Privacy Policy of deepchic.it

This Website collects certain Personal Data about its Users.

This document can be printed using your browser’s Print command.

Data Controller
Deep Chic
Email address: info@deepchic.it

Types of Data Collected

Among the Personal Data collected by this Website—either directly or through third parties—are: phone number; first name; last name; email; username; payment information; billing address; physical address; company name; tracking instruments; country; state; province; ZIP code; city; street number; usage data; user count; device information; session statistics; latitude (city); longitude (city); browser information.

Full details on each type of Personal Data collected are provided in this privacy policy’s dedicated sections or via specific notices shown before data collection.
Personal Data may be provided voluntarily by the User or, in the case of Usage Data, collected automatically while using this Website. Unless otherwise stated, all Data requested by this Website is mandatory. Refusing to provide these Data may make it impossible to provide the Service. Where this Website indicates some Data as optional, Users may choose not to provide it without affecting service availability or function.
Users uncertain about whether certain Data are mandatory are encouraged to contact the Data Controller.
Cookies or other tracking tools used by this Website or by third-party service owners are for providing the requested Service, as well as for the additional purposes described herein and in the Cookie Policy.
The User is responsible for any Personal Data of third parties obtained, published, or shared via this Website.

Methods and Location of Processing Collected Data

Processing Methods
The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Data processing is carried out using IT and/or telematic tools with organizational methods strictly related to the stated purposes. Besides the Controller, certain types of staff (administrative, commercial, marketing, legal, system administrators) or external parties (third-party technical service providers, delivery services, hosting providers, IT companies, communication agencies) may have access to the Data and may be appointed Data Processors by the Controller. The updated list of Data Processors can be requested at any time from the Data Controller.

Location
Data is processed at the Controller’s operational premises and any other site where involved parties are located. For more details, contact the Controller. Personal Data may be transferred outside the User’s country. See the relevant section below for details.

Retention Period
Unless otherwise stated, Personal Data is processed and retained for as long as required by the purpose of collection and may be stored longer due to legal obligations or based on User consent.

Purpose of Processing Collected Data

User Data is collected to allow the Controller to deliver the Service, comply with legal obligations, respond to requests or enforcement actions, protect rights and interests (its own, those of Users or third parties), detect fraudulent or malicious activities, and for the following additional purposes: contacting the User, payment management, SPAM protection, privacy preference collection, registration and authentication provided directly by this Website, analytics, display of content from external platforms, and tag management.

See the section “Details on Personal Data Processing” for information about purposes and Data categories.

Details on Personal Data Processing

Personal Data is processed for the following purposes using these services:

  1. Contacting the User (via phone) – may be used for commercial or promotional purposes or to respond to support requests.
    • Data: phone number.
  2. Tag Management – managing tags or scripts used on this Website.
    • Service: Google Tag Manager.
    • Data: usage data; tracking instruments.
    • Location: USA & Ireland.
  3. SPAM Protection – analyzing traffic to filter spam.
    • Service: Akismet.
    • Data: email.
    • Location: USA & Ireland.
  4. Privacy Preference Collection – storing users’ consent choices for cookies/tracking.
    • Service: iubenda Cookie Solution.
    • Data: tracking instruments.
    • Location: Italy.
  5. Analytics – monitoring and analyzing traffic and user behavior.
    • Service: Google Analytics 4.
    • Data: city; usage data; browser info; device info; city latitude/longitude; user count; session stats; tracking instruments.
    • Location: USA & Ireland.
  6. External Content Display – embedding content from other platforms (fonts, icons).
    • Services: Font Awesome, Google Fonts.
    • Data: usage data; tracking instruments.
    • Location: USA & Ireland.

Cookie Policy

This Website uses Tracking Instruments.
Tracking tools (e.g., cookies, unique IDs, web beacons, scripts, E-tags, fingerprinting) are used to collect/save information or use resources on the User’s device. Some tracking purposes require User consent, which can be withdrawn anytime.

Both first‑party and third‑party Tracking Instruments are in use. Their duration and expiry vary, depending on settings by the Controller or third-party provider, and some expire at session end.

Necessary Functional Tools

Technical cookies or similar tracking tools are used to ensure this Website functions properly.

Third‑Party Tracking Instruments

  • Cookie Solution (iubenda) – collects/saves user preferences.
    • Data: tracking instruments.
    • Location: Italy.
    • Retention: iub_cs-* cookies last 1 year.
  • Google Tag Manager – manages tags/scripts.
    • Data: usage data; tracking instruments.
    • Location: USA & Ireland.
  • Font Awesome & Google Fonts – embed visual fonts from external platforms.
    • Data: usage data; tracking instruments.
    • Location: USA & Ireland.
  • Google Analytics 4 – measures traffic & user behavior.
    • Data: city; usage data; browser info; device info; city latitude/longitude; user count; session stats; tracking instruments.
    • Location: USA & Ireland.
    • Retention: _ga and _ga_* cookies last 2 years.

Managing Preferences & Consent

Users can manage tracking preferences via device or browser settings, cookie banners/popups, or privacy widgets. Deleting tracked data can be done by clearing browser history. For third‑party tracking, users may use opt‑out links or third‑party tools.

Blocking tracking may limit functionality of this Website. Since third‑party tools are beyond the Controller’s full control, please see third‑party privacy policies or contact the Controller for more complete info.

Legal Definitions & References

  • Personal Data: any information identifying a physical person.
  • Usage Data: automatically collected info—IP, domain, URI, request time, method, etc.
  • User: the individual using this Website.
  • Data Subject: the individual to whom personal data refers.
  • Data Processor: party processing data on behalf of the Controller.
  • Data Controller: entity deciding how and why Personal Data is processed.
  • Website (or App): hardware/software tool where Personal Data is processed.
  • Service: the service provided by this Website.
  • European Union (EU): includes EU and EEA member states.
  • Cookie: tracking tool stored in the browser.
  • Tracking Instrument: any technology that tracks users, e.g. cookies, scripts, fingerprints.

Legal Basis of Processing

Personal Data is processed when:

  • The User has given consent;
  • Necessary to execute a contract or pre‑contractual measures;
  • Required by law;
  • Needed for public interest or public authority tasks;
  • For legitimate interests of the Controller or third parties, unless overridden by User’s rights.

Users may request clarification on legal bases for each processing activity.

Retention Details (Legal / Contractual / Consent)

  • Contract-based data is retained until contract execution completes.
  • Legitimate interest data is retained until that interest is fulfilled; users may learn what those interests are.
  • Consent-based data is retained until consent is withdrawn; may also be legally obligated to retain data longer.
  • After retention period, data is deleted; rights to access, deletion, correction, or data portability expire.

User Rights

Users may, under the law:

  • Withdraw consent at any time;
  • Object to processing on non-consent legal grounds;
  • Access their data and receive a copy;
  • Verify and correct data;
  • Restrict processing;
  • Obtain deletion of personal data;
  • Receive their data in a structured, machine-readable format, and, where possible, transfer it;
  • Lodge a complaint with a data protection authority or take legal action.

They are also entitled to know the legal basis for international data transfers and security measures taken by the Controller.

Opposition Rights

When data is processed for public interest, public authority exercise, or legitimate interests, users may object on specific grounds.
Marketing use of their data may be stopped at any time without cause or fee.

How to Exercise Rights

Users may submit requests free of charge to the contact details provided. The Controller will respond within one month, providing all legally required information. Any corrections, deletions or restrictions will be communicated to third-party recipients of data, unless impossible or disproportionate. Recipients will be notified upon request.

Additional Processing Information

Legal Defense
Personal Data may be used in court or preparatory phases to defend against misuse or for compliance with public authority orders.

Specific Notices
Upon User request, additional contextual notices may be provided regarding specific services or Data processing.

System Logs & Maintenance
System logs (including IP addresses) may be logged by this Website or third-party services for maintenance purposes.

Unaddressed Information
For any further information, Users may contact the Controller at the provided details.

Policy Updates
The Controller may update this policy at any time, notifying Users via this page and, if possible, via direct notice. Users should check this page regularly, referencing the last updated date below.
If changes affect consent-based processing, renewed consent may be requested.