Privacy Policy
DATA and COOKIES
Privacy PolicyLast updated: November 19, 2025Autentibox ("we," "us," or "our"), operated by GUSTO & TRADIZIONI S.R.L., is committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR), Danish law, and other applicable privacy regulations.Who We AreBusiness Name: GUSTO & TRADIZIONI S.R.L.VAT / P.IVA: 10856991210Business Address: Via Po' 8, Casoria (NA), ItalyWebsite: www.autentibox.comData Controller: GUSTO & TRADIZIONI S.R.L. (responsible for processing your personal data)Data Protection Officer: Not applicable. As a small business not processing special category data on a large scale, we are not required to appoint a Data Protection Officer under GDPR Article 37.Information We CollectWe collect personal information directly from you through our website forms and services:Email address (mandatory for marketing communication and account creation)Phone number (optional, for order fulfillment and customer service)First name and last name (optional, for personalization and orders)Address, city, postal code, and country (required for order shipping and fulfillment)Analytics and usage data: Google Analytics collects information about your visits, pages viewed, time spent, and interactions with our websitePayment information: Stripe securely processes payment data; we do not store credit card or payment card detailsCookies: Technical and marketing cookies for site functionality, analytics, and personalizationSocial media data: If you follow or interact with our Facebook Page (https://www.facebook.com/autentibox), Facebook collects information about those interactionsData sources: Currently collected directly from you via our website forms. In the future, we may collect data from Facebook Lead Ads or other social media sources; we will update this policy accordinglyHow We Use Your InformationTo process payments: Stripe handles all payment transactions securelyTo fulfill orders: Shipping information is used by BRT Bartolini for delivery; they do not store or use your data beyond fulfillmentEmail marketing: We send marketing emails, updates, and offers via Brevo (Brevo's Privacy Policy)Remarketing and advertising: We use Facebook's remarketing services to display relevant offers to you across platforms (Facebook's Data Policy)Website analytics: Google Analytics helps us understand how you use our site to improve our services (Google Analytics Privacy)Customer support: To respond to inquiries and provide customer serviceLegal compliance: To meet accounting, tax, and regulatory obligations under Italian and EU lawFraud prevention: To detect and prevent unauthorized access or misuseLegal Basis for ProcessingWe process your personal data under the following legal bases:Consent: For marketing emails (newsletter, offers, updates) – you must explicitly opt in via our double opt-in processContract: For order processing, payment, and fulfillmentLegal obligation: For accounting records, tax compliance (7-year retention), and fraud preventionLegitimate interest: To improve our website, prevent misuse, and understand customer preferencesData RetentionWe retain your personal information only for as long as necessary:Marketing emails (waitlist subscribers): 5 years from the date you join, or until you unsubscribe. If you do not engage with emails for 2 years, we may delete your email addressOrder and transaction data: 7 years (required for Italian and EU tax and accounting compliance)Consent records: 5 years minimum (required for GDPR audit purposes)Google Analytics data: 26 months (Google's default retention period)Payment information stored by Stripe: According to Stripe's data retention policiesCookies: Session cookies expire when you close your browser; persistent cookies last up to 12 months unless deletedWhen data retention periods expire, we securely delete your information or anonymize it.Sharing Your DataWe do not sell or rent your personal data to third parties. However, we share data with trusted service providers who assist us in operating our website and delivering services:Stripe – Payment processor (USA, protected by Standard Contractual Clauses)Brevo – Email marketing platform (France, GDPR-compliant)Google Analytics – Website analytics (USA, protected by Standard Contractual Clauses and Google's Data Processing Amendment)Facebook – Remarketing and advertising platform (USA, protected by Standard Contractual Clauses)BRT Bartolini – Shipping and logistics partner (Italy, for order fulfillment only; does not store customer data)All third parties are contractually obligated to process data only for specified purposes and to maintain GDPR compliance.International Data TransfersSome of our service providers are based outside the EU/EEA (specifically in the USA). To ensure your data is protected, we have implemented Standard Contractual Clauses (SCCs) with these providers to guarantee adequate levels of data protection equivalent to GDPR standards.Your Rights Under GDPRAs a data subject, you have the following rights:
Right to access: You can request a copy of all personal data we hold about youRight to rectification: You can request correction of inaccurate or incomplete dataRight to erasure ("right to be forgotten"): You can request deletion of your data, subject to legal retention obligationsRight to restrict processing: You can limit how we use your dataRight to data portability: You can request your data in a structured, portable formatRight to object: You can object to marketing, profiling, or certain processing activitiesRight to withdraw consent: You can unsubscribe from marketing emails at any time by clicking the "unsubscribe" link in any emailRight to lodge a complaint: You can file a complaint with your local Data Protection AuthorityHow to Exercise Your RightsTo exercise any of the above rights, please contact us at:Email: [email protected]We will respond to your request within 30 days (as required by GDPR). If we require additional information to verify your identity, we may extend this timeline by up to 2 months.Cookies and Tracking TechnologiesWhat Are Cookies?Cookies are small files placed on your device by our website to store information about your preferences and activities.Types of Cookies We UseNecessary Cookies: Required for basic site functionality (security, shopping cart, login). These are always enabled and do not require consent.Performance/Analytics Cookies: Collect anonymized data about how you use our site to help us improve. Provided by Google Analytics.Marketing/Remarketing Cookies: Allow us to show you relevant ads on other platforms. Provided by Facebook Pixel.Your Cookie ChoicesYou can control cookies through:Our website's cookie consent banner (managed by Silktide)Your browser's cookie settingsOpting out of Google Analytics via Google's opt-out extensionFacebook's Ad Preferences: https://www.facebook.com/ads/preferencesRefusing non-necessary cookies may affect your experience, but the website will remain functional.Automated Decision-MakingWe do not use automated decision-making or profiling that produces legal or similarly significant effects on you. All decisions regarding your account, orders, or eligibility are made by our team, not by automated systems.Data SecurityYour data is protected by:Secure, encrypted storage on GDPR-compliant platformsPayment data encrypted and processed by Stripe (PCI-DSS compliant)Email data stored securely by BrevoLimited access to data (only authorized staff)Regular security reviews and updatesWhile we implement strong security measures, no system is 100% secure. Please protect your account credentials and contact us immediately if you suspect unauthorized access.Mandatory vs. Optional DataEmail address: Mandatory. Used for account creation and marketing.Phone number: Optional. Used for customer service.First/Last name: Optional. Used for personalization.Address/City/Country: Mandatory for orders. Used for shipping.Without mandatory fields, we cannot complete your purchase or send marketing communications. Optional fields help us personalize your experience but are not required.Children's PrivacyAutentibox does not knowingly collect or process personal data from children under 16 years of age. If we become aware that we have collected data from a child without parental consent, we will delete it immediately. Parents or guardians concerned about data collection can contact us at [email protected].Third-Party LinksOur website may contain links to external websites (social media, payment processors, etc.). We are not responsible for their privacy practices. Please review their privacy policies before providing any information.Changes to This Privacy PolicyWe may update this Privacy Policy to reflect changes in our business, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website with a revised "Last Updated" date. Continued use of our website after changes constitutes your acceptance of the updated policy.Complaints and Contact InformationQuestions About Privacy?Email: [email protected]Postal Address: Via Po' 8, Casoria (NA), ItalyRight to Lodge a ComplaintIf you believe your data rights have been violated or have concerns about our privacy practices, you have the right to lodge a complaint with your local Data Protection Authority:Denmark: Datatilsynet (www.datatilsynet.dk)Italy: Garante per la protezione dei dati personali (www.garanteprivacy.it)Other EU countries: Visit www.edpb.eu to find your country's authorityYou can file a complaint with any Data Protection Authority in the EU, regardless of where you live or where the violation occurred.Data Processing Agreement (DPA)For business partners or entities requesting a formal Data Processing Agreement, please contact us at [email protected]. We will provide a standard DPA template upon request.Effective Date: November 19, 2025This Privacy Policy is compliant with the General Data Protection Regulation (GDPR EU 2016/679), Danish Data Protection Act, and applicable Italian data protection laws.Cookie PolicyLast updated: November 19, 2025
This Cookie Policy explains what cookies are, how Autentibox uses them, and your choices regarding their use. This policy applies to our website www.autentibox.com and is an extension of our main Privacy Policy.What Are Cookies?Cookies are small text files that are stored on your device (computer, tablet, or mobile phone) when you visit our website. They allow websites to recognize your device and remember information about your visits, preferences, and activities.Types of Cookies:Session cookies: Expire when you close your browser and are used for temporary functionalityPersistent cookies: Remain on your device for a specified period (usually up to 12 months) and allow us to recognize you on future visitsFirst-party cookies: Set by Autentibox directlyThird-party cookies: Set by external providers (Google, Facebook, etc.)Why We Use CookiesWe use cookies for the following purposes:1. Necessary/Technical CookiesThese cookies are essential for the website to function properly:Site navigation and shopping cart functionalityUser authentication and session managementSecurity and fraud preventionPayment processingStatus: Always enabled (no consent required)2. Performance/Analytics CookiesThese cookies help us understand how visitors use our website:Provider: Google AnalyticsPurpose: Track page views, user behavior, click patterns, and traffic sourcesRetention: 26 monthsImpact: Allows us to optimize website performance and contentStatus: Requires your consent3. Marketing/Remarketing CookiesThese cookies enable personalized advertising:Provider: Facebook PixelPurpose: Track your interactions with our website and show you relevant ads on Facebook and InstagramRetention: Up to 12 monthsImpact: Helps us reach interested customers with relevant promotionsStatus: Requires your consent4. Social Media CookiesIf you interact with our Facebook Page or share content:Provider: FacebookPurpose: Enable social media features, measure engagement, and deliver personalized contentStatus: Governed by Facebook's cookie policy; requires your consentYour Cookie ChoicesManaging Cookies Through Our WebsiteWhen you first visit our website, you will see a cookie consent banner (powered by Silktide). You can:Accept all cookies: Enable all tracking and analyticsReject non-essential cookies: Allow only necessary cookies for site functionalityManage preferences: Customize which types of cookies you acceptYou can change your cookie preferences at any time by clicking the cookie banner again on our website.Managing Cookies Through Your BrowserYou can also control cookies directly through your browser settings:Chrome: Settings > Privacy and security > Cookies and other site dataFirefox: Preferences > Privacy & Security > Cookies and Site DataSafari: Preferences > Privacy > Manage Website DataEdge: Settings > Privacy, search, and services > Clear browsing dataYou can:View all cookies stored on your deviceDelete cookies from specific websitesBlock all cookies or only third-party cookiesEnable "Do Not Track" (if your browser supports it)Note: Disabling cookies may affect website functionality, such as shopping cart persistence or login features.Opting Out of Third-Party TrackingGoogle Analytics:Download and install Google Analytics Opt-out Browser Extension: https://tools.google.com/dlpage/gaoptoutOr adjust your Google Ad Settings: https://myaccount.google.com/ads-and-dataFacebook:Visit Facebook's Ad Preferences: https://www.facebook.com/ads/preferencesAdjust your ad targeting settings and opt out of off-Facebook activity trackingDo Not Track (DNT)If your browser supports Do Not Track signals, we will honor your DNT preference. However, many websites and third-party services do not currently recognize DNT signals.Third-Party CookiesWe use cookies from the following third parties:Google Analytics: Website analytics and performance (Policy: Google Privacy Policy)Facebook Pixel: Remarketing and ad targeting (Policy: Facebook Data Policy)Stripe: Payment processing (Policy: Stripe Privacy)Brevo: Email marketing analytics (Policy: Brevo Privacy)Each third party has its own cookie policy and privacy practices. We recommend reviewing their policies for more information about how they use cookies.Cookie RetentionSession cookies: Deleted when you close your browser.Persistent cookies: Retained for the duration specified in the cookie (up to 12 months for Autentibox cookies, varying for third parties).Changes to This Cookie PolicyWe may update this Cookie Policy periodically. Please check the "Last Updated" date at the top of this policy to see when it was last revised.Contact UsIf you have questions about our use of cookies, please contact us at: [email protected].
