Privacy Policy

Privacy Policy

1. Introduction

AlanUmbro Società Semplice Agricola (brand: VerdePaciano) ("we", "our", or "us") operates verdepaciano.com (the "Service").

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

We reserve the right to make changes to this Privacy Policy at any time. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

2. Information We Collect

2.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you:

  • Register for an account (optional)
  • Contact us for inquiries or support
  • Submit forms on our website

Types of personal information we collect:

  • Name
  • Email address
  • Any information you provide in contact forms or messages

2.2 Information Automatically Collected

When you access the Service, we automatically collect certain information about your device, including:

Device Information:

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Referring/exit pages
  • Date and time stamps

Usage Data:

  • Pages visited
  • Features used
  • Time spent on pages
  • Click patterns
  • Scroll depth and interactions

This information is collected through cookies and similar technologies. See our Cookie Policy for more details.

2.3 Information from Third Parties

We may receive information about you from:

  • Authentication Providers: When you sign in using Google OAuth, we receive your name, email address, and profile picture

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing and Maintaining the Service

  • Create and manage your account (if you choose to register)
  • Respond to your inquiries and provide customer support
  • Send service-related communications

3.2 Improving the Service

  • Analyze usage patterns and trends
  • Develop new features and functionality
  • Monitor and improve performance
  • Understand how visitors interact with our content

3.3 Marketing and Communication (Only with Your Consent)

  • Send informational updates about our products and company
  • Provide content and recommendations about olive oil and our production

You can opt out of marketing communications at any time by:

3.4 Legal and Security

  • Comply with legal obligations
  • Protect against fraud and abuse
  • Enforce our terms and conditions
  • Resolve disputes

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for collecting and using your information depends on the data and the context:

  • Contract Performance: Processing necessary to provide the Service you requested
  • Consent: You have given explicit consent for specific purposes (e.g., account creation, analytics cookies)
  • Legitimate Interests: Processing necessary for our legitimate business interests (e.g., improving the Service, security, understanding how our website is used)
  • Legal Obligation: Processing required to comply with legal requirements

You have the right to withdraw consent at any time where we rely on consent as the legal basis.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities.

Cookie Categories:

  • Necessary Cookies: Required for the Service to function (always enabled)
  • Analytics Cookies: Help us understand how you use the Service (requires consent)
  • Preference Cookies: Remember your settings and choices (requires consent)

You can control cookies through:

  • Our cookie consent banner (appears on first visit)
  • Cookie preferences in your account settings (if registered)
  • Your browser settings

For detailed information, see our Cookie Policy.

6. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

6.1 Service Providers

We share information with third-party vendors who perform services on our behalf:

  • Hosting: Vercel Inc. (data stored in EU and US regions)
  • Analytics: Matomo (self-hosted analytics, GDPR-compliant)
  • Authentication: Google OAuth (when you choose to sign in with Google)
  • Database: PostgreSQL (hosted in EU)

All service providers are contractually obligated to protect your data and use it only for the specified purposes.

6.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred.

6.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Legal processes (subpoenas, court orders)
  • Government or law enforcement requests
  • Protection of our rights, property, or safety
  • Investigation of potential violations

6.4 With Your Consent

We may share your information for other purposes with your explicit consent.

7. International Data Transfers

Your information may be transferred to and processed in countries other than Italy. These countries may have data protection laws different from Italian and EU law.

For EEA Users: When we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Hosting providers with EU data centers
  • GDPR-compliant service providers

8. Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

Retention Periods:

  • Account Information: Retained while your account is active, then 30 days after deletion request
  • Usage Data: Retained for 13 months for analytics purposes
  • Cookie Consent Records: Retained for 13 months per GDPR requirements
  • Contact Form Submissions: Retained for 24 months for customer service purposes

When we no longer need your information, we will securely delete or anonymize it.

9. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction.

Security measures include:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Access controls and authentication
  • Regular security assessments
  • Secure development practices
  • Audit logging for all data access

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

10. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

10.1 GDPR Rights (EEA Users)

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing
  • Right to Lodge a Complaint: File a complaint with your supervisory authority

10.2 CCPA Rights (California Residents)

  • Right to Know: Know what personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the "sale" of personal information (we don't sell data)
  • Right to Non-Discrimination: Not be discriminated against for exercising your rights

10.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within 30 days for GDPR requests and 45 days for CCPA requests.

11. Children's Privacy

Our Service is not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children.

If you believe we have collected information from a child, please contact us immediately at info@verdepaciano.com, and we will take steps to delete that information.

12. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

13. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Our Service currently does not respond to DNT signals. When a DNT standard is established, we will reassess our approach.

14. Updates to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last Updated" date.

For material changes:

  • We will provide prominent notice on the Service
  • We may send you an email notification (if you have an account)
  • We may require you to re-consent to the updated policy

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us:

AlanUmbro Società Semplice Agricola (VerdePaciano) Email: info@verdepaciano.com Address: Via Antonio Gramsci 5, 06060, Paciano (PG), Italia P.IVA: 03717980548

For EEA Users: You can also contact your local data protection authority (in Italy: Garante per la Protezione dei Dati Personali) if you have concerns about how we process your data.

16. Additional Information for Specific Regions

For EEA/Italian Users

As an Italian company, we comply with:

  • EU General Data Protection Regulation (GDPR)
  • Italian Data Protection Code (Legislative Decree 196/2003 as amended)
  • Italian ePrivacy legislation

For California Residents

Categories of personal information collected in the last 12 months:

  • Identifiers (name, email, IP address)
  • Internet activity (browsing history, pages viewed)

We do not sell personal information.

Appendix: Glossary

Personal Information: Any information that can identify you directly or indirectly.

Processing: Any operation performed on personal data (collection, storage, use, disclosure, deletion).

Controller: The entity that determines the purposes and means of processing personal data (AlanUmbro Società Semplice Agricola).

Processor: An entity that processes personal data on behalf of the controller (our service providers).

Consent: Freely given, specific, informed, and unambiguous indication of your wishes.

Last Updated: November 2, 2025

Based on: GDPR (EU 2016/679), Italian Data Protection Code (D.Lgs. 196/2003), CCPA (California Civil Code §1798.100), and privacy best practices

Privacy Policy