Cart
0
0.00 €
Privacy police
Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 ("GDPR")
Last updated: 16 April 2025
1. Data controller
The Data Controller is:
Strep It Oso Srl
Registered office: C.so Regina Margherita, 112 – 71013 San Giovanni Rotondo (FG)
VAT number: 04182940710
Email: educational@strepitoso.eu
Tel: 0882 276450
Registered office: C.so Regina Margherita, 112 – 71013 San Giovanni Rotondo (FG)
VAT number: 04182940710
Email: educational@strepitoso.eu
Tel: 0882 276450
2. Types of personal data processed
The personal data collected and processed by the Owner through the website www.strepitoso-educational.com include:
Personal and identification data: name, surname, address, tax code/VAT number (if applicable);
Contact details: email, telephone number;
Browsing data: IP address, date and time of access, browser type, operating system;
Order data: details of products purchased, shipping address, payment method (we do not directly process card data);
Data for newsletter and marketing (subject to consent): email, purchasing preferences;
Cookies and tracking tools (see Cookie Policy).
Personal and identification data: name, surname, address, tax code/VAT number (if applicable);
Contact details: email, telephone number;
Browsing data: IP address, date and time of access, browser type, operating system;
Order data: details of products purchased, shipping address, payment method (we do not directly process card data);
Data for newsletter and marketing (subject to consent): email, purchasing preferences;
Cookies and tracking tools (see Cookie Policy).
3. Purpose and legal basis of the processing
Purpose of processing Legal basis Mandatory a) Execution of a contract or pre-contractual measures (orders, customer support, account registration) Art. 6.1.b GDPR Mandatory b) Fulfilment of legal obligations (fiscal, accounting) Art. 6.1.c GDPR Mandatory c) Direct marketing and sending newsletters (subject to consent) Art. 6.1.a GDPR Optional d) Anonymous statistical analysis of traffic and improvement of the site Art. 6.1.f GDPR (legitimate interest) Optional e) Defense in court and prevention of abuse Art. 6.1.f GDPR Mandatory
4. Methods of processing
The processing is carried out using computer, telematic and paper-based tools, in compliance with the principles of lawfulness, correctness, transparency, relevance and data minimization, in accordance with art. 5 of the GDPR.
Adequate technical and organizational measures are adopted, including:
strong password authentication;
controlled access to servers;
updated firewall and antivirus;
pseudonymisation of data where possible;
periodic backups.
Adequate technical and organizational measures are adopted, including:
strong password authentication;
controlled access to servers;
updated firewall and antivirus;
pseudonymisation of data where possible;
periodic backups.
5. Data retention
Data category Retention period Data for contractual and legal purposes 10 years from the conclusion of the contract Data for marketing purposes Until consent is revoked or 24 months Navigation data 12 months (unless further needs) System log (security) 6 months
6. Communication and recipients of data
The data may be communicated to the following subjects, appointed as Data Processors (art. 28 GDPR) or independent third parties:
Fornitori IT (es. Webnode AG – hosting e CMS);
Couriers and freight forwarders;
Accounting and tax consultants;
Piattaforme per newsletter e analytics (es. Mailchimp, Google Analytics);
Public authorities upon legitimate request.
An updated list of data controllers is available upon request at: educational@strepitoso.eu
Fornitori IT (es. Webnode AG – hosting e CMS);
Couriers and freight forwarders;
Accounting and tax consultants;
Piattaforme per newsletter e analytics (es. Mailchimp, Google Analytics);
Public authorities upon legitimate request.
7. Transfer of data to third countries
Some services may involve the transfer of data outside the EU (e.g. USA). Such transfers occur only if the provider guarantees an adequate level of protection according to Chapter V of the GDPR , in particular through Standard Contractual Clauses (SCC) approved by the EU Commission.
8. Rights of the interested party
Pursuant to Articles 15-22 of the GDPR, the user has the right to:
Access your personal data;
Obtain rectification or updating;
Request deletion (right to be forgotten);
Restrict data processing;
Object to processing (including for direct marketing purposes);
Obtain data portability in a structured and machine-readable format;
Revoke your consent at any time, without prejudice to the lawfulness of the processing carried out before the revocation.
Requests should be addressed to the Owner: educational@strepitoso.eu
Furthermore, the interested party has the right to lodge a complaint with the Guarantor for the protection of personal data (www.garanteprivacy.it) pursuant to art. 77 of the GDPR.
Access your personal data;
Obtain rectification or updating;
Request deletion (right to be forgotten);
Restrict data processing;
Object to processing (including for direct marketing purposes);
Obtain data portability in a structured and machine-readable format;
Revoke your consent at any time, without prejudice to the lawfulness of the processing carried out before the revocation.
9. Processing of data of minors
The Owner does not knowingly collect personal data of minors under the age of 14. In the event that a minor provides personal data without the consent of their parents or guardians, the Owner will arrange for their immediate deletion.
10. Data breach
In the event of a personal data breach, the Data Controller undertakes to notify the competent Supervisory Authority within 72 hours of detection, as required by Articles 33 and 34 of the GDPR, and – if necessary – to promptly inform the affected users.
11. Cookies and similar technologies
For details on the use of cookies and tracking tools, please refer to the Cookie Policy , available on the page:
Cookie Policy