Privacy policy
Last Update: March 28, 2025
Data Controller
The Data Controller (hereinafter also referred to as "the Controller") is Antidoto di Guzzo Valentina.
VAT No. 13915870961
REA Number MI2751342
For any information or clarification regarding the processing of personal data as provided for in this privacy notice, as well as to exercise the rights set out in section 6) below, you may use one of the following methods:
-
Send an email to: info@archivioantidoto.com
-
Send a communication by mail to: Via San Mamete 50/a, 20128 Milan, Italy
The Controller acknowledges the importance of respecting the protection of its users' personal data.
For this reason, it is committed to complying with the provisions of EU Regulation (679/2016) (GDPR, available at: https://www.garanteprivacy.it/il-testo-del-regolamento), as well as Legislative Decree 196/2003 (Privacy Code), as supplemented by Legislative Decree 101/2018.
This privacy notice, issued pursuant to Article 13 of the GDPR, describes the processing of personal data provided by users (natural persons) or acquired during the use and consultation of the website (both desktop and mobile versions): www.archivioantidoto.com.
The Controller processes the data collected during website navigation, in the manner and based on the conditions explained below, to provide an efficient and secure website, to allow contact with users visiting the site, to develop its business concerning the services provided, and generally to achieve its corporate purpose or comply with legal obligations.
Data collection and use will occur, where necessary, with the user's express consent, except in cases where data processing is allowed under different legal bases, which will be explained below.
PLEASE NOTE:
This information does not apply to other websites, pages, or online services that may be accessed via hyperlinks published on the site but refer to resources outside the domain archivioantidoto.com.
Regarding the processing of personal data carried out by the managers of Social Media platforms used by archivioantidoto.com, please refer to the privacy policies provided by them.
The Controller processes personal data provided by users through Social Media platform pages used by Archivio Antidoto solely to manage interactions with users (comments, public posts, etc.) and in compliance with applicable regulations.
Changes to This Privacy Policy
This Privacy Policy may be updated and modified over time to reflect changes in our practices or for operational, legal, or regulatory reasons.
What Data Do We Collect?
DATA PROVIDED BY THE USER
Information that the user shares directly through the website, such as:
-
Contact details including name, address, phone number, and email.
-
Order information including name, billing address, shipping address, payment confirmation, email, and phone number.
-
Account information, including username and other details used for account security purposes.
-
Information shared by the user, for example, by sending a message through the contact form on the site.
Some features may require the user to provide specific personal data. The user may choose not to provide this information, but this may prevent access to certain features.
NAVIGATION DATA
The computer systems and software procedures used to operate the website acquire, during normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols (such as IP addresses or domain names of the devices used by users connecting to the site, browser type and operating system used, information about pages visited, access times, and general system parameters).
The processing of such data is necessary to ensure proper functioning, best usability, and implementation of the website, as well as to monitor and guarantee security. With user consent, the site may collect navigation data to analyze website traffic, increase visibility, and support online advertising activities for archivioantidoto.com.
For more information, see the "COOKIES" section in this document.
How We Use Your Personal Data
The data indicated above may be processed for the following purposes:
-
To contact the user and provide requested information
-
The voluntary and explicit provision of contact details by the user implies consent for the Controller to use this data to respond to requests (Article 6(a) GDPR).
-
Data collected will be processed and stored only for the time necessary to respond to requests, with a maximum retention period of 6 months from the last interaction.
-
-
To process purchase orders made through the online shop
-
Data processing for service provision through the website is authorized under Article 6(b) and (c) GDPR (legal and contractual obligations).
-
Data will be processed by the Controller and any authorized third parties for the duration necessary to fulfill the contract.
-
-
Promotional and marketing purposes
-
The Controller may send advertising communications, service updates, and newsletters only with the user's express consent (Article 6(a) GDPR).
-
The user can withdraw consent at any time by contacting the Controller.
-
-
Website traffic analysis for performance evaluation and improvement
How We Share Your Personal Information
In certain circumstances, we may share the user's personal data with third parties such as:
-
External suppliers or collaborators performing services on our behalf (e.g., IT management, payment processing, data analysis, customer support, order fulfillment, and shipping).
-
Administrative/judicial authorities to protect rights, detect/prevent illegal activities, or when explicitly required by authorities.
Children's Data
Services provided through the website are not intended for children, and we do not knowingly collect personal data from minors. If a parent or guardian believes that a minor has provided personal information, they may contact the Controller to request deletion.
Data Security
The Controller processes and stores data in databases located within the EU, implementing appropriate technical, physical, logical, and organizational security measures to prevent violations of users' rights.
Personal data will be processed within the European Union. If technical or operational needs require using service providers outside the EU, processing will be regulated per Chapter V of the GDPR.
Under no circumstances will collected data be publicly disclosed.
User Rights
Users have the following rights, which can be exercised by contacting the Controller:
-
Access personal data and obtain a copy.
-
Rectify inaccurate or incomplete data.
-
Request data portability under Article 20 GDPR.
-
Request data deletion under Article 17 GDPR.
-
Restrict data processing under Article 18 GDPR.
-
Object to data processing under Article 21 GDPR.
Users can also file a complaint with the Italian Data Protection Authority at: https://www.garanteprivacy.it/modulistica-e-servizi-online/reclamo.
Cookies
Cookies are text strings stored on the user's device that allow access to information for various purposes, such as storing user preferences, analyzing website usage, and improving services.
This website uses:
-
Technical and functional cookies for communication transmission, website security, and storing user preferences.These cookies do not require user consent.
For more details, refer to the complete Cookie Policy.
|
NAME |
DESCRIPTION |
DURATION |
|
_ab |
Used to control when the admin bar is shown on the storefront. |
1y |
|
_abv |
Persist the collapsed state of the admin bar. |
1y |
|
_checkout_queue_token |
Used when there is a queue during the checkout process. |
1y |
|
_cmp_a |
Used for managing customer privacy settings. |
1d |
|
_identity_session |
Contains the identity session identifier of the user. |
2y |
|
_master_udr |
Permanent device identifier. |
session |
|
_pay_session |
The Rails session cookie for Shopify Pay |
session |
|
_secure_account_session_id |
Used to track a customer's session for new customer accounts. |
30d |
|
_session_id |
Used for providing reporting and analytics. |
2y |
|
_shopify_country |
Used for Plus shops where pricing currency/country is set from GeoIP by helping avoid GeoIP lookups after the first request. |
30min |
|
_shopify_essential |
Contains essential information for the correct functionality of a store such as session and checkout information and anti-tampering data. |
1y |
|
_storefront_u |
Used to facilitate updating customer account information. |
1min |
|
_tracking_consent |
Used to store a user's preferences if a merchant has set up privacy rules in the visitor's region. |
1y |
|
auth_state_<<id>> |
Stores authentication state before redirecting customers to third party for authentication. |
25min |
|
card_update_verification_id |
Used to support verification when a buyer is redirected back to Shopify after completing 3D Secure during checkout. |
20min |
|
cart |
Contains information related to the user's cart. |
2w |
|
cart_currency |
Used after a checkout is completed to initialize a new empty cart with the same currency as the one just used. |
2w |
|
cart_sig |
A hash of the contents of a cart. This is used to verify the integrity of the cart and to ensure performance of some cart operations. |
2w |
|
cart_ts |
Used in connection with checkout. |
2w |
|
checkout |
Used in connection with checkout. |
21d |
|
checkout_prefill |
Encrypts and stores URL parameters containing PII which are used in cart permalink URLs. |
5min |
|
checkout_session_lookup |
Used in connection with checkout. |
3w |
|
checkout_session_token_<<id>> |
Used when a checkout session is established on the server. |
3w |
|
checkout_token |
Captures the landing page of the visitor when they come from other sites. |
session |
|
customer_account_locale |
Used to keep track of a customer account locale when a redirection occurs from checkout or the storefront to customer accounts. |
1y |
|
customer_payment_method |
Stores what payment method is being updated for subscriptions. |
1h |
|
customer_shop_pay_agreement |
Used to help verify a new Shop Pay payment instrument. |
20min |
|
device_fp_id |
Device fingerprint identifier to help prevent fraud. |
session |
|
device_id |
Session device identifier to help prevent fraud. |
session |
|
discount_code |
Stores a discount code (received from an online store visit with a URL parameter) in order to the next checkout. |
session |
|
dynamic_checkout_shown_on_cart |
Adjusts checkout experience for buyers that proceed with regular checkout versus dynamic checkout. |
30min |
|
hide_shopify_pay_for_checkout |
Set when a buyer dismisses the Shop Pay login modal during checkout, informing display to buyer. |
session |
|
identity-state |
Stores state before redirecting customers to identity authentication. |
1d |
|
identity-state-<<id>> |
Stores state before redirecting customers to identity authentication. |
1d |
|
identity_customer_account_number |
Stores an identifier used to facilitate login across the customer's account and storefront domains. |
12w |
|
keep_alive |
Used when international domain redirection is enabled to determine if a request is the first one of a session. |
session |
|
locale_bar_accepted |
Preserves if the modal from the geolocation app was accepted. |
session |
|
locale_bar_dismissed |
Preserves if the modal from the geolocation app was dismissed. |
1d |
|
localization |
Used to localize the cart to the correct country. |
2w |
|
logged_in |
Identity logged-in hint. |
12w |
|
login_with_shop_finalize |
Used to facilitate login with Shop. |
5min |
|
master_device_id |
Permanent device identifier. |
1y |
|
order |
Used to allow access to the data of the order details page of the buyer. |
3w |
|
pay_update_intent_id |
Stores an ID of a Shop Pay billing agreement update intent, required for a callback after verifying a new Shop Pay payment instrument. |
20min |
|
preview_theme |
Used to indicate whether the theme is being previewed. |
session |
|
previous_checkout_token |
Used to prefill checkout with the details from the previous checkout. |
1y |
|
previous_step |
Used in connection with checkout. |
1y |
|
profile_preview_token |
Used for previewing checkout customizations. |
5min |
|
receive-cookie-deprecation |
A cookie specified by Google to identify certain Chrome browsers affected by the third-party cookie deprecation. More information about this cookie can be found here. |
session |
|
remember_me |
Used to prefill checkout with the details from the previous checkout. |
1y |
|
secure_customer_sig |
Used to identify a user after they sign into a shop as a customer so they do not need to log in again. |
1y |
|
shop_pay_accelerated |
Indicates if a buyer is eligible for Shop Pay accelerated checkout. |
1y |
|
shopify-editor-unconfirmed-settings |
Stores changes merchant does in the editor to update the preview. |
16h |
|
shopify_pay |
Used to log in a buyer into Shop Pay when they come back to checkout on the same store. |
1y |
|
shopify_pay_redirect |
Used to accelerate the checkout process when the buyer has a Shop Pay account. |
1y |
|
storefront_digest |
Stores a digest of the storefront password, allowing merchants to preview their storefront while it's password protected. |
1y |
|
tracked_start_checkout |
Used in connection with checkout. |
1y |
|
user |
Used in connection with Shop login. |
1y |
|
user_cross_site |
Used in connection with Shop login. |
1y |
|
wpm-domain-test |
Used to test Shopify's Web Pixel Manager with the domain to make sure everything is working correctly. |
session |
-
Analytics cookies: The Owner analyzes site traffic data to assess its efficiency (e.g., compiling reports on site activity and user behavior, checking how often users visit the site, how the site is found, and which pages are visited most frequently, etc.). This type of cookie is installed only with the user's consent.
|
NAME |
DESCRIPTION |
DURATION |
|
_landing_page |
Capture the landing page of visitor when they come from other sites. |
2w |
|
_orig_referrer |
Allows merchant to identify where people are visiting them from. |
2w |
|
_shopify_ga |
Contains Google Analytics parameters that enable cross-domain analytics measurement to work. |
session |
|
_shopify_s |
Used to identify a given browser session/shop combination. Duration is 30 minute rolling expiry of last use. |
30min |
|
_shopify_sa_p |
Capture the landing page of visitor when they come from other sites to support marketing analytics. |
30min |
|
_shopify_sa_t |
Capture the landing page of visitor when they come from other sites to support marketing analytics. |
30min |
|
_shopify_y |
Shopify analytics. |
1y |
|
checkout_one_experiment |
Used when a checkout is eligible to Checkout One and has been assigned to an experiment (control group or test group). |
session |
|
shop_analytics |
Contains the required buyer information for analytics in Shop. |
1y |
|
unique_interaction_id |
Used for checkout metrics. |
10min |
For specific information about the cookies we use in connection with managing our store on Shopify, see https://www.shopify.com/legal/cookies.
COOKIE DISABLING
Most browsers automatically accept cookies by default, but you can choose to set your browser to remove or reject cookies through browser controls. Please note that removing or blocking cookies may negatively impact your user experience and may cause some Services, including certain features and functionalities, to work improperly or become unavailable. Additionally, blocking cookies may not completely prevent the way we share information with third parties, such as our advertising partners.
In this case, please follow the instructions provided by the respective browsers used for navigation, available at the following links:
Our website also recognizes the Global Privacy Control (GPC) signal, which allows you to opt out of certain uses or disclosures of your information. If you communicate your preference via GPC, we will treat that signal as a valid request to opt out of sharing/targeted advertising for the associated browser or device. If we can link the device sending the signal to your Shopify account, we will also apply the opt-out request to your account. To learn more about Global Privacy Control, visit https://globalprivacycontrol.org/.
Apart from Global Privacy Control, we do not recognize other "Do Not Track" signals that may be sent by your web browser or device.
External Links and Social Media Plugins
The website may include links to social media platforms (Instagram, TikTok, Facebook) to allow easy sharing of website content on these social networks.
If you select a social media link while browsing the site, the respective social media provider may install cookies on your device.
By default, browsing the site does not allow third-party providers to install cookies unless the user clicks on the relevant link.
These cookies are not managed by Antidoto’s website, and their use is entirely governed by the respective third-party privacy policies.
IMPORTANT NOTICE
If the legal basis for processing is the user’s prior consent, the consent may always be revoked. However, this may make it impossible for the owner to provide the requested information or service, or it may prevent the user from receiving commercial communications and newsletters. The revocation will not affect the lawfulness of processing based on consent before its withdrawal.
The personal data mentioned above may also, if necessary, be transmitted to law enforcement authorities and judicial or administrative authorities in compliance with the law for the investigation and prosecution of crimes, prevention, and protection against threats to public security. It may also be shared to allow Antidoto to exercise or protect its contractual rights or those of third parties before the relevant authorities, as well as for other reasons related to the protection of rights and freedoms of others.
In such cases, the retention of personal data will be extended for the additional period necessary to defend or assert a right or to comply with any further legal obligations or orders from authorities.