Who we are
In this section it is necessary to report the URL of the site, as well as the name of the company, of the organization or the individual behind it and some accurate contact information.
The amount of information that may be required for submission will vary based on local or national company regulations. For example, it may be mandatory to display a physical address, a registered address or company registration number.
Suggested text:The address of our website is: https://www.enotecacremona.it/shop.
What personal data we collect and why we collect it
In this section you should note what personal data you collect from users and visitors to the site. This could include personal data, as a name, email address, personal preferences on the account; transactional data, such as purchasing information; and technical data, as information about cookies.
You should also take note of the collection and storage of sensitive personal data, such as health data.
In addition to listing the personal data you collect, you have to motivate why you collect them. These explanations must consider both the legal basis for the collection and storage of data and the active consent that the user has provided.
Personal data is not created only by the user's interactions with your site. Personal data is also generated by technical processes such as contact forms, comments, cookie, third party statistics and embeds.
By default WordPress does not collect personal data about visitors and only collects the data shown on the User Profile screen from registered users. However some plugins may collect personal data. You should add the relevant information below.
When a comment is left on the site, we collect the data shown in the comments form in addition to the visitor's IP address and the browser user agent string to facilitate spam detection.
In this subsection you should note what information may be disclosed by users who can upload media files. All uploaded files are usually publicly accessible.
By default, WordPress does not include a contact form. If you use a plugin for the contact form, use this subsection to describe what personal data is acquired when someone submits a contact form and how long it is kept for. For example, it is possible to report that the mailings of the contact forms are kept for a certain period for the purpose of customer service, but the information sent through them is not used for marketing purposes.
In this subsection you should list the cookies used by your website, including those set by your plugins, social media and statistics. We have provided the cookies that WordPress installs by default.
If you leave a comment on our site, you can choose to save your name, email address and website in cookies. They are used for your convenience so that you don't have to re-enter your details when you leave another comment. These cookies will last for one year.
If you visit the login page, a temporary cookie will be set to determine if your browser accepts cookies. This cookie does not contain personal data and is deleted when you close the browser.
When you log in, several cookies will be set to save your login information and your screen display options. Access cookies last two days while cookies for screen options last one year. If you select “remember me”, your access will persist for two weeks. If you log out of your account, access cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie does not include personal data, but simply indicates the ID of the article just modified. It expires later 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. video, images, articles, etc.). Content embedded from other websites behaves in exactly the same way as if the visitor had visited the other website.
By default WordPress does not collect statistical data. However, many web hosting accounts collect anonymous statistical data. You may also have installed a WordPress plugin that provides analysis services. Then, add the information from that plugin here.
Who we share your data with
In this section you should name and list all third party suppliers with whom you share site data, including partners, cloud-based services, payment systems and third-party service providers, and report what data you share with them and why. Add a link to their privacy policies, if possible.
By default, WordPress does not share any personal data with anyone.
How long do we keep your data
In this section you should explain how long you keep the personal data collected or processed by the website. Although it is your responsibility to describe how long you keep each dataset and why you keep it, this information must be listed here. For example, you might mean that you keep contact form entries for six months, statistics records for one year and customer purchase records for ten years.
If you leave a comment, the comment and related metadata are kept indefinitely. This is how we can automatically recognize and approve any subsequent comments instead of keeping them in a moderation queue.
For users who register on our website (if any), we also store the personal information they provide in their user profile. All users can see, modify or delete their personal information at any time (except their username which they cannot change). Website administrators can also view and edit this information.
What rights do you have on your data
In this section you should indicate what rights your users have in managing their data and how they can exercise them
If you have an account on this site, or you left comments, you can request to receive an exported file from the site with the personal data we have about you, including the data you have provided to us. You can also request that we delete all personal data concerning you. This does not include the data that we are obliged to keep for administrative purposes, legal or security.
Where we send your data
In this section you should list all data transfers from the site outside the European Union and describe how the data is safeguarded according to European data protection standards. This could include your web hosting, cloud storage or other third-party services.
European data protection legislation requires that data concerning European residents transferred outside the European Union be protected according to the same standards as if the data were in Europe. So in addition to listing where the data is moved, you should describe how they are ensured that these standards are met by you or your third party suppliers, both through an agreement like the Privacy Shield, clauses in your contracts or binding business rules.
Visitor comments can be checked through an automatic spam detection service.
Your contact information
In this section you should indicate a contact method for privacy concerns. If you need to have a Data Protection Officer (DPO), list their name and full contact details here.
How we protect your data
In this section you should explain what measures you have taken to protect your users 'data'. This could include technical measures such as encryption; security measures such as two-factor authentication; and measures such as staff training on data protection. Here you can also mention if you have carried out a privacy impact assessment.
What procedures we have set up to prevent data breaches
In this section, you should explain what procedures you will implement in the event of a data leak, be it potential or real, such as internal reporting systems, automatic contact or bug hunters.
From which third parties do we receive data
What automated decision making and / or profiling we do with user data
If your website provides a service that includes automated decision making, for example, allowing customers to apply for credit, or aggregate their data into an advertising profile – you have to notice this is happening, and includes information about how that information is used, what decisions are made with that aggregate data, and what rights users have on decisions made without human intervention.
Industry regulatory disclosure requirements
If you are a member of a regulated industry, or if you are subject to additional privacy laws, you may be required to disclose this information here.
Source: Everest Forms
We collect information about you during the form submission process on our site.
What we collect and store
While you visit our site, we’ll track:
- Form Fields Data: Forms Fields data includes the available field types when creating a form. We’ll use this to, for example, collect informations like Name, Email and other available fields.
- Location, IP address and browser type: we’ll use this for purposes like geolocating users and reducing fraudulent activities.
- Transaction Details: we’ll ask you to enter this so we can, for instance, provide subscription packs, and keep track of your payment details for subscription packs!
When you fill up a form, we’ll ask you to provide information including your name, address, email, phone number, credit card/payment details and optional account information like username and password and any other form fields available in the form builder. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including transaction details and complaints
- Process payments and prevent fraud
- Set up your account for our site
- Comply with any legal obligations we have, such as calculating taxes
- Improve our form offerings
- Send you marketing messages, if you choose to receive them
- Or any other service the built form was created to comply with and it’s necessary information
If you create an account, we will store your name, address, email and phone number, which will be used to populate the form fields for future submissions.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store form submission information for XXX years for geolocating and marketting purposes. This includes your name, address, email, phone number.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Editors can access:
- Form submission information and other details related to it
- Customer information like your name, email and address information.
Our team members have access to this information to help fulfill entries and support you.
What we share with others
In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.
We share information with third parties who help us provide our orders and store services to you; for example —
In this subsection you should list which third party payment processors you’re using to take payments on your site since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
In this subsection you should list which third party modules you’re using to increase functionality on your site since these may handle customer data. We’ve included MailChimp as an example, but you should remove this if you’re not using MailChimp.
We send beautiful email through MailChimp. When processing emails, some of your data will be passed to MailChimp, including information required to process or support the email marketing services, such as the name, email address and any other information that you intend to pass or collect including all collected information through subscription.
Source: Really Simple SSL
Source: It's plugins
What we collect and save
YITH WooCommerce Wishlist
While visiting our site, we will keep track of:
- Products added to the wish list: we will use this information to show you and other users your favorite products and to create targeted email campaigns.
- The wish lists you have created: we will keep track of the lists you have created which will be visible to our store staff
People from our team who have access
YITH WooCommerce Wishlist
Our team members have access to the information you provide to us. For example, both the administrator and the Store Managers can access:
- Wish list details, such as added products, to date, the name and privacy settings of your wish lists
Our team has access to this information to offer you the best offers for the products you love.
During the checkout process in our shop we collect information about you.
What we collect and save
While visiting our site, we trace:
- The products you have viewed: we will use this information for, for example, show you the products you have recently viewed
- Position, IP address and browser type: we will use this information for tax and shipping estimates
- Shipping address: we will ask you to enter it for, for example, estimate the shipment before you place the order and to send you what you have purchased!
When you make a purchase from us, please provide information such as name, billing address, shipping address, email address, telephone number, credit card number / payment details and optional account information, such as username and password. We will use this information for purposes such as:
- We send you account and order information
- We respond to your requests, including complaints and refunds
- Payment processing and fraud prevention
- Set up your account for our shop
- Comply with all legal obligations on us, such as the calculation of taxes
- Improve our store offers
- Sending marketing messages, if you choose to receive them
If you create an account, we will file your name, address, email and telephone number: this data will then be used to populate the checkout in your future orders.
In general, we keep your information as long as we need it for the purposes for which we collect and use the data and as long as we are legally required to continue to keep it.. For example, we store information on the order for 10 years for tax and accounting reasons. This information includes name, e-mail address and billing and shipping addresses.
We also store comments and reviews, if you choose to leave us.
People on our team who have access
Our team members have access to the information you provide to us. For example, both administrators and shop managers can access:
- Order information such as, purchased item, date of purchase and place of dispatch e
- Customer information such as your name, email address and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
What we share with others
In this section you need to list who you share data with and for what purpose. They might include, but don't limit yourself to that, analysis, marketing, payment gateway, third party shipping and incorporation providers.
We share information with third parties who help us provide store and ordering services; for example —
In this secondary section, you must list the third party payment processors you use for payments on your store as these may handle customer data. We have included PayPal as an example, but if you don't use PayPal you can remove it.
We accept payments through PayPal. While processing payments, some data are transferred to PayPal, including the information necessary to process or support the payment, like total purchases and billing information.