Privacy Policy of

This Website gathers some Personal Data from its Users.

Data Controller

The Data Controller is: Corazza, in the person of its legal representative, who may be contacted by the following means:
e-mail: tel +39 051/881877. The appointed Data Processor is Daniele Dondarini, who may be contacted by the following means: tel +39 340/6557991.

Type of Data collected

The Personal Data collected by this Website, either by itself or through third parties, includes: Cookies, Data on Usage, name, surname, address, fax number, telephone number, email address, postcode, town/city.

Full details on each type of Data collected are provided in the relevant section of this privacy policy or through specific policies available to view prior to the collection of that Data.
The User may freely choose to provide the Personal Data or, in the case of Data on Usage, it may be collected automatically as they use this Website.
Unless otherwise specified, all Data requested by this Website is mandatory. If the User refuses to provide that Data, it may not be possible for this Website to provide the Service. In instances where this Website indicates that certain Data are optional, Users are free to withhold that Data, without consequence to the availability of the Service or its operations.
Should Users have any doubts concerning which Data are mandatory, they are encouraged to contact the Controller.
Any use of cookies – or any other tracking tool – by this Website or by the controllers of third-party services this Website uses, where not specified otherwise, has the purpose of providing the Service the User has requested, as well as any additional purpose set forth in the present document and in the Cookie Policy, if available.

The User shall bear responsibility for the Personal Data of third parties acquired, published or shared through this Website and guarantees that it has the right to divulge or share them, releasing the Controller from any liability towards third parties.

Means and location of the processing of Data collected

Means of Data processing

The Controller shall adopt the appropriate security measures aimed at preventing any non-authorised access, disclosure, amendment or destruction of Personal Data.
Processing is carried out using computerised and/or telecommunications tools, with organisational methods and systems that align strictly with the purposes indicated. In addition to the Controller, in some cases others involved in the running of this Website (administrative, accounting, marketing and legal staff, system administrators), may have access to the Data, as well as external individuals or companies (such as third-party technical service suppliers, couriers, web hosting providers, IT companies, marketing agencies), whom the Data Controller will also appoint as Data Processors, where necessary. The up-to-date list of Data Processors may always be requested from the Data Controller.

Legal basis for processing

The Controller processes Personal Data belonging to the User when any of the following conditions are met:

  • The User has given their consent for one or more specific purposes; please note that in some jurisdictions the Data Controller may be authorised to process Personal Data without requiring User consent or the fulfilment of any other of the legal bases specified below, unless the User has objected to ("opted out" of) such processing. That is not, however, applicable where the processing of Personal Data is regulated by European legislation on the protection of Personal Data;

  • Data processing is necessary for the performance of a contract with the User and/or the implementation of pre-contractual measures;

  • Data Processing is necessary for the Data Controller to meet a legal obligation;

  • Data processing is necessary for the performance of a task in the public interest or in exercising public powers vested in the Data Controller;

  • Data processing is necessary in the Controllers’ pursuit of its own or third parties’ legitimate interests.

It is always possible, in any case, to request that the Data Controller clarify the legal basis of any Data processing and, specifically, to make clear whether the processing has a basis in law or in contractual provisions, or is necessary for entering into a contract.


Personal Data are processed at the Data Controller’s headquarters and anywhere else the parties involved in the processing are located. For further information, please contact the Data Controller.
The User’s Personal Data may be transferred to a country other than that in which the User is located. For further information on the location of the processing, the User may refer to the section concerning the details of Personal Data processing.

The User has the right to obtain information regarding the legal basis for transferring the Data outside of the European Union, or to an international organisation subject to international public law or set up between two or more countries, for example the UN, as well as information regarding the security measures the Data Controller has adopted to protect their Data.

In the event that any of the transfers described above takes place, the User may refer to the relevant sections of this document or request information from the Data Controller using the contact details provided at the top of the page.

Period of storage

The Data is processed and stored for the time required for the purpose for which it was collected.


  • Personal Data collected for purposes connected to the performance of a contract between the Data Controller and the User will be kept until the full performance of that contract.

  • Personal Data collected for purposes relating to the Data Controller's legitimate interests will be kept until those interests have been met. The User may obtain further information on the legitimate interests that the Data Controller is pursuing in the relevant sections of this document or by contacting the Data Controller.

Where processing is based on User consent, the Data Processor may store Personal Data for longer, until that consent is withdrawn. Moreover, the Data Controller may be obliged to store Personal Data for a longer period in order to meet a legal obligation or an order issued by an authority.

At the end of the period of storage, the Personal Data will be erased. As such, upon the expiry of that period, the rights of access, erasure and rectification, and the right to portability concerning the Data may no longer be exercised.

Purposes of processing the Data collected

User Data is collected to allow the Controller to provide its Services, as well as for the following purposes: Interaction with social networks and external platforms, remarketing and behavioural targeting, protection against spam, contacting the user, publishing comments on content, statistics, location-based interactions, viewing content from external platforms, tag management, heat mapping and session recording, interaction with online survey platforms, interaction with data collection platforms and other third parties, hosting and backend infrastructure, user database management, and contact and message management.

For further detailed information on the purposes of processing and on the Personal Data directly concerned by each of those purposes, the User should refer to the relevant section of this document.

Details on the processing of Personal Data

Personal Data are collected for the following purposes and using the following Services:

  • Contacting the User

Contact form (this Website)

By filling in the contact form with their Personal Data, the User consents to its use to respond to requests for information and quotes, or requests of any other nature indicated in the form sent.

Personal Data collected: Name, surname, company, address, town/city, email, fax number, telephone number, VAT number, occupation

Further information on Personal Data

  • Push notifications

  • Sale of goods and services online

The Personal Data collected are used to provide services to the User or for selling products. That includes processing payments and any delivery service required. Personal Data collected for processing payments may include those relating to credit cards, to current accounts used for making transfers, or to other payment methods accepted. The payment details collected by this Website are dependent on the payment system used.

User rights

Users may exercise certain rights with regard to the Data processed by the Controller.

Specifically, the User has the right to:

  • withdraw their consent at any time. The User may revoke the consent to the processing of their Personal Data previously expressed.

  • object to the processing of their Data. The User may object to the processing of their Data when the legal basis for it differs from that for which consent was given. Further details on the right to object are provided in the section below.

  • access their own Data. The User has the right to obtain information on the Data processed by the Controller and on certain aspects of the processing, and to receive a copy of the Data processed.

  • check the Data and ask for rectification. The User may verify the accuracy of their own Data and ask for it to be updated or corrected.

  • obtain limitations on the processing. When certain conditions are met, the User may ask to limit the processing of their Data. In that instance the Controller shall not process the Data for any purpose other than storing it.

  • have their Personal Data erased or removed. When certain conditions are met, the User may request that the Controller delete their Data.

  • receive their Data or have it transferred to another Controller. The User has the right to receive their Data in a structured, commonly used and machine-readable format and, where technically possible, to have that Data transferred to another Controller without hindrance. This provision applies where the Data is processed by automated means and the processing is based on User consent, on a contract to which the User is party, or on contractual measures connected to such a contract.

  • lodge a complaint. The User may lodge a complaint with the supervisory authority for the protection of Personal Data active within the jurisdiction or take legal action.

Detailed information on the right to object

Where Personal Data is processed in the public interest, or to exercise public powers vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users have the right to object to that processing for motives relating to their own particular circumstances.

Users should note that, where the Data is processed for the purpose of direct marketing, they may object to that processing without providing any motive. To see whether the Controller processes Data for the purpose of direct marketing, Users may refer to the relevant sections of this document.

How to exercise these rights

To exercise their rights, Users may send a request to the Controller using the Controller’s contact details provided in this document. Requests are made free of charge and will be handled by the Controller as quickly as possible and, in any case, within a month.

Cookie Policy

This Website uses cookies. For more information and to view the policy in full, Users may consult the Cookie Policy.

Further information on Data processing

Defence before the courts

The User’s Personal Data may be used by the Controller in court or in the preparatory stages of a possible case against any misuses of this Website or of related Services committed by the User.
The User acknowledges that the Controller may be obliged to disclose their Data if ordered to do so by public authorities.

Specific policies

Upon the User’s request, in addition to the information contained in this privacy policy, this Website may provide the User with additional policies for specific circumstances concerning specific Services, or the collection and processing of Personal Data.

System logs and maintenance

To meet its functional and maintenance needs, this Website and any third-party services used by it may compile system logs (files that record interactions). These logs may also contain Personal Data, such as the User's IP address.

Information not included in this policy

Further information regarding the processing of Personal Data may be requested at any time from the Controller using the contact details.

Do Not Track” requests

This Website does not support “Do Not Track” requests.
To see whether they are supported by any of the third-party services used, Users are encouraged to consult their respective privacy policies.

Changes to this privacy policy

The Data Controller reserves the right to make changes to the present privacy policy at any time, notifying the Users through this page and, where possible, on this Website, as well as, where technically and legally possible, sending Users a notification to one of the contact details in the Controller’s possession. It is therefore recommended that this page be consulted regularly, taking note of the date on which it was last amended, indicated below.

Where changes relate to processing for which the legal basis is consent, where necessary the Controller will make arrangements to obtain the User’s consent again.

Definitions and references to legislation

Personal Data (or Data)

Personal Data is any information that, directly or indirectly, including where in connection to other information, which here includes personal ID numbers, allows a natural person to be identified or makes them identifiable.

Data on Usage

This is information collected automatically through this Website (including by third-party applications integrated into this Website), including: the IP addresses or domain names of the User connecting to this Website, URI (Uniform Resource Identifier) web addresses, time of request, method used to send the request to the server, size of the response file, the numerical code indicating the status of the server response (successful, error, etc.), country of origin, features of the browser and operating system the visitor is using, various time details regarding the visit (e.g. time spent on each page) and any details relating to user flow within the Application, particularly the order in which pages were viewed, parameters relating to the User’s operating system and IT environment.


The individual using this Website who, unless specified otherwise, is also the Data Subject.

Data Subject

The natural person whom the Personal Data regard.

Data Processor (or Processor)

The natural person, legal person, public administration or any other entity processing Personal Data on the Data Controller's behalf, pursuant to what has been set forth in the present privacy policy.

Data Controller (or Controller)

The natural or legal person, public authority, service or other entity that, on its own or jointly with others, determines the purposes and the means of processing Personal Data and the tools adopted, which here includes the security measures relating to the running and use of this Website. Unless otherwise specified, the Data Controller is the owner of this Website.

This Website (or this Application)

The hardware or software through which the Personal Data of the User are collected and processed.


The Service provided by this Website as defined in their related terms (where available) on this Website/Application.

European Union (or EU)

Unless specified otherwise, all references to the European Union in this document are intended to cover all the current member states of the European Union and the European Economic Area.


Small data files stored on the User's device.

References to legislation

This privacy policy has been informed by multiple sources of law including articles 13 and 14 of Regulation (EU) 2016/679.

Unless specified otherwise, this privacy policy exclusively concerns this Website.

Last amended: 28 May 2018

Handmade with love Sviluppo e gestione dati Grafica, design e comunicazione