This site has limited support for your browser. We recommend switching to Edge, Chrome, Safari, or Firefox.

Use the promo code WELCOME10 to get a 10% discount on your first order! Free shipping and returns throughout Italy!
Use the coupon with the code WELCOME10 to get 10% off your first order

CART 0

Add order notes
No more products available for purchase

Products
Pair with
Subtotal Free
View cart
Shipping, taxes, and discount codes are calculated at checkout

Your Cart is Empty

Home
Products
Novelty
Promotions
Company
Magazine
B2B
Contacts

Privacy Policy

Privacy Policy

The purpose of this document is to inform the natural person (hereinafter the “ Data Subject ”) regarding the processing of his/her personal data (hereinafter the “ Personal Data ”) collected by the data controller, Orchidea Srl, with registered office in Corsico (MI) Via Leonardo da Vinci 34, email address orchideamilano@gmail.com (hereinafter the “ Data Controller ”), through the website www.orchideamilano.it (hereinafter the “ Application ”).

Changes and updates will be binding as soon as they are published on the Application. If you do not accept the changes made to the Privacy Policy, you must stop using this Application and may request the Data Controller to delete your Personal Data.

1) Categories of Personal Data processed

The Data Controller processes the following types of Personal Data provided voluntarily by the Data Subject:

  • Contact information : name, surname, address, email, telephone number, images, authentication credentials, any additional information sent by the interested party, etc.
  • Tax and payment information : tax code, VAT number, credit card information, bank account details, etc.

The Data Controller processes the following types of Personal Data collected automatically:

  • Technical Data : Personal Data generated by the devices, applications, tools, and protocols used, such as information about the device used, IP addresses, browser type, and Internet Service Provider (ISP). This Personal Data may leave traces that, particularly when combined with unique identifiers and other information received from servers, can be used to create profiles of natural persons.

  • Browsing and Application usage data : such as, for example, pages visited, number of clicks, actions performed, session duration, etc.

Failure by the Data Subject to provide Personal Data for which there is a legal or contractual obligation, or where such data constitutes a necessary requirement for the conclusion of the contract with the Data Controller, will make it impossible for the Data Controller to establish or continue the relationship with the Data Subject.

The interested party who communicates the personal data of third parties to the Data Controller is directly and exclusively responsible for their origin, collection, processing, communication, or dissemination.

2) Cookies and similar technologies

The Application uses cookies, web beacons, unique identifiers, and other similar technologies to collect Personal Data from the Data Subject on the pages, links visited, and other actions performed when the Data Subject uses the Application. This data is stored and then transmitted upon the Data Subject's next visit. The complete Cookie Policy can be viewed at the following address: https://www.orchideamilano.it/pages/cookie-policy

3) Legal basis and purpose of the processing

 

The processing of Personal Data is necessary:

  • for the execution of the contract with the interested party and more precisely for:

  • fulfillment of any obligation arising from the pre-contractual or contractual relationship with the interested party
  • Registration and authentication of the Data Subject: to allow the Data Subject to register on the Application, access and be identified also via external platforms
  • support and contact with the interested party : to respond to the interested party's requests
  • Payment management : to manage payments by credit card, bank transfer or other instruments

  • by legal obligation and more precisely for:

  • the fulfillment of any obligation provided for by current legislation , laws and regulations, in particular, in tax and fiscal matters

  • based on the legitimate interest of the Data Controller, for:

  • email marketing purposes of the owner's products and/or services to directly sell the owner's products or services using the email address provided by the interested party in the context of the sale of a product or service similar to the one being sold
  • management, optimization and monitoring of the technical infrastructure : to identify and resolve any technical problems, to improve the performance of the Application, to manage and organize information in an IT system (e.g. servers, databases, etc.)
  • security and anti-fraud : to guarantee the security of the Data Controller's assets, infrastructures and networks

 

  • on the basis of the interested party's consent, for:

  • profiling of the interested party for marketing purposes : to provide the interested party with information on the Data Controller's products and/or services through automated processing aimed at collecting personal information with the aim of predicting or evaluating his/her preferences or behaviors
  • Marketing purposes of the Data Controller's products and/or services : to send commercial and/or promotional information or materials, to carry out direct sales activities of the Data Controller's products and/or services or to carry out market research using automated and traditional methods

The Data Subject's Personal Data may also be used by the Data Controller to defend itself in legal proceedings before the competent judicial authorities.

4) Methods of processing and recipients of Personal Data

Personal Data is processed using paper and electronic means, following organizational methods and logic strictly related to the indicated purposes, and through the adoption of appropriate security measures.

Personal Data is processed exclusively by:

  • persons authorized by the Data Controller who have undertaken to maintain confidentiality or have an appropriate legal obligation of confidentiality;
  • entities operating independently as separate data controllers or entities designated as data processors by the Data Controller in order to carry out all processing activities necessary to pursue the purposes set out in this policy (for example, commercial partners, consultants, IT companies, service providers, hosting providers);
  • subjects or entities to whom it is mandatory to communicate Personal Data by law or by order of the authorities.

The subjects listed above are required to use appropriate safeguards to protect Personal Data and may access only that data necessary to perform the tasks assigned to them.

Personal Data will not be disclosed indiscriminately in any way.

5) Place

Personal Data will not be transferred outside the European Economic Area (EEA).

6) Period of retention of Personal Data

Personal Data will be retained for the period of time necessary to fulfill the purposes for which they were collected, in particular:

  • For purposes related to the performance of the contract between the Data Controller and the Data Subject, they will be retained for the entire duration of the contractual relationship and, after its termination, for the ordinary limitation period of 10 years. In the event of legal disputes, they will be retained for the entire duration of the same, until the time limit for filing appeals has expired.
  • for purposes related to the legitimate interest of the Data Controller, they will be retained until such interest is fulfilled
  • for the fulfillment of a legal obligation, by order of an authority and for legal protection, they will be retained in compliance with the timeframes established by said obligations, regulations and in any case until the expiry of the limitation period established by the regulations in force
  • for purposes based on the consent of the interested party, they will be retained until the consent is revoked

At the end of the retention period, all Personal Data will be deleted or stored in a form that does not allow the identification of the Data Subject.

7) Rights of the interested party

Data subjects may exercise certain rights with respect to the Personal Data processed by the Data Controller. In particular, the Data Subject has the right to:

  • be informed about the processing of your Personal Data
  • revoke consent at any time
  • limit the processing of your Personal Data
  • object to the processing of your Personal Data
  • access your Personal Data
  • verify and request the rectification of your Personal Data
  • obtain the limitation of the processing of your Personal Data
  • obtain the deletion of your Personal Data
  • transfer your Personal Data to another owner
  • lodge a complaint with the supervisory authority for the protection of your Personal Data and/or take legal action.

To exercise their rights, interested parties may send a request to the following email address: orchideamilano@gmail.com

Requests will be processed by the Data Controller immediately and processed as quickly as possible, in any case within 30 days.

Last updated: July 10, 2025