La Galleria delle Meraviglie
Informativa privacy

Information notice pursuant to article 13 of Legislative Decree 30 June 2003, No. 196
(the “Data Protection Code”)
This Information notice is provided related to (hereinafter the “Site”) and does not concern any web sites that may be visited by an user via external links.

Data Controller
The controller of personal data processing is the site’s owner, Mister Giangiacomo Castellano, via Lorenzo Perosi, 38, apt. 3 – 15057 Tortona (AL), 34970063 telephone +39 3487144473, e-mail

Kind of data processed and the purposes of the data processing
Surfing Data
The processing of personal data of users that visit the Site is limited to the “surfing data” whose transmission to the Site is implicit in the functioning of the information systems in charge of the managing of the Site and in the use of communications protocols proper of the Internet. For example, “surfing data” are the IP addresses or the domain names of the computers employed by the users who connect to the Site and parameters relating to the type and the information operating system employed by the users. “Surfing data” are not collected by the Site in order to be associated with to users or identified persons, however surfing data for their own nature may allow the identification of the user if they are processed and associated with other data owned by third parties. Surfing data are collected and processed by the Controller exclusively for statistical purposes and in anonymous form in relation to the access and use of the Site and for purposes of monitoring the correct functioning of it. Surfing data are deleted immediately after the processing in anonymous form. This data may be communicated to the Authority in order to assessing possible responsibilities in case of information crimes realized against the Site or through the Site. The Data Controller keeps the user’s surfing data only temporarily according to the applicable law.
Data provided by mail
Sending e-mail messages to the addresses mentioned on the Site, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender’s address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message.

Data provided by Order Form
The personal data provided through the Order form will be processing in order to carry out activities necessary for the management of sales of product performed (e.g. managing orders, selling and delivering products, managing returns and warranties, and other activities related to the sale of products)

With the user’s consent, that is free and optional, Data Controller may also process user’s personal data for profiling and marketing purposes (e.g. to send to user, also through e-mails, sms and mms, information and updates on our products, offers, exclusive sales). User will always have the opportunity to object the processing of its personal data for the sending of promotional information through e-mail or sms.
The Data will be processed in order to comply with any provision and duty provided for by the Italian laws which may apply, for time to time, to product’s purchase.
The obligatory or voluntary nature of providing requested data
Providing user’s personal data marked with (*) on Order form (like name, surname, address, e-mail address, telephone number, Credit Card numbers or other bank code) is necessary for processing order related to purchase of products on the Site.
The refusal to provide some of personal data necessary for performing the above purposes may consequently prevent the Seller from processing the order for the purchase of products sold on the Site or fulfilling obligations required by contract and law.
Disclosure or providing personal data for profiling or marketing purpose is optional and voluntary. The User is free and does not have any effect on the use of the Site and of its services or on the purchase of products.

Features of the personal data processing and security measures

Personal data are processed mainly with electronic information and telematic means, according to logics and procedures strictly related to the purpose of processing above reported. Data may also be processed without electronic means through manual means; in any case data are kept only for the time necessary to achieve the specific processing purpose from time to time sought and according to applicable law on data protection, including security and confidentiality principals.
Data Controller adopts security measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access, and against all other reasons for data processing that do not comply with this Information notice.
In any case, outside the limits of Data Controller’s control and management, the Users has to adopte software devices that protect network data transmission/receipt (such as updated antivirus systems) and assure that user’s Internet service provider take appropriate measures for the security of network data transmission (such as, for example, firewalls and anti-spam filtering).
To whom personal data will be discosed
User’s personal data may be disclosed to third parties only when it is necessary in order to supply services or to execute a contract for the purchase of products or to comply with applicable law.
(for example, user’s personal data is disclosed to Bank for the performance of electronic distance payment services using Credit Card when you purchase a product or to the police or to judicial authorities, according to law and upon a formal request by such entities, for example in the event needs to prevent fraud on the Site).

User’s rights
User is entitled at any moment to enforce his/her rights as provided under Section 7 of the Privacy Code, for example the right to obtain confirmation that user’s personal data exist or do not exist, verify their content, origin and accuracy, ask for their integration, updating, amendment, deletion, transformation in anonymous form, block for breach of laws and regulations, and user may oppose for legitimate reason the data processing.
To enforce user’s rights and for any query or request relating to the personal data processing the User may contact Data Controller at the