PRIVACY POLICY
PRIVACY POLICY
Last updated: 28 December 2025
De Atrium SRLS (“De Atrium”, “we”, “us”, or “our”) operates this website and online store (the “Services”). This Privacy Policy describes how we collect, use, disclose, and protect your personal data when you visit or make a purchase from our website, or otherwise interact with us, in accordance with EU Regulation 2016/679 (GDPR).
By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy.
1. Data Controller
Data Controller:
De Atrium SRLS
Via Carlo Farini 52, 20159 Milan – Italy
VAT number: IT14333130962
Email: privacy@deatrium.com
2. Personal Data We Collect
We may collect and process the following categories of personal data:
-
Contact information: name, billing address, shipping address, email address, phone number
-
Order information: products purchased, order history, payment confirmation, transaction details
-
Payment information: processed securely via third-party payment providers (we do not store full card details)
-
Account information: username, password, preferences (if an account is created)
-
Communications: emails or messages sent to customer support
-
Technical data: IP address, browser type, device information, cookies, and usage data
3. Purposes of Processing
We process personal data for the following purposes:
-
To fulfil and deliver orders
-
To process payments and manage transactions
-
To provide customer support
-
To manage returns and refunds
-
To comply with legal and tax obligations
-
To prevent fraud and ensure security
-
To send transactional communications
-
To send marketing communications, only where consent has been given
-
To improve and analyze the performance of our Services
4. Legal Basis for Processing
We process personal data under the following legal bases:
-
Performance of a contract (order fulfilment)
-
Compliance with legal obligations
-
Legitimate interests (security, fraud prevention, service improvement)
-
Consent, where required (e.g. marketing, cookies)
5. Sharing of Personal Data
We may share personal data with:
-
Shopify, which hosts our online store and processes data on our behalf
-
Payment service providers (e.g. Shopify Payments, PayPal)
-
Shipping and logistics partners
-
IT, analytics, and marketing service providers
-
Public authorities, where required by law
All third parties process data in accordance with GDPR and applicable data protection laws.
6. International Data Transfers
Personal data may be transferred outside the European Economic Area (EEA), including to Shopify servers. Where this occurs, transfers are protected by appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.
7. Data Retention
We retain personal data only for as long as necessary to:
-
Fulfil the purposes outlined in this Policy
-
Comply with legal, tax, and accounting obligations
-
Resolve disputes and enforce agreements
8. Your Rights Under GDPR
You have the right to:
-
Access your personal data
-
Request correction or deletion
-
Restrict or object to processing
-
Withdraw consent at any time
-
Request data portability
-
Lodge a complaint with your local Data Protection Authority
Requests can be sent to privacy@deatrium.com.
9. Cookies
We use cookies and similar technologies for functionality, analytics, and marketing. Detailed information is available in our Cookie Policy, and consent is managed via our cookie banner.
10. Security
We implement appropriate technical and organizational measures to protect personal data. However, no system can guarantee absolute security.
11. Children’s Data
Our Services are not intended for individuals under the age of 18, and we do not knowingly collect personal data from minors.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.
13. Contact
For any questions regarding this Privacy Policy or data protection matters, please contact:
