Privacy PolicyPrivacyPolicy

1. Data Controller

The Data Controller for your personal data is Pizzeria 2 Mari. For any requests regarding the processing of your personal data, you can contact us through the Contact page on our website.

2. Personal Data Collected

We collect the following personal data:

• Registration data: name, email address, password (encrypted)
• Delivery data: address, city, postal code, phone number, delivery notes
• Order data: name, email, phone, delivery address, order details
• Review data: name, email (optional), comment, rating
• Technical data: functional cookies for language and theme preferences

3. Purpose and Legal Basis

Your personal data is processed for the following purposes:

• Contract performance: managing your account, processing orders and delivering products (Art. 6.1.b GDPR)
• Legal obligation: fulfilling tax and accounting obligations related to orders (Art. 6.1.c GDPR)
• Consent: sending promotional communications, only with your explicit consent (Art. 6.1.a GDPR)
• Legitimate interest: improving the service and platform security (Art. 6.1.f GDPR)

4. Data Retention

Your personal data is retained for the time necessary for the purposes for which it was collected:

• Account data: until you delete your account
• Order data: retained for the period required by tax law (10 years) in anonymized form after account deletion
• Review data: until the review is removed
• Cookies and preferences: for the session duration or until manually cleared

5. Your Rights

Under the GDPR, you have the following rights:

• Right of access: you can request a copy of your personal data
• Right to rectification: you can correct your personal data at any time
• Right to erasure: you can request the deletion of your account and associated data
• Right to data portability: you can request the export of your data in a readable format
• Right to object: you can object to the processing of your data for marketing purposes
• Right to lodge a complaint: you can file a complaint with the Data Protection Authority (www.garanteprivacy.it)

6. Cookies

Our website uses only technical and functional cookies necessary for the proper functioning of the service:

• Session cookies: for authentication and account security
• Preference cookies: to save your language and theme settings
• Local storage: for the shopping cart functionality

We do not use profiling cookies, third-party analytics, or tracking tools.

7. Data Security

We adopt appropriate technical and organizational measures to protect your personal data, including:

• Password encryption with industry-standard algorithms
• Secure communications via HTTPS/TLS
• Limited access to personal data to authorized personnel only

8. Third-Party Sharing

Your data may be shared with the following service providers, who act as data processors:

• Email service (for order-related communications)
• Cloud storage service (for product images)
• Database service (for secure data storage)

Data is never sold or shared with third parties for marketing purposes.

9. Changes to Privacy Policy

We reserve the right to modify this policy. Any changes will be published on this page with an updated date. We encourage you to review this page periodically.