Privacy and Cookie Policy

Privacy Policy

Last update: 02/07/2025

This privacy notice is provided pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (“GDPR”) and describes how we collect, use, store, and protect users’ personal data when they visit or use the website www.mayrahome.it (hereinafter, the “Website”).

The processing of personal data is carried out in accordance with the principles of lawfulness, fairness, transparency, relevance, and security.

This policy applies exclusively to this Website and does not cover external websites accessed via links.

1. Data Controller

Personal data is processed by MarIlaB SNC di Parlato Marica e Parlato Ilaria, with registered office at Via S. Francesco, 17 – 80067 Sorrento (NA), VAT No. 10590561212, REA NA - 1117361, certified email (PEC): marilabsnc@pec.it, in its role as Website owner and manager.

2. Types of Data Collected

While browsing or interacting with our services, we may collect and process the following categories of personal data:

• Identification and contact data (name, surname, email address, phone number, shipping/billing address);
• Account data (username, encrypted password, order history);
• Payment data: processed securely by third-party providers (Stripe, PayPal); we do not store full card details;
• Browsing data: IP address, browser type, device, session duration, pages visited;
• Cookies data: for technical, statistical, marketing or profiling purposes (see the Cookie section);
• Voluntary data: provided via contact forms, newsletter subscription or interaction on social media;
• Marketing data: only processed with your explicit consent.

3. Purpose of Processing

Personal data is processed solely for specific and legitimate purposes, including:

• Website and service management (account setup, order processing);
• Shipping and after-sales support;
• Responding to user queries or contact requests;
• Sending newsletters and promotional materials (if expressly authorized);
• Fraud prevention and website security;
• Compliance with legal, tax, and accounting obligations;
• Aggregated analytics to improve user experience.

4. Legal Basis for Processing

Processing is based on different legal grounds, depending on the context:

• Contract performance or pre-contractual steps (e.g., purchases, account creation);
• Legal obligations (e.g., invoicing, tax compliance);
• Legitimate interests of the data controller (e.g., security, fraud prevention, service improvement);
• User’s explicit consent, where required (e.g., marketing and profiling).

5. Processing Methods and Security

Data is processed using electronic and sometimes paper-based tools. We implement appropriate technical and organizational measures to protect data integrity, confidentiality, and availability.

Data access is restricted to authorized personnel and service providers acting under confidentiality agreements or, where applicable, as Data Processors.

6. Data Retention

Data is retained only as long as necessary to fulfill the purposes for which it was collected, in line with applicable laws:

• Order and invoicing data: up to 10 years;
• Browsing data: from a few minutes to 12 months;
• Account data: until the account is deleted by the user;
• Marketing data: until consent is withdrawn, or up to 24 months after the last interaction;
• Legal dispute data: for the duration of any legal action and according to statutory limitation periods.

After the retention period, data is permanently deleted or anonymized.

7. Data Disclosure to Third Parties

Data may be shared with third parties only when necessary for the purposes described above:

• Couriers and logistics partners;
• Payment providers (e.g., Stripe, PayPal);
• Newsletter and marketing platforms (with consent);
• IT and administrative service providers;
• Competent authorities when required by law.

We do not sell or disclose personal data to unauthorized third parties.

8. Data Transfers Outside the EU

Some service providers (e.g., Meta, Google, Prestashop, Stripe) may process data outside the European Economic Area. In such cases, data transfers are carried out in compliance with GDPR safeguards (e.g., Standard Contractual Clauses or adequacy decisions).

9. Data Subject Rights

Under Articles 15–22 of the GDPR, users have the right to:

• Know whether their data is being processed and access it;
• Request correction or updates to their data;
• Request deletion where permitted;
• Restrict processing in certain cases;
• Withdraw consent (e.g., for newsletters);
• Receive their data in portable format (data portability);
• Object to processing based on legitimate interests.

To exercise these rights, contact us at: marilabsnc@pec.it.

Cookie Policy

This website, www.mayrahome.it, uses cookies to enhance user experience, ensure service functionality, and collect statistical and marketing data.

This Cookie Policy explains how cookies are used, for what purposes, and how users can manage or refuse them.

1. What Are Cookies?

Cookies are small text files sent by websites to the user’s device (computer, smartphone, tablet), where they are stored and later sent back to the same websites upon the next visit. They help recognize the user, store preferences, and improve the navigation experience.

2. Types of Cookies Used

a) Technical (Essential) Cookies
These are necessary for the site to function properly (e.g., cart management, login, account access, secure sessions). They do not require user consent.

b) Analytical (Statistical) Cookies
These help us understand how users navigate the site (pages visited, average time, device type, etc.), including via tools such as Google Analytics. They are activated only with user consent and configured to anonymize IP addresses.

c) Profiling and Marketing Cookies
These are used to deliver personalized content and advertisements based on users’ interests and browsing behavior. They may be managed by third parties (e.g., Google Ads, Meta/Facebook Pixel, Klaviyo) and are only activated upon explicit user consent.

3. Third-Party Cookies

The site may use third-party cookies, such as:

• Google Analytics: for anonymous, aggregate site usage statistics;
• Meta Pixel (Facebook/Instagram): for advertising and retargeting purposes;
• Klaviyo: for email and marketing campaign management;
• Stripe and PayPal: for secure payment processing.

These third parties are responsible for their own cookie management and policies.

4. Cookie Management and Settings

When accessing the site for the first time, a banner appears with a brief notice and a “Manage Preferences” button. Users can:

• Accept all cookies;
• Reject non-essential cookies;
• Customize settings by selecting individual categories.

Preferences can be updated at any time via the “Cookie Management” link in the website footer. Users can also manage or disable cookies via their browser settings, although doing so may impair the functionality of some features or third-party services.