Privacy policy

Privacy policy pursuant to art. 13 GDPR (EU Reg. 2016/679)


The privacy and security of your personal data is and will always be one of our top priorities. We therefore want to clearly explain how and why we collect, store, share and use your personal information, as well as the controls and choices that you can exercise over when and how we share your personal information.
This is our goal and in this Privacy Policy (“Policy”) we will explain in detail what we mean.
You may be aware of the fact that the new European Union regulation, called the “General Data Protection Regulation” (GDPR), confers certain rights on individuals with regard to their personal data, thereby implementing the provisions of the old Privacy Code in the light of new technological developments.

Data controller
The Data Controller of the data you have provided is OSTERIA DA MUALDO | 6, Via Privata Crespi – Crespi D’Adda – 24042 Capriate San Gervasio (BG) – Italia | P.I. 03063920163 which for any question concerning the processing of your data or for the exercise of your rights, can be contacted by writing an e-mail at

Users’ rights concerned by the processing
The rights which European legislation stipulates for users are:
right of access: the right to be informed of and to request access to personal data processed concerning the user (commonly known as a ‘request for access by the data subject’);
right of rectification: the right to request the modification or updating of the user’s personal data in the event of inaccuracy or incompleteness;
right of erasure: the right to request the definitive erasure of personal data;
right of limitation: the right to ask us to temporarily or permanently stop the processing of all or some of the user’s personal data;
right of opposition:
the right to object at any time to the processing of personal data for reasons related to the specific situation of the user;
the right to object to the processing of personal data for direct marketing purposes;
right to data portability: right to request a copy of one’s personal data in electronic form and the right to supply this personal data to be used in the service of others;
the right not to be subjected to an automated decision-making process: the right not to be subject to a decision based solely on an automated decision-making process, including profiling, where the decision has a legal effect on the user or an equally significant effect.
the right to lodge a complaint with a supervisory authority: in Italy, he/she is the Guarantor for the Protection of Personal Data.

Personal data collected
The personal data we collect is the identification data of the user (name, surname, email and possibly the phone number, if provided by the user as part of the message).
Our website also collects anonymous data related to browsing on the site, such as your IP address, domain names of computers used by users who connect to the sites, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters related to the operating system and IT environment of the user.
We use this data for the sole purpose of obtaining anonymous statistical information on the use of the sites and to check that they are working properly. The data could be used to ascertain responsibility in the event of hypothetical cybercrime. Except in such cases, these data normally remain on our IT systems for no longer than thirty days.

Authorization to process
In order to enable you to exercise these rights easily and to save your preferences regarding the use of personal data by OSTERIA DA MUALDO, at the time of registration we have inserted 2/3/4 checkmarks indicating that the user authorizes us to process their personal data. For any information and to exercise your rights in relation to the processing of the personal data provided by you, you can write to us:

By ticking the authorization for processing pursuant to Art. 13 GDPR, you are authorizing us to contact you to respond to your request for contact (or quote) and it is necessary to keep your contact details in our records and contact you to provide you with the requested service.
The second check box, however, authorizes us to contact you and send you emails containing information about our services / products / events and promotions that may be of interest to you. Authorizing the processing of data for this purpose is not necessary, but you may miss something that might be of interest to you.
[where applicable] The third check box, however, authorizes us to forward your contact information to our partners who may offer you services and/or information of interest to you and you therefore authorize us to send your email and identification data provided by you, so that they can send you promotional emails.
[where applicable] Finally, the fourth check box authorizes us to forward your data outside the territory of the European Union.

Social buttons
On our website you can also find social buttons/widgets, that is those specific “buttons” representing the icons of social networks (such as Facebook and Twitter) and interactive social walls (such as walls that show photos from Instagram via hashtag) that show content from social networks. These “buttons” allow users who are browsing our website, to join and interact on the social networks directly with a “click”.
Thanks to your click on the Social buttons/widgets and/or interactive social walls, the social network acquires data regarding your visit. Apart from these cases, in which you spontaneously click to share your browsing data with the chosen social networks, we will not share any browsing information or user data acquired through our website with the social networks accessible through Social buttons/widgets and interactive social walls.
For any other information about interactive social walls and the use of social buttons/widgets please write to us at

Purchase of products:
The data you give us will be used for the processing of your purchase orders and related activities (sending goods, billing, payment management and related activities, etc..), will be processed according to our Terms and Conditions of Sale that we invite you to read and for 10 years, which is the timeframe prescribed by the Law of conservation of documentation for accounting and tax purposes.
Please note that the data provided through the e-commerce portal, may be forwarded to third parties, such as our accountants and tax consultants for the fulfillment of legal obligations.
The e-commerce platform of our site is managed by Woocommerce, on which the data you enter is that needed to make the purchase (name, surname, billing address, shipping address and credit card information). Woocommerce does not share the data entered with third parties, with the exception of the shop where you are making the purchase. If you would like to know more, please read the Woocommerce privacy policy at this link or write to us at
The transaction data is transmitted over secure and encrypted connections managed by Paypal/Banca Sella/Banca to obtain more information on the processing of the data that is transmitted on these platforms, we invite you to read the privacy policy to remain updated on the implementations that will be made on each payment system.

Data retention
Your data is processed internally and stored on servers protected by firewalls and antivirus. Our web-agency that provides the hosting service may host some of your data, but has no access to your data that is sent to our internal mail.

Duration of processing
Your data will be kept only for the time necessary to respond to your contact request. If, on the other hand, you also select the authorization for processing for commercial purposes (to disclose your data to third party partners, where applicable), the registration period is limited to 2 years, after which we will ask you for a new authorization.
If you are one of our Clients, we kindly request that you read our Privacy Policy by sending an email to: in which we explain how we store and process our customers’ data.
OSTERIA DA MUALDO does not carry out user profiling activities, we do not have automated decision-making processes, because we prefer to have direct contact with our users (stay human!).