Privacy Policy

This privacy policy describes in detail how personal data is collected and processed when using this website/application.

Data Controller

The Tannura of Luigi Pau – Contrada Chiusa piccola, 96012 Avola SR – luigi.pau12@gmail.com –

Types of Data Collected

Among the Personal Data collected by this Application, either independently or through third parties, there are:

  • Cookies and usage data
  • Name and surname
  • E-mail address
  • Phone number
  • Billing address
  • Payment details
  • Browsing data
  • IP address
  • Geographical position
  • About the device
  • Access and identification data
  • Application interaction events (clicks, scrolling, etc.)
  • Other data provided voluntarily by the user

Details on the processing of Personal Data

Web analytics and statistics services

Meta Pixel (Facebook Pixel)

  • Purpose: Conversion tracking and advertising targeting
  • Data collected: Cookies, usage data, behavioral information
  • Place of processing: USA
  • Legal basis: User consent
  • Retention period: 180 days

Google Ads

  • Purpose: Online advertising and remarketing
  • Data collected: Cookies, usage data, conversion information
  • Place of processing: USA
  • Legal basis: User consent
  • Retention period: 540 days

YouTube Video

  • Purpose: Viewing video content
  • Data collected: Cookies, usage data, playback preferences
  • Place of processing: USA
  • Legal basis: User consent
  • Retention period: Varies according to Google settings

Hosting and backend infrastructure services

Digital Ocean

  • Purpose: Website hosting and data storage
  • Data collected: Usage data, system logs, technical information
  • Place of processing: EU
  • Legal basis: Performance of a contract
  • Retention period: Duration of service

BunnyCDN

  • Purpose: Content Delivery Network for resource optimization
  • Data collected: IP address, usage data, system logs
  • Place of processing: EU
  • Legal basis: Legitimate interest
  • Retention period: 30 days for system logs

Contact form

  • Purpose: Management of user requests
  • Data collected: Name, surname, email address, message content
  • Place of processing: EU
  • Legal basis: User consent
  • Retention period: 3 years from the last interaction

Marketing Services

Mailchimp

  • Purpose: Management of newsletters and marketing communications
  • Data collected: Email, name, communication preferences
  • Place of processing: USA
  • Legal basis: User consent
  • Retention period: Until unsubscription

Treatment methods

The Data Controller processes the Personal Data of Users by adopting appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. Processing is carried out using computer and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated.

Security measures adopted:

  • SSL/TLS protocol for data transmission
  • Firewalls and intrusion protection systems
  • Periodic data backups
  • Restricted access to data by authorized personnel
  • Disaster recovery procedures
  • Encryption of sensitive data
  • Two-factor authentication for administrative access

Data Transfer

Personal data are processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. In particular, some data may be transferred to countries outside the European Union. In these cases, the Data Controller ensures that the transfer of data occurs on the basis of:

  • European Commission Adequacy Decisions
  • Standard Contractual Clauses
  • Privacy Shield (where applicable)
  • Other appropriate guarantees

Purpose of the Processing

User Data is collected to allow the Owner to:

  • Provide the requested services
  • Comply with legal obligations
  • Respond to user requests
  • Improve your browsing experience
  • Prevent fraudulent activity
  • Process payments
  • Send service communications
  • Provide technical assistance
  • Conduct statistical analysis
  • Personalize the user experience
  • Send newsletters and marketing communications (subject to consent)
  • Manage the registration and authentication process
  • Monitor infrastructure to ensure security

Legal basis for processing

The Data Controller processes Personal Data relating to the User if one of the following conditions exists:

  • The User has given consent for one or more specific purposes
  • The processing is necessary for the performance of a contract with the User
  • Processing is necessary to comply with a legal obligation
  • The processing is necessary for the pursuit of the legitimate interest of the Data Controller
  • The processing is necessary for the performance of a task carried out in the public interest

Retention period

Personal Data will be processed and stored for:

  • Browsing data: 14 months
  • Data for marketing purposes: until consent is revoked
  • Contractual data: 10 years from the conclusion of the contract
  • Billing data: according to current tax legislation
  • Security log: 12 months
  • Customer support data: 3 years from last interaction

User Rights

Users may exercise certain rights with reference to the Data processed by the Owner:

Right of access (Art. 15 GDPR)

  • Get confirmation of treatment
  • Access your personal data
  • Obtain information on the purposes and methods of processing

Right to rectification (Art. 16 GDPR)

  • Correct inaccurate data
  • Integrate incomplete data

Right to erasure (Art. 17 GDPR)

  • Request data deletion
  • Obtain removal from the Owner’s systems

Right to restriction (Art. 18 GDPR)

  • Restrict data processing
  • Temporarily block use

Right to portability (Art. 20 GDPR)

  • Receive data in structured format
  • Transfer data to another owner

Right to object (Art. 21 GDPR)

  • Oppose data processing
  • Opt-out of direct marketing

Right to withdraw consent

  • Revoke consent previously given
  • Stop consent-based treatments

How to exercise your rights

Users may exercise their rights:

  • By sending an email to: luigi.pau12@gmail.com
  • By writing to the Owner at the registered office address
  • Using the appropriate online form

The Owner will respond to requests within 30 days, unless a justified extension is granted.

Cookies and tracking tools

This site uses:

Technical cookies

  • Necessary for the functioning of the site
  • They do not require user consent
  • Duration: session/persistent

Analytical cookies

  • Used for statistical analysis
  • They require user consent
  • Duration: 14 months

Profiling cookies

  • Used for personalized marketing
  • They require user consent
  • Duration: 12 months

For detailed management of cookies, see the Cookie Policy page.

Data controllers

The Owner uses third parties for specific processing activities. The updated list of Processors can be requested from the Owner.

DPO – Data Protection Officer

Lugi Pau – luigi.pau12@gmail.com –

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time:

  • By giving notice to Users on this page
  • By sending a notification if technically possible
  • Requesting new consent if necessary

Definitions and legal references

  • Personal Data: any information relating to an identified or identifiable natural person
  • User: the natural person who uses this Application
  • Owner: the natural or legal person who determines the purposes and means of the processing
  • GDPR: EU Regulation 2016/679
  • Cookie: small text file that websites save on the user’s device

Contact information

For any information regarding this Privacy Policy or to exercise their rights, Users may contact the Data Controller at the following addresses:

Last modified: 25/05/2025