Privacy Policy according to art. 13 GDPR (EU Regulation 2016/679)
Francesco Piccinin (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, protect personal data and your rights under applicable laws including the EU General Data Protection Regulation (GDPR) and, for users in California, the California Consumer Privacy Act (CCPA).
1. Data controller
The data controller for your personal data is Francesco Piccinin
Registered office: Via don Cester 13, Morgano (TV) 31050, Italy
Email: francesco@piccininknives.com
Phone: (+39) 3450804581
2. Data Protection Officer (DPO)
Not appointed, as the conditions set out in Article 37 of Regulation (EU) 2016/679 do not apply.
3. Purpose and legal basis of processing
Personal data are processed for the following purposes and legal bases::
Execution and management of sales contracts, delivery of products and after-sales assistance (art. 6, lett. b GDPR);
Compliance with administrative, accounting, and tax obligations (art. 6, lett. c GDPR);
Management of user accounts and authentication (art. 6, lett. b GDPR);
Sending newsletters, commercial offers, and marketing activities only upon explicit consent (art. 6, lett. a GDPR);
Improvement of the website and anonymous statistical analysis, with prior consent where required (art. 6, lett. f GDPR);
Handling of customer support requests (art. 6, lett. b GDPR).
4. Types of data processed
Identification and contact data: name, surname, address, email, phone number, VAT number or tax ID;
Payment data: payment information such as card type, partial card number, payment method or transaction ID may be stored securely to facilitate order tracking or future purchases. Full payment details such as complete card numbers or CVV codes are not stored on our servers. Payment data are processed and securely stored by Stripe, PayPal, Klarna, Apple Pay or Google Pay in compliance with international PCI DSS security standards. When you choose to save your payment method, this option is handled through encrypted tokens managed exclusively by these providers;
Account data: login credentials (passwords are encrypted), order history, saved addresses and payment methods (if the user chooses to store them for future use);
Shipping and billing information;
Browsing data and cookies: IP address, browser type, operating system, referral pages, time spent on the site and cookie preferences;
Analytics data: anonymous aggregated information collected through Google Search Console and Bing Webmaster Tools
Communication data (messages sent through contact forms or email);
Newsletter data: email address and subscription preferences;
Other data voluntarily provided by the user (preferences).
5. Processing methods and retention period
Data processing is carried out using electronic and manual tools, ensuring data security, confidentiality, and integrity. Data will be retained only for as long as necessary to fulfill the purposes described above and, in any case, in compliance with applicable legal retention periods.
Contract and billing data: for the duration of the contract, the subsequent period necessary to assert or defend legal rights and 10 years thereafter (for accounting/tax purposes);
Account and profile data: until account deletion, withdrawal of consent or otherwise limited by law;
Saved payment methods: until the user deletes the saved method or closes the account;
Newsletter and marketing data: until consent is withdrawn or otherwise limited by law;
Technical logs and browsing data: typically up to 12 months, unless required for security or legal purposes.
6. Disclosure and communication of data
Personal data, shipping, billing and orders information may be disclosed to the service provider involved in website management (Squarespace) and translation and multilingual content service (Weglot);
Payment information and payment data are processed securely by third-party providers such as Stripe or PayPal (please note that we do not store your credit or debit card details on our servers);
Shipping information may be disclosed to the shipping carrier (UPS);
Browsing data an analytics data may be disclosed to Google Search Console and Bing Webmaster Tools;
Personal data may be disclosed to competent authorities in case of legal obligations;
Passwords are stored in encrypted form and transactions are carried out through secure SSL/TLS connections;
Data will not be disclosed publicly.
7. Transfer of data to third countries
Some service providers (e.g., Squarespace, Weglot, Stripe, PayPal, UPS) may process data outside the European Economic Area (EEA). In such cases, transfers are performed in accordance with Articles 45–46 GDPR, using Standard Contractual Clauses (SCCs) or other safeguards ensuring adequate protection. We do not sell or rent users’ personal data to third parties for marketing purposes.
However, in compliance with applicable privacy laws, users residing in certain jurisdictions have the right to opt out of the sale or sharing of their personal information. Users in jurisdictions with specific privacy rights (e.g. the U.S., U.K., or Canada) may exercise their rights as described below. To exercise this right or to make any request regarding your personal data, please contact us at francesco@piccininknives.com.
8. Rights of the data subject (EU / EEA / UK)
Users may exercise their rights at any time under Articles 15–22 of the GDPR and the UK GDPR, including:
Access to their personal data;
Rectification or erasure;
Restriction or objection to processing;
Data portability;
Withdrawal of consent;
Filing a complaint with the Data Protection Authority (e.g., the Italian Garante per la Protezione dei Dati Personali or the ICO in the UK).
Requests should be sent to: francesco@piccininknives.com
9. Privacy Rights for U.S. Residents (CCPA / CPRA and Similar Laws)
If you are a resident of California or another U.S. state with privacy legislation, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
The right to know what personal information is collected, used, or disclosed;
The right to request deletion of your personal information;
The right to correct inaccurate data;
The right to opt out of the sale or sharing of personal information;
The right not to be discriminated against for exercising your privacy rights.
We do not sell personal data as defined under the CCPA/CPRA.
To exercise these rights, or to make any privacy-related request, please contact: francesco@piccininknives.com
10. Privacy Rights for Other Regions
Canada (PIPEDA): Canadian users have the right to access and correct their personal information.
United Kingdom (UK GDPR): the same rights as under the EU GDPR apply.
Other jurisdictions: users may exercise privacy rights granted by their local data protection laws by contacting us directly.
11. Mandatory or voluntary provision of data
The provision of personal data necessary for the execution of the contract is mandatory; failure to provide such data will make it impossible to provide the requested service. Providing data for marketing purposes or for the creation of the client’s account is optional.
12. Cookies and similar technologies
The website uses its own and third-party cookies to enhance the user experience, analyze traffic, provide social media functionalities and enable translation. Users can manage cookie preferences and revoke consent via the cookie banner and browser settings.
For further details, please refer to the Cookie Policy.
13. Processing of Minors’ Data
The services offered are not intended for individuals under 18 years of age. The Data Controller does not knowingly collect personal data from minors.
14. Data Processors
A list of data processors (as per Article 28 GDPR) is available upon request by contacting the Data Controller at the email address above.
15. Changes to this privacy notice
This notice may be updated periodically. Any changes will be published on this page with an updated revision date.
Last updated: October 28th 2025