Privacy Policy

Data Protection Memo

This page describes how to manage the Internet site In reference to the processing of personal data of users.

The Data Controller
The Controller of the personal data relating to identified or identifiable persons processed after browsing our site is SPEZIERIE PALAZZO VECCHIO DOTT.GIOVANNI DI MASSIMO E C. SAS Sede Legale: Via Vacchereccia 9r, 50122 Firenze, and Via Magenta 6a rosso, 50123 Firenze, Partita IVA 04500110483, Iscrizione Registro Imprese FI 04500110483

What data do we collect
Categories of personal Data that we collect Are:
Name Surname Shipping and billing address, email address, phone number, Information about purchases of products, information on the use of our website, communications exchanged with us or addressed to us through letters, e-mails, phone calls and social media.

Place and purpose of the data processing
Processing connected with web services provided by is carried out at SPEZIERIE PALAZZO VECCHIO DOTT.GIOVANNI DI MASSIMO E C. SAS place of business with content handled by its employees/consultants.
No data deriving from the Web service is communicated or circulated to third parties. 
Personal data provided by users submitting service requests are only used for the purpose of executing the service or performance required and are not communicated to third parties unless the communication is imposed by statutory obligations or is strictly necessary for fulfillment of requests. 
We use the information provided by the user to
a)      To carry out the services required in relation to the purchase of the products
b)     Contact the user in case of communications regarding the products requested or the shipment thereof. These communications have no marketing purpose
c)      Make statistics or to respond to a complaint
d)     Manage our relationship as our client and to improve our services and improve the user experience with us;
e)      Perform technical support operations

How we inform you of the treatment and how we acquire the consent
Consent is required during the registration or order process for unregistered users.  The customer must check the consent box in order to continue.
During the registration the customer can also check the subscription to the newsletter if they wish. For non-registered users you can subscribe to the newsletter by supplying Your Email On the site.

How we manage the rights of stakeholders
Registered customers Can change their data at any time. May request the deletion of their data by writing to

What are the retention times
The data is maintained until the customer asks for it to be deleted

Browsing data
Under normal circumstances, the computer systems and software procedures used to operate this website acquire certain personal details whose transmission when using Internet communication protocols is implied. This information is not collected in order to be associated with identified interested parties, but its very nature could allow users to be identified by way of processing and association with data held by third parties. This type of data includes the IP addresses or domain names of computers used by site visitors, URI (Uniform Resource Identifier) addresses of requested resources, time of request, method used to submit the request to the server, size of the file obtained in response, numeric code indicating the status of the reply given by the server (success, error, etc.) and other parameters relating to the user’s operating system and environment. This data is used for the sole purpose of obtaining anonymous statistical information regarding use of the site, as well as checking its correct operation, and is immediately deleted after processing. Data could be used to ascertain responsibility in the event of suspected cybercrimes against the site.

Data voluntarily provided by users
The optional, express and voluntary sending of e-mails to the addresses specified on this website will result in acquisition of the sender’s address, this being needed to answer the request made, and any other personal data included in the message. Abridged data protection memos will gradually appear on website pages offering special services.

A cookie is a packet of text that is stored on a computer’s hard drive only after permission has been granted. Cookies are designed to speed up web traffic analysis or record visits to a specific site and allow web applications to send information to individual users. The website acquires no data about its users. No use is made of either cookies for the transfer of personal details or any kind of so-called persistent cookie used to track users’ browsing

Security measures
Personal data is processed by automated computer systems for the time required to achieve the purpose for which it was collected.
Specific security measures are implemented in order to prevent data loss, unlawful or improper use and unauthorized access.