Privacy Policy

Dear Visitor,

This website collects personal data, voluntarily provided by you, in order to respond to information requests, manage product orders, and, with your explicit consent, for the receipt of newsletters.

Browsing the website involves the processing of additional data, subject to your explicit consent, through cookies, details of which can be found in the specific section.

Avau S.r.l., as the Data Controller, undertakes to request only the data strictly necessary to fulfill the purposes described below and to comply with the principles of fairness, lawfulness, transparency, and confidentiality as established by the applicable personal data protection regulations.

DATA CONTROLLER

The Data Controller of personal data is Avau S.r.l., headquartered at Via Pindaro, 82, 00125 Rome RM, Italy. Ph.: +39 0650931045

For any information regarding the processing of personal data, the Data Controller can be contacted at the following email address:info@avauparfum.com

SOURCE AND CATEGORIES OF PROCESSED DATA

The data subject to processing are classified as identifying data under the General Data Protection Regulation (commonly referred to as GDPR) and include:

  • First name
  • Last name
  • Phone number
  • Contact email address

These data are provided by you when filling out the forms in the "Contacts" section or when creating your account.

To place an order for a product, it will also be necessary to acquire data related to the shipping and billing address as well as payment methods. The requirement for such data complies with the principle of minimization in relation to the purpose of collection. Requests are reserved for adults only.

Additionally, the processing may involve your email address, which is required for sending newsletters and will only be obtained with your explicit consent.

INFORMATION COLLECTED DURING WEBSITE NAVIGATION - COOKIES

For an extended description of cookies, please refer to the Cookie Policy. The website uses session cookies to facilitate browsing, which are deleted at the end of the session. It also utilizes Google Analytics, configured to anonymously collect data on page views for aggregated statistics that allow the analysis of certain aspects of website navigation (e.g., the most visited pages). Profiling cookies are used solely with your explicit consent to present products aligned with your preferences and desires based on past purchases.

PURPOSES OF PROCESSING AND LEGAL BASES

The Data Controller processes your personal data as described above for the purposes outlined below and in accordance with the legal bases specified in the GDPR:

1. To manage orders placed on the website following account registration (GDPR, Article 6, Paragraph 1, Letter b);

2. To respond to specific requests from website visitors (GDPR, Article 6, Paragraph 1, Letter b), such as information requests;

3. To send newsletters, subject to obtaining explicit consent (GDPR, Article 6, Paragraph 1, Letter a);

4. To present products aligned with your preferences and desires based on past purchases, subject to obtaining explicit consent (GDPR, Article 6, Paragraph 1, Letter a);

To pursue the legitimate interest of the Data Controller (GDPR, Article 6, Paragraph 1, Letter f). Examples include:

  • Sending notification emails if an abandoned shopping cart is detected;
  • Ensuring the security and safeguarding of the website and IT systems;
  • Conducting statistical analysis on visits and the most viewed pages;
  • Responding to requests from competent authorities.

The Data Controller does not engage in any automated decision-making processes.

MANDATORY NATURE OF DATA PROVISION
 
The provision of personal data, minimized appropriately through collection forms in the "Contacts" and "Create Account" sections, is mandatory. Failure to provide such data prevents the ability to respond to information requests and process product orders.

The provision of personal data for receiving newsletters and for preference profiling for targeted offers is optional. Failure to provide such data has no consequences.

DATA PROCESSING LOCATION AND METHODS

Personal data collected through the website is processed in Italy at the headquarters of the Data Controller. The website is managed using the hosting service of Shopify Inc., with servers located in Canada. Canada is recognized by the European Commission as a country ensuring an adequate level of personal data protection based on an adequacy decision.

All operations—including collection, processing, consultation, printing, storage, modification, and updating—may be carried out electronically or on paper.

DATA DISCLOSURE

 Your personal data is processed by individuals formally authorized by Avau S.r.l. and by individuals or entities processing personal data on behalf of Avau S.r.l. and designated as Data Processors, solely for the fulfillment of the aforementioned purposes.

The list of external Data Processors, including further details for their identification, is available upon request from the Data Controller.

Personal data is neither disclosed to third parties nor disseminated.

Personal data is transferred to non-EU countries for the following purposes, with safeguards as required by GDPR:

For managing the newsletter service, carried out through the Mailchimp platform owned by The Rocket Science Group LLC, headquartered in Georgia, United States. The international data transfer is safeguarded by the adoption of Standard Contractual Clauses (SCC). More details can be found at: https://mailchimp.com/help/mailchimp-european-data-transfers/

  • For website management through Shopify Inc., headquartered in Canada and the United States. The data transfer to Canada is ensured by the European Commission’s adequacy decision, while data transfers to the United States are safeguarded by contractual commitments equivalent to those provided under the standard contractual clauses.

More details can be found at: https://www.shopify.com/legal/privacy

DATA RETENTION PERIOD 

Data collected for contact purposes will be retained for the exchange of information and deleted no later than 24 months from the last contact with the Data Controller.

Subscription to the newsletter and the related data processing will remain valid until the user unsubscribes, which can be done by clicking the link provided in each email.

Personal data related to the user account will be retained until the account is deleted, which can be requested directly from the Data Controller as specified below.

DATA SUBJECT RIGHTS

Under Article 15 of the GDPR, you have the right to request access to your personal data (i.e., the right to obtain confirmation as to whether or not your personal data is being processed and, if so, to obtain a copy of the data along with related processing information).

Similarly, you may request rectification (Article 16 GDPR) or erasure of your data (Article 17 GDPR), restriction of processing (Article 18 GDPR), or object to specific processing for legitimate reasons (Article 21 GDPR).

Under Article 20 of the GDPR, you also have the right to data portability, meaning you may request that we provide your personal data in a commonly used electronic format so that you can share it with other entities of your choosing.

You have the right to withdraw your consent to the processing of your personal data at any time, without affecting the lawfulness of processing carried out before withdrawal.

For any inquiries regarding the processing of personal data and to exercise your rights, the Data Controller can be contacted via email at: info@avauparfum.com.

Additionally, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you habitually reside, work, or where the alleged violation occurred, as per Article 77 of the GDPR.