Last Update: 09/12/2025

Pursuant to EU Regulation 2016/679 (“GDPR”), this policy describes how personal data of users interacting with the website www.kidia.it are collected, used, and protected.

1. Data Controller

Kidia by Giancarlo J Santoro
San Polo 1449, 30125 Venice, Italy
Email: info@kidia.it

2. Types of Data Collected

  • Identification and contact data: name, surname, shipping address, phone number, email (collected to process the order).
  • Payment data: securely managed by third-party providers (e.g., PayPal, Stripe). Kidia does not store credit card information.
  • Technical data: IP addresses, server logs, technical cookies.

3. Purpose and Legal Basis of Processing

Personal data are processed for the following purposes:

  • Execution of the sales contract and order management (Art. 6.1.b GDPR);
  • Legal and tax compliance (Art. 6.1.c GDPR);
  • Marketing and newsletters only with explicit consent (Art. 6.1.a GDPR).

4. Data Retention

  • Orders without tax obligations: personal data will be deleted or anonymized 1 year after delivery, keeping only the order ID and amount for statistical purposes.
  • Orders with tax obligations (invoices or fiscal receipts): data will be retained for 10 years as required by Italian law.
  • Marketing data: retained until consent is withdrawn.

5. Data Sharing

Data may be shared with:

  • Couriers for order shipment;
  • Payment providers (e.g., PayPal, Stripe);
  • Tax and accounting consultants for legal compliance.

All act as Data Processors under Art. 28 GDPR.

6. Processing Methods and Security

Data are processed using electronic tools and security measures to protect them from unauthorized access, loss, or destruction.
Access is granted only to authorized personnel and external processors under GDPR-compliant agreements.

7. Non-EU Transfers

Data are processed and stored on servers located within the European Union.

8. Data Subject Rights

Users may exercise the following rights (Art. 15–22 GDPR):

  • Access to data;
  • Rectification or erasure;
  • Restriction or objection to processing;
  • Data portability;
  • Withdrawal of consent for marketing purposes.

Requests should be sent to: info@kidia.it
We will respond within 10 days.

9. Cookies

The website uses only technical cookies necessary for its operation. Third-party cookies (e.g., Google Analytics) are installed only with the user’s consent via a banner and separate notice.

10. Minors’ Data

We do not knowingly collect personal data from children under 14 years of age. In the event of accidental collection, the data will be promptly deleted.

11. Changes to this Policy

We reserve the right to modify this Privacy Policy. Changes will be published on this page with the updated date.

× Contact us on WhatsApp