Privacy Policy

Extended Privacy Notice

The purpose of this privacy notice is to provide maximum transparency regarding the information collected by this website and how it is used. In compliance with national legislation (Legislative Decree No. 196 of June 30, 2003 — Personal Data Protection Code, and its subsequent amendments) and European regulations (EU General Data Protection Regulation No. 679/2016, GDPR), this website respects and protects the privacy of visitors and users, taking every reasonable and proportionate measure to avoid infringing users’ rights. In particular, this website does not publish advertisements and does not use data for advertising purposes, but it may use third-party services to improve website performance. These third parties may collect user data and use it to display personalized advertising on other websites. For example, this site uses social media plugins to simplify content sharing on social networks. These plugins are configured to send cookies (and therefore possibly collect data) only after the user has clicked on them. For further details, please read the full privacy policy below.

Full Privacy Policy

Legal Basis for Data Processing 
This website processes data primarily based on user consent. Consent is granted via the banner displayed at the bottom of the page or by the user’s continued browsing of the site, which constitutes implicit acceptance. By using or visiting the site, users accept this privacy policy and consent to the processing of their personal data for the purposes described below, including potential sharing with third parties when necessary to provide a service. Through communication or service request forms, additional consents related to specific purposes may be collected. Providing data and consent for its collection and processing is optional. Users may refuse or withdraw consent at any time (via the banner at the bottom of the page or through their browser’s cookie settings). However, refusing consent may prevent access to certain services and compromise the browsing experience.

Purpose of Data Processing

The data collected by this website is processed for purposes related to, instrumental to, and necessary for the provision of the service, as well as for the following:

Statistics

Anonymous, aggregate data is collected to verify proper site operation and improve performance. These statistics do not identify users individually.

Security

Data and information are collected to protect the security of the website (antispam filters, firewalls, virus detection) and of users, and to prevent or detect fraud or abuse. Such data may include personal data (e.g., IP address) used solely for lawful purposes such as preventing damage or crimes. These data are never used for user identification or profiling and are periodically deleted.

Ancillary Activities

Data may be shared with third parties performing technical, logistical, or other services necessary for site operations (e.g., chat support). These providers have access only to the personal data necessary to perform their duties and are bound to treat such data in accordance with applicable laws.

Data Collected

Automatically Collected Data

During browsing, the following information may be collected and stored in server log files:

Internet Protocol (IP) address
Browser type 
Device parameters used to connect 
Internet service provider (ISP) name 
Date and time of visit 
Referring and exit web pages 
Number of clicks (if applicable) 

These data are used solely for statistical and analytical purposes in aggregate, anonymous form. The IP address is used only for security purposes.

Voluntarily Provided Data

Additional data may be collected when users voluntarily use website services such as registration, purchases, or contact forms. These data—such as name, date and place of birth, tax code, address, VAT number, telephone number, mobile number, and email—are used exclusively to provide the requested service.

Data Retention Period

Data collected are stored only for the time necessary to perform the specified activities (normally no more than 30 days, unless exceptions apply). Upon expiration, the data are deleted or anonymized, unless retention is required for other legitimate purposes.

Transfer of Data to Third Parties

Data collected are not generally shared with third parties, except in specific cases:

Legitimate judicial requests;
When necessary to provide a requested service; 
For site security checks or optimization. 
Transfer of Data Outside the EU

This site may share certain collected data with services located outside the European Union, such as Google, Facebook, and Microsoft (LinkedIn), via social plugins or Google Analytics. Such transfers are authorized under EU and Italian Data Protection Authority decisions, including Decision 1250/2016 (Privacy Shield). The aforementioned companies adhere to the Privacy Shield framework.

Cookies

This website uses cookies—text files stored on the user’s device—to retain preferences, verify functionality, enhance performance, and personalize content based on browser type. Cookies also facilitate automated procedures (e.g., login, language settings) and visitor analytics. 

Categories of cookies used:

• Technical cookies: Necessary for navigation and correct display of the site. Some expire at session end; others (e.g., cookie consent) last from 30 days to 1 year. No consent required.
• Preference cookies: Used to save user preferences such as account name, language, location, or chat settings.
• Statistical cookies: Used in aggregate, anonymous form to collect data on visits and usage.
• Profiling and marketing cookies: Used exclusively by third parties to collect behavioral data for personalized advertising.

By clicking “OK” on the cookie banner or continuing to browse, visitors explicitly consent to the use of cookies and similar technologies.

Disabling Cookies

Users may refuse or revoke consent at any time through their browser settings or via the cookie banner. Disabling cookies may prevent proper functioning of certain site features (e.g., YouTube videos, social sharing buttons, Google Maps).

Third-Party Cookies and Services

This site acts as an intermediary for third-party cookies (e.g., social media buttons, analytics tools). The site has no control over these cookies or access to their data. Please consult the privacy policies of the respective third parties for details:

Google Inc. / Google Analytics – analyzes site usage; data are anonymized and processed within the EU. 
YouTube (Google) – video-sharing platform; “enhanced privacy mode” is enabled, so data are not stored unless the video is played. 
Facebook – collects statistical data via Facebook Pixel to measure ad effectiveness. 
Smartsupp – provides live chat support; personal data are not processed beyond support purposes. 

Social Network Plugins

This site includes plugins or buttons for sharing content on social networks. When you visit a page containing a plugin, your browser connects directly to the servers of that social network. To protect user privacy, plugins on this site do not send cookies or access existing cookies until the user clicks on them. Data collection and use are governed by each network’s own privacy policy.

Security Measures

We process user data lawfully and fairly, adopting suitable security measures to prevent unauthorized access, disclosure, alteration, or destruction. Data transmission is protected via SSL (Secure Sockets Layer) encryption. Data are processed using IT tools with organizational methods strictly related to the stated purposes. Access may be granted to internal staff or authorized external providers (e.g., hosting services).

User Rights

Under Regulation (EU) 679/2016 (GDPR) and Article 7 of Legislative Decree No. 196/2003, users may exercise the following rights:
Object, in whole or in part, to the processing of personal data for legitimate reasons or marketing purposes; 
Request confirmation of the existence of personal data concerning them (right of access); 
Know the origin, purpose, and logic of processing;
Request data updates, rectification, integration, erasure, anonymization, or blocking of unlawful processing; 
Receive their own data in a structured, machine-readable format (data portability); 
Lodge a complaint with the Data Protection Authority (Garante Privacy); 
Exercise all other rights recognized by applicable law. 
Requests must be addressed to the Data Controller. For e-commerce users, requests or account deletions may also be made through their private area by clicking the appropriate link.

Data Controller

Verona Reptiles di Tosano Filippo 
Via Masaccio, 7 – 37053 Cerea (VR), Italy
Email: [email protected]

Updates

This privacy policy was last updated on June 16, 2018.