This Privacy Policy describes how Giulietta Jewellery Srl ("Company," "we," and "our") collects, uses, and shares your personal information when you use our website, purchase our products, or interact with us. Data Controller:

Company Name: Giulietta Jewellery Srl

Registered Office: Borgo San Jacopo 32R 34R, Firenze, Italia

​

​

Information We Collect

​

We collect personal data primarily to fulfill your orders and improve your shopping experience.

​

Identity Data: name, surname, address, and billing address.

Contact Data: email address and telephone number.

Transaction Data: details about payments, purchases, and order history.

Technical Data: IP address, browser type, operating system, and website usage (collected via cookies).

Marketing & Communication Data: your preferences in receiving marketing from us and your communication preferences.

​

​

 How We Use Your Data

​

We use your data only when permitted by law. The primary legal bases for processing your data are:

​

Contractual Necessity: to process and fulfill your orders (including payment and delivery).

Legitimate Interest: to improve our services, prevent fraud, and manage customer service requests.

Consent: for sending marketing communications (e.g., newsletters) where required.

Order Processing: contractual necessity

Customer Service: contractual necessity & legitimate interest

Marketing Communications: consent (you can withdraw consent anytime)

Website Optimization (cookies): consent or legitimate Interest (depending on cookie type)

​

​

Data Sharing and Disclosure

 

We may share your personal data with third parties only when necessary for our business operations:

​

Service Providers: Companies that provide services for us, such as:

Payment processors (e.g., banks, PayPal, Stripe).

Shipping and logistics companies (to deliver your jewellery).

IT and hosting providers.

Legal Requirements: When required by law (e.g., governmental agencies, tax authorities, or court orders).

​

​

Data Security

​

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized way.

​

​

International Data Transfers 

​

We primarily store and process your data within the European Economic Area (EEA). If we transfer your data outside the EEA (e.g., to US-based service providers), we ensure adequate protection by relying on legally approved mechanisms, such as Standard Contractual Clauses (SCCs).

​

​

Data Retention

​

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements (e.g., typically 10 years for fiscal documents in Italy).

​

​

Your Legal Rights

​

Under the GDPR, you have the following rights regarding your personal data:

​

Right of Access: To request a copy of the data we hold about you.

Right to Rectification: To correct any incomplete or inaccurate data we hold about you.

Right to Erasure: To ask us to delete your personal data.

Right to Restrict Processing: To restrict our use of your data.

Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format.

Right to Object: To object to the processing of your data (e.g., for direct marketing).

Right to Withdraw Consent: To withdraw your consent at any time where we are relying on consent to process your personal data.

​

​

Contact and Complaints

​

If you have any questions about this privacy policy or wish to exercise any of your rights, please contact the Data Controller at info@ciaogiulietta.com

You also have the right to lodge a complaint with the Italian supervisory authority, the Garante per la Protezione dei Dati Personali.

​

​

Changes to this Privacy Policy

​

We may update this policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date.

​

Last Updated: November 4, 2025