Privacy and cookies

Data Controller and contact details

Tavarte Srl
Via XXIV Maggio 5
33052 Cervignano del Friuli (UD)

Categories of Data collected

Among the categories of Personal Data that collects, by itself or through third parties, there are: cookies; Usage Data; first name; last name; phone number; email address; ZIP/Postal code; address; city; country; gender.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Data Controller.

Users are responsible for any third-party Personal Data obtained, published or shared through and confirm that they have the third party’s consent to provide the Data to the Data Controller.

Recipients of the Data

The Data may be accessible to subjects acting on behalf of the Data Controller, involved with the operation of and duly authorised (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller.

Legal basis and purposes of the processing

The Data are processed for the following purposes and according to the indicated legal basis.

  1. a) On the basis of contractual necessity, for the purpose of:

         processing orders and performing related activities (e.g. providing support to User, communicate with User with regard to the status of the order, answering his/her information requests, managing payments etc.);

–          managing the delivery of the products;

–          following  up on specific requests of Users (such as answering to information requests sent though the section “Contact us” or by other means);

–          managing digital gift cards.

  1. b) On the basis of the legitimate interest of the Controller, and specifically:

–          to analyse and enhance its services, carry on statistical analysis and/or research and development through analysis of the purchase of the product;

–          to ensure security and confidentiality of its information technology systems;

–          to defend a right in judiciary, out of court and administrative procedure and in relation with controversies arisen in relation to offered products;

–          in the context of extraordinary operations, mergers, transfers and acquisitions etc.;

– to send commercial newsletters regarding its products and services to Users who purchased a product on, subject to the possibility, for the User, to opt-out from such a processing (i) at the checkout, by flagging the specific opt-out box, (ii) by accessing the appropriate opt-out link at the end of each promotional email, or (iii) at any time, by following the instructions indicated under section “How to exercise these rights” below.

Each time a processing is based on the legitimate interest basis, the Data Controller puts in place robust safeguards to ensure that the User’s privacy is protected, and its legitimate interest is not overridden by the User’s interests or fundamental rights and freedoms.

  1. c) To comply with a legal obligation to which the Controller is subject

The Personal Data shall be processed by the Controller anytime it is requested under the law, or following the request of a competent judicial or administrative authority.


The provision of Personal Data for the purposes indicated above under a) is mandatory, as it is needed to proceed with the sale and delivery of purchased products, and the refusal to provide such Personal Data would prevent the execution of the requested services in relation to the purchase of goods on

Transfers of Personal Data

Data transfers may involve transferring the User’s Data to a country other than their own, including outside the European Union. In such circumstances, the transfers will be carried out in compliance with regulations on personal data, in order to ensure an adequate level of protection. Particularly, the transfers will take place subject to one of the safeguards established under the law, including an adequacy decision of the EU Commission, or by adopting Standard Contractual Clauses approved by the European Commission. More information on the safeguard in place can be requested by submitting a specific request using the contact details in this privacy policy.

Retention time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for. Once the retention period expires, Personal Data shall be deleted unless the law requires further storage or the user has consented to the processing for a longer time or to have them archived. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

Particularly, following the completion of the order or the expiry of a digital gift card, the Data Controller will retain Data necessary to:

–         defend or assert any existing or potential claim;

–          handle any complaint regarding contracts or orders concluded.

The data retention period necessary to achieve the aforementioned purposes is linked to the limitation period of a claim that in many cases is equal to 10 years. The Data Controller will retain Personal Data after such time has elapsed only when required to comply with legal obligations or in the event of disputes and extraordinary claims that reasonably require the retention of Personal Data.

The rights of Users

Users may exercise certain rights regarding their Data processed by the Data Controller.

In particular, Users have the right to do the following:

  • Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
  • Object to processing of their Data. Users have the right to object to the processing of their Data where Personal Data is processed for the purposes of the legitimate interests pursued by the Data Controller, Users may object to such processing by providing a ground related to their particular situation to justify the objection or when they are processed for direct marketing purposes, they can object to that processing at any time without providing any justification.
  • Access their Data. Users have the right to learn if Data is being processed by the Data Controller, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
  • Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Data Controller will not process their Data for any purpose other than storing it.
  • Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Data Controller.
  • Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
  • Lodge a complaint. Users have the right to bring a claim before their competent data protection authority that, for Italy, is the Garante per la protezione dei dati personali.

How to exercise these rights

Any requests to exercise User rights can be directed to the Data Controller through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Data Controller as early as possible and always within one month.

Cookies and social widgets

A cookie is a small file sent by a website and stored on the user’s browser while they use an Internet site. Cookies can be stored only for the time a particular site is used (cookies session) or for a longer period of time and independent from the session (persistent cookies). Cookies work in conjunction with the website content and normally have the function of improving the usability and browsing experience on the web (technical cookies). Some types of cookies also allow Users to know the contents displayed, the choices selected and any use of the site. This functionality also allows the Data Controller to offer the most useful and relevant advertising to every single user (profiling cookies). A website can use self-developed cookies (first-party cookies) or cookies developed by third-party companies (third-party cookies).

It is possible that Personal Data and Usage Data are collected. For instance, Usage Data may be collected for the following purposes:

  • Displaying content from external platforms. This type of service allows the User to view content hosted on external platforms directly from the pages of and interact with them.
    This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
  • Interaction with external social networks and platforms. This type of service allows interaction with social networks or other external platforms directly from the pages of
    The interaction and information obtained through are always subject to the User’s privacy settings for each social network.
    This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.
    It is recommended to log out from the respective services in order to make sure that the processed data on isn’t being connected back to the User’s profile.

In addition, the Data Controller uses:

  • Technical Cookies: These are cookies necessary for browsing as they allow the correct use of and its full functionality. These cookies are strictly necessary for operations and their deactivation might impair browsing experience and outcome. In particular, the Data Controller uses technical cookies for the following purposes:
    – for the management of dynamic web pages, for the geographical identification of users, and for the management of last access data;
    – to guarantee the correct functioning of the web pages;
    – for the management of data relating to the amounts and products of the orders.


  • Analytical Cookies: used to collect information on the number of Users and how they visit For example, uses the Google Analytics tool to collect information, in aggregate form, on the number of users and how they visit the site. This tool uses third-party technical cookies for its operation. Information on the processing of privacy by Google is available at the following link: Information on the cookies used by Google Analytics, collection and use of this data are available at the following link: The following link also contains information to deny consent to the use of third-party cookies by Google Analytics:


  • Third Party Profiling Cookies for Marketing/Retargeting: these are cookies of third-party companies that allow the collection of information on the User for subsequent communication of more specific and/or personalised promotional material. They include cookies for inserting banner advertisements on relating to third party companies or products chosen or viewed by the User, or similar or like products. These cookies can be deactivated without preventing proper navigation on, however their deactivation involves the receipt of promotional messages that may not be relevant to the User. For more information on profiling cookies currently installed in the User’s terminal, review the third party privacy information and change the preferences expressed, Users can consult the page


  • Instagram widget (Instagram, Inc.) Instagram is an image visualization service provided by Instagram, Inc. that allows to incorporate content of this kind on its pages.

Personal Data collected: Cookies; Usage Data.

Place of processing: United States – Privacy Policy.

  • Facebook Like button and social widgets (Facebook, Inc.) The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.

Personal Data collected: Cookies; Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Disabling cookies. The User can always decide to block, delete, disable cookies or other similar technologies through the settings of their browser or device. There are many different browsers: each different browser (and in some cases even each different version of the same browser) has its own procedure for deleting cookies. Cookie preferences must be set separately for each browser used, as the features and options offered may vary. It is therefore advisable to visit the support pages of the browser for more information.

Acceptance and waiver of cookies. At the time of the User’s first access to  and, in any case, until a choice is expressed, the User will be asked to provide his/her consent to the use of third-party analytical cookies and profiling cookies.

Additional information about Data collection and processing

Additional information about the User’s Personal Data

In addition to the information contained in this privacy policy, may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data .

Information not contained in this policy

More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information at the beginning of this document.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and possibly within and/or – as far as technically and legally feasible – sending a notice to Users via any contact information available to the Data Controller. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.

Definitions and legal references

Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Usage Data

Information collected automatically through (or third-party services employed in, which can include: the IP addresses or domain names of the computers utilized by the Users who use, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the site) and the details about the path followed within the site with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.


The individual using who, unless otherwise specified, coincides with the Data Subject.

Data Subject

The natural person to whom the Personal Data refers.

Data Processor

The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of The Data Controller, unless otherwise specified, is the Owner of

The means by which the Personal Data of the User is collected and processed.


The service provided by as described in the relative terms (if available) and on this site.

European Union (or EU)

Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Legal information

This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

This privacy policy relates solely to, if not stated otherwise within this document.

Latest update: 6th November 2019

We are using cookies on our website

🇬🇧We use cookies to provide our online services. Particularly, we use profiling cookies and third party analytical cookies. For additional details on how we use cookies and instructions on how to disable them, please see our Privacy and Cookie policy. To consent the use of cookies, click OK

🇮🇹Utilizziamo dei cookie al fine di fornire i nostri servizi online. In particolare, utilizziamo anche cookie di profilazione e cookie analitici di terze parti. Per maggiori dettagli circa le modalita' con le quali utilizziamo i cookie e ottenere istruzioni su come disattivarli, invitiamo a consultare la nostra Privacy e Cookie Policy. E' possibile acconsentire all'utilizzo dei cookies utilizzando il comando OK.