privacy as carefully as possible and to minimise the collection of personal data. 

For further information please read the complete information notice below.







The Data Controller for data collected through this site is IPE S.R.L., with registered office in ZOLA PREDOSA (BO), No. 1 VIA ENRICO MATTEI, postal Code 40069, Economic and Administrative Index BO – 484037, Tax Code 03007721206, VAT No. 03007721206. 
The Data Controller can be contacted at the following e-mail address:
This information notice is valid only for this website and not for any other website which may be viewed via links published on this site; the Data Controller is not deemed responsible in any way for such third-party sites.
Users are hereby informed that hosting of this site is provided by the company Rackspace, on a server based in the UK, in accordance with the GDPR


This site collects data in two ways


  • Through the collection of usage data which means information collected automatically though this Website (including through third-party applications integrated into this Website), through which: IP addresses or domain names of the computer used by the User to connect to the Website, URI addresses (Uniform Resource Identifier), time of request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (successful, error, etc.) the Country of origin, browser characteristics and the operating system used by the visitor, the various time details of the visit (for example the time spent on each page) and the details relative to the navigation carried out through the Application, with particular reference to the sequence of pages viewed, the parameters relating to the operating system and the User’s IT environment.
  • Through releasing cookies regarding which we request that you read our cookie policy at the end of this privacy policy.


  • Through the control panel of marketing cookies
  • When you subscribe to the newsletter or interact with our social medial buttons or when you access our e-boutique


As regards data voluntarily provided through the contact form, the legal basis is the existence of a contractual relationship or precontractual actions such as, for example, accessing our E-boutique.

In specific instances, data may be processed in fulfilment of a legal obligation.

In achieving the purpose for which data is collected, such data may also be retained where a legal obligation to do so exists or in the legitimate interests of the controller to re-contact the user to provide additional information in relation to correspondence between the parties or for purposes related to the security of the internet site.

Consent given when subscribing to the newsletter or managing non-necessary cookies or when interacting with our social media pages.

This site uses Google Analytics version GA4.

Compared with the previous version of Google Analytics, GA4 has introduced important implementations for the protection of personal data. With Google’s membership of the TADPF (Transatlantic Data Protection Framework) any transfer of personal data to the USA is deemed to be covered by the EU-USA agreement.


  • Contact form
    Is only for purposes of allowing visitors to the site to be contacted, when the data controller may wish to do so, by sending the relative form via e-mail. The purpose of the collection and processing of personal data is only to ensure contact with the user is through the details sent in the contact form to satisfy any requests in the message sent to the user. These types of services enable a contact database to be managed for communication with the User.
    These services permit the collection of data relating to the date and time of reading of messages by the User, such as the User’s interaction with the messages, and information on clicking on the links contained in the messages.
  • Subscription to the newsletter
    The purpose of these types of services is to enable the Data Controller to send users who are subscribed to the promotional or information notifications intended for clients. The Data Controller uses the MailChimp platform to send out the newsletter. The user has the right to exercise at any time the right not to receive further e-mails and to be deleted from the database of the Data Controller. To exercise such right (opt out) the user can send an e-mail to the e-mail address of the Data Controller.
  • Interaction with social media networks and external platforms 
    The purpose of these types of services is to enable the Data Controller to initiate interaction with social media networks, or other platforms, directly on the page of this Website. The interaction and the information acquired by this Website are in any case subject to the User’s privacy settings relating to each social media network. In the event that a service for interaction with social media networks is installed, it is possible that, even in circumstances where the User does not use the service, such service will collect data traffic relating to the page on which it is installed.
  • Statistics
    The purpose of such types of services is to enable the Data Controller to monitor and analyse data traffic and to keep track of User behaviour.
  • Google Analytics
    The purpose of such types of services is to enable the Data Controller and third parties to track and study the use of this Website, compile reports and share with other Google developmental services. The latter, namely Google, may use Personal Data to contextualise and personalise advertisements on its own advertising network.
  • Security
    Collecting data and information for purposes of safeguarding security of the site (antispam filters, firewall, virus detection) and Users, and to prevent or expose fraud or abuses damaging to the Website. The data are registered automatically and may even include any personal data (IP address) which may be used, in compliance with laws currently in force, for purposes of attempting to mitigate damage to the site itself or to cause harm to other users, or to activities which are harmful, or which constitute an offence. These data are not used for identifying or profiling the User and will be deleted periodically.


The manager appointed external to the processing of the web hosting provider, is the company Rackspace, with offices in the United Kingdom. The United Kingdom is a Country that complies with the GDPR.


Personal data will be retained, including in digital form, for a period of time no longer than necessary to achieve the purposes for which it was collected unless required by law or in the legitimate interests of the Data Controller which may prescribe a longer period of retention.

The Data Controller has adopted the appropriate safety measures to prevent the unauthorised access, disclosure, modification, or destruction of Personal Data. Processing is carried out using either IT and/or telematic and/or paper-based tools, via organisational means and for purposes strictly related to the objectives indicated.


Data collected by the site is not generally provided to third parties, except in specific circumstances and in particular for: a lawful request from the judicial authorities and only in circumstances permitted by law; to carry out security controls or for optimisation of the site.

Apart from the Data Controller, other persons involved I in the organisation of the Website may be able to access the data (administrative and legal personnel and system administrators) or external persons (such as providers of third-party technical services, mail couriers, hosting providers, IT companies, advertising agencies) appointed, when necessary, by the Data Protection Manager. The list updated by the manager can be requested from the Data Controller.


Processing is mainly carried out in the European Economic Area and in particular, in most cases, at the offices of the Data Controller of the personal data. 

Where it may become necessary to transfer the data outside the European Economic Area, this will be permitted only in the following instances:

  • when the transfer of personal data is intended for a third Country or international organisation which, in the opinion of the European Commission, guarantees a proper level of protection. This is already specified in the case of personal data transferred to the United States, which can be effected under the Transatlantic Data Protection Framework.
  • In the absence of a European Community decision, when such Country or international organisation provides adequate guarantees, and the interested parties may exercise their rights and may have recourse to appeal.
  • when transfer is necessary for the performance of a contract concluded between the interested party and the Co-Data Controllers or in carrying our pre-contractual activities, for example for the sending of a quotation or under a legal obligation.
  • Based on standard contractual clauses adopted by the Web Hosting Provider.
  • This site uses OLARK to allow the user to make initial contact with us. It should be noted that Olark managed by HABLA INC, based in San Francisco, was registered with the Privacy Shield and is committed to adopting security and organizational measures in order to be compliant with the European legislation on the protection of personal data (GDPR). To date, however, the company is not yet registered with the new Trans-Atlantic Data Privacy Framework (TADPF).


Users may exercise certain rights regarding the Data processed by the joint data controllers, as provided for under Articles 15, 16, 17, 18, 20, 21 of Regulation EU 679/2016.


The User has the right to:

  • revoke consent at any time. The User has the right to revoke consent previously provided to the processing of his/her own Personal Data.
  • object to the processing of his/her own Data. The User may object to the processing of his/her own Data when this takes place under a legal basis other than consent. Further details on the right to object are set out in the section below.
  • access his/her own Data. The User has the right to obtain information on his/her own Data processed by the Co-Data Controllers, on certain aspects of processing and to receive a copy of the Data processed.
  • verification and requesting rectification. The User may verify the accuracy of his/her own Data and request updating and correction.
  • obtain limitation on processing. Under certain circumstances, the User may request limitations on the processing of his/her own Data. In such instances, the Co-data Controllers will not process the Data for any other purposes or retain same.
  • obtain the deletion or removal of his/her own Personal Data. Under certain conditions the User may request the deletion of his/her Data by the Co-data Controllers.
  • receive his/her own Data or have it transferred to another Data Controller. The User has the right to receive his/her own Data in a structured format, commonly used and legible by automated devices and, where technically possible, obtain unrestricted transfer to other Data Controllers. This provision is applicable when the Data are processed using automatic means and processing is based on the consent of the User, under a contract to which the User is a party, or on contractual provisions related thereto.
  • lodge a complaint. The User may lodge a complaint to the competent authority for oversight of the protection of personal data or by approaching a competent court.


If it comes to the attention of the User that, where their Data could be processed for direct marketing purposes, he/she may object to such processing without providing any reason. To find out if the Data Controller is processing the data for direct marketing purposes, the User can refer to the relative sections in this document.


To exercise the rights of the interested party, Users may address a request to the e-mail address

The request will be processed free of charge in as short a time as possible, in any case within 30 days of such request.


 The Data Controller reserves the right to make amendments to this privacy policy at any time providing information to Users via this page. Please regularly consult this page, referring to the most recent amendment indicated at the bottom. In the absence of acceptance of the amendments to this Privacy Policy, the User is requested to stop using the Website and my ask the Data Controller to remover his/her Personal Data. Unless otherwise specified, the previous privacy policy will continue to be applicable to Personal Data from the date of collection.

Latest update 05.02.2024


Cookies or markers are small text files (actually information packages) which are automatically uploaded to the PC or DEVICE of the navigator within the browser (Google Chrome, Mozilla Firefox, Microsoft Edge, Safari etc. etc.) and automatically forwarded to the server each time the site is accessed thereafter.

These contain information based on navigation of the internet and are recognised by the browser each time the user visits the site.

This enables the site to monitor whether you have visited

These cookies in particular enable us to understand which pages of the site are most-visited to enable us to see which pages are visited and for how long.

Using this data, we can make the site more responsive to your needs and easier to navigate.

Cookies, in turn, fall into three categories:

  • Technical cookies: packages of information required to view the internet site. These cookies do not require consent by law.
  • Analytical cookies: these are treated by law in the same way as technical cookies and, thus, including in this instance, do not require consent; they may be site specific (used, for example, to know the number of pages visited in the site itself) or by third parties (namely, generated by other sites to provide content to the site visited by the user).
    In any case Users/visitors are able the prevent the use of Google Analytics and to block the related storage on their own device through the appropriate Browser extension to deactivate Google Analytics, made available by Google at the address
    To activate components which prevent the system from sending information on the visits of users/visitors simply install them following the instructions on the screen, close and re-open the Browser.
  • Profiling cookies: are aimed solely and exclusively at understanding the preferences of individual users to provide them with targeted content which may reasonably be of interest to them during navigation.

The list of cookies issued by this site can be found in the control panel which can be accessed using the relevant installed banner.

The more commonly used Browsers make it possible to exclusively block third party cookies.
To disable these types of cookies, follow the instructions provided on the following pages: 

Google Ireland Ltd

For information on the use of data and its processing by Google we recommend that you view the Google privacy information notice at the following page:

Specifically, this site uses Google Analytics version GA4: used to analyse site usage by users, compile reports on site activity and user behaviour, check on how frequently users visit the site, site tracking and which pages are visited most frequently.

This information is combined with information collected from other sites to create a comparative framework of site use as compared with other sites in the category.

Data collected by GA4: browser identifier, date and time of interaction with the site, originating page, IP address. Place of data processing: European Union and USA: anonymisation of the service is active.

When anonymised as is the case on this site, the Authority for the protection of data has clarified that this is equivalent to technical cookies and therefore does not require the user’s consent.

The data collected do not allow for personal identification of users and are not cross referenced with other information relating to the same person. 

The data are processed in aggregated and anonymised form (truncated to the last octet). Based on the relevant Data Processing Agreement (DPA) Google Ireland (processing manager) is prohibited from cross referencing such data with that received from other services, however the European Data Protection Supervisor has indicated that there is a possibility that Google can identify the user. 

For this reason if you consider this possibility to be unacceptable, please leave this site.

Further information on Google Analytics cookies can be found at the following page: Websites:

The user may selectively disable (opt-out) data collection by Google Analytics by installing on his/her own browser the relevant component provided by Google (opt out) downloadable from the following page:

  • Facebook Pixel (Meta Platforms Ireland Limited)
    Use of pixel tools to monitor conversations creates a JavaScript code added to the Website. This code is inserted into an image (pixel) on the Website which sends a message to Facebook when someone visits the site or carries out an action. When a person downloads the page in question, the code tells Facebook that a conversation has been started. Facebook then compares the conversation event with groups of persons who have viewed and/or clicked on the insertion, enabling it to provide the site owner with information to determine the return on its advertising investment. Monitoring conversations also helps to show insertions to other persons who may initiate conversations with Facebook.
    The user, through the relevant control panel, which is provided on this site, may choose to navigate the site by activating or deactivating the aforementioned cookies.
    For further information, please refer to the link shown below:
  • Social network buttons
    Social Network Buttons are buttons present on the site which depict the social networks and enable the User browsing the page to interact with the social platform directly with one click.
    The Social Network Buttons used by the site are links referring to the account of the data controller of the social network depicted. By using these buttons, however, third party cookies are not installed via the website. The Social Network Buttons used can be viewed on the site or via the link or the User may consult the relevant privacy notice concerning data management by the Social Networks to which the buttons direct the user.
  • Facebook Button (Meta Platforms Ireland Limited)
    The button is a means of interacting with the social profile (Facebook) of the data controller.
  • Youtube Button
    The button is a means of interacting with the social profile (Youtube) of the data controller.
  • Linkedin Button
    The button is a means of interacting with the social profile (Linkedin) of the data controller.
  • Pinterest Button
    The button is a means of interacting with the social profile (Pinterest) of the data controller.
  • Instagram
    The button is a means of interacting with the social profile (Instagram) of the data controller.
  • Place of processing: USA
  • Privacy Policy:Instagram:
  • Wechat Button
    The button is a means of interacting with the social profile (Wechat) of the data controller.
  • Other buttons for Chinese social platforms
    • Place of processing: CHINA
    • Privacy Policy: the user is hereby informed that China is not a Country which complies the GDPR and therefore, the same European standards are not guaranteed when navigating these platforms. Interested parties pressing on these buttons expressly give consent to browsing the aforementioned platforms.
  • Spotify
    The button is a means of interacting with the social profile (Spotify) of the data controller.
  • Whatsapp
    The button is a means of interacting with the social profile (Whatsapp) of the data controller.
  • Telegram
    The button is a means of interacting with the social profile (Telegram) of the data controller. Dubai is not considered a Country which complies with GDPR standards. The same therefore applies as already stipulated for platforms based in China.

The data controller for this site declines any responsibility as co-data controller as regards social platforms each time the user interacts with the aforementioned social networks by accessing the relative pages or accounts. In these circumstances, the third-party platform assumes the role of co-data controller. 

The site also uses the Vimeo platform: the platform, belonging to Vimeo Inc with registered offices in the USA, is used for video sharing. Cookies are downloaded on accessing the page containing the embed and starting the video and does not permit identification of the user unless logged in to a Vimeo profile.

Vimeo has joined the TADPF (Transatlantic Data Protection Framework).

This information notice was updated on 05.02.2024