Personal Data processed for the following purposes and using the following services:

• • Advertising

    • Google Ads conversion tracking, Meta ads conversion tracking (Meta pixel), Hotjar Form Analysis & Conversion Funnels and IBM

      Personal Data: Trackers; Usage Data

    • Criteo and Facebook Lookalike Audience

      Personal Data: Cookies; Usage Data

    • Facebook Audience Network

      Personal Data: Cookies; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); Usage Data

    • WhatsApp Business direct marketing

      Personal Data: answers to questions; contents of the email or message; Data communicated while using the service; date of the message; first name; last name; phone number; profile picture; sender of the message; time the message was sent; user content

    • SMSHosting

  • Analytics

    • Google Analytics, Quantcast Measure, Analytics collected directly and Display Advertising extension for Google Analytics

      Personal Data: Cookies; Usage Data

    • Google Analytics with anonymized IP

      Personal Data: Tracker; Usage Data

    • Google Analytics 4

      Personal Data: browser information; city; device information; latitude (of city); longitude (of city); number of Users; session statistics; Trackers; Usage Data

  • Commercial affiliation

    • LinkShare

      Personal Data: Cookies; Usage Data

    • Rakuten Advertising Affiliate

      Personal Data: Cookies; Universally unique identifier (UUID); Usage Data

  • Contacting the User

    • Mailing List or Newsletter and Contact form

      Personal Data: email address; first name

    • Phone contact

      Personal Data: phone number

  • Content commenting

    • Trustpilot

  • Content performance and features testing (A/B testing)

    • Formisimo

    • Google Optimize

      Personal Data: Tracker; Usage Data

  • Displaying content from external platforms

    • Google Fonts

      Personal Data: Usage Data; various types of Data as specified in the privacy policy of the service

  • Handling payments

    • PayPal, Gestpay Banca Sella, Amazon Payments, Apple Pay, Klarna, SOFORT, MyBank UniCredit and Braintree

      Personal Data: various types of Data as specified in the privacy policy of the service

  • Heat mapping and session recording

    • Hotjar Heat Maps & Recordings

      Personal Data: Cookies; Usage Data; various types of Data as specified in the privacy policy of the service

  • Hosting and backend infrastructure

    • iubenda Consent Solution

      Personal Data: Data communicated while using the service

    • Cloudinary

      Personal Data: various types of Data as specified in the privacy policy of the service

  • Infrastructure monitoring

    • Monitis and Sentry

      Personal Data: various types of Data as specified in the privacy policy of the service

    • Instana

  • Interaction with data collection platforms and other third parties

    • Hotjar Recruit User Testers

      Personal Data: Cookies; Usage Data; various types of Data

  • Interaction with external social networks and platforms

    • Facebook Like button and social widgets, Twitter Tweet button and social widgets and Pinterest “Pin it” button and social widgets

      Personal Data: Cookies; Usage Data

  • Interaction with online survey platforms

    • Hotjar Poll & Survey widgets

      Personal Data: Cookies; Usage Data; various types of Data

  • Location-based interactions

    • Geolocation

      Personal Data: geographic position

  • Managing contacts and sending messages

    • Mailchimp and Sendgrid

      Personal Data: email address

    • Mandrill

      Personal Data: email address; Usage Data

    • Emarsys Email Marketing

      Personal Data: email address; first name; last name; Trackers; Usage Data

  • Managing support and contact requests

    • LiveAgent

    • Zendesk

      Personal Data: various types of Data as specified in the privacy policy of the service

  • Registration and authentication

    • Direct registration

      Personal Data: address; email address; first name; last name; phone number

    • Login with Amazon

      Personal Data: various types of Data as specified in the privacy policy of the service

  • Remarketing and behavioral targeting

    • Facebook Remarketing, Remarketing with Google Analytics, Google Ads Remarketing and Criteo Dynamic Retargeting

      Personal Data: Cookies; Usage Data

    • Facebook Custom Audience

      Personal Data: Cookies; email address

  • Spam and bots protection

    • Google reCAPTCHA

      Personal Data: answers to questions; clicks; keypress events; motion sensor events; mouse movements; scroll position; touch events; Trackers; Usage Data

  • Tag Management

    • Google Tag Manager

      Personal Data: Usage Data

  • Traffic optimization and distribution

    • Cloudflare

      Personal Data: Cookies; various types of Data as specified in the privacy policy of the service

  • User database management

    • Emarsys CRM

      Personal Data: date of birth; email address; first name; phone number; state

    • Emarsys Marketing Automation

      Personal Data: email address; first name

Information on opting out of interest-based advertising

In addition to any opt-out feature provided by any of the services listed in this document, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section of the Cookie Policy.

Further information about the processing of Personal Data

• • Riskified

    In accordance with item IV, art. 25, c. 6 “Transfer of personal data to third countries” of the Directive 95/46/EC, the data may be transferred to non EU countries or countries not belonging to the European Economic Area, that however grant an adequate level of protection of the personal data. In any case, the data processing will take place in accordance with the provisions of the current rules and regulations.

  • Banca Sella - Antufraud Services

    In accordance with the new EU Regulation UE 2016/679 on Data Protection (GDPR), the data may be transferred to non EU countries or countries not belonging to the European Economic Area, that however grant an adequate level of protection of the personal data. In any case, the data processing will take place in accordance with the provisions of the current rules and regulations.

  • Dynamic Yield

    We use the services of Dynamic Yield Ltd. With the personalization tool Dynamic Yield our website is optimized in order to make your website visit a personal experience through tailor-made recommendations and content. We use the page content you call up to recommend relevant content to you. Dynamic Yield collects pseudonymized information about your usage activities on our site. Cookies are used to store exclusively pseudonymized information under a randomly generated ID (pseudonym). A direct personal reference is therefore not possible. You can object to this recording at any time by clicking on this link and activating the opt-out (https://www.dynamicyield.com/privacy-policy/#optinout). An opt-out cookie is set to prevent the future collection of data from your visit to this website. Further information on Dynamic Yield: https://www.dynamicyield.com/gdpr/

  • Selling goods and services online

    The Personal Data collected are used to provide the User with services or to sell goods, including payment and possible delivery.
    The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or any other means of payment envisaged. The kind of Data collected by giglio.com depends on the payment system used.

  • Privacy Shield participation: data transfers from the EU to the United States

    The Owner participates in and complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union to the United States. The Owner has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.

    If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view the Owner’s certification, please visit https://www.privacyshield.gov/ (or find the direct link to the certification list of Privacy Shield participants maintained by the Department of Commerce https://www.privacyshield.gov/list).

    What does this mean for the European User?

    The Owner is responsible for all processing of Personal Data it receives under the Privacy Shield Framework from European Union individuals and commits to subject the processed Personal Data to the Privacy Shield Principles.

    This, most importantly, includes the right of individuals to access their personal data processed by the Owner.

    The Owner also complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU, which means that it remains liable in cases of onward transfers to third parties.

    With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, the Owner is subject to the investigatory and regulatory enforcement powers of the FTC, if not stated otherwise in this privacy policy.

    The Owner is further required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

    Dispute resolution under the Privacy Shield

    In compliance with the Privacy Shield Principles, the Owner commits to resolve complaints about its collection or use of the User’s Personal Data. European Union individuals with inquiries or complaints regarding this Privacy Shield policy should first contact the Owner at the contact details supplied at the beginning of this document referring to “Privacy Shield” and expect the complaint to be dealt with within 45 days.

    In case of failure by the Owner to provide a satisfactory or timely response, the User has the option of involving an independent dispute resolution body, free of charge.

    In this regard, the Owner has agreed to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to data transferred from the EU. The User may therefore contact the Owner at the email address provided at the beginning of this document in order to be directed to the relevant DPA contacts.

    Under certain conditions – available for the User in full on the Privacy Shield website (https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint) – the User may invoke binding arbitration when other dispute resolution procedures have been exhausted

  • Push notifications

    Giglio.com may send push notifications to the User.

  • iubenda Cookie Solution (remote consent Cookie)

    Remote iubenda consent Cookie (_iub_cs-X) is set by the iubenda Cookie Solution and stores User preferences related to Trackers under the .iubenda.com domain.

  • iubenda Cookie Solution (consent Cookie)

    iubenda consent Cookie (_iub_cs-X) is set by the iubenda Cookie Solution and stores User preferences related to Trackers in the local domain.

  • iubenda Consent Solution localStorage

    iubenda ConS JS library localStorage (IUB_DATA) temporarily stores pending data in a storage space internal to the User's browser (localStorage) until it's received by the API, then it is deleted.

  • iubenda CCPA Cookie (usprivacy)

    iubenda CCPA Cookie (usprivacy) is set by the iubenda Cookie Solution and stores California consumer opt-out choices in the local domain.

Contact information

• • Owner and Data Controller

    Giglio.com S.p.A. - Via Solferino, 7 - 20121 Milano (Italia)

    Owner contact email: giglio@giglio.com