Privacy Policy

This Privacy Policy explains how Ad Maiora Srl (“we”, “us”, “our”) collects, uses, discloses and protects personal data when you visit our websites and use our services.

Data Controller

Ad Maiora Srl
Registered office: Corso Nizza, 84, 12100 Cuneo, Italy
VAT ID: IT03927010045
Privacy contact: [email protected]
Data Protection Officer: [email protected]

Scope

This notice applies to our websites, newsletters, contact forms, user accounts, purchases and any other online service we provide (collectively, the “Services”). It covers visitors, subscribers, customers and other users.

Categories of data we process

We may process the following categories of personal data:

  • Identification and contact details: name, email address, postal address, phone number.
  • Account information: username, hashed password, preferences.
  • Order and transaction data: products purchased, billing and shipping details, amounts, limited payment metadata (actual card data is processed by payment providers).
  • Communications: messages sent via forms or email, support tickets, survey responses.
  • Newsletter data: email, name, interests such as zodiac sign.
  • User generated content: comments, reviews, media you upload.
  • Technical and usage data: IP address, device and browser type, operating system, language, referring URLs, pages viewed, time spent, clicks and scrolls.
  • Cookies and similar technologies: identifiers necessary for site operation, analytics and advertising (where permitted).
  • Log and security data: activity logs, error logs and signals used for fraud prevention and site security.

We do not intentionally collect special categories of data (e.g., health, precise geolocation, religious beliefs). Please do not submit such data through our Services.

Sources of data

  • Directly from you when you visit, subscribe, contact us, create an account or make a purchase.
  • Automatically via cookies, pixels and similar technologies when you use the Services.
  • From service providers that support our operations (e.g., analytics, email, hosting).
  • From publicly available sources when appropriate for fraud prevention and security.

Purposes and legal bases

We process personal data for the purposes and legal bases below, in accordance with Articles 6 and 9 GDPR:

  • Provide the Services, create and manage accounts, fulfill orders, deliver digital content and customer support: contract performance; legitimate interests.
  • Process payments and comply with tax and accounting obligations: contract performance; legal obligation.
  • Send newsletters and marketing communications: consent (you may withdraw at any time).
  • Run analytics, measure performance and improve the Services: consent where required; otherwise legitimate interests.
  • Personalize content and advertising, including interest-based advertising: consent where required.
  • Ensure security, prevent fraud and abuse, enforce terms and defend legal claims: legitimate interests; legal obligation where applicable.
  • Comply with requests from authorities and exercise or defend legal rights: legal obligation; legitimate interests.

Where we rely on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

Cookies and tracking technologies

We use cookies, SDKs, pixels, local storage and similar technologies to operate the site, remember preferences, analyze traffic and, where permitted, personalize content and advertising.

  • Strictly necessary cookies are used to deliver core functionality.
  • Functional cookies remember your settings.
  • Analytics cookies help us understand usage.
  • Advertising cookies enable interest-based ads and measurement.

Where required by law, we request your consent for non-essential cookies via a banner or equivalent mechanism. You can change your preferences at any time via your browser settings and, where available, our consent tool. Blocking some cookies may affect site functionality.

Third-party services and processors

We engage trusted providers to process data on our behalf for the purposes above. These include:

  • Hosting and CDN: Closte (primary server location indicated by provider: Idaho, USA), Cloudflare.
  • Analytics: Google Analytics 4.
  • Advertising and measurement: Meta (Facebook) Pixel, Google Ads, TikTok, Pinterest.
  • Session analytics and diagnostics: Microsoft Clarity.
  • Email and newsletter delivery: MailerLite.

Each provider processes data under written agreements that require appropriate security and confidentiality. We may also disclose data to professional advisors, auditors, authorities and courts where legally required or to protect our rights.

International data transfers

Some processing involves transfers to countries outside the EEA or UK, including the United States (for example, hosting/CDN, analytics, advertising and email delivery). We use appropriate safeguards such as the European Commission’s Standard Contractual Clauses, and, where applicable, rely on vendors that participate in recognized transfer frameworks such as the EU–U.S. Data Privacy Framework. Copies of relevant safeguards can be requested using the contact details below.

Retention

We retain personal data only as long as necessary for the purposes described above or as required by law. Typical retention periods are:

  • Accounts: for the life of the account and up to 24 months after closure.
  • Orders and invoices: up to 10 years for tax and accounting.
  • Customer support communications: up to 24 months after resolution.
  • Newsletter and marketing: until you unsubscribe or after a period of inactivity.
  • Analytics records: typically 14 months, or as configured in the analytics tool.
  • Security logs: typically 12 months, or as necessary to investigate incidents.

When retention periods expire, data is securely deleted or anonymized.

Security

We implement appropriate technical and organizational measures to protect personal data, including TLS encryption in transit, access controls and role-based permissions, multi-factor authentication for administrative accounts, regular backups and monitoring. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Children’s privacy

Our Services are not directed to children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us to request deletion.

Your rights (EEA/UK and similar jurisdictions)

Subject to applicable law, you have the right to:

  • Access your personal data and receive a copy.
  • Rectify inaccurate or incomplete data.
  • Erase your data in certain circumstances.
  • Restrict processing in certain circumstances.
  • Object to processing based on legitimate interests, including direct marketing.
  • Data portability for data you provided to us.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with a supervisory authority.

To exercise your rights, contact us at [email protected]. We may need to verify your identity. We will respond without undue delay and in any case within one month, extendable in complex cases.

You may lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali), Piazza Venezia 11, 00187 Roma, Italy, or with your local authority.

California and other US state privacy notices

If you are a resident of California or another US state with similar privacy laws, you may have additional rights, including:

  • The right to know the categories of personal information collected, sources, purposes and disclosures;
  • The right to access, correct and delete personal information;
  • The right to opt out of “sharing” for cross-context behavioral advertising and certain “sales” of personal information;
  • The right to limit the use of sensitive personal information;
  • The right not to be discriminated against for exercising your rights.

We do not sell personal information for money. We may “share” identifiers and internet or network activity with advertising partners to show you more relevant ads. You can opt out of such “sharing” by adjusting cookie preferences where available, enabling a supported Global Privacy Control (GPC) signal in your browser, or by emailing us at [email protected] with the subject line “US Privacy Request”.

Automated decision-making

We do not engage in solely automated decision-making that produces legal or similarly significant effects about you. We may use profiling for marketing personalization where permitted, which you can opt out of by withdrawing consent or changing your preferences.

Links to third parties

Our Services may contain links to third-party sites, apps or services. We are not responsible for their privacy practices. Please review their policies before providing personal data.

Changes to this Policy

We may update this Policy from time to time. The “Effective date” shows when the latest changes took effect. Material changes will be notified through the Services or by email where appropriate.

Contact

For questions or requests regarding this Policy or your personal data, contact:

Ad Maiora Srl
Corso Nizza, 84, 12100 Cuneo, Italy
Email: [email protected]